From dcdb7cfaa13d19ee8308dcb678036b0be87fcb4d Mon Sep 17 00:00:00 2001
From: Renan Rangel <rrangel@slack-corp.com>
Date: Tue, 20 Feb 2024 04:44:44 -0800
Subject: [PATCH] prevent vtctld from creating tons of S3 connections

Signed-off-by: Renan Rangel <rrangel@slack-corp.com>
---
 go/vt/mysqlctl/s3backupstorage/s3.go | 20 +++++++++++++++++---
 1 file changed, 17 insertions(+), 3 deletions(-)

diff --git a/go/vt/mysqlctl/s3backupstorage/s3.go b/go/vt/mysqlctl/s3backupstorage/s3.go
index ef3bfc37b31..cddfad20de9 100644
--- a/go/vt/mysqlctl/s3backupstorage/s3.go
+++ b/go/vt/mysqlctl/s3backupstorage/s3.go
@@ -83,6 +83,9 @@ var (
 
 	// path component delimiter
 	delimiter = "/"
+
+	// use a shared transport for all connections
+	defaultS3Transport *http.Transport
 )
 
 func registerFlags(fs *pflag.FlagSet) {
@@ -445,9 +448,7 @@ func (bs *S3BackupStorage) client() (*s3.S3, error) {
 	if bs._client == nil {
 		logLevel := getLogLevel()
 
-		tlsClientConf := &tls.Config{InsecureSkipVerify: tlsSkipVerifyCert}
-		httpTransport := &http.Transport{TLSClientConfig: tlsClientConf}
-		httpClient := &http.Client{Transport: httpTransport}
+		httpClient := &http.Client{Transport: getS3Transport()}
 
 		session, err := session.NewSession()
 		if err != nil {
@@ -496,6 +497,19 @@ func objName(parts ...string) *string {
 	return &res
 }
 
+// This creates a new transport based off http.DefaultTransport the first time and returns the same
+// transport on subsequent calls so connections can be reused as part of the same transport.
+func getS3Transport() *http.Transport {
+	if defaultS3Transport == nil {
+		tlsClientConf := &tls.Config{InsecureSkipVerify: tlsSkipVerifyCert}
+
+		defaultS3Transport = http.DefaultTransport.(*http.Transport).Clone()
+		defaultS3Transport.TLSClientConfig = tlsClientConf
+	}
+
+	return defaultS3Transport
+}
+
 func init() {
 	backupstorage.BackupStorageMap["s3"] = &S3BackupStorage{params: backupstorage.NoParams()}