Open riverma opened 9 months ago
Investigation needed (FYI @hhlee445):
We can't copy a granule directly from ASF S3 to a private VPC verdi worker since we need to get a S3 credential which requires to use public VPC
We can't copy a granule directly from ASF S3 to a private VPC verdi worker since we need to get a S3 credential which requires to use public VPC
Hi @hhlee445 - isn't it possible to get an S3 credential once (or renew) on a public VPC machine and share that cred with a private VPC verdi worker? I'm trying to understand what would block that. Since Verdi workers get passed all kinds of metadata, there should be a path to share a download credential / token with a private VPC worker.
Checked for duplicates
Yes - I've already checked
Alternatives considered
Yes - and alternatives don't suffice
Related problems
Given that the source DAAC's that OPERA obtains products from are located in the same AWS region as OPERA, we could save in latency and storage costs if we did not copy S3 products from DAAC's storage over a rolling storage and then localized onto workers, and instead directly localized to workers as needed from DAAC S3.
Describe the feature request
Current method:
Proposed method: