"X-Amz-Server-Side-Encryption":                []string{""},
			"X-Amz-Server-Side-Encryption-Aws-Kms-Key-Id": []string{""},
			"X-Amz-Server-Side-Encryption-Context":        []string{""},
		},
		Expected: true,
	}, // 4
	{
		Header: http.Header{
			"X-Amz-Server-Side-Encryption":                []string{"AES256"},
			"X-Amz-Server-Side-Encryption-Aws-Kms-Key-Id": []string{""},
		},
		Expected: true,
	}, // 5

  @JvmField
  @RegisterExtension
  val clientTestRule = OkHttpClientTestRule()

  private lateinit var server: MockWebServer

  private lateinit var client: OkHttpClient

  @BeforeEach
  fun setUp(server: MockWebServer) {
    platform.assumeLoom()

    this.server = server

    client =
      clientTestRule.newClientBuilder()
        .dispatcher(Dispatcher(newVirtualThreadPerTaskExecutor()))

function start_minio_fs() {
	export MINIO_ROOT_USER=$ACCESS_KEY
	export MINIO_ROOT_PASSWORD=$SECRET_KEY
	"${MINIO[@]}" server "${WORK_DIR}/fs-disk" >"$WORK_DIR/fs-minio.log" 2>&1 &

	"${WORK_DIR}/mc" ready verify
}

function start_minio_erasure() {
	"${MINIO[@]}" server "${WORK_DIR}/erasure-disk1" "${WORK_DIR}/erasure-disk2" "${WORK_DIR}/erasure-disk3" "${WORK_DIR}/erasure-disk4" >"$WORK_DIR/erasure-minio.log" 2>&1 &

	// the MinIO-internal key derivation.
	MetaIV = "X-Minio-Internal-Server-Side-Encryption-Iv"

	// MetaAlgorithm is the algorithm used to derive internal keys
	// and encrypt the objects.
	MetaAlgorithm = "X-Minio-Internal-Server-Side-Encryption-Seal-Algorithm"

	// MetaSealedKeySSEC is the sealed object encryption key in case of SSE-C.
	MetaSealedKeySSEC = "X-Minio-Internal-Server-Side-Encryption-Sealed-Key"

```sh
export MINIO_ROOT_USER=minio
export MINIO_ROOT_PASSWORD=minio13
minio server /data
```

#### Site

```
KEY:
site  label the server and its location

ARGS:
name     (string)    name for the site e.g. "cal-rack0"
region   (string)    name of the location of the server e.g. "us-west-1"
comment  (sentence)  optionally add a comment to this setting
```

or environment variables

| Minimum number of drives per server when server count is 1      | 02            |
| Minimum number of drives per server when server count is 2 or 3 | 01            |
| Minimum number of drives per server when server count is 4      | 01            |
| Maximum number of drives per server                             | no-limit      |
| Read quorum                                                     | N/2           |

    - [Server Binaries](#server-binaries-12)
    - [Node Binaries](#node-binaries-12)
    - [Container Images](#container-images-12)
  - [Changelog since v1.24.4](#changelog-since-v1244)
  - [Important Security Information](#important-security-information-3)
    - [CVE-2022-3172: Aggregated API server can cause clients to be redirected (SSRF)](#cve-2022-3172-aggregated-api-server-can-cause-clients-to-be-redirected-ssrf)

For more information on the rules, see the [CNI README](../../cni/README.md).
This is done by an HTTP server running on `/var/run/istio-cni/pluginevent.sock`.

An alternative flow is when a pod is enrolled into ambient mode after it starts up.
In this case, the CNI Agent is watching for Pod events from the API server directly and performing the same setup.

     *
     * @return The decrypted server or {@code null}.
     */
    Server getServer();

    /**
     * Gets the decrypted servers.
     *
     * @return The decrypted server, can be empty but never {@code null}.
     */
    List<Server> getServers();

    /**
     * Gets the decrypted proxy. This is a convenience method to retrieve the first element from {@link #getProxies()}.
     *

  private lateinit var server: MockWebServer
  private val handshakeCertificates = platform.localhostHandshakeCertificates()
  private var client: OkHttpClient = clientTestRule.newClient()

  @BeforeEach
  fun setUp(server: MockWebServer) {
    this.server = server
  }

  @Test
  fun connectionsAreReused() {
    server.enqueue(MockResponse(body = "a"))
    server.enqueue(MockResponse(body = "b"))