Difference between revisions of "MinIO"
Jump to navigation
Jump to search
Michael.mast (talk | contribs) (Created page with "==Purpose== To see if I can run an S3 compatible endpoint using NetAPP as the backend storage. Basically S3 isn't trusted by the team that wants to store data, but we can't op...") |
Michael.mast (talk | contribs) |
||
| (7 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
==Purpose== | ==Purpose== | ||
To see if I can run an S3 compatible endpoint using NetAPP as the backend storage. Basically S3 isn't trusted by the team that wants to store data, but we can't open NetAPP to the internet (DUH). | To see if I can run an S3 compatible endpoint using NetAPP as the backend storage. Basically S3 isn't trusted by the team that wants to store data, but we can't open NetAPP to the internet (DUH). | ||
| − | ==Amazon Linux 2== | + | ==Installation== |
| + | <ref>https://docs.min.io/minio/baremetal/</ref> | ||
| + | ===Amazon Linux 2=== | ||
Attempting to run on Amazon Linux using an ARM t4g.small instance. | Attempting to run on Amazon Linux using an ARM t4g.small instance. | ||
| + | ====Basic install==== | ||
<pre> | <pre> | ||
sudo yum upgrade -y | sudo yum upgrade -y | ||
| Line 8: | Line 11: | ||
sudo mkdir /mnt/data | sudo mkdir /mnt/data | ||
sudo chown ec2-user:ec2-user /mnt/data | sudo chown ec2-user:ec2-user /mnt/data | ||
| + | </pre> | ||
| + | *To test, run the following. | ||
| + | <pre> | ||
MINIO_ROOT_USER=admin MINIO_ROOT_PASSWORD=password minio server /mnt/data --console-address ":9001" | MINIO_ROOT_USER=admin MINIO_ROOT_PASSWORD=password minio server /mnt/data --console-address ":9001" | ||
| + | </pre> | ||
| + | *For systemd autostart create the config file, /etc/default/minio, with the following<ref>https://github.com/minio/minio-service/tree/master/linux-systemd</ref> | ||
| + | <pre> | ||
| + | MINIO_VOLUMES="/mnt/data/" | ||
| + | #MINIO_OPTS="--address :9199" | ||
| + | MINIO_ROOT_USER=admin | ||
| + | MINIO_ROOT_PASSWORD=password | ||
| + | </pre> | ||
| + | *Some user provisioning | ||
| + | <pre> | ||
| + | sudo useradd -s /sbin/nologin minio-user | ||
| + | sudo systemctl daemon-reload | ||
| + | sudo chown -R minio-user:minio-user /mnt/data | ||
| + | sudo systemctl start minio.service | ||
| + | </pre> | ||
| + | ====Production Install==== | ||
| + | *Let's run on the same port as S3 by adding the following to /etc/systemd/system/minio.service under the service section | ||
| + | <pre> | ||
| + | AmbientCapabilities=CAP_NET_BIND_SERVICE | ||
| + | </pre> | ||
| + | *Set permissions on binary | ||
| + | <pre> | ||
| + | sudo setcap 'cap_net_bind_service=+ep' /usr/local/bin/minio | ||
| + | </pre> | ||
| + | Then configure the ports in /etc/default/minio | ||
| + | <pre> | ||
| + | MINIO_OPTS="--console-address myminio.com:9000 --address myminio.com:443" | ||
| + | </pre> | ||
| + | *Add your domain name to the hosts file pointing to the internal IP address. This is used in case you are placing behind NAT. | ||
| + | *Grab a cert<ref>https://docs.min.io/docs/generate-let-s-encypt-certificate-using-concert-for-minio.html</ref> | ||
| + | <pre> | ||
| + | sudo amazon-linux-extras install -y epel | ||
| + | sudo yum install -y certbot | ||
| + | sudo certbot certonly --standalone -d myminio.com --staple-ocsp -m test@yourdomain.io --agree-tos | ||
</pre> | </pre> | ||
Latest revision as of 14:15, 26 August 2021
Purpose
To see if I can run an S3 compatible endpoint using NetAPP as the backend storage. Basically S3 isn't trusted by the team that wants to store data, but we can't open NetAPP to the internet (DUH).
Installation
Amazon Linux 2
Attempting to run on Amazon Linux using an ARM t4g.small instance.
Basic install
sudo yum upgrade -y sudo yum install -y https://dl.min.io/server/minio/release/linux-arm64/minio-20210825004118.0.0.aarch64.rpm sudo mkdir /mnt/data sudo chown ec2-user:ec2-user /mnt/data
- To test, run the following.
MINIO_ROOT_USER=admin MINIO_ROOT_PASSWORD=password minio server /mnt/data --console-address ":9001"
- For systemd autostart create the config file, /etc/default/minio, with the following[2]
MINIO_VOLUMES="/mnt/data/" #MINIO_OPTS="--address :9199" MINIO_ROOT_USER=admin MINIO_ROOT_PASSWORD=password
- Some user provisioning
sudo useradd -s /sbin/nologin minio-user sudo systemctl daemon-reload sudo chown -R minio-user:minio-user /mnt/data sudo systemctl start minio.service
Production Install
- Let's run on the same port as S3 by adding the following to /etc/systemd/system/minio.service under the service section
AmbientCapabilities=CAP_NET_BIND_SERVICE
- Set permissions on binary
sudo setcap 'cap_net_bind_service=+ep' /usr/local/bin/minio
Then configure the ports in /etc/default/minio
MINIO_OPTS="--console-address myminio.com:9000 --address myminio.com:443"
- Add your domain name to the hosts file pointing to the internal IP address. This is used in case you are placing behind NAT.
- Grab a cert[3]
sudo amazon-linux-extras install -y epel sudo yum install -y certbot sudo certbot certonly --standalone -d myminio.com --staple-ocsp -m test@yourdomain.io --agree-tos
