Difference between revisions of "MinIO"

From Michael's Information Zone
Jump to navigation Jump to search
 
(6 intermediate revisions by the same user not shown)
Line 5: Line 5:
 
===Amazon Linux 2===
 
===Amazon Linux 2===
 
Attempting to run on Amazon Linux using an ARM t4g.small instance.
 
Attempting to run on Amazon Linux using an ARM t4g.small instance.
 +
====Basic install====
 
<pre>
 
<pre>
 
sudo yum upgrade -y
 
sudo yum upgrade -y
Line 10: Line 11:
 
sudo mkdir /mnt/data
 
sudo mkdir /mnt/data
 
sudo chown ec2-user:ec2-user /mnt/data
 
sudo chown ec2-user:ec2-user /mnt/data
 +
</pre>
 +
*To test, run the following.
 +
<pre>
 
MINIO_ROOT_USER=admin MINIO_ROOT_PASSWORD=password minio server /mnt/data --console-address ":9001"
 
MINIO_ROOT_USER=admin MINIO_ROOT_PASSWORD=password minio server /mnt/data --console-address ":9001"
 +
</pre>
 +
*For systemd autostart create the config file, /etc/default/minio,  with the following<ref>https://github.com/minio/minio-service/tree/master/linux-systemd</ref>
 +
<pre>
 +
MINIO_VOLUMES="/mnt/data/"
 +
#MINIO_OPTS="--address :9199"
 +
MINIO_ROOT_USER=admin
 +
MINIO_ROOT_PASSWORD=password
 +
</pre>
 +
*Some user provisioning
 +
<pre>
 +
sudo useradd -s /sbin/nologin minio-user
 +
sudo systemctl daemon-reload
 +
sudo chown -R minio-user:minio-user /mnt/data
 +
sudo systemctl start minio.service
 +
</pre>
 +
====Production Install====
 +
*Let's run on the same port as S3 by adding the following to /etc/systemd/system/minio.service under the service section
 +
<pre>
 +
AmbientCapabilities=CAP_NET_BIND_SERVICE
 +
</pre>
 +
*Set permissions on binary
 +
<pre>
 +
sudo setcap 'cap_net_bind_service=+ep' /usr/local/bin/minio
 +
</pre>
 +
Then configure the ports in /etc/default/minio
 +
<pre>
 +
MINIO_OPTS="--console-address myminio.com:9000 --address myminio.com:443"
 +
</pre>
 +
*Add your domain name to the hosts file pointing to the internal IP address. This is used in case you are placing behind NAT.
 +
*Grab a cert<ref>https://docs.min.io/docs/generate-let-s-encypt-certificate-using-concert-for-minio.html</ref>
 +
<pre>
 +
sudo amazon-linux-extras install -y epel
 +
sudo yum install -y certbot
 +
sudo certbot certonly --standalone -d myminio.com --staple-ocsp -m test@yourdomain.io --agree-tos
 
</pre>
 
</pre>

Latest revision as of 14:15, 26 August 2021

Purpose

To see if I can run an S3 compatible endpoint using NetAPP as the backend storage. Basically S3 isn't trusted by the team that wants to store data, but we can't open NetAPP to the internet (DUH).

Installation

[1]

Amazon Linux 2

Attempting to run on Amazon Linux using an ARM t4g.small instance.

Basic install

sudo yum upgrade -y
sudo yum install -y https://dl.min.io/server/minio/release/linux-arm64/minio-20210825004118.0.0.aarch64.rpm
sudo mkdir /mnt/data
sudo chown ec2-user:ec2-user /mnt/data
  • To test, run the following.
MINIO_ROOT_USER=admin MINIO_ROOT_PASSWORD=password minio server /mnt/data --console-address ":9001"
  • For systemd autostart create the config file, /etc/default/minio, with the following[2]
MINIO_VOLUMES="/mnt/data/"
#MINIO_OPTS="--address :9199"
MINIO_ROOT_USER=admin
MINIO_ROOT_PASSWORD=password
  • Some user provisioning
sudo useradd -s /sbin/nologin minio-user
sudo systemctl daemon-reload
sudo chown -R minio-user:minio-user /mnt/data
sudo systemctl start minio.service

Production Install

  • Let's run on the same port as S3 by adding the following to /etc/systemd/system/minio.service under the service section
AmbientCapabilities=CAP_NET_BIND_SERVICE
  • Set permissions on binary
sudo setcap 'cap_net_bind_service=+ep' /usr/local/bin/minio

Then configure the ports in /etc/default/minio

MINIO_OPTS="--console-address myminio.com:9000 --address myminio.com:443"
  • Add your domain name to the hosts file pointing to the internal IP address. This is used in case you are placing behind NAT.
  • Grab a cert[3]
sudo amazon-linux-extras install -y epel
sudo yum install -y certbot
sudo certbot certonly --standalone -d myminio.com --staple-ocsp -m test@yourdomain.io --agree-tos