BRIX On-Premises > Prepare infrastructure > Databases > Prepare external databases / MinIO S3

MinIO S3

This article shows an example of how to deploy MinIO as an S3 object storage for BRIX. The article covers deploying MinIO in a single-node single-drive configuration (SNSD). SNSD deployments don’t provide better reliability or availability apart from what the underlying storage volume (RAID, LVM, ZFS, etc.) implements. Learn more in the MinIO documentation.

начало внимание

In the example in this article, the bucket name is s3elma365, the user is elma365user, and the password is SecretPassword.

When you set up MinIO for your company, follow your organization’s security policies.

конец внимание

The configuration consists of 10 steps:

  1. Prepare the drive.
  2. Install MinIO.
  3. Install MinIO Client.
  4. Create a user and a group named minio-user.
  5. Create the systemd service for MinIO.
  6. Create an environment file for MinIO.
  7. Run the MinIO service.
  8. Set up connection to MinIO.
  9. Create a bucket.
  10. Connect BRIX to MinIO.

Step 1. Prepare the drive (optional)

  1. Create a directory to mount the drive:

sudo mkdir -p /var/lib/minio/data1

For better performance, we recommend that you use the XFS file system. In the example, we are going to use the /dev/sdb drive.

  1. Prepare the XFS file system on the drive:

sudo mkfs.xfs /dev/sdb -L DISK1

  1. Add a drive mount point in the /etc/fstab file:

LABEL=DISK1 /var/lib/minio/data1 xfs defaults,noatime 0 2

  1. Make sure the prepared drive has been mounted:

sudo mount -av

Step 2. Install MinIO

Download the latest stable MinIO binary file and install it in the system:

wget https://dl.min.io/server/minio/release/linux-amd64/minio
chmod +x minio
sudo mv minio /usr/local/bin/

Step 3. Install MinIO Client

Download the latest stable MinIO Client binary file and install it in the system:

wget https://dl.min.io/client/mc/release/linux-amd64/mc
chmod +x mс
sudo mv mc /usr/local/bin/

Step 4. Create a user and a group named minio-user

  1. Create a user and a group named minio-user:

sudo groupadd -r minio-user
sudo useradd -M -r -g minio-user minio-user
sudo chown minio-user:minio-user /var/lib/minio/data1

  1. Create directories to store TLS certificates using the following command:

sudo mkdir -p /etc/minio/certs/CAs

  1. Set permissions for directories used in MinIO:

sudo chown -R minio-user:minio-user /etc/minio
sudo chown -R minio-user:minio-user /var/lib/minio

Step 5. Create the systemd service for MinIO

  1. Download the MinIO service official file:

sudo curl -O https://raw.githubusercontent.com/minio/minio-service/master/linux-systemd/minio.service

  1. Check the content of the minio.service file before you use it by opening it in a text editor and move it to the systemd configuration directory:

sudo mv minio.service /etc/systemd/system

начало внимание

At this step, don’t run minio.service yet.

конец внимание

Step 6. Create an environment file for MinIO

Create an environment file in /etc/default/minio. The MinIO service uses this file as a source of all environment variables used by MinIO and the minio.service file.

Example of an environment file in /etc/default/minio:

# Set the hosts and volumes MinIO uses at startup
# The command uses MinIO expansion notation {x...y} to denote a
# sequential series.
 
# The following example covers four MinIO hosts
# with4 drives each at the specified hostname and drive locations.
# The command includes the port that each MinIO server listens on
# (default 9000)
 
MINIO_VOLUMES="/var/lib/minio/data1/minio"
 
# Set all MinIO server options
 
# The following explicitly sets the MinIO Console listen address to
# port 9001 on all network interfaces. The default behavior is dynamic
# port selection.
 
MINIO_OPTS="--certs-dir /etc/minio/certs --console-address :9001"
 
MINIO_REGION="eu-central-1"
 
# Set the root username. This user has unrestricted permissions to
# perform S3 and administrative API operations on any resource in the
# deployment.
 
# Defer to your organizations requirements for superadmin user name.
 
MINIO_ROOT_USER=elma365user
 
# Set the root password
 
# Use a long, random, unique string that meets your organizations
# requirements for passwords.
 
MINIO_ROOT_PASSWORD=SecretPassword
 
# Set to the URL of the load balancer for the MinIO deployment
# This value *must* match across all MinIO servers. If you do
# not have a load balancer, set this value to to any *one* of the
# MinIO hosts in the deployment as a temporary measure.
 
# MINIO_SERVER_URL="https://minio.example:9000"

Where:

  • MINIO_VOLUMES is the directory where files uploaded to S3 will be stored.
  • MINIO_ROOT_USER is the username of the MinIO administrator.
  • MINIO_ROOT_PASSWORD is the password. We recommend using a password of at least 16 characters.

How to enable TSL/SSL in MinIO

Step 7. Run the MinIO service

  1. Run the following commands to start the MinIO service:

sudo systemctl daemon-reload
sudo systemctl enable minio.service
sudo systemctl start minio.service

  1. Make sure that the MinIO service is running and works without errors:

sudo systemctl status minio.service
journalctl -f -u minio.service

Step 8. Set up connection to MinIO

Create an alias for MinIO:

/usr/local/bin/mc alias set minio http://minio.your_domain:9000 elma365user SecretPassword

Step 9. Create a bucket

The bucket in S3 should have the following format: s3elma365*.

Examples:

  • s3elma365
  • s3elma365-dev
  • s3elma365-prod

For BRIX to work, create a bucket named s3elma365 by running the following command:

/usr/local/bin/mc mb -p minio/s3elma365 --region=eu-central-1

Step 10. Connect BRIX to MinIO

Here are the parameters used to establish a connection with MinIO:

  • address: minio.your_domain:9000
  • bucket: s3elma365
  • region: eu-central-1
  • access key ID: elma365user
  • secret access key: SecretPassword
  • upload method: PUT
  • enable SSL? No

If TLS/SSL connection is used, set the enable SSL? parameter to Yes.