This article shows an example of how to deploy MinIO as an S3 object storage for BRIX. The article covers deploying MinIO in a single-node single-drive configuration (SNSD). SNSD deployments don’t provide better reliability or availability apart from what the underlying storage volume (RAID, LVM, ZFS, etc.) implements. Learn more in the MinIO documentation.
начало внимание
In the example in this article, the bucket name is s3elma365
, the user is elma365user
, and the password is SecretPassword
.
When you set up MinIO for your company, follow your organization’s security policies.
конец внимание
The configuration consists of 10 steps:
- Prepare the drive.
- Install MinIO.
- Install MinIO Client.
- Create a user and a group named minio-user.
- Create the systemd service for MinIO.
- Create an environment file for MinIO.
- Run the MinIO service.
- Set up connection to MinIO.
- Create a bucket.
- Connect BRIX to MinIO.
Step 1. Prepare the drive (optional)
- Create a directory to mount the drive:
sudo mkdir -p /var/lib/minio/data1
For better performance, we recommend that you use the XFS file system. In the example, we are going to use the /dev/sdb
drive.
- Prepare the XFS file system on the drive:
sudo mkfs.xfs /dev/sdb -L DISK1
- Add a drive mount point in the
/etc/fstab
file:
LABEL=DISK1 /var/lib/minio/data1 xfs defaults,noatime 0 2
- Make sure the prepared drive has been mounted:
sudo mount -av
Step 2. Install MinIO
Download the latest stable MinIO binary file and install it in the system:
wget https://dl.min.io/server/minio/release/linux-amd64/minio
chmod +x minio
sudo mv minio /usr/local/bin/
Step 3. Install MinIO Client
Download the latest stable MinIO Client binary file and install it in the system:
wget https://dl.min.io/client/mc/release/linux-amd64/mc
chmod +x mс
sudo mv mc /usr/local/bin/
Step 4. Create a user and a group named minio-user
- Create a user and a group named
minio-user
:
sudo groupadd -r minio-user
sudo useradd -M -r -g minio-user minio-user
sudo chown minio-user:minio-user /var/lib/minio/data1
- Create directories to store TLS certificates using the following command:
sudo mkdir -p /etc/minio/certs/CAs
- Set permissions for directories used in MinIO:
sudo chown -R minio-user:minio-user /etc/minio
sudo chown -R minio-user:minio-user /var/lib/minio
Step 5. Create the systemd service for MinIO
- Download the MinIO service official file:
sudo curl -O https://raw.githubusercontent.com/minio/minio-service/master/linux-systemd/minio.service
- Check the content of the
minio.service
file before you use it by opening it in a text editor and move it to the systemd configuration directory:
sudo mv minio.service /etc/systemd/system
начало внимание
At this step, don’t run minio.service
yet.
конец внимание
Step 6. Create an environment file for MinIO
Create an environment file in /etc/default/minio
. The MinIO service uses this file as a source of all environment variables used by MinIO and the minio.service
file.
Example of an environment file in /etc/default/minio
:
# Set the hosts and volumes MinIO uses at startup
# The command uses MinIO expansion notation {x...y} to denote a
# sequential series.
# The following example covers four MinIO hosts
# with4 drives each at the specified hostname and drive locations.
# The command includes the port that each MinIO server listens on
# (default 9000)
MINIO_VOLUMES="/var/lib/minio/data1/minio"
# Set all MinIO server options
# The following explicitly sets the MinIO Console listen address to
# port 9001 on all network interfaces. The default behavior is dynamic
# port selection.
MINIO_OPTS="--certs-dir /etc/minio/certs --console-address :9001"
MINIO_REGION="eu-central-1"
# Set the root username. This user has unrestricted permissions to
# perform S3 and administrative API operations on any resource in the
# deployment.
# Defer to your organizations requirements for superadmin user name.
MINIO_ROOT_USER=elma365user
# Set the root password
# Use a long, random, unique string that meets your organizations
# requirements for passwords.
MINIO_ROOT_PASSWORD=SecretPassword
# Set to the URL of the load balancer for the MinIO deployment
# This value *must* match across all MinIO servers. If you do
# not have a load balancer, set this value to to any *one* of the
# MinIO hosts in the deployment as a temporary measure.
# MINIO_SERVER_URL="https://minio.example:9000"
Where:
MINIO_VOLUMES
is the directory where files uploaded to S3 will be stored.
MINIO_ROOT_USER
is the username of the MinIO administrator.MINIO_ROOT_PASSWORD
is the password. We recommend using a password of at least 16 characters.
How to enable TSL/SSL in MinIO
To make TLS/SSL available in MinIO:
Read more about TLS/SSL in MinIO in the official MinIO documentation. |
Step 7. Run the MinIO service
- Run the following commands to start the MinIO service:
sudo systemctl daemon-reload
sudo systemctl enable minio.service
sudo systemctl start minio.service
- Make sure that the MinIO service is running and works without errors:
sudo systemctl status minio.service
journalctl -f -u minio.service
Step 8. Set up connection to MinIO
Create an alias for MinIO:
/usr/local/bin/mc alias set minio http://minio.your_domain:9000 elma365user SecretPassword
Step 9. Create a bucket
The bucket in S3 should have the following format: s3elma365*
.
Examples:
s3elma365
s3elma365-dev
s3elma365-prod
For BRIX to work, create a bucket named s3elma365
by running the following command:
/usr/local/bin/mc mb -p minio/s3elma365 --region=eu-central-1
Step 10. Connect BRIX to MinIO
Here are the parameters used to establish a connection with MinIO:
- address:
minio.your_domain:9000
- bucket:
s3elma365
- region:
eu-central-1
- access key ID:
elma365user
- secret access key:
SecretPassword
- upload method:
PUT
- enable SSL?
No
If TLS/SSL connection is used, set the enable SSL?
parameter to Yes
.