MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-11-09 13:39:46 -05:00
Code Issues Packages Projects Releases Wiki Activity

Replace Minio refs in docs with MinIO and links (#7494)

Browse Source
This commit is contained in:
kannappanr
2019-04-09 11:39:42 -07:00
committed by GitHub
parent 188ac8e369
commit 5ecac91a55
800 changed files with 2054 additions and 2054 deletions
Download Patch File Download Diff File Expand all files Collapse all files

186
docs/bucket/notifications/README.md
View File

@@ -1,6 +1,6 @@
# Minio Bucket Notification Guide [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io)
# MinIO Bucket Notification Guide [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)
Events occurring on objects in a bucket can be monitored using bucket event notifications. Event types supported by Minio server are
Events occurring on objects in a bucket can be monitored using bucket event notifications. Event types supported by MinIO server are
| Supported Event Types | | |
|:---------------------------|--------------------------------------------|-------------------------|
@@ -8,7 +8,7 @@ Events occurring on objects in a bucket can be monitored using bucket event noti
| `s3:ObjectCreated:Post` | `s3:ObjectRemoved:Delete` |
| `s3:ObjectCreated:Copy` | `s3:ObjectAccessed:Get` |
Use client tools like `mc` to set and listen for event notifications using the [`event` sub-command](https://docs.minio.io/docs/minio-client-complete-guide#events). Minio SDK's [`BucketNotification` APIs](https://docs.minio.io/docs/golang-client-api-reference#SetBucketNotification) can also be used. The notification message Minio sends to publish an event is a JSON message with the following [structure](https://docs.aws.amazon.com/AmazonS3/latest/dev/notification-content-structure.html).
Use client tools like `mc` to set and listen for event notifications using the [`event` sub-command](https://docs.min.io/docs/minio-client-complete-guide#events). MinIO SDK's [`BucketNotification` APIs](https://docs.min.io/docs/golang-client-api-reference#SetBucketNotification) can also be used. The notification message MinIO sends to publish an event is a JSON message with the following [structure](https://docs.aws.amazon.com/AmazonS3/latest/dev/notification-content-structure.html).
Bucket events can be published to the following targets:
@@ -21,17 +21,17 @@ Bucket events can be published to the following targets:
## Prerequisites
* Install and configure Minio Server from [here](https://docs.minio.io/docs/minio-quickstart-guide).
* Install and configure Minio Client from [here](https://docs.minio.io/docs/minio-client-quickstart-guide).
* Install and configure MinIO Server from [here](https://docs.min.io/docs/minio-quickstart-guide).
* Install and configure MinIO Client from [here](https://docs.min.io/docs/minio-client-quickstart-guide).
<a name="AMQP"></a>
## Publish Minio events via AMQP
## Publish MinIO events via AMQP
Install RabbitMQ from [here](https://www.rabbitmq.com/).
### Step 1: Add AMQP endpoint to Minio
### Step 1: Add AMQP endpoint to MinIO
The Minio server configuration file is stored on the backend in json format. The AMQP configuration is located in the `amqp` key under the `notify` top-level key. Create a configuration key-value pair here for your AMQP instance. The key is a name for your AMQP endpoint, and the value is a collection of key-value parameters described in the table below.
The MinIO server configuration file is stored on the backend in json format. The AMQP configuration is located in the `amqp` key under the `notify` top-level key. Create a configuration key-value pair here for your AMQP instance. The key is a name for your AMQP endpoint, and the value is a collection of key-value parameters described in the table below.
| Parameter | Type | Description |
|:---|:---|:---|
@@ -72,16 +72,16 @@ To update the configuration, use `mc admin config get` command to get the curren
```sh
$ mc admin config get myminio/ > /tmp/myconfig
```
After updating the AMQP configuration in /tmp/myconfig , use `mc admin config set` command to update the configuration for the deployment.Restart the Minio server to put the changes into effect. The server will print a line like `SQS ARNs: arn:minio:sqs::1:amqp` at start-up if there were no errors.
After updating the AMQP configuration in /tmp/myconfig , use `mc admin config set` command to update the configuration for the deployment.Restart the MinIO server to put the changes into effect. The server will print a line like `SQS ARNs: arn:minio:sqs::1:amqp` at start-up if there were no errors.
```sh
$ mc admin config set myminio < /tmp/myconfig
```
Minio supports all the exchanges available in [RabbitMQ](https://www.rabbitmq.com/). For this setup, we are using ``fanout`` exchange.
MinIO supports all the exchanges available in [RabbitMQ](https://www.rabbitmq.com/). For this setup, we are using ``fanout`` exchange.
Note that, you can add as many AMQP server endpoint configurations as needed by providing an identifier (like "1" in the example above) for the AMQP instance and an object of per-server configuration parameters.
### Step 2: Enable bucket notification using Minio client
### Step 2: Enable bucket notification using MinIO client
We will enable bucket event notification to trigger whenever a JPEG image is uploaded or deleted ``images`` bucket on ``myminio`` server. Here ARN value is ``arn:minio:sqs::1:amqp``. To understand more about ARN please follow [AWS ARN](http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) documentation.
@@ -145,13 +145,13 @@ python rabbit.py
```
<a name="MQTT"></a>
## Publish Minio events MQTT
## Publish MinIO events MQTT
Install an MQTT Broker from [here](https://mosquitto.org/).
### Step 1: Add MQTT endpoint to Minio
### Step 1: Add MQTT endpoint to MinIO
The Minio server configuration file is stored on the backend in json format. The MQTT configuration is located in the `mqtt` key under the `notify` top-level key. Create a configuration key-value pair here for your MQTT instance. The key is a name for your MQTT endpoint, and the value is a collection of key-value parameters described in the table below.
The MinIO server configuration file is stored on the backend in json format. The MQTT configuration is located in the `mqtt` key under the `notify` top-level key. Create a configuration key-value pair here for your MQTT instance. The key is a name for your MQTT endpoint, and the value is a collection of key-value parameters described in the table below.
| Parameter | Type | Description |
@@ -181,23 +181,23 @@ An example configuration for MQTT is shown below:
}
}
```
Minio supports persistent event store. The persistent store will backup events when the MQTT broker goes offline and replays it when the broker comes back online. The event store can be configured by setting the directory path in `queueDir` field and the maximum limit of events in the queueDir in `queueLimit` field. For eg, the `queueDir` can be `/home/events` and `queueLimit` can be `1000`. By default, the `queueLimit` is set to 10000.
MinIO supports persistent event store. The persistent store will backup events when the MQTT broker goes offline and replays it when the broker comes back online. The event store can be configured by setting the directory path in `queueDir` field and the maximum limit of events in the queueDir in `queueLimit` field. For eg, the `queueDir` can be `/home/events` and `queueLimit` can be `1000`. By default, the `queueLimit` is set to 10000.
To update the configuration, use `mc admin config get` command to get the current configuration file for the minio deployment in json format, and save it locally.
```sh
$ mc admin config get myminio/ > /tmp/myconfig
```
After updating the MQTT configuration in /tmp/myconfig , use `mc admin config set` command to update the configuration for the deployment.Restart the Minio server to put the changes into effect. The server will print a line like `SQS ARNs: arn:minio:sqs::1:mqtt` at start-up if there were no errors.
After updating the MQTT configuration in /tmp/myconfig , use `mc admin config set` command to update the configuration for the deployment.Restart the MinIO server to put the changes into effect. The server will print a line like `SQS ARNs: arn:minio:sqs::1:mqtt` at start-up if there were no errors.
```sh
$ mc admin config set myminio < /tmp/myconfig
```
Minio supports any MQTT server that supports MQTT 3.1 or 3.1.1 and can connect to them over TCP, TLS, or a Websocket connection using ``tcp://``, ``tls://``, or ``ws://`` respectively as the scheme for the broker url. See the [Go Client](http://www.eclipse.org/paho/clients/golang/) documentation for more information.
MinIO supports any MQTT server that supports MQTT 3.1 or 3.1.1 and can connect to them over TCP, TLS, or a Websocket connection using ``tcp://``, ``tls://``, or ``ws://`` respectively as the scheme for the broker url. See the [Go Client](http://www.eclipse.org/paho/clients/golang/) documentation for more information.
Note that, you can add as many MQTT server endpoint configurations as needed by providing an identifier (like "1" in the example above) for the MQTT instance and an object of per-server configuration parameters.
### Step 2: Enable bucket notification using Minio client
### Step 2: Enable bucket notification using MinIO client
We will enable bucket event notification to trigger whenever a JPEG image is uploaded or deleted ``images`` bucket on ``myminio`` server. Here ARN value is ``arn:minio:sqs::1:mqtt``.
@@ -257,32 +257,32 @@ python mqtt.py
```
<a name="Elasticsearch"></a>
## Publish Minio events via Elasticsearch
## Publish MinIO events via Elasticsearch
Install [Elasticsearch](https://www.elastic.co/downloads/elasticsearch) server.
This notification target supports two formats: _namespace_ and _access_.
When the _namespace_ format is used, Minio synchronizes objects in the bucket with documents in the index. For each event in the Minio, the server creates a document with the bucket and object name from the event as the document ID. Other details of the event are stored in the body of the document. Thus if an existing object is over-written in Minio, the corresponding document in the Elasticsearch index is updated. If an object is deleted, the corresponding document is deleted from the index.
When the _namespace_ format is used, MinIO synchronizes objects in the bucket with documents in the index. For each event in the MinIO, the server creates a document with the bucket and object name from the event as the document ID. Other details of the event are stored in the body of the document. Thus if an existing object is over-written in MinIO, the corresponding document in the Elasticsearch index is updated. If an object is deleted, the corresponding document is deleted from the index.
When the _access_ format is used, Minio appends events as documents in an Elasticsearch index. For each event, a document with the event details, with the timestamp of document set to the event's timestamp is appended to an index. The ID of the documented is randomly generated by Elasticsearch. No documents are deleted or modified in this format.
When the _access_ format is used, MinIO appends events as documents in an Elasticsearch index. For each event, a document with the event details, with the timestamp of document set to the event's timestamp is appended to an index. The ID of the documented is randomly generated by Elasticsearch. No documents are deleted or modified in this format.
The steps below show how to use this notification target in `namespace` format. The other format is very similar and is omitted for brevity.
### Step 1: Ensure minimum requirements are met
Minio requires a 5.x series version of Elasticsearch. This is the latest major release series. Elasticsearch provides version upgrade migration guidelines [here](https://www.elastic.co/guide/en/elasticsearch/reference/current/setup-upgrade.html).
MinIO requires a 5.x series version of Elasticsearch. This is the latest major release series. Elasticsearch provides version upgrade migration guidelines [here](https://www.elastic.co/guide/en/elasticsearch/reference/current/setup-upgrade.html).
### Step 2: Add Elasticsearch endpoint to Minio
### Step 2: Add Elasticsearch endpoint to MinIO
The Minio server configuration file is stored on the backend in json format. The Elasticsearch configuration is located in the `elasticsearch` key under the `notify` top-level key. Create a configuration key-value pair here for your Elasticsearch instance. The key is a name for your Elasticsearch endpoint, and the value is a collection of key-value parameters described in the table below.
The MinIO server configuration file is stored on the backend in json format. The Elasticsearch configuration is located in the `elasticsearch` key under the `notify` top-level key. Create a configuration key-value pair here for your Elasticsearch instance. The key is a name for your Elasticsearch endpoint, and the value is a collection of key-value parameters described in the table below.
| Parameter | Type | Description |
|:---|:---|:---|
| `enable` | _bool_ | (Required) Is this server endpoint configuration active/enabled? |
| `format` | _string_ | (Required) Either `namespace` or `access`. |
| `url` | _string_ | (Required) The Elasticsearch server's address, with optional authentication info. For example: `http://localhost:9200` or with authentication info `http://elastic:MagicWord@127.0.0.1:9200`. |
| `index` | _string_ | (Required) The name of an Elasticsearch index in which Minio will store documents. |
| `index` | _string_ | (Required) The name of an Elasticsearch index in which MinIO will store documents. |
An example of Elasticsearch configuration is as follows:
@@ -297,26 +297,26 @@ An example of Elasticsearch configuration is as follows:
},
```
If Elasticsearch has authentication enabled, the credentials can be supplied to Minio via the `url` parameter formatted as `PROTO://USERNAME:PASSWORD@ELASTICSEARCH_HOST:PORT`.
If Elasticsearch has authentication enabled, the credentials can be supplied to MinIO via the `url` parameter formatted as `PROTO://USERNAME:PASSWORD@ELASTICSEARCH_HOST:PORT`.
To update the configuration, use `mc admin config get` command to get the current configuration file for the minio deployment in json format, and save it locally.
```sh
$ mc admin config get myminio/ > /tmp/myconfig
```
After updating the Elasticsearch configuration in /tmp/myconfig , use `mc admin config set` command to update the configuration for the deployment.Restart the Minio server to put the changes into effect. The server will print a line like `SQS ARNs: arn:minio:sqs::1:elasticsearch` at start-up if there were no errors.
After updating the Elasticsearch configuration in /tmp/myconfig , use `mc admin config set` command to update the configuration for the deployment.Restart the MinIO server to put the changes into effect. The server will print a line like `SQS ARNs: arn:minio:sqs::1:elasticsearch` at start-up if there were no errors.
```sh
$ mc admin config set myminio < /tmp/myconfig
```
Note that, you can add as many Elasticsearch server endpoint configurations as needed by providing an identifier (like "1" in the example above) for the Elasticsearch instance and an object of per-server configuration parameters.
### Step 3: Enable bucket notification using Minio client
### Step 3: Enable bucket notification using MinIO client
We will now enable bucket event notifications on a bucket named `images`. Whenever a JPEG image is created/overwritten, a new document is added or an existing document is updated in the Elasticsearch index configured above. When an existing object is deleted, the corresponding document is deleted from the index. Thus, the rows in the Elasticsearch index, reflect the `.jpg` objects in the `images` bucket.
To configure this bucket notification, we need the ARN printed by Minio in the previous step. Additional information about ARN is available [here](http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html).
To configure this bucket notification, we need the ARN printed by MinIO in the previous step. Additional information about ARN is available [here](http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html).
With the `mc` tool, the configuration is very simple to add. Let us say that the Minio server is aliased as `myminio` in our mc configuration. Execute the following:
With the `mc` tool, the configuration is very simple to add. Let us say that the MinIO server is aliased as `myminio` in our mc configuration. Execute the following:
```
mc mb myminio/images
@@ -392,7 +392,7 @@ $ curl "http://localhost:9200/minio_events/_search?pretty=true"
"source" : {
"host" : "127.0.0.1",
"port" : "38062",
"userAgent" : "Minio (linux; amd64) minio-go/2.0.3 mc/2017-02-15T17:57:25Z"
"userAgent" : "MinIO (linux; amd64) minio-go/2.0.3 mc/2017-02-15T17:57:25Z"
}
}
]
@@ -408,21 +408,21 @@ This output shows that a document has been created for the event in Elasticsearc
Here we see that the document ID is the bucket and object name. In case `access` format was used, the document ID would be automatically generated by Elasticsearch.
<a name="Redis"></a>
## Publish Minio events via Redis
## Publish MinIO events via Redis
Install [Redis](http://redis.io/download) server. For illustrative purposes, we have set the database password as "yoursecret".
This notification target supports two formats: _namespace_ and _access_.
When the _namespace_ format is used, Minio synchronizes objects in the bucket with entries in a hash. For each entry, the key is formatted as "bucketName/objectName" for an object that exists in the bucket, and the value is the JSON-encoded event data about the operation that created/replaced the object in Minio. When objects are updated or deleted, the corresponding entry in the hash is also updated or deleted.
When the _namespace_ format is used, MinIO synchronizes objects in the bucket with entries in a hash. For each entry, the key is formatted as "bucketName/objectName" for an object that exists in the bucket, and the value is the JSON-encoded event data about the operation that created/replaced the object in MinIO. When objects are updated or deleted, the corresponding entry in the hash is also updated or deleted.
When the _access_ format is used, Minio appends events to a list using [RPUSH](https://redis.io/commands/rpush). Each item in the list is a JSON encoded list with two items, where the first item is a timestamp string, and the second item is a JSON object containing event data about the operation that happened in the bucket. No entries appended to the list are updated or deleted by Minio in this format.
When the _access_ format is used, MinIO appends events to a list using [RPUSH](https://redis.io/commands/rpush). Each item in the list is a JSON encoded list with two items, where the first item is a timestamp string, and the second item is a JSON object containing event data about the operation that happened in the bucket. No entries appended to the list are updated or deleted by MinIO in this format.
The steps below show how to use this notification target in `namespace` and `access` format.
### Step 1: Add Redis endpoint to Minio
### Step 1: Add Redis endpoint to MinIO
The Minio server configuration file is stored on the backend in json format.The Redis configuration is located in the `redis` key under the `notify` top-level key. Create a configuration key-value pair here for your Redis instance. The key is a name for your Redis endpoint, and the value is a collection of key-value parameters described in the table below.
The MinIO server configuration file is stored on the backend in json format.The Redis configuration is located in the `redis` key under the `notify` top-level key. Create a configuration key-value pair here for your Redis instance. The key is a name for your Redis endpoint, and the value is a collection of key-value parameters described in the table below.
| Parameter | Type | Description |
|:---|:---|:---|
@@ -449,20 +449,20 @@ To update the configuration, use `mc admin config get` command to get the curren
```sh
$ mc admin config get myminio/ > /tmp/myconfig
```
After updating the Redis configuration in /tmp/myconfig , use `mc admin config set` command to update the configuration for the deployment.Restart the Minio server to put the changes into effect. The server will print a line like `SQS ARNs: arn:minio:sqs::1:redis` at start-up if there were no errors.
After updating the Redis configuration in /tmp/myconfig , use `mc admin config set` command to update the configuration for the deployment.Restart the MinIO server to put the changes into effect. The server will print a line like `SQS ARNs: arn:minio:sqs::1:redis` at start-up if there were no errors.
```sh
$ mc admin config set myminio < /tmp/myconfig
```
Note that, you can add as many Redis server endpoint configurations as needed by providing an identifier (like "1" in the example above) for the Redis instance and an object of per-server configuration parameters.
### Step 2: Enable bucket notification using Minio client
### Step 2: Enable bucket notification using MinIO client
We will now enable bucket event notifications on a bucket named `images`. Whenever a JPEG image is created/overwritten, a new key is added or an existing key is updated in the Redis hash configured above. When an existing object is deleted, the corresponding key is deleted from the Redis hash. Thus, the rows in the Redis hash, reflect the `.jpg` objects in the `images` bucket.
To configure this bucket notification, we need the ARN printed by Minio in the previous step. Additional information about ARN is available [here](http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html).
To configure this bucket notification, we need the ARN printed by MinIO in the previous step. Additional information about ARN is available [here](http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html).
With the `mc` tool, the configuration is very simple to add. Let us say that the Minio server is aliased as `myminio` in our mc configuration. Execute the following:
With the `mc` tool, the configuration is very simple to add. Let us say that the MinIO server is aliased as `myminio` in our mc configuration. Execute the following:
```
mc mb myminio/images
@@ -487,25 +487,25 @@ Open another terminal and upload a JPEG image into ``images`` bucket.
mc cp myphoto.jpg myminio/images
```
In the previous terminal, you will now see the operation that Minio performs on Redis:
In the previous terminal, you will now see the operation that MinIO performs on Redis:
```
127.0.0.1:6379> monitor
OK
1490686879.650649 [0 172.17.0.1:44710] "PING"
1490686879.651061 [0 172.17.0.1:44710] "HSET" "minio_events" "images/myphoto.jpg" "{\"Records\":[{\"eventVersion\":\"2.0\",\"eventSource\":\"minio:s3\",\"awsRegion\":\"\",\"eventTime\":\"2017-03-28T07:41:19Z\",\"eventName\":\"s3:ObjectCreated:Put\",\"userIdentity\":{\"principalId\":\"minio\"},\"requestParameters\":{\"sourceIPAddress\":\"127.0.0.1:52234\"},\"responseElements\":{\"x-amz-request-id\":\"14AFFBD1ACE5F632\",\"x-minio-origin-endpoint\":\"http://192.168.86.115:9000\"},\"s3\":{\"s3SchemaVersion\":\"1.0\",\"configurationId\":\"Config\",\"bucket\":{\"name\":\"images\",\"ownerIdentity\":{\"principalId\":\"minio\"},\"arn\":\"arn:aws:s3:::images\"},\"object\":{\"key\":\"myphoto.jpg\",\"size\":2586,\"eTag\":\"5d284463f9da279f060f0ea4d11af098\",\"sequencer\":\"14AFFBD1ACE5F632\"}},\"source\":{\"host\":\"127.0.0.1\",\"port\":\"52234\",\"userAgent\":\"Minio (linux; amd64) minio-go/2.0.3 mc/2017-02-15T17:57:25Z\"}}]}"
1490686879.651061 [0 172.17.0.1:44710] "HSET" "minio_events" "images/myphoto.jpg" "{\"Records\":[{\"eventVersion\":\"2.0\",\"eventSource\":\"minio:s3\",\"awsRegion\":\"\",\"eventTime\":\"2017-03-28T07:41:19Z\",\"eventName\":\"s3:ObjectCreated:Put\",\"userIdentity\":{\"principalId\":\"minio\"},\"requestParameters\":{\"sourceIPAddress\":\"127.0.0.1:52234\"},\"responseElements\":{\"x-amz-request-id\":\"14AFFBD1ACE5F632\",\"x-minio-origin-endpoint\":\"http://192.168.86.115:9000\"},\"s3\":{\"s3SchemaVersion\":\"1.0\",\"configurationId\":\"Config\",\"bucket\":{\"name\":\"images\",\"ownerIdentity\":{\"principalId\":\"minio\"},\"arn\":\"arn:aws:s3:::images\"},\"object\":{\"key\":\"myphoto.jpg\",\"size\":2586,\"eTag\":\"5d284463f9da279f060f0ea4d11af098\",\"sequencer\":\"14AFFBD1ACE5F632\"}},\"source\":{\"host\":\"127.0.0.1\",\"port\":\"52234\",\"userAgent\":\"MinIO (linux; amd64) minio-go/2.0.3 mc/2017-02-15T17:57:25Z\"}}]}"
```
Here we see that Minio performed `HSET` on `minio_events` key.
Here we see that MinIO performed `HSET` on `minio_events` key.
In case, `access` format was used, then `minio_events` would be a list, and the Minio server would have performed an `RPUSH` to append to the list. A consumer of this list would ideally use `BLPOP` to remove list items from the left-end of the list.
In case, `access` format was used, then `minio_events` would be a list, and the MinIO server would have performed an `RPUSH` to append to the list. A consumer of this list would ideally use `BLPOP` to remove list items from the left-end of the list.
<a name="NATS"></a>
## Publish Minio events via NATS
## Publish MinIO events via NATS
Install NATS from [here](http://nats.io/).
### Step 1: Add NATS endpoint to Minio
### Step 1: Add NATS endpoint to MinIO
The NATS configuration block in ``config.json`` is as follows:
@@ -534,11 +534,11 @@ To update the configuration, use `mc admin config get` command to get the curren
```sh
$ mc admin config get myminio/ > /tmp/myconfig
```
After updating the NATS configuration in /tmp/myconfig , use `mc admin config set` command to update the configuration for the deployment.Restart Minio server to reflect config changes. ``bucketevents`` is the subject used by NATS in this example.
After updating the NATS configuration in /tmp/myconfig , use `mc admin config set` command to update the configuration for the deployment.Restart MinIO server to reflect config changes. ``bucketevents`` is the subject used by NATS in this example.
```sh
$ mc admin config set myminio < /tmp/myconfig
```
Minio server also supports [NATS Streaming mode](http://nats.io/documentation/streaming/nats-streaming-intro/) that offers additional functionality like `Message/event persistence`, `At-least-once-delivery`, and `Publisher rate limiting`. To configure Minio server to send notifications to NATS Streaming server, update the Minio server configuration file as follows:
MinIO server also supports [NATS Streaming mode](http://nats.io/documentation/streaming/nats-streaming-intro/) that offers additional functionality like `Message/event persistence`, `At-least-once-delivery`, and `Publisher rate limiting`. To configure MinIO server to send notifications to NATS Streaming server, update the MinIO server configuration file as follows:
```
"nats": {
@@ -563,7 +563,7 @@ Minio server also supports [NATS Streaming mode](http://nats.io/documentation/st
```
Read more about sections `clusterID`, `clientID` on [NATS documentation](https://github.com/nats-io/nats-streaming-server/blob/master/README.md). Section `maxPubAcksInflight` is explained [here](https://github.com/nats-io/go-nats-streaming#publisher-rate-limiting).
### Step 2: Enable bucket notification using Minio client
### Step 2: Enable bucket notification using MinIO client
We will enable bucket event notification to trigger whenever a JPEG image is uploaded or deleted from ``images`` bucket on ``myminio`` server. Here ARN value is ``arn:minio:sqs::1:nats``. To understand more about ARN please follow [AWS ARN](http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) documentation.
@@ -673,36 +673,36 @@ mc cp myphoto.jpg myminio/images
The example ``nats.go`` program prints event notification to console.
```
Received a message: {"EventType":"s3:ObjectCreated:Put","Key":"images/myphoto.jpg","Records":[{"eventVersion":"2.0","eventSource":"minio:s3","awsRegion":"","eventTime":"2017-07-07T18:46:37Z","eventName":"s3:ObjectCreated:Put","userIdentity":{"principalId":"minio"},"requestParameters":{"sourceIPAddress":"192.168.1.80:55328"},"responseElements":{"x-amz-request-id":"14CF20BD1EFD5B93","x-minio-origin-endpoint":"http://127.0.0.1:9000"},"s3":{"s3SchemaVersion":"1.0","configurationId":"Config","bucket":{"name":"images","ownerIdentity":{"principalId":"minio"},"arn":"arn:aws:s3:::images"},"object":{"key":"myphoto.jpg","size":248682,"eTag":"f1671feacb8bbf7b0397c6e9364e8c92","contentType":"image/jpeg","userDefined":{"content-type":"image/jpeg"},"versionId":"1","sequencer":"14CF20BD1EFD5B93"}},"source":{"host":"192.168.1.80","port":"55328","userAgent":"Minio (linux; amd64) minio-go/2.0.4 mc/DEVELOPMENT.GOGET"}}],"level":"info","msg":"","time":"2017-07-07T11:46:37-07:00"}
Received a message: {"EventType":"s3:ObjectCreated:Put","Key":"images/myphoto.jpg","Records":[{"eventVersion":"2.0","eventSource":"minio:s3","awsRegion":"","eventTime":"2017-07-07T18:46:37Z","eventName":"s3:ObjectCreated:Put","userIdentity":{"principalId":"minio"},"requestParameters":{"sourceIPAddress":"192.168.1.80:55328"},"responseElements":{"x-amz-request-id":"14CF20BD1EFD5B93","x-minio-origin-endpoint":"http://127.0.0.1:9000"},"s3":{"s3SchemaVersion":"1.0","configurationId":"Config","bucket":{"name":"images","ownerIdentity":{"principalId":"minio"},"arn":"arn:aws:s3:::images"},"object":{"key":"myphoto.jpg","size":248682,"eTag":"f1671feacb8bbf7b0397c6e9364e8c92","contentType":"image/jpeg","userDefined":{"content-type":"image/jpeg"},"versionId":"1","sequencer":"14CF20BD1EFD5B93"}},"source":{"host":"192.168.1.80","port":"55328","userAgent":"MinIO (linux; amd64) minio-go/2.0.4 mc/DEVELOPMENT.GOGET"}}],"level":"info","msg":"","time":"2017-07-07T11:46:37-07:00"}
```
<a name="PostgreSQL"></a>
## Publish Minio events via PostgreSQL
## Publish MinIO events via PostgreSQL
Install [PostgreSQL](https://www.postgresql.org/) database server. For illustrative purposes, we have set the "postgres" user password as `password` and created a database called `minio_events` to store the events.
This notification target supports two formats: _namespace_ and _access_.
When the _namespace_ format is used, Minio synchronizes objects in the bucket with rows in the table. It creates rows with two columns: key and value. The key is the bucket and object name of an object that exists in Minio. The value is JSON encoded event data about the operation that created/replaced the object in Minio. When objects are updated or deleted, the corresponding row from this table is updated or deleted respectively.
When the _namespace_ format is used, MinIO synchronizes objects in the bucket with rows in the table. It creates rows with two columns: key and value. The key is the bucket and object name of an object that exists in MinIO. The value is JSON encoded event data about the operation that created/replaced the object in MinIO. When objects are updated or deleted, the corresponding row from this table is updated or deleted respectively.
When the _access_ format is used, Minio appends events to a table. It creates rows with two columns: event_time and event_data. The event_time is the time at which the event occurred in the Minio server. The event_data is the JSON encoded event data about the operation on an object. No rows are deleted or modified in this format.
When the _access_ format is used, MinIO appends events to a table. It creates rows with two columns: event_time and event_data. The event_time is the time at which the event occurred in the MinIO server. The event_data is the JSON encoded event data about the operation on an object. No rows are deleted or modified in this format.
The steps below show how to use this notification target in `namespace` format. The other format is very similar and is omitted for brevity.
### Step 1: Ensure minimum requirements are met
Minio requires PostgreSQL version 9.5 or above. Minio uses the [`INSERT ON CONFLICT`](https://www.postgresql.org/docs/9.5/static/sql-insert.html#SQL-ON-CONFLICT) (aka UPSERT) feature, introduced in version 9.5 and the [JSONB](https://www.postgresql.org/docs/9.4/static/datatype-json.html) data-type introduced in version 9.4.
MinIO requires PostgreSQL version 9.5 or above. MinIO uses the [`INSERT ON CONFLICT`](https://www.postgresql.org/docs/9.5/static/sql-insert.html#SQL-ON-CONFLICT) (aka UPSERT) feature, introduced in version 9.5 and the [JSONB](https://www.postgresql.org/docs/9.4/static/datatype-json.html) data-type introduced in version 9.4.
### Step 2: Add PostgreSQL endpoint to Minio
### Step 2: Add PostgreSQL endpoint to MinIO
The Minio server configuration file is stored on the backend in json format. The PostgreSQL configuration is located in the `postgresql` key under the `notify` top-level key. Create a configuration key-value pair here for your PostgreSQL instance. The key is a name for your PostgreSQL endpoint, and the value is a collection of key-value parameters described in the table below.
The MinIO server configuration file is stored on the backend in json format. The PostgreSQL configuration is located in the `postgresql` key under the `notify` top-level key. Create a configuration key-value pair here for your PostgreSQL instance. The key is a name for your PostgreSQL endpoint, and the value is a collection of key-value parameters described in the table below.
| Parameter | Type | Description |
|:---|:---|:---|
| `enable` | _bool_ | (Required) Is this server endpoint configuration active/enabled? |
| `format` | _string_ | (Required) Either `namespace` or `access`. |
| `connectionString` | _string_ | (Optional) [Connection string parameters](https://godoc.org/github.com/lib/pq#hdr-Connection_String_Parameters) for the PostgreSQL server. Can be used to set `sslmode` for example. |
| `table` | _string_ | (Required) Table name in which events will be stored/updated. If the table does not exist, the Minio server creates it at start-up.|
| `table` | _string_ | (Required) Table name in which events will be stored/updated. If the table does not exist, the MinIO server creates it at start-up.|
| `host` | _string_ | (Optional) Host name of the PostgreSQL server. Defaults to `localhost`|
| `port` | _string_ | (Optional) Port on which to connect to PostgreSQL server. Defaults to `5432`. |
| `user` | _string_ | (Optional) Database user name. Defaults to user running the server process. |
@@ -732,20 +732,20 @@ To update the configuration, use `mc admin config get` command to get the curren
```sh
$ mc admin config get myminio/ > /tmp/myconfig
```
After updating the Postgres configuration in /tmp/myconfig , use `mc admin config set` command to update the configuration for the deployment.Restart the Minio server to put the changes into effect. The server will print a line like `SQS ARNs: arn:minio:sqs::1:postgresql` at start-up if there were no errors.
After updating the Postgres configuration in /tmp/myconfig , use `mc admin config set` command to update the configuration for the deployment.Restart the MinIO server to put the changes into effect. The server will print a line like `SQS ARNs: arn:minio:sqs::1:postgresql` at start-up if there were no errors.
```sh
$ mc admin config set myminio < /tmp/myconfig
```
Note that, you can add as many PostgreSQL server endpoint configurations as needed by providing an identifier (like "1" in the example above) for the PostgreSQL instance and an object of per-server configuration parameters.
### Step 3: Enable bucket notification using Minio client
### Step 3: Enable bucket notification using MinIO client
We will now enable bucket event notifications on a bucket named `images`. Whenever a JPEG image is created/overwritten, a new row is added or an existing row is updated in the PostgreSQL configured above. When an existing object is deleted, the corresponding row is deleted from the PostgreSQL table. Thus, the rows in the PostgreSQL table, reflect the `.jpg` objects in the `images` bucket.
To configure this bucket notification, we need the ARN printed by Minio in the previous step. Additional information about ARN is available [here](http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html).
To configure this bucket notification, we need the ARN printed by MinIO in the previous step. Additional information about ARN is available [here](http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html).
With the `mc` tool, the configuration is very simple to add. Let us say that the Minio server is aliased as `myminio` in our mc configuration. Execute the following:
With the `mc` tool, the configuration is very simple to add. Let us say that the MinIO server is aliased as `myminio` in our mc configuration. Execute the following:
```
# Create bucket named `images` in myminio
@@ -779,32 +779,32 @@ key | value
```
<a name="MySQL"></a>
## Publish Minio events via MySQL
## Publish MinIO events via MySQL
Install MySQL from [here](https://dev.mysql.com/downloads/mysql/). For illustrative purposes, we have set the root password as `password` and created a database called `miniodb` to store the events.
This notification target supports two formats: _namespace_ and _access_.
When the _namespace_ format is used, Minio synchronizes objects in the bucket with rows in the table. It creates rows with two columns: key_name and value. The key_name is the bucket and object name of an object that exists in Minio. The value is JSON encoded event data about the operation that created/replaced the object in Minio. When objects are updated or deleted, the corresponding row from this table is updated or deleted respectively.
When the _namespace_ format is used, MinIO synchronizes objects in the bucket with rows in the table. It creates rows with two columns: key_name and value. The key_name is the bucket and object name of an object that exists in MinIO. The value is JSON encoded event data about the operation that created/replaced the object in MinIO. When objects are updated or deleted, the corresponding row from this table is updated or deleted respectively.
When the _access_ format is used, Minio appends events to a table. It creates rows with two columns: event_time and event_data. The event_time is the time at which the event occurred in the Minio server. The event_data is the JSON encoded event data about the operation on an object. No rows are deleted or modified in this format.
When the _access_ format is used, MinIO appends events to a table. It creates rows with two columns: event_time and event_data. The event_time is the time at which the event occurred in the MinIO server. The event_data is the JSON encoded event data about the operation on an object. No rows are deleted or modified in this format.
The steps below show how to use this notification target in `namespace` format. The other format is very similar and is omitted for brevity.
### Step 1: Ensure minimum requirements are met
Minio requires MySQL version 5.7.8 or above. Minio uses the [JSON](https://dev.mysql.com/doc/refman/5.7/en/json.html) data-type introduced in version 5.7.8. We tested this setup on MySQL 5.7.17.
MinIO requires MySQL version 5.7.8 or above. MinIO uses the [JSON](https://dev.mysql.com/doc/refman/5.7/en/json.html) data-type introduced in version 5.7.8. We tested this setup on MySQL 5.7.17.
### Step 2: Add MySQL server endpoint configuration to Minio
### Step 2: Add MySQL server endpoint configuration to MinIO
The Minio server configuration file is stored on the backend in json format. The MySQL configuration is located in the `mysql` key under the `notify` top-level key. Create a configuration key-value pair here for your MySQL instance. The key is a name for your MySQL endpoint, and the value is a collection of key-value parameters described in the table below.
The MinIO server configuration file is stored on the backend in json format. The MySQL configuration is located in the `mysql` key under the `notify` top-level key. Create a configuration key-value pair here for your MySQL instance. The key is a name for your MySQL endpoint, and the value is a collection of key-value parameters described in the table below.
| Parameter | Type | Description |
|:---|:---|:---|
| `enable` | _bool_ | (Required) Is this server endpoint configuration active/enabled? |
| `format` | _string_ | (Required) Either `namespace` or `access`. |
| `dsnString` | _string_ | (Optional) [Data-Source-Name connection string](https://github.com/go-sql-driver/mysql#dsn-data-source-name) for the MySQL server. If not specified, the connection information specified by the `host`, `port`, `user`, `password` and `database` parameters are used. |
| `table` | _string_ | (Required) Table name in which events will be stored/updated. If the table does not exist, the Minio server creates it at start-up.|
| `table` | _string_ | (Required) Table name in which events will be stored/updated. If the table does not exist, the MinIO server creates it at start-up.|
| `host` | _string_ | Host name of the MySQL server (used only if `dsnString` is empty). |
| `port` | _string_ | Port on which to connect to the MySQL server (used only if `dsnString` is empty). |
| `user` | _string_ | Database user-name (used only if `dsnString` is empty). |
@@ -831,20 +831,20 @@ To update the configuration, use `mc admin config get` command to get the curren
```sh
$ mc admin config get myminio/ > /tmp/myconfig
```
After updating the MySQL configuration in /tmp/myconfig , use `mc admin config set` command to update the configuration for the deployment.Restart the Minio server to put the changes into effect. The server will print a line like `SQS ARNs: arn:minio:sqs::1:mysql` at start-up if there were no errors.
After updating the MySQL configuration in /tmp/myconfig , use `mc admin config set` command to update the configuration for the deployment.Restart the MinIO server to put the changes into effect. The server will print a line like `SQS ARNs: arn:minio:sqs::1:mysql` at start-up if there were no errors.
```sh
$ mc admin config set myminio < /tmp/myconfig
```
Note that, you can add as many MySQL server endpoint configurations as needed by providing an identifier (like "1" in the example above) for the MySQL instance and an object of per-server configuration parameters.
### Step 3: Enable bucket notification using Minio client
### Step 3: Enable bucket notification using MinIO client
We will now setup bucket notifications on a bucket named `images`. Whenever a JPEG image object is created/overwritten, a new row is added or an existing row is updated in the MySQL table configured above. When an existing object is deleted, the corresponding row is deleted from the MySQL table. Thus, the rows in the MySQL table, reflect the `.jpg` objects in the `images` bucket.
To configure this bucket notification, we need the ARN printed by Minio in the previous step. Additional information about ARN is available [here](http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html).
To configure this bucket notification, we need the ARN printed by MinIO in the previous step. Additional information about ARN is available [here](http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html).
With the `mc` tool, the configuration is very simple to add. Let us say that the Minio server is aliased as `myminio` in our mc configuration. Execute the following:
With the `mc` tool, the configuration is very simple to add. Let us say that the MinIO server is aliased as `myminio` in our mc configuration. Execute the following:
```
# Create bucket named `images` in myminio
@@ -879,17 +879,17 @@ mysql> select * from minio_images;
```
<a name="apache-kafka"></a>
## Publish Minio events via Kafka
## Publish MinIO events via Kafka
Install Apache Kafka from [here](http://kafka.apache.org/).
### Step 1: Ensure minimum requirements are met
Minio requires Kafka version 0.10 or 0.9. Internally Minio uses the [Shopify/sarama](https://github.com/Shopify/sarama/) library and so has the same version compatibility as provided by this library.
MinIO requires Kafka version 0.10 or 0.9. Internally MinIO uses the [Shopify/sarama](https://github.com/Shopify/sarama/) library and so has the same version compatibility as provided by this library.
### Step 2: Add Kafka endpoint to Minio
### Step 2: Add Kafka endpoint to MinIO
The Minio server configuration file is stored on the backend in json format. Update the kafka configuration block in ``config.json`` as follows:
The MinIO server configuration file is stored on the backend in json format. Update the kafka configuration block in ``config.json`` as follows:
```
"kafka": {
@@ -904,11 +904,11 @@ To update the configuration, use `mc admin config get` command to get the curren
```sh
$ mc admin config get myminio/ > /tmp/myconfig
```
After updating the Kafka configuration in /tmp/myconfig , use `mc admin config set` command to update the configuration for the deployment.Restart the Minio server to put the changes into effect. The server will print a line like `SQS ARNs: arn:minio:sqs::1:kafka` at start-up if there were no errors.``bucketevents`` is the topic used by kafka in this example.
After updating the Kafka configuration in /tmp/myconfig , use `mc admin config set` command to update the configuration for the deployment.Restart the MinIO server to put the changes into effect. The server will print a line like `SQS ARNs: arn:minio:sqs::1:kafka` at start-up if there were no errors.``bucketevents`` is the topic used by kafka in this example.
```sh
$ mc admin config set myminio < /tmp/myconfig
```
### Step 3: Enable bucket notification using Minio client
### Step 3: Enable bucket notification using MinIO client
We will enable bucket event notification to trigger whenever a JPEG image is uploaded or deleted from ``images`` bucket on ``myminio`` server. Here ARN value is ``arn:minio:sqs::1:kafka``. To understand more about ARN please follow [AWS ARN](http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) documentation.
@@ -941,13 +941,13 @@ kafkacat -b localhost:9092 -t bucketevents
```
<a name="webhooks"></a>
## Publish Minio events via Webhooks
## Publish MinIO events via Webhooks
[Webhooks](https://en.wikipedia.org/wiki/Webhook) are a way to receive information when it happens, rather than continually polling for that data.
### Step 1: Add Webhook endpoint to Minio
### Step 1: Add Webhook endpoint to MinIO
The Minio server configuration file is stored on the backend in json format. Update the Webhook configuration block in ``config.json`` as follows
The MinIO server configuration file is stored on the backend in json format. Update the Webhook configuration block in ``config.json`` as follows
```
"webhook": {
@@ -960,11 +960,11 @@ To update the configuration, use `mc admin config get` command to get the curren
```sh
$ mc admin config get myminio/ > /tmp/myconfig
```
After updating the webhook configuration in /tmp/myconfig , use `mc admin config set` command to update the configuration for the deployment.Here the endpoint is the server listening for webhook notifications. Save the file and restart the Minio server for changes to take effect. Note that the endpoint needs to be live and reachable when you restart your Minio server.
After updating the webhook configuration in /tmp/myconfig , use `mc admin config set` command to update the configuration for the deployment.Here the endpoint is the server listening for webhook notifications. Save the file and restart the MinIO server for changes to take effect. Note that the endpoint needs to be live and reachable when you restart your MinIO server.
```sh
$ mc admin config set myminio < /tmp/myconfig
```
### Step 2: Enable bucket notification using Minio client
### Step 2: Enable bucket notification using MinIO client
We will enable bucket event notification to trigger whenever a JPEG image is uploaded to ``images`` bucket on ``myminio`` server. Here ARN value is ``arn:minio:sqs::1:webhook``. To learn more about ARN please follow [AWS ARN](http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) documentation.
@@ -988,20 +988,20 @@ arn:minio:sqs::1:webhook s3:ObjectCreated:* Filter: suffix=".jpg"
### Step 3: Test with Thumbnailer
We used [Thumbnailer](https://github.com/minio/thumbnailer) to listen for Minio notifications when a new JPEG file is uploaded (HTTP PUT). Triggered by a notification, Thumbnailer uploads a thumbnail of new image to Minio server. To start with, download and install Thumbnailer.
We used [Thumbnailer](https://github.com/minio/thumbnailer) to listen for MinIO notifications when a new JPEG file is uploaded (HTTP PUT). Triggered by a notification, Thumbnailer uploads a thumbnail of new image to MinIO server. To start with, download and install Thumbnailer.
```
git clone https://github.com/minio/thumbnailer/
npm install
```
Then open the Thumbnailer config file at ``config/webhook.json`` and add the configuration for your Minio server and then start Thumbnailer by
Then open the Thumbnailer config file at ``config/webhook.json`` and add the configuration for your MinIO server and then start Thumbnailer by
```
NODE_ENV=webhook node thumbnail-webhook.js
```
Thumbnailer starts running at ``http://localhost:3000/``. Next, configure the Minio server to send notifications to this URL (as mentioned in step 1) and use ``mc`` to set up bucket notifications (as mentioned in step 2). Then upload a JPEG image to Minio server by
Thumbnailer starts running at ``http://localhost:3000/``. Next, configure the MinIO server to send notifications to this URL (as mentioned in step 1) and use ``mc`` to set up bucket notifications (as mentioned in step 2). Then upload a JPEG image to MinIO server by
```
mc cp ~/images.jpg myminio/images
@@ -1015,7 +1015,7 @@ mc ls myminio/images-thumbnail
```
<a name="NSQ"></a>
## Publish Minio events to NSQ
## Publish MinIO events to NSQ
Install an NSQ Daemon from [here](https://nsq.io/). Or use the following Docker
command for starting an nsq daemon:
@@ -1024,9 +1024,9 @@ command for starting an nsq daemon:
docker run --rm -p 4150-4151:4150-4151 nsqio/nsq /nsqd
```
### Step 1: Add NSQ endpoint to Minio
### Step 1: Add NSQ endpoint to MinIO
The Minio server configuration file is stored on the backend in json format. The NSQ configuration is located in the `nsq` key under the `notify` top-level key. Create a configuration key-value pair here for your NSQ instance. The key is a name for your NSQ endpoint, and the value is a collection of key-value parameters.
The MinIO server configuration file is stored on the backend in json format. The NSQ configuration is located in the `nsq` key under the `notify` top-level key. Create a configuration key-value pair here for your NSQ instance. The key is a name for your NSQ endpoint, and the value is a collection of key-value parameters.
An example configuration for NSQ is shown below:
@@ -1047,7 +1047,7 @@ To update the configuration, use `mc admin config get` command to get the curren
```sh
$ mc admin config get myminio/ > /tmp/myconfig
```
After updating the NSQ configuration in /tmp/myconfig , use `mc admin config set` command to update the configuration for the deployment.Restart the Minio server to put the changes into effect. The server will print a line like `SQS ARNs: arn:minio:sqs::1:nsq` at start-up if there were no errors.
After updating the NSQ configuration in /tmp/myconfig , use `mc admin config set` command to update the configuration for the deployment.Restart the MinIO server to put the changes into effect. The server will print a line like `SQS ARNs: arn:minio:sqs::1:nsq` at start-up if there were no errors.
```sh
$ mc admin config set myminio < /tmp/myconfig
```
@@ -1055,7 +1055,7 @@ $ mc admin config set myminio < /tmp/myconfig
Note that, you can add as many NSQ daemon endpoint configurations as needed by providing an identifier (like "1" in the example above) for the NSQ instance and an object of per-server configuration parameters.
### Step 2: Enable bucket notification using Minio client
### Step 2: Enable bucket notification using MinIO client
We will enable bucket event notification to trigger whenever a JPEG image is uploaded or deleted ``images`` bucket on ``myminio`` server. Here ARN value is ``arn:minio:sqs::1:nsq``.
@@ -1083,8 +1083,8 @@ mc cp gopher.jpg myminio/images
You should receive the following event notification via NSQ once the upload completes.
```
{"EventName":"s3:ObjectCreated:Put","Key":"images/gopher.jpg","Records":[{"eventVersion":"2.0","eventSource":"minio:s3","awsRegion":"","eventTime":"2018-10-31T09:31:11Z","eventName":"s3:ObjectCreated:Put","userIdentity":{"principalId":"21EJ9HYV110O8NVX2VMS"},"requestParameters":{"sourceIPAddress":"10.1.1.1"},"responseElements":{"x-amz-request-id":"1562A792DAA53426","x-minio-origin-endpoint":"http://10.0.3.1:9000"},"s3":{"s3SchemaVersion":"1.0","configurationId":"Config","bucket":{"name":"images","ownerIdentity":{"principalId":"21EJ9HYV110O8NVX2VMS"},"arn":"arn:aws:s3:::images"},"object":{"key":"gopher.jpg","size":162023,"eTag":"5337769ffa594e742408ad3f30713cd7","contentType":"image/jpeg","userMetadata":{"content-type":"image/jpeg"},"versionId":"1","sequencer":"1562A792DAA53426"}},"source":{"host":"","port":"","userAgent":"Minio (linux; amd64) minio-go/v6.0.8 mc/DEVELOPMENT.GOGET"}}]}
{"EventName":"s3:ObjectCreated:Put","Key":"images/gopher.jpg","Records":[{"eventVersion":"2.0","eventSource":"minio:s3","awsRegion":"","eventTime":"2018-10-31T09:31:11Z","eventName":"s3:ObjectCreated:Put","userIdentity":{"principalId":"21EJ9HYV110O8NVX2VMS"},"requestParameters":{"sourceIPAddress":"10.1.1.1"},"responseElements":{"x-amz-request-id":"1562A792DAA53426","x-minio-origin-endpoint":"http://10.0.3.1:9000"},"s3":{"s3SchemaVersion":"1.0","configurationId":"Config","bucket":{"name":"images","ownerIdentity":{"principalId":"21EJ9HYV110O8NVX2VMS"},"arn":"arn:aws:s3:::images"},"object":{"key":"gopher.jpg","size":162023,"eTag":"5337769ffa594e742408ad3f30713cd7","contentType":"image/jpeg","userMetadata":{"content-type":"image/jpeg"},"versionId":"1","sequencer":"1562A792DAA53426"}},"source":{"host":"","port":"","userAgent":"MinIO (linux; amd64) minio-go/v6.0.8 mc/DEVELOPMENT.GOGET"}}]}
```
*NOTE* If you are running [distributed Minio](https://docs.minio.io/docs/distributed-minio-quickstart-guide), modify ``~/.minio/config.json`` on all the nodes with your bucket event notification backend configuration.
*NOTE* If you are running [distributed MinIO](https://docs.min.io/docs/distributed-minio-quickstart-guide), modify ``~/.minio/config.json`` on all the nodes with your bucket event notification backend configuration.

18
docs/chroot/README.md
View File

@@ -1,4 +1,4 @@
# Deploy Minio on Chrooted Environment [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
# Deploy MinIO on Chrooted Environment [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
Chroot allows user based namespace isolation on many standard Linux deployments.
@@ -6,10 +6,10 @@ Chroot allows user based namespace isolation on many standard Linux deployments.
* Familiarity with [chroot](http://man7.org/linux/man-pages/man2/chroot.2.html)
* Chroot installed on your machine.
## 2. Install Minio in Chroot
## 2. Install MinIO in Chroot
```sh
mkdir -p /mnt/export/${USER}/bin
wget https://dl.minio.io/server/minio/release/linux-amd64/minio -O /mnt/export/${USER}/bin/minio
wget https://dl.min.io/server/minio/release/linux-amd64/minio -O /mnt/export/${USER}/bin/minio
chmod +x /mnt/export/${USER}/bin/minio
```
@@ -18,7 +18,7 @@ Bind your `proc` mount to the target chroot directory
sudo mount --bind /proc /mnt/export/${USER}/proc
```
## 3. Run Standalone Minio in Chroot
## 3. Run Standalone MinIO in Chroot
### GNU/Linux
```sh
sudo chroot --userspec username:group /mnt/export/${USER} /bin/minio --config-dir=/.minio server /data
@@ -33,8 +33,8 @@ SecretKey: X3RKxEeFOI8InuNWoPsbG+XEVoaJVCqbvxe+PTOa
Instance is now accessible on the host at port 9000, proceed to access the Web browser at http://127.0.0.1:9000/
## Explore Further
- [Minio Erasure Code QuickStart Guide](https://docs.minio.io/docs/minio-erasure-code-quickstart-guide)
- [Use `mc` with Minio Server](https://docs.minio.io/docs/minio-client-quickstart-guide)
- [Use `aws-cli` with Minio Server](https://docs.minio.io/docs/aws-cli-with-minio)
- [Use `s3cmd` with Minio Server](https://docs.minio.io/docs/s3cmd-with-minio)
- [Use `minio-go` SDK with Minio Server](https://docs.minio.io/docs/golang-client-quickstart-guide)
- [MinIO Erasure Code QuickStart Guide](https://docs.min.io/docs/minio-erasure-code-quickstart-guide)
- [Use `mc` with MinIO Server](https://docs.min.io/docs/minio-client-quickstart-guide)
- [Use `aws-cli` with MinIO Server](https://docs.min.io/docs/aws-cli-with-minio)
- [Use `s3cmd` with MinIO Server](https://docs.min.io/docs/s3cmd-with-minio)
- [Use `minio-go` SDK with MinIO Server](https://docs.min.io/docs/golang-client-quickstart-guide)

26
docs/compression/README.md
View File

@@ -1,16 +1,16 @@
# Compression Guide [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io)
# Compression Guide [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)
Minio server allows streaming compression to ensure efficient disk space usage. Compression happens inflight, i.e objects are compressed before being written to disk(s). Minio uses [`golang/snappy`](https://github.com/golang/snappy) streaming compression due to its stability and performance.
MinIO server allows streaming compression to ensure efficient disk space usage. Compression happens inflight, i.e objects are compressed before being written to disk(s). MinIO uses [`golang/snappy`](https://github.com/golang/snappy) streaming compression due to its stability and performance.
## Get Started
### 1. Prerequisites
Install Minio - [Minio Quickstart Guide](https://docs.minio.io/docs/minio-quickstart-guide).
Install MinIO - [MinIO Quickstart Guide](https://docs.min.io/docs/minio-quickstart-guide).
### 2. Run Minio with compression
### 2. Run MinIO with compression
Compression can be enabled by updating the `compress` config settings for Minio server config. Config `compress` settings take extensions and mime-types to be compressed.
Compression can be enabled by updating the `compress` config settings for MinIO server config. Config `compress` settings take extensions and mime-types to be compressed.
```json
"compress": {
@@ -28,7 +28,7 @@ To update the configuration, use `mc admin config get` command to get the curren
$ mc admin config get myminio/ > /tmp/myconfig
```
After updating the compression configuration in /tmp/myconfig , use `mc admin config set` command to update the configuration for the cluster. Restart the Minio server to put the changes into effect.
After updating the compression configuration in /tmp/myconfig , use `mc admin config set` command to update the configuration for the cluster. Restart the MinIO server to put the changes into effect.
```sh
$ mc admin config set myminio < /tmp/myconfig
@@ -64,9 +64,9 @@ export MINIO_COMPRESS_MIMETYPES="application/pdf"
| `application/x-compress` |
| `application/x-spoon` |
- Minio does not support encryption with compression because compression and encryption together enables room for side channel attacks like [`CRIME and BREACH`](https://en.wikipedia.org/wiki/CRIME)
- MinIO does not support encryption with compression because compression and encryption together enables room for side channel attacks like [`CRIME and BREACH`](https://en.wikipedia.org/wiki/CRIME)
- Minio does not support compression for Gateway (Azure/GCS/NAS) implementations.
- MinIO does not support compression for Gateway (Azure/GCS/NAS) implementations.
## To test the setup
@@ -74,8 +74,8 @@ To test this setup, practice put calls to the server using `mc` and use `mc ls`
## Explore Further
- [Use `mc` with Minio Server](https://docs.minio.io/docs/minio-client-quickstart-guide)
- [Use `aws-cli` with Minio Server](https://docs.minio.io/docs/aws-cli-with-minio)
- [Use `s3cmd` with Minio Server](https://docs.minio.io/docs/s3cmd-with-minio)
- [Use `minio-go` SDK with Minio Server](https://docs.minio.io/docs/golang-client-quickstart-guide)
- [The Minio documentation website](https://docs.minio.io)
- [Use `mc` with MinIO Server](https://docs.min.io/docs/minio-client-quickstart-guide)
- [Use `aws-cli` with MinIO Server](https://docs.min.io/docs/aws-cli-with-minio)
- [Use `s3cmd` with MinIO Server](https://docs.min.io/docs/s3cmd-with-minio)
- [Use `minio-go` SDK with MinIO Server](https://docs.min.io/docs/golang-client-quickstart-guide)
- [The MinIO documentation website](https://docs.min.io)

44
docs/config/README.md
View File

@@ -1,10 +1,10 @@
# Minio Server Config Guide [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
# MinIO Server Config Guide [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
## Configuration Directory
Till Minio release `RELEASE.2018-08-02T23-11-36Z`, Minio server configuration file (`config.json`) was stored in the configuration directory specified by `--config-dir` or defaulted to `${HOME}/.minio`. However from releases after `RELEASE.2018-08-18T03-49-57Z`, the configuration file (only), has been migrated to the storage backend (storage backend is the directory passed to Minio server while starting the server).
Till MinIO release `RELEASE.2018-08-02T23-11-36Z`, MinIO server configuration file (`config.json`) was stored in the configuration directory specified by `--config-dir` or defaulted to `${HOME}/.minio`. However from releases after `RELEASE.2018-08-18T03-49-57Z`, the configuration file (only), has been migrated to the storage backend (storage backend is the directory passed to MinIO server while starting the server).
You can specify the location of your existing config using `--config-dir`, Minio will migrate the `config.json` to your backend storage. Your current `config.json` will be renamed upon successful migration as `config.json.deprecated` in your current `--config-dir`. All your existing configurations are honored after this migration.
You can specify the location of your existing config using `--config-dir`, MinIO will migrate the `config.json` to your backend storage. Your current `config.json` will be renamed upon successful migration as `config.json.deprecated` in your current `--config-dir`. All your existing configurations are honored after this migration.
Additionally `--config-dir` is now a legacy option which will is scheduled for removal in future, so please update your local startup, ansible scripts accordingly.
@@ -14,9 +14,9 @@ minio server /data
### Certificate Directory
TLS certificates by default are stored under ``${HOME}/.minio/certs`` directory. You need to place certificates here to enable `HTTPS` based access. Read more about [How to secure access to Minio server with TLS](https://docs.minio.io/docs/how-to-secure-access-to-minio-server-with-tls).
TLS certificates by default are stored under ``${HOME}/.minio/certs`` directory. You need to place certificates here to enable `HTTPS` based access. Read more about [How to secure access to MinIO server with TLS](https://docs.min.io/docs/how-to-secure-access-to-minio-server-with-tls).
Following is the directory structure for Minio server with TLS certificates.
Following is the directory structure for MinIO server with TLS certificates.
```sh
$ tree ~/.minio
@@ -35,13 +35,13 @@ All configuration changes can be made using [`mc admin config` get/set commands]
#### Editing configuration file fields
##### Get current configuration for Minio deployment
##### Get current configuration for MinIO deployment
```sh
$ mc admin config get myminio/ > /tmp/myconfig
```
##### Set current configuration for Minio deployment
##### Set current configuration for MinIO deployment
```sh
$ mc admin config set myminio < /tmp/myconfig
@@ -107,7 +107,7 @@ minio server /data
|``storageclass.standard`` | _string_ | Value for standard storage class. It should be in the format `EC:Parity`, for example to set 4 disk parity for standard storage class objects, set this field to `EC:4`.|
|``storageclass.rrs`` | _string_ | Value for reduced redundancy storage class. It should be in the format `EC:Parity`, for example to set 3 disk parity for reduced redundancy storage class objects, set this field to `EC:3`.|
By default, parity for objects with standard storage class is set to `N/2`, and parity for objects with reduced redundancy storage class objects is set to `2`. Read more about storage class support in Minio server [here](https://github.com/minio/minio/blob/master/docs/erasure/storage-class/README.md).
By default, parity for objects with standard storage class is set to `N/2`, and parity for objects with reduced redundancy storage class objects is set to `2`. Read more about storage class support in MinIO server [here](https://github.com/minio/minio/blob/master/docs/erasure/storage-class/README.md).
### Cache
@@ -123,15 +123,15 @@ By default, parity for objects with standard storage class is set to `N/2`, and
|Field|Type|Description|
|:---|:---|:---|
|``notify``| |Notify enables bucket notification events for lambda computing via the following targets.|
|``notify.amqp``| |[Configure to publish Minio events via AMQP target.](https://docs.minio.io/docs/minio-bucket-notification-guide#AMQP)|
|``notify.nats``| |[Configure to publish Minio events via NATS target.](https://docs.minio.io/docs/minio-bucket-notification-guide#NATS)|
|``notify.elasticsearch``| |[Configure to publish Minio events via Elasticsearch target.](https://docs.minio.io/docs/minio-bucket-notification-guide#Elasticsearch)|
|``notify.redis``| |[Configure to publish Minio events via Redis target.](https://docs.minio.io/docs/minio-bucket-notification-guide#Redis)|
|``notify.postgresql``| |[Configure to publish Minio events via PostgreSQL target.](https://docs.minio.io/docs/minio-bucket-notification-guide#PostgreSQL)|
|``notify.kafka``| |[Configure to publish Minio events via Apache Kafka target.](https://docs.minio.io/docs/minio-bucket-notification-guide#apache-kafka)|
|``notify.webhook``| |[Configure to publish Minio events via Webhooks target.](https://docs.minio.io/docs/minio-bucket-notification-guide#webhooks)|
|``notify.mysql``| |[Configure to publish Minio events via MySql target.](https://docs.minio.io/docs/minio-bucket-notification-guide#MySQL)|
|``notify.mqtt``| |[Configure to publish Minio events via MQTT target.](https://docs.minio.io/docs/minio-bucket-notification-guide#MQTT)|
|``notify.amqp``| |[Configure to publish MinIO events via AMQP target.](https://docs.min.io/docs/minio-bucket-notification-guide#AMQP)|
|``notify.nats``| |[Configure to publish MinIO events via NATS target.](https://docs.min.io/docs/minio-bucket-notification-guide#NATS)|
|``notify.elasticsearch``| |[Configure to publish MinIO events via Elasticsearch target.](https://docs.min.io/docs/minio-bucket-notification-guide#Elasticsearch)|
|``notify.redis``| |[Configure to publish MinIO events via Redis target.](https://docs.min.io/docs/minio-bucket-notification-guide#Redis)|
|``notify.postgresql``| |[Configure to publish MinIO events via PostgreSQL target.](https://docs.min.io/docs/minio-bucket-notification-guide#PostgreSQL)|
|``notify.kafka``| |[Configure to publish MinIO events via Apache Kafka target.](https://docs.min.io/docs/minio-bucket-notification-guide#apache-kafka)|
|``notify.webhook``| |[Configure to publish MinIO events via Webhooks target.](https://docs.min.io/docs/minio-bucket-notification-guide#webhooks)|
|``notify.mysql``| |[Configure to publish MinIO events via MySql target.](https://docs.min.io/docs/minio-bucket-notification-guide#MySQL)|
|``notify.mqtt``| |[Configure to publish MinIO events via MQTT target.](https://docs.min.io/docs/minio-bucket-notification-guide#MQTT)|
## Environment only settings
@@ -148,7 +148,7 @@ minio server /data
### Domain
By default, Minio supports path-style requests that are of the format http://mydomain.com/bucket/object. `MINIO_DOMAIN` environment variable is used to enable virtual-host-style requests. If the request `Host` header matches with `(.+).mydomain.com` then the matched pattern `$1` is used as bucket and the path is used as object. More information on path-style and virtual-host-style [here](http://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAPI.html)
By default, MinIO supports path-style requests that are of the format http://mydomain.com/bucket/object. `MINIO_DOMAIN` environment variable is used to enable virtual-host-style requests. If the request `Host` header matches with `(.+).mydomain.com` then the matched pattern `$1` is used as bucket and the path is used as object. More information on path-style and virtual-host-style [here](http://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAPI.html)
Example:
```sh
@@ -164,7 +164,7 @@ minio server /data
### Drive Sync
By default, Minio writes to disk in synchronous mode for all metadata operations. Set `MINIO_DRIVE_SYNC` environment variable to enable synchronous mode for all data operations as well.
By default, MinIO writes to disk in synchronous mode for all metadata operations. Set `MINIO_DRIVE_SYNC` environment variable to enable synchronous mode for all data operations as well.
Example:
@@ -175,7 +175,7 @@ minio server /data
### HTTP Trace
By default, Minio disables the feature to log HTTP trace. You may enable this feature by setting `MINIO_HTTP_TRACE` environment variable.
By default, MinIO disables the feature to log HTTP trace. You may enable this feature by setting `MINIO_HTTP_TRACE` environment variable.
Example:
@@ -186,5 +186,5 @@ minio server /data
## Explore Further
* [Minio Quickstart Guide](https://docs.minio.io/docs/minio-quickstart-guide)
* [Configure Minio Server with TLS](https://docs.minio.io/docs/how-to-secure-access-to-minio-server-with-tls)
* [MinIO Quickstart Guide](https://docs.min.io/docs/minio-quickstart-guide)
* [Configure MinIO Server with TLS](https://docs.min.io/docs/how-to-secure-access-to-minio-server-with-tls)

6
docs/deployment/kernel-tuning/README.md
View File

@@ -1,8 +1,8 @@
# Kernel Tuning for Minio Production Deployment on Linux Servers [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
# Kernel Tuning for MinIO Production Deployment on Linux Servers [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
## Tuning Network Parameters
Following network parameter settings can help ensure optimal Minio server performance on production workloads.
Following network parameter settings can help ensure optimal MinIO server performance on production workloads.
- *`tcp_fin_timeout`* : A socket left in memory takes approximately 1.5Kb of memory. It makes sense to close the unused sockets preemptively to ensure no memory leakage. This way, even if a peer doesn't close the socket due to some reason, the system itself closes it after a timeout. `tcp_fin_timeout` variable defines this timeout and tells kernel how long to keep sockets in the state FIN-WAIT-2. We recommend setting it to 30. You can set it as shown below
@@ -60,7 +60,7 @@ Also, set `transparent_hugepage=madvise` on your kernel command line (e.g. in /e
## Tuning Scheduler
Proper scheduler configuration makes sure Minio process gets adequate CPU time. Here are the recommended scheduler settings
Proper scheduler configuration makes sure MinIO process gets adequate CPU time. Here are the recommended scheduler settings
- *`sched_min_granularity_ns`*: This parameter decides the minimum time a task will be be allowed to run on CPU before being pre-empted out. We recommend setting it to 10ms.

2
docs/deployment/kernel-tuning/disk-tuning.sh
View File

@@ -1,6 +1,6 @@
#!/bin/bash
## Minio Cloud Storage, (C) 2017, 2018 Minio, Inc.
## MinIO Cloud Storage, (C) 2017, 2018 MinIO, Inc.
##
## Licensed under the Apache License, Version 2.0 (the "License");
## you may not use this file except in compliance with the License.

2
docs/disk-caching/DESIGN.md
View File

@@ -1,4 +1,4 @@
# Disk Caching Design [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io)
# Disk Caching Design [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)
This document explains some basic assumptions and design approach, limits of the disk caching feature. If you're looking to get started with disk cache, we suggest you go through the [getting started document](https://github.com/minio/minio/blob/master/docs/disk-caching/README.md) first.

26
docs/disk-caching/README.md
View File

@@ -1,6 +1,6 @@
# Disk Cache Quickstart Guide [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io)
# Disk Cache Quickstart Guide [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)
Disk caching feature here refers to the use of caching disks to store content closer to the tenants. For instance, if you access an object from a lets say `gateway azure` setup and download the object that gets cached, each subsequent request on the object gets served directly from the cache drives until it expires. This feature allows Minio users to have
Disk caching feature here refers to the use of caching disks to store content closer to the tenants. For instance, if you access an object from a lets say `gateway azure` setup and download the object that gets cached, each subsequent request on the object gets served directly from the cache drives until it expires. This feature allows MinIO users to have
- Object to be delivered with the best possible performance.
- Dramatic improvements for time to first byte for any object.
@@ -8,10 +8,10 @@ Disk caching feature here refers to the use of caching disks to store content cl
## Get started
### 1. Prerequisites
Install Minio - [Minio Quickstart Guide](https://docs.minio.io/docs/minio-quickstart-guide).
Install MinIO - [MinIO Quickstart Guide](https://docs.min.io/docs/minio-quickstart-guide).
### 2. Run Minio with cache
Disk caching can be enabled by updating the `cache` config settings for Minio server. Config `cache` settings takes the mounted drive(s) or directory paths, cache expiry duration (in days) and any wildcard patterns to exclude from being cached.
### 2. Run MinIO with cache
Disk caching can be enabled by updating the `cache` config settings for MinIO server. Config `cache` settings takes the mounted drive(s) or directory paths, cache expiry duration (in days) and any wildcard patterns to exclude from being cached.
```json
"cache": {
@@ -26,11 +26,11 @@ To update the configuration, use `mc admin config get` command to get the curren
```sh
$ mc admin config get myminio/ > /tmp/myconfig
```
After updating the cache configuration in /tmp/myconfig , use `mc admin config set` command to update the configuration for the cluster.Restart the Minio server to put the changes into effect.
After updating the cache configuration in /tmp/myconfig , use `mc admin config set` command to update the configuration for the cluster.Restart the MinIO server to put the changes into effect.
```sh
$ mc admin config set myminio < /tmp/myconfig
```
The cache settings may also be set through environment variables. When set, environment variables override any `cache` config settings for Minio server. Following example uses `/mnt/drive1`, `/mnt/drive2` ,`/mnt/cache1` ... `/mnt/cache3` for caching, with expiry up to 90 days while excluding all objects under bucket `mybucket` and all objects with '.pdf' as extension while starting a standalone erasure coded setup. Cache max usage is restricted to 80% of disk capacity in this example.
The cache settings may also be set through environment variables. When set, environment variables override any `cache` config settings for MinIO server. Following example uses `/mnt/drive1`, `/mnt/drive2` ,`/mnt/cache1` ... `/mnt/cache3` for caching, with expiry up to 90 days while excluding all objects under bucket `mybucket` and all objects with '.pdf' as extension while starting a standalone erasure coded setup. Cache max usage is restricted to 80% of disk capacity in this example.
```bash
export MINIO_CACHE_DRIVES="/mnt/drive1;/mnt/drive2;/mnt/cache{1...3}"
@@ -41,12 +41,12 @@ minio server /export{1...24}
```
### 3. Test your setup
To test this setup, access the Minio server via browser or [`mc`](https://docs.minio.io/docs/minio-client-quickstart-guide). Youll see the uploaded files are accessible from the all the Minio endpoints.
To test this setup, access the MinIO server via browser or [`mc`](https://docs.min.io/docs/minio-client-quickstart-guide). Youll see the uploaded files are accessible from the all the MinIO endpoints.
# Explore Further
- [Disk cache design](https://github.com/minio/minio/blob/master/docs/disk-caching/DESIGN.md)
- [Use `mc` with Minio Server](https://docs.minio.io/docs/minio-client-quickstart-guide)
- [Use `aws-cli` with Minio Server](https://docs.minio.io/docs/aws-cli-with-minio)
- [Use `s3cmd` with Minio Server](https://docs.minio.io/docs/s3cmd-with-minio)
- [Use `minio-go` SDK with Minio Server](https://docs.minio.io/docs/golang-client-quickstart-guide)
- [The Minio documentation website](https://docs.minio.io)
- [Use `mc` with MinIO Server](https://docs.min.io/docs/minio-client-quickstart-guide)
- [Use `aws-cli` with MinIO Server](https://docs.min.io/docs/aws-cli-with-minio)
- [Use `s3cmd` with MinIO Server](https://docs.min.io/docs/s3cmd-with-minio)
- [Use `minio-go` SDK with MinIO Server](https://docs.min.io/docs/golang-client-quickstart-guide)
- [The MinIO documentation website](https://docs.min.io)

58
docs/distributed/README.md
View File

@@ -1,57 +1,57 @@
# Distributed Minio Quickstart Guide [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
# Distributed MinIO Quickstart Guide [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
Minio in distributed mode lets you pool multiple drives (even on different machines) into a single object storage server. As drives are distributed across several nodes, distributed Minio can withstand multiple node failures and yet ensure full data protection.
MinIO in distributed mode lets you pool multiple drives (even on different machines) into a single object storage server. As drives are distributed across several nodes, distributed MinIO can withstand multiple node failures and yet ensure full data protection.
## Why distributed Minio?
## Why distributed MinIO?
Minio in distributed mode can help you setup a highly-available storage system with a single object storage deployment. With distributed Minio, you can optimally use storage devices, irrespective of their location in a network.
MinIO in distributed mode can help you setup a highly-available storage system with a single object storage deployment. With distributed MinIO, you can optimally use storage devices, irrespective of their location in a network.
### Data protection
Distributed Minio provides protection against multiple node/drive failures and [bit rot](https://github.com/minio/minio/blob/master/docs/erasure/README.md#what-is-bit-rot-protection) using [erasure code](https://docs.minio.io/docs/minio-erasure-code-quickstart-guide). As the minimum disks required for distributed Minio is 4 (same as minimum disks required for erasure coding), erasure code automatically kicks in as you launch distributed Minio.
Distributed MinIO provides protection against multiple node/drive failures and [bit rot](https://github.com/minio/minio/blob/master/docs/erasure/README.md#what-is-bit-rot-protection) using [erasure code](https://docs.min.io/docs/minio-erasure-code-quickstart-guide). As the minimum disks required for distributed MinIO is 4 (same as minimum disks required for erasure coding), erasure code automatically kicks in as you launch distributed MinIO.
### High availability
A stand-alone Minio server would go down if the server hosting the disks goes offline. In contrast, a distributed Minio setup with _n_ disks will have your data safe as long as _n/2_ or more disks are online. You'll need a minimum of _(n/2 + 1)_ [Quorum](https://github.com/minio/dsync#lock-process) disks to create new objects though.
A stand-alone MinIO server would go down if the server hosting the disks goes offline. In contrast, a distributed MinIO setup with _n_ disks will have your data safe as long as _n/2_ or more disks are online. You'll need a minimum of _(n/2 + 1)_ [Quorum](https://github.com/minio/dsync#lock-process) disks to create new objects though.
For example, an 8-node distributed Minio setup with 1 disk per node would continue serving files, even if up to 4 disks are offline. But, you'll need at least 5 disks online to create new objects.
For example, an 8-node distributed MinIO setup with 1 disk per node would continue serving files, even if up to 4 disks are offline. But, you'll need at least 5 disks online to create new objects.
### Limits
As with Minio in stand-alone mode, distributed Minio has a per tenant limit of minimum 2 and maximum 32 servers. There are no limits on number of disks shared across these servers. If you need a multiple tenant setup, you can easily spin up multiple Minio instances managed by orchestration tools like Kubernetes.
As with MinIO in stand-alone mode, distributed MinIO has a per tenant limit of minimum 2 and maximum 32 servers. There are no limits on number of disks shared across these servers. If you need a multiple tenant setup, you can easily spin up multiple MinIO instances managed by orchestration tools like Kubernetes.
Note that with distributed Minio you can play around with the number of nodes and drives as long as the limits are adhered to. For example, you can have 2 nodes with 4 drives each, 4 nodes with 4 drives each, 8 nodes with 2 drives each, 32 servers with 24 drives each and so on.
Note that with distributed MinIO you can play around with the number of nodes and drives as long as the limits are adhered to. For example, you can have 2 nodes with 4 drives each, 4 nodes with 4 drives each, 8 nodes with 2 drives each, 32 servers with 24 drives each and so on.
You can also use [storage classes](https://github.com/minio/minio/tree/master/docs/erasure/storage-class) to set custom data and parity distribution across total disks.
### Consistency Guarantees
Minio follows strict **read-after-write** consistency model for all i/o operations both in distributed and standalone modes.
MinIO follows strict **read-after-write** consistency model for all i/o operations both in distributed and standalone modes.
# Get started
If you're aware of stand-alone Minio set up, the process remains largely the same, as the Minio server automatically switches to stand-alone or distributed mode, depending on the command line parameters.
If you're aware of stand-alone MinIO set up, the process remains largely the same, as the MinIO server automatically switches to stand-alone or distributed mode, depending on the command line parameters.
## 1. Prerequisites
Install Minio - [Minio Quickstart Guide](https://docs.minio.io/docs/minio-quickstart-guide).
Install MinIO - [MinIO Quickstart Guide](https://docs.min.io/docs/minio-quickstart-guide).
## 2. Run distributed Minio
## 2. Run distributed MinIO
To start a distributed Minio instance, you just need to pass drive locations as parameters to the minio server command. Then, youll need to run the same command on all the participating nodes.
To start a distributed MinIO instance, you just need to pass drive locations as parameters to the minio server command. Then, youll need to run the same command on all the participating nodes.
*Note*
- All the nodes running distributed Minio need to have same access key and secret key for the nodes to connect. To achieve this, it is **mandatory** to export access key and secret key as environment variables, `MINIO_ACCESS_KEY` and `MINIO_SECRET_KEY`, on all the nodes before executing Minio server command.
- All the nodes running distributed Minio need to be in a homogeneous environment, i.e. same operating system, same number of disks and same interconnects.
- All the nodes running distributed MinIO need to have same access key and secret key for the nodes to connect. To achieve this, it is **mandatory** to export access key and secret key as environment variables, `MINIO_ACCESS_KEY` and `MINIO_SECRET_KEY`, on all the nodes before executing MinIO server command.
- All the nodes running distributed MinIO need to be in a homogeneous environment, i.e. same operating system, same number of disks and same interconnects.
- `MINIO_DOMAIN` environment variable should be defined and exported if domain is needed to be set.
- Minio distributed mode requires fresh directories. If required, the drives can be shared with other applications. You can do this by using a sub-directory exclusive to minio. For example, if you have mounted your volume under `/export`, pass `/export/data` as arguments to Minio server.
- MinIO distributed mode requires fresh directories. If required, the drives can be shared with other applications. You can do this by using a sub-directory exclusive to minio. For example, if you have mounted your volume under `/export`, pass `/export/data` as arguments to MinIO server.
- The IP addresses and drive paths below are for demonstration purposes only, you need to replace these with the actual IP addresses and drive paths/folders.
- Servers running distributed Minio instances should be less than 3 seconds apart. You can use [NTP](http://www.ntp.org/) as a best practice to ensure consistent times across servers.
- Running Distributed Minio on Windows is experimental as of now. Please proceed with caution.
- Servers running distributed MinIO instances should be less than 3 seconds apart. You can use [NTP](http://www.ntp.org/) as a best practice to ensure consistent times across servers.
- Running Distributed MinIO on Windows is experimental as of now. Please proceed with caution.
Example 1: Start distributed Minio instance on 8 nodes with 1 disk each mounted at `/export1` (pictured below), by running this command on all the 8 nodes:
![Distributed Minio, 8 nodes with 1 disk each](https://github.com/minio/minio/blob/master/docs/screenshots/Architecture-diagram_distributed_8.jpg?raw=true)
Example 1: Start distributed MinIO instance on 8 nodes with 1 disk each mounted at `/export1` (pictured below), by running this command on all the 8 nodes:
![Distributed MinIO, 8 nodes with 1 disk each](https://github.com/minio/minio/blob/master/docs/screenshots/Architecture-diagram_distributed_8.jpg?raw=true)
#### GNU/Linux and macOS
```sh
@@ -64,13 +64,13 @@ minio server http://192.168.1.1{1...8}/export1
__NOTE:__ `{1...n}` shown have 3 dots! Using only 2 dots `{1..4}` will be interpreted by your shell and won't be passed to minio server, affecting the erasure coding order, which may impact performance and high availability. __Always use `{1...n}` (3 dots!) to allow minio server to optimally erasure-code data__
## 3. Test your setup
To test this setup, access the Minio server via browser or [`mc`](https://docs.minio.io/docs/minio-client-quickstart-guide).
To test this setup, access the MinIO server via browser or [`mc`](https://docs.min.io/docs/minio-client-quickstart-guide).
## Explore Further
- [Minio Large Bucket Support Guide](https://docs.minio.io/docs/minio-large-bucket-support-quickstart-guide)
- [Minio Erasure Code QuickStart Guide](https://docs.minio.io/docs/minio-erasure-code-quickstart-guide)
- [Use `mc` with Minio Server](https://docs.minio.io/docs/minio-client-quickstart-guide)
- [Use `aws-cli` with Minio Server](https://docs.minio.io/docs/aws-cli-with-minio)
- [Use `s3cmd` with Minio Server](https://docs.minio.io/docs/s3cmd-with-minio)
- [Use `minio-go` SDK with Minio Server](https://docs.minio.io/docs/golang-client-quickstart-guide)
- [The Minio documentation website](https://docs.minio.io)
- [MinIO Large Bucket Support Guide](https://docs.min.io/docs/minio-large-bucket-support-quickstart-guide)
- [MinIO Erasure Code QuickStart Guide](https://docs.min.io/docs/minio-erasure-code-quickstart-guide)
- [Use `mc` with MinIO Server](https://docs.min.io/docs/minio-client-quickstart-guide)
- [Use `aws-cli` with MinIO Server](https://docs.min.io/docs/aws-cli-with-minio)
- [Use `s3cmd` with MinIO Server](https://docs.min.io/docs/s3cmd-with-minio)
- [Use `minio-go` SDK with MinIO Server](https://docs.min.io/docs/golang-client-quickstart-guide)
- [The MinIO documentation website](https://docs.min.io)

44
docs/docker/README.md
View File

@@ -1,16 +1,16 @@
# Minio Docker Quickstart Guide [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
# MinIO Docker Quickstart Guide [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
## Prerequisites
Docker installed on your machine. Download the relevant installer from [here](https://www.docker.com/community-edition#/download).
## Run Standalone Minio on Docker.
Minio needs a persistent volume to store configuration and application data. However, for testing purposes, you can launch Minio by simply passing a directory (`/data` in the example below). This directory gets created in the container filesystem at the time of container start. But all the data is lost after container exits.
## Run Standalone MinIO on Docker.
MinIO needs a persistent volume to store configuration and application data. However, for testing purposes, you can launch MinIO by simply passing a directory (`/data` in the example below). This directory gets created in the container filesystem at the time of container start. But all the data is lost after container exits.
```sh
docker run -p 9000:9000 minio/minio server /data
```
To create a Minio container with persistent storage, you need to map local persistent directories from the host OS to virtual config `~/.minio` and export `/data` directories. To do this, run the below commands
To create a MinIO container with persistent storage, you need to map local persistent directories from the host OS to virtual config `~/.minio` and export `/data` directories. To do this, run the below commands
#### GNU/Linux and macOS
```sh
@@ -28,15 +28,15 @@ docker run -p 9000:9000 --name minio1 \
minio/minio server /data
```
## Run Distributed Minio on Docker
Distributed Minio can be deployed via [Docker Compose](https://docs.minio.io/docs/deploy-minio-on-docker-compose) or [Swarm mode](https://docs.minio.io/docs/deploy-minio-on-docker-swarm). The major difference between these two being, Docker Compose creates a single host, multi-container deployment, while Swarm mode creates a multi-host, multi-container deployment.
## Run Distributed MinIO on Docker
Distributed MinIO can be deployed via [Docker Compose](https://docs.min.io/docs/deploy-minio-on-docker-compose) or [Swarm mode](https://docs.min.io/docs/deploy-minio-on-docker-swarm). The major difference between these two being, Docker Compose creates a single host, multi-container deployment, while Swarm mode creates a multi-host, multi-container deployment.
This means Docker Compose lets you quickly get started with Distributed Minio on your computer - ideal for development, testing, staging environments. While deploying Distributed Minio on Swarm offers a more robust, production level deployment.
This means Docker Compose lets you quickly get started with Distributed MinIO on your computer - ideal for development, testing, staging environments. While deploying Distributed MinIO on Swarm offers a more robust, production level deployment.
## Minio Docker Tips
## MinIO Docker Tips
### Minio Custom Access and Secret Keys
To override Minio's auto-generated keys, you may pass secret and access keys explicitly as environment variables. Minio server also allows regular strings as access and secret keys.
### MinIO Custom Access and Secret Keys
To override MinIO's auto-generated keys, you may pass secret and access keys explicitly as environment variables. MinIO server also allows regular strings as access and secret keys.
#### GNU/Linux and macOS
```sh
@@ -58,22 +58,22 @@ docker run -p 9000:9000 --name minio1 \
minio/minio server /data
```
### Minio Custom Access and Secret Keys using Docker secrets
To override Minio's auto-generated keys, you may pass secret and access keys explicitly by creating access and secret keys as [Docker secrets](https://docs.docker.com/engine/swarm/secrets/). Minio server also allows regular strings as access and secret keys.
### MinIO Custom Access and Secret Keys using Docker secrets
To override MinIO's auto-generated keys, you may pass secret and access keys explicitly by creating access and secret keys as [Docker secrets](https://docs.docker.com/engine/swarm/secrets/). MinIO server also allows regular strings as access and secret keys.
```
echo "AKIAIOSFODNN7EXAMPLE" | docker secret create access_key -
echo "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY" | docker secret create secret_key -
```
Create a Minio service using `docker service` to read from Docker secrets.
Create a MinIO service using `docker service` to read from Docker secrets.
```
docker service create --name="minio-service" --secret="access_key" --secret="secret_key" minio/minio server /data
```
Read more about `docker service` [here](https://docs.docker.com/engine/swarm/how-swarm-mode-works/services/)
#### Minio Custom Access and Secret Key files
#### MinIO Custom Access and Secret Key files
To use other secret names follow the instructions above and replace `access_key` and `secret_key` with your custom names (e.g. `my_secret_key`,`my_custom_key`). Run your service with
```
docker service create --name="minio-service" \
@@ -105,15 +105,15 @@ To stop a running container, you can use the [`docker stop`](https://docs.docker
docker stop <container_id>
```
### Minio container logs
To access Minio logs, you can use the [`docker logs`](https://docs.docker.com/engine/reference/commandline/logs/) command.
### MinIO container logs
To access MinIO logs, you can use the [`docker logs`](https://docs.docker.com/engine/reference/commandline/logs/) command.
```sh
docker logs <container_id>
```
### Monitor Minio Docker Container
To monitor the resources used by Minio container, you can use the [`docker stats`](https://docs.docker.com/engine/reference/commandline/stats/) command.
### Monitor MinIO Docker Container
To monitor the resources used by MinIO container, you can use the [`docker stats`](https://docs.docker.com/engine/reference/commandline/stats/) command.
```sh
docker stats <container_id>
@@ -121,7 +121,7 @@ docker stats <container_id>
## Explore Further
* [Deploy Minio on Docker Compose](https://docs.minio.io/docs/deploy-minio-on-docker-compose)
* [Deploy Minio on Docker Swarm](https://docs.minio.io/docs/deploy-minio-on-docker-swarm)
* [Distributed Minio Quickstart Guide](https://docs.minio.io/docs/distributed-minio-quickstart-guide)
* [Minio Erasure Code QuickStart Guide](https://docs.minio.io/docs/minio-erasure-code-quickstart-guide)
* [Deploy MinIO on Docker Compose](https://docs.min.io/docs/deploy-minio-on-docker-compose)
* [Deploy MinIO on Docker Swarm](https://docs.min.io/docs/deploy-minio-on-docker-swarm)
* [Distributed MinIO Quickstart Guide](https://docs.min.io/docs/distributed-minio-quickstart-guide)
* [MinIO Erasure Code QuickStart Guide](https://docs.min.io/docs/minio-erasure-code-quickstart-guide)

24
docs/erasure/README.md
View File

@@ -1,18 +1,18 @@
# Minio Erasure Code Quickstart Guide [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io)
# MinIO Erasure Code Quickstart Guide [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)
Minio protects data against hardware failures and silent data corruption using erasure code and checksums. With the highest level of redundancy, you may lose up to half (N/2) of the total drives and still be able to recover the data.
MinIO protects data against hardware failures and silent data corruption using erasure code and checksums. With the highest level of redundancy, you may lose up to half (N/2) of the total drives and still be able to recover the data.
## What is Erasure Code?
Erasure code is a mathematical algorithm to reconstruct missing or corrupted data. Minio uses Reed-Solomon code to shard objects into variable data and parity blocks. For example, in a 12 drive setup, an object can be sharded to a variable number of data and parity blocks across all the drives - ranging from six data and six parity blocks to ten data and two parity blocks.
Erasure code is a mathematical algorithm to reconstruct missing or corrupted data. MinIO uses Reed-Solomon code to shard objects into variable data and parity blocks. For example, in a 12 drive setup, an object can be sharded to a variable number of data and parity blocks across all the drives - ranging from six data and six parity blocks to ten data and two parity blocks.
By default, Minio shards the objects across N/2 data and N/2 parity drives. Though, you can use [storage classes](https://github.com/minio/minio/tree/master/docs/erasure/storage-class) to use a custom configuration. We recommend N/2 data and parity blocks, as it ensures the best protection from drive failures.
By default, MinIO shards the objects across N/2 data and N/2 parity drives. Though, you can use [storage classes](https://github.com/minio/minio/tree/master/docs/erasure/storage-class) to use a custom configuration. We recommend N/2 data and parity blocks, as it ensures the best protection from drive failures.
In 12 drive example above, with Minio server running in the default configuration, you can lose any of the six drives and still reconstruct the data reliably from the remaining drives.
In 12 drive example above, with MinIO server running in the default configuration, you can lose any of the six drives and still reconstruct the data reliably from the remaining drives.
## Why is Erasure Code useful?
Erasure code protects data from multiple drives failure, unlike RAID or replication. For example, RAID6 can protect against two drive failure whereas in Minio erasure code you can lose as many as half of drives and still the data remains safe. Further, Minio's erasure code is at the object level and can heal one object at a time. For RAID, healing can be done only at the volume level which translates into high downtime. As Minio encodes each object individually, it can heal objects incrementally. Storage servers once deployed should not require drive replacement or healing for the lifetime of the server. Minio's erasure coded backend is designed for operational efficiency and takes full advantage of hardware acceleration whenever available.
Erasure code protects data from multiple drives failure, unlike RAID or replication. For example, RAID6 can protect against two drive failure whereas in MinIO erasure code you can lose as many as half of drives and still the data remains safe. Further, MinIO's erasure code is at the object level and can heal one object at a time. For RAID, healing can be done only at the volume level which translates into high downtime. As MinIO encodes each object individually, it can heal objects incrementally. Storage servers once deployed should not require drive replacement or healing for the lifetime of the server. MinIO's erasure coded backend is designed for operational efficiency and takes full advantage of hardware acceleration whenever available.
![Erasure](https://github.com/minio/minio/blob/master/docs/screenshots/erasure-code.jpg?raw=true)
@@ -20,23 +20,23 @@ Erasure code protects data from multiple drives failure, unlike RAID or replicat
Bit Rot, also known as data rot or silent data corruption is a data loss issue faced by disk drives today. Data on the drive may silently get corrupted without signaling an error has occurred, making bit rot more dangerous than a permanent hard drive failure.
Minio's erasure coded backend uses high speed [HighwayHash](https://blog.minio.io/highwayhash-fast-hashing-at-over-10-gb-s-per-core-in-golang-fee938b5218a) checksums to protect against Bit Rot.
MinIO's erasure coded backend uses high speed [HighwayHash](https://blog.min.io/highwayhash-fast-hashing-at-over-10-gb-s-per-core-in-golang-fee938b5218a) checksums to protect against Bit Rot.
## Get Started with Minio in Erasure Code
## Get Started with MinIO in Erasure Code
### 1. Prerequisites
Install Minio - [Minio Quickstart Guide](https://docs.minio.io/docs/minio-quickstart-guide)
Install MinIO - [MinIO Quickstart Guide](https://docs.min.io/docs/minio-quickstart-guide)
### 2. Run Minio Server with Erasure Code
### 2. Run MinIO Server with Erasure Code
Example: Start Minio server in a 12 drives setup, using Minio binary.
Example: Start MinIO server in a 12 drives setup, using MinIO binary.
```sh
minio server /data1 /data2 /data3 /data4 /data5 /data6 /data7 /data8 /data9 /data10 /data11 /data12
```
Example: Start Minio server in a 8 drives setup, using Minio Docker image.
Example: Start MinIO server in a 8 drives setup, using MinIO Docker image.
```sh
docker run -p 9000:9000 --name minio \

20
docs/erasure/storage-class/README.md
View File

@@ -1,12 +1,12 @@
# Minio Storage Class Quickstart Guide [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io)
# MinIO Storage Class Quickstart Guide [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)
Minio server supports storage class in erasure coding mode. This allows configurable data and parity disks per object.
MinIO server supports storage class in erasure coding mode. This allows configurable data and parity disks per object.
## Overview
Minio supports two storage classes, Reduced Redundancy class and Standard class. These classes can be defined using environment variables
set before starting Minio server. After the data and parity disks for each storage class are defined using environment variables,
you can set the storage class of an object via request metadata field `x-amz-storage-class`. Minio server then honors the storage class by
MinIO supports two storage classes, Reduced Redundancy class and Standard class. These classes can be defined using environment variables
set before starting MinIO server. After the data and parity disks for each storage class are defined using environment variables,
you can set the storage class of an object via request metadata field `x-amz-storage-class`. MinIO server then honors the storage class by
saving the object in specific number of data and parity disks.
## Storage usage
@@ -15,11 +15,11 @@ The selection of varying data and parity drives has a direct impact on the drive
redundancy or better drive space utilization.
To get an idea of how various combinations of data and parity drives affect the storage usage, lets take an example of a 100 MiB file stored
on 16 drive Minio deployment. If you use eight data and eight parity drives, the file space usage will be approximately twice, i.e. 100 MiB
on 16 drive MinIO deployment. If you use eight data and eight parity drives, the file space usage will be approximately twice, i.e. 100 MiB
file will take 200 MiB space. But, if you use ten data and six parity drives, same 100 MiB file takes around 160 MiB. If you use 14 data and
two parity drives, 100 MiB file takes only approximately 114 MiB.
Below is a list of data/parity drives and corresponding _approximate_ storage space usage on a 16 drive Minio deployment. The field _storage
Below is a list of data/parity drives and corresponding _approximate_ storage space usage on a 16 drive MinIO deployment. The field _storage
usage ratio_ is simply the drive space used by the file after erasure-encoding, divided by actual file size.
| Total Drives (N) | Data Drives (D) | Parity Drives (P) | Storage Usage Ratio |
@@ -77,11 +77,11 @@ more details.
*Note*
- If `STANDARD` storage class is set via environment variables or `mc admin config` get/set commands, and `x-amz-storage-class` is not present in request metadata, Minio server will
- If `STANDARD` storage class is set via environment variables or `mc admin config` get/set commands, and `x-amz-storage-class` is not present in request metadata, MinIO server will
apply `STANDARD` storage class to the object. This means the data and parity disks will be used as set in `STANDARD` storage class.
- If storage class is not defined before starting Minio server, and subsequent PutObject metadata field has `x-amz-storage-class` present
with values `REDUCED_REDUNDANCY` or `STANDARD`, Minio server uses default parity values.
- If storage class is not defined before starting MinIO server, and subsequent PutObject metadata field has `x-amz-storage-class` present
with values `REDUCED_REDUNDANCY` or `STANDARD`, MinIO server uses default parity values.
### Set metadata

42
docs/federation/lookup/README.md
View File

@@ -1,12 +1,12 @@
# Federation Quickstart Guide [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io)
This document explains how to configure Minio with `Bucket lookup from DNS` style federation.
# Federation Quickstart Guide [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)
This document explains how to configure MinIO with `Bucket lookup from DNS` style federation.
## Get started
### 1. Prerequisites
Install Minio - [Minio Quickstart Guide](https://docs.minio.io/docs/minio-quickstart-guide).
Install MinIO - [MinIO Quickstart Guide](https://docs.min.io/docs/minio-quickstart-guide).
### 2. Run Minio in federated mode
### 2. Run MinIO in federated mode
Bucket lookup from DNS federation requires two dependencies
- etcd (for config, bucket SRV records)
@@ -20,28 +20,28 @@ Bucket lookup from DNS federation requires two dependencies
#### MINIO_ETCD_ENDPOINTS
This is comma separated list of etcd servers that you want to use as the Minio federation back-end. This should
be same across the federated deployment, i.e. all the Minio instances within a federated deployment should use same
This is comma separated list of etcd servers that you want to use as the MinIO federation back-end. This should
be same across the federated deployment, i.e. all the MinIO instances within a federated deployment should use same
etcd back-end.
#### MINIO_DOMAIN
This is the top level domain name used for the federated setup. This domain name should ideally resolve to a load-balancer
running in front of all the federated Minio instances. The domain name is used to create sub domain entries to etcd. For
running in front of all the federated MinIO instances. The domain name is used to create sub domain entries to etcd. For
example, if the domain is set to `domain.com`, the buckets `bucket1`, `bucket2` will be accessible as `bucket1.domain.com`
and `bucket2.domain.com`.
#### MINIO_PUBLIC_IPS
This is comma separated list of IP addresses to which buckets created on this Minio instance will resolve to. For example,
a bucket `bucket1` created on current Minio instance will be accessible as `bucket1.domain.com`, and the DNS entry for
This is comma separated list of IP addresses to which buckets created on this MinIO instance will resolve to. For example,
a bucket `bucket1` created on current MinIO instance will be accessible as `bucket1.domain.com`, and the DNS entry for
`bucket1.domain.com` will point to IP address set in `MINIO_PUBLIC_IPS`.
*Note*
- This field is mandatory for standalone and erasure code Minio server deployments, to enable federated mode.
- This field is mandatory for standalone and erasure code MinIO server deployments, to enable federated mode.
- This field is optional for distributed deployments. If you don't set this field in a federated setup, we use the IP addresses of
hosts passed to the Minio server startup and use them for DNS entries.
hosts passed to the MinIO server startup and use them for DNS entries.
### Run Multiple Clusters
@@ -63,7 +63,7 @@ export MINIO_PUBLIC_IPS=44.35.1.1,44.35.1.2,44.35.1.3,44.35.1.4
minio server http://rack{5...8}.host{5...8}.domain.com/mnt/export{1...32}
```
In this configuration you can see `MINIO_ETCD_ENDPOINTS` points to the etcd backend which manages Minio's
In this configuration you can see `MINIO_ETCD_ENDPOINTS` points to the etcd backend which manages MinIO's
`config.json` and bucket DNS SRV records. `MINIO_DOMAIN` indicates the domain suffix for the bucket which
will be used to resolve bucket through DNS. For example if you have a bucket such as `mybucket`, the
client can use now `mybucket.domain.com` to directly resolve itself to the right cluster. `MINIO_PUBLIC_IPS`
@@ -75,22 +75,22 @@ it is randomized which cluster might provision the bucket.
### 3. Upgrading to `etcdv3` API
Users running Minio federation from release `RELEASE.2018-06-09T03-43-35Z` to `RELEASE.2018-07-10T01-42-11Z`, should migrate the existing bucket data on etcd server to `etcdv3` API, and update CoreDNS version to `1.2.0` before updating their Minio server to the latest version.
Users running MinIO federation from release `RELEASE.2018-06-09T03-43-35Z` to `RELEASE.2018-07-10T01-42-11Z`, should migrate the existing bucket data on etcd server to `etcdv3` API, and update CoreDNS version to `1.2.0` before updating their MinIO server to the latest version.
Here is some background on why this is needed - Minio server release `RELEASE.2018-06-09T03-43-35Z` to `RELEASE.2018-07-10T01-42-11Z` used etcdv2 API to store bucket data to etcd server. This was due to `etcdv3` support not available for CoreDNS server. So, even if Minio used `etcdv3` API to store bucket data, CoreDNS wouldn't be able to read and serve it as DNS records.
Here is some background on why this is needed - MinIO server release `RELEASE.2018-06-09T03-43-35Z` to `RELEASE.2018-07-10T01-42-11Z` used etcdv2 API to store bucket data to etcd server. This was due to `etcdv3` support not available for CoreDNS server. So, even if MinIO used `etcdv3` API to store bucket data, CoreDNS wouldn't be able to read and serve it as DNS records.
Now that CoreDNS [supports etcdv3](https://coredns.io/2018/07/11/coredns-1.2.0-release/), Minio server uses `etcdv3` API to store bucket data to etcd server. As `etcdv2` and `etcdv3` APIs are not compatible, data stored using `etcdv2` API is not visible to the `etcdv3` API. So, bucket data stored by previous Minio version will not be visible to current Minio version, until a migration is done.
Now that CoreDNS [supports etcdv3](https://coredns.io/2018/07/11/coredns-1.2.0-release/), MinIO server uses `etcdv3` API to store bucket data to etcd server. As `etcdv2` and `etcdv3` APIs are not compatible, data stored using `etcdv2` API is not visible to the `etcdv3` API. So, bucket data stored by previous MinIO version will not be visible to current MinIO version, until a migration is done.
CoreOS team has documented the steps required to migrate existing data from `etcdv2` to `etcdv3` in [this blog post](https://coreos.com/blog/migrating-applications-etcd-v3.html). Please refer the post and migrate etcd data to `etcdv3` API.
### 4. Test your setup
To test this setup, access the Minio server via browser or [`mc`](https://docs.minio.io/docs/minio-client-quickstart-guide). Youll see the uploaded files are accessible from the all the Minio endpoints.
To test this setup, access the MinIO server via browser or [`mc`](https://docs.min.io/docs/minio-client-quickstart-guide). Youll see the uploaded files are accessible from the all the MinIO endpoints.
# Explore Further
- [Use `mc` with Minio Server](https://docs.minio.io/docs/minio-client-quickstart-guide)
- [Use `aws-cli` with Minio Server](https://docs.minio.io/docs/aws-cli-with-minio)
- [Use `s3cmd` with Minio Server](https://docs.minio.io/docs/s3cmd-with-minio)
- [Use `minio-go` SDK with Minio Server](https://docs.minio.io/docs/golang-client-quickstart-guide)
- [The Minio documentation website](https://docs.minio.io)
- [Use `mc` with MinIO Server](https://docs.min.io/docs/minio-client-quickstart-guide)
- [Use `aws-cli` with MinIO Server](https://docs.min.io/docs/aws-cli-with-minio)
- [Use `s3cmd` with MinIO Server](https://docs.min.io/docs/s3cmd-with-minio)
- [Use `minio-go` SDK with MinIO Server](https://docs.min.io/docs/golang-client-quickstart-guide)
- [The MinIO documentation website](https://docs.min.io)

4
docs/gateway/README.md
View File

@@ -1,5 +1,5 @@
# Minio Gateway [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io)
Minio Gateway adds Amazon S3 compatibility to third party cloud storage providers.
# MinIO Gateway [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)
MinIO Gateway adds Amazon S3 compatibility to third party cloud storage providers.
- [NAS](https://github.com/minio/minio/blob/master/docs/gateway/nas.md)
- [Microsoft Azure Blob Storage](https://github.com/minio/minio/blob/master/docs/gateway/azure.md)
- [S3](https://github.com/minio/minio/blob/master/docs/gateway/s3.md)

18
docs/gateway/azure.md
View File

@@ -1,7 +1,7 @@
# Minio Azure Gateway [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io)
Minio Gateway adds Amazon S3 compatibility to Microsoft Azure Blob Storage.
# MinIO Azure Gateway [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)
MinIO Gateway adds Amazon S3 compatibility to Microsoft Azure Blob Storage.
## Run Minio Gateway for Microsoft Azure Blob Storage
## Run MinIO Gateway for Microsoft Azure Blob Storage
### Using Docker
```
docker run -p 9000:9000 --name azure-s3 \
@@ -16,11 +16,11 @@ export MINIO_ACCESS_KEY=azureaccountname
export MINIO_SECRET_KEY=azureaccountkey
minio gateway azure
```
## Test using Minio Browser
Minio Gateway comes with an embedded web based object browser. Point your web browser to http://127.0.0.1:9000 to ensure that your server has started successfully.
## Test using MinIO Browser
MinIO Gateway comes with an embedded web based object browser. Point your web browser to http://127.0.0.1:9000 to ensure that your server has started successfully.
![Screenshot](https://github.com/minio/minio/blob/master/docs/screenshots/minio-browser-gateway.png?raw=true)
## Test using Minio Client `mc`
## Test using MinIO Client `mc`
`mc` provides a modern alternative to UNIX commands such as ls, cat, cp, mirror, diff etc. It supports filesystems and Amazon S3 compatible cloud storage services.
### Configure `mc`
@@ -49,6 +49,6 @@ Other limitations:
- Bucket notification APIs are not supported.
## Explore Further
- [`mc` command-line interface](https://docs.minio.io/docs/minio-client-quickstart-guide)
- [`aws` command-line interface](https://docs.minio.io/docs/aws-cli-with-minio)
- [`minio-go` Go SDK](https://docs.minio.io/docs/golang-client-quickstart-guide)
- [`mc` command-line interface](https://docs.min.io/docs/minio-client-quickstart-guide)
- [`aws` command-line interface](https://docs.min.io/docs/aws-cli-with-minio)
- [`minio-go` Go SDK](https://docs.min.io/docs/golang-client-quickstart-guide)

18
docs/gateway/b2.md
View File

@@ -1,7 +1,7 @@
# Minio B2 Gateway [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io)
Minio Gateway adds Amazon S3 compatibility to Backblaze B2 Cloud Storage.
# MinIO B2 Gateway [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)
MinIO Gateway adds Amazon S3 compatibility to Backblaze B2 Cloud Storage.
## Run Minio Gateway for Backblaze B2 Cloud Storage
## Run MinIO Gateway for Backblaze B2 Cloud Storage
Please follow this [guide](https://www.backblaze.com/b2/docs/quick_account.html) to create an account on backblaze.com to obtain your access credentials for B2 Cloud storage.
### Using Docker
@@ -19,12 +19,12 @@ export MINIO_SECRET_KEY=b2_application_key
minio gateway b2
```
## Test using Minio Browser
Minio Gateway comes with an embedded web based object browser. Point your web browser to http://127.0.0.1:9000 to ensure that your server has started successfully.
## Test using MinIO Browser
MinIO Gateway comes with an embedded web based object browser. Point your web browser to http://127.0.0.1:9000 to ensure that your server has started successfully.
![Screenshot](https://raw.githubusercontent.com/minio/minio/master/docs/screenshots/minio-browser-gateway.png)
## Test using Minio Client `mc`
## Test using MinIO Client `mc`
`mc` provides a modern alternative to UNIX commands such as ls, cat, cp, mirror, diff etc. It supports filesystems and Amazon S3 compatible cloud storage services.
### Configure `mc`
@@ -53,6 +53,6 @@ Other limitations:
- Bucket notification APIs are not supported.
## Explore Further
- [`mc` command-line interface](https://docs.minio.io/docs/minio-client-quickstart-guide)
- [`aws` command-line interface](https://docs.minio.io/docs/aws-cli-with-minio)
- [`minio-go` Go SDK](https://docs.minio.io/docs/golang-client-quickstart-guide)
- [`mc` command-line interface](https://docs.min.io/docs/minio-client-quickstart-guide)
- [`aws` command-line interface](https://docs.min.io/docs/aws-cli-with-minio)
- [`minio-go` Go SDK](https://docs.min.io/docs/golang-client-quickstart-guide)

34
docs/gateway/gcs.md
View File

@@ -1,12 +1,12 @@
# Minio GCS Gateway [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io)
# MinIO GCS Gateway [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)
Minio GCS Gateway allows you to access Google Cloud Storage (GCS) with Amazon S3-compatible APIs
MinIO GCS Gateway allows you to access Google Cloud Storage (GCS) with Amazon S3-compatible APIs
- [Run Minio Gateway for GCS](#run-minio-gateway-for-gcs)
- [Test Using Minio Browser](#test-using-minio-browser)
- [Test Using Minio Client](#test-using-minio-client)
- [Run MinIO Gateway for GCS](#run-minio-gateway-for-gcs)
- [Test Using MinIO Browser](#test-using-minio-browser)
- [Test Using MinIO Client](#test-using-minio-client)
## <a name="run-minio-gateway-for-gcs"></a>1. Run Minio Gateway for GCS
## <a name="run-minio-gateway-for-gcs"></a>1. Run MinIO Gateway for GCS
### 1.1 Create a Service Account key for GCS and get the Credentials File
1. Navigate to the [API Console Credentials page](https://console.developers.google.com/project/_/apis/credentials).
@@ -19,7 +19,7 @@ Minio GCS Gateway allows you to access Google Cloud Storage (GCS) with Amazon S3
**Note:** For alternate ways to set up *Application Default Credentials*, see [Setting Up Authentication for Server to Server Production Applications](https://developers.google.com/identity/protocols/application-default-credentials).
### 1.1 Run Minio GCS Gateway Using Docker
### 1.1 Run MinIO GCS Gateway Using Docker
```sh
docker run -p 9000:9000 --name gcs-s3 \
-v /path/to/credentials.json:/credentials.json \
@@ -29,7 +29,7 @@ docker run -p 9000:9000 --name gcs-s3 \
minio/minio gateway gcs yourprojectid
```
### 1.2 Run Minio GCS Gateway Using the Minio Binary
### 1.2 Run MinIO GCS Gateway Using the MinIO Binary
```sh
export GOOGLE_APPLICATION_CREDENTIALS=/path/to/credentials.json
@@ -38,17 +38,17 @@ export MINIO_SECRET_KEY=miniosecretkey
minio gateway gcs yourprojectid
```
## <a name="test-using-minio-browser"></a>2. Test Using Minio Browser
## <a name="test-using-minio-browser"></a>2. Test Using MinIO Browser
Minio Gateway comes with an embedded web-based object browser that outputs content to http://127.0.0.1:9000. To test that Minio Gateway is running, open a web browser, navigate to http://127.0.0.1:9000, and ensure that the object browser is displayed.
MinIO Gateway comes with an embedded web-based object browser that outputs content to http://127.0.0.1:9000. To test that MinIO Gateway is running, open a web browser, navigate to http://127.0.0.1:9000, and ensure that the object browser is displayed.
![Screenshot](https://github.com/minio/minio/blob/master/docs/screenshots/minio-browser-gateway.png?raw=true)
## <a name="test-using-minio-client"></a>3. Test Using Minio Client
## <a name="test-using-minio-client"></a>3. Test Using MinIO Client
Minio Client is a command-line tool called `mc` that provides UNIX-like commands for interacting with the server (e.g. ls, cat, cp, mirror, diff, find, etc.). `mc` supports file systems and Amazon S3-compatible cloud storage services (AWS Signature v2 and v4).
MinIO Client is a command-line tool called `mc` that provides UNIX-like commands for interacting with the server (e.g. ls, cat, cp, mirror, diff, find, etc.). `mc` supports file systems and Amazon S3-compatible cloud storage services (AWS Signature v2 and v4).
### 3.1 Configure the Gateway using Minio Client
### 3.1 Configure the Gateway using MinIO Client
Use the following command to configure the gateway:
@@ -73,7 +73,7 @@ A response similar to this one should be displayed:
```
### 3.3 Known limitations
Minio Gateway has the following limitations when used with GCS:
MinIO Gateway has the following limitations when used with GCS:
* It only supports read-only and write-only bucket policies at the bucket level; all other variations will return `API Not implemented`.
* The `List Multipart Uploads` and `List Object parts` commands always return empty lists. Therefore, the client must store all of the parts that it has uploaded and use that information when invoking the `_Complete Multipart Upload` command.
@@ -83,6 +83,6 @@ Other limitations:
* Bucket notification APIs are not supported.
## <a name="explore-further"></a>4. Explore Further
- [`mc` command-line interface](https://docs.minio.io/docs/minio-client-quickstart-guide)
- [`aws` command-line interface](https://docs.minio.io/docs/aws-cli-with-minio)
- [`minio-go` Go SDK](https://docs.minio.io/docs/golang-client-quickstart-guide)
- [`mc` command-line interface](https://docs.min.io/docs/minio-client-quickstart-guide)
- [`aws` command-line interface](https://docs.min.io/docs/aws-cli-with-minio)
- [`minio-go` Go SDK](https://docs.min.io/docs/golang-client-quickstart-guide)

18
docs/gateway/nas.md
View File

@@ -1,8 +1,8 @@
# Minio NAS Gateway [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io)
# MinIO NAS Gateway [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)
Minio Gateway adds Amazon S3 compatibility to NAS storage. You may run multiple minio instances on the same shared NAS volume as a distributed object gateway.
MinIO Gateway adds Amazon S3 compatibility to NAS storage. You may run multiple minio instances on the same shared NAS volume as a distributed object gateway.
## Run Minio Gateway for NAS Storage
## Run MinIO Gateway for NAS Storage
### Using Docker
@@ -24,13 +24,13 @@ export MINIO_SECRET_KEY=minio123
minio gateway nas /shared/nasvol
```
## Test using Minio Browser
## Test using MinIO Browser
Minio Gateway comes with an embedded web based object browser. Point your web browser to http://127.0.0.1:9000 to ensure that your server has started successfully.
MinIO Gateway comes with an embedded web based object browser. Point your web browser to http://127.0.0.1:9000 to ensure that your server has started successfully.
![Screenshot](https://raw.githubusercontent.com/minio/minio/master/docs/screenshots/minio-browser-gateway.png)
## Test using Minio Client `mc`
## Test using MinIO Client `mc`
`mc` provides a modern alternative to UNIX commands such as ls, cat, cp, mirror, diff etc. It supports filesystems and Amazon S3 compatible cloud storage services.
@@ -50,6 +50,6 @@ mc ls mynas
```
## Explore Further
- [`mc` command-line interface](https://docs.minio.io/docs/minio-client-quickstart-guide)
- [`aws` command-line interface](https://docs.minio.io/docs/aws-cli-with-minio)
- [`minio-go` Go SDK](https://docs.minio.io/docs/golang-client-quickstart-guide)
- [`mc` command-line interface](https://docs.min.io/docs/minio-client-quickstart-guide)
- [`aws` command-line interface](https://docs.min.io/docs/aws-cli-with-minio)
- [`minio-go` Go SDK](https://docs.min.io/docs/golang-client-quickstart-guide)

18
docs/gateway/oss.md
View File

@@ -1,7 +1,7 @@
# Minio OSS Gateway [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io)
Minio Gateway adds Amazon S3 compatibility to Alibaba Cloud Object Storage Service (OSS).
# MinIO OSS Gateway [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)
MinIO Gateway adds Amazon S3 compatibility to Alibaba Cloud Object Storage Service (OSS).
## Run Minio Gateway for OSS.
## Run MinIO Gateway for OSS.
### Using Docker
```
@@ -18,12 +18,12 @@ export MINIO_SECRET_KEY=osssecretkey
minio gateway oss
```
## Test using Minio Browser
Minio Gateway comes with an embedded web based object browser. Point your web browser to http://127.0.0.1:9000 to ensure that your server has started successfully.
## Test using MinIO Browser
MinIO Gateway comes with an embedded web based object browser. Point your web browser to http://127.0.0.1:9000 to ensure that your server has started successfully.
![Screenshot](https://raw.githubusercontent.com/minio/minio/master/docs/screenshots/minio-browser-gateway.png)
## Test using Minio Client `mc`
## Test using MinIO Client `mc`
`mc` provides a modern alternative to UNIX commands such as ls, cat, cp, mirror, diff etc. It supports filesystems and Amazon S3 compatible cloud storage services.
### Configure `mc`
@@ -52,6 +52,6 @@ Other limitations:
## Explore Further
- [`mc` command-line interface](https://docs.minio.io/docs/minio-client-quickstart-guide)
- [`aws` command-line interface](https://docs.minio.io/docs/aws-cli-with-minio)
- [`minio-go` Go SDK](https://docs.minio.io/docs/golang-client-quickstart-guide)
- [`mc` command-line interface](https://docs.min.io/docs/minio-client-quickstart-guide)
- [`aws` command-line interface](https://docs.min.io/docs/aws-cli-with-minio)
- [`minio-go` Go SDK](https://docs.min.io/docs/golang-client-quickstart-guide)

32
docs/gateway/s3.md
View File

@@ -1,9 +1,9 @@
# Minio S3 Gateway [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io)
# MinIO S3 Gateway [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)
Minio S3 Gateway adds Minio features like Minio Browser and disk caching to AWS S3 or any other AWS S3 compatible service.
MinIO S3 Gateway adds MinIO features like MinIO Browser and disk caching to AWS S3 or any other AWS S3 compatible service.
## Run Minio Gateway for AWS S3
As a prerequisite to run Minio S3 gateway, you need valid AWS S3 access key and secret key by default. Optionally you can also set custom access/secret key, when you have rotating AWS IAM credentials or AWS credentials through environment variables (i.e. AWS_ACCESS_KEY_ID)
## Run MinIO Gateway for AWS S3
As a prerequisite to run MinIO S3 gateway, you need valid AWS S3 access key and secret key by default. Optionally you can also set custom access/secret key, when you have rotating AWS IAM credentials or AWS credentials through environment variables (i.e. AWS_ACCESS_KEY_ID)
### Using Docker
```
@@ -28,14 +28,14 @@ export MINIO_SECRET_KEY=custom_secret_key
minio gateway s3
```
Minio gateway will automatically look for list of credential styles in following order, if your backend URL is AWS S3.
MinIO gateway will automatically look for list of credential styles in following order, if your backend URL is AWS S3.
- AWS env vars (i.e. AWS_ACCESS_KEY_ID)
- AWS creds file (i.e. AWS_SHARED_CREDENTIALS_FILE or ~/.aws/credentials)
- IAM profile based credentials. (performs an HTTP call to a pre-defined endpoint, only valid inside configured ec2 instances)
## Run Minio Gateway for AWS S3 compatible services
As a prerequisite to run Minio S3 gateway on an AWS S3 compatible service, you need valid access key, secret key and service endpoint.
## Run MinIO Gateway for AWS S3 compatible services
As a prerequisite to run MinIO S3 gateway on an AWS S3 compatible service, you need valid access key, secret key and service endpoint.
### Using Docker
```
@@ -52,20 +52,20 @@ export MINIO_SECRET_KEY=secret_key
minio gateway s3 https://s3_compatible_service_endpoint:port
```
## Minio Caching
Minio edge caching allows storing content closer to the applications. Frequently accessed objects are stored in a local disk based cache. Edge caching with Minio gateway feature allows
## MinIO Caching
MinIO edge caching allows storing content closer to the applications. Frequently accessed objects are stored in a local disk based cache. Edge caching with MinIO gateway feature allows
- Dramatic improvements for time to first byte for any object.
- Avoid S3 [data transfer charges](https://aws.amazon.com/s3/pricing/).
Refer [this document](https://docs.minio.io/docs/minio-disk-cache-guide.html) to get started with Minio Caching.
Refer [this document](https://docs.min.io/docs/minio-disk-cache-guide.html) to get started with MinIO Caching.
## Minio Browser
Minio Gateway comes with an embedded web based object browser. Point your web browser to http://127.0.0.1:9000 to ensure that your server has started successfully.
## MinIO Browser
MinIO Gateway comes with an embedded web based object browser. Point your web browser to http://127.0.0.1:9000 to ensure that your server has started successfully.
![Screenshot](https://github.com/minio/minio/blob/master/docs/screenshots/minio-browser-gateway.png?raw=true)
With Minio S3 gateway, you can use Minio browser to explore AWS S3 based objects.
With MinIO S3 gateway, you can use MinIO browser to explore AWS S3 based objects.
### Known limitations
@@ -73,6 +73,6 @@ With Minio S3 gateway, you can use Minio browser to explore AWS S3 based objects
## Explore Further
- [`mc` command-line interface](https://docs.minio.io/docs/minio-client-quickstart-guide)
- [`aws` command-line interface](https://docs.minio.io/docs/aws-cli-with-minio)
- [`minio-go` Go SDK](https://docs.minio.io/docs/golang-client-quickstart-guide)
- [`mc` command-line interface](https://docs.min.io/docs/minio-client-quickstart-guide)
- [`aws` command-line interface](https://docs.min.io/docs/aws-cli-with-minio)
- [`minio-go` Go SDK](https://docs.min.io/docs/golang-client-quickstart-guide)

42
docs/kms/README.md
View File

@@ -1,26 +1,26 @@
# KMS Quickstart Guide [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io)
# KMS Quickstart Guide [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)
Minio uses a key-management-system (KMS) to support SSE-S3. If a client requests SSE-S3, or auto-encryption
is enabled, the Minio server encrypts each object with an unique object key which is protected by a master key
MinIO uses a key-management-system (KMS) to support SSE-S3. If a client requests SSE-S3, or auto-encryption
is enabled, the MinIO server encrypts each object with an unique object key which is protected by a master key
managed by the KMS. Usually all object keys are protected by a single master key.
Minio supports two different KMS concepts:
MinIO supports two different KMS concepts:
- External KMS:
Minio can be configured to use an external KMS i.e. [Hashicorp Vault](https://www.vaultproject.io/).
An external KMS decouples Minio as storage system from key-management. An external KMS can
MinIO can be configured to use an external KMS i.e. [Hashicorp Vault](https://www.vaultproject.io/).
An external KMS decouples MinIO as storage system from key-management. An external KMS can
be managed by a dedicated security team and allows you to grant/deny access to (certain) objects
by enabling or disabling the corresponding master keys on demand.
- Direct KMS master keys:
Minio can also be configured to directly use a master key specified by the environment variable `MINIO_SSE_MASTER_KEY`.
Direct master keys are useful if the storage backend is not on the same machine as the Minio server, e.g.,
if network drives or Minio gateway is used and an external KMS would cause too much management overhead.
MinIO can also be configured to directly use a master key specified by the environment variable `MINIO_SSE_MASTER_KEY`.
Direct master keys are useful if the storage backend is not on the same machine as the MinIO server, e.g.,
if network drives or MinIO gateway is used and an external KMS would cause too much management overhead.
Note: KMS master keys are mainly for testing purposes. It's not recommended to use them for production deployments.
Further if the Minio server machine is ever compromised, then the master key must also be treated as compromised.
Further if the MinIO server machine is ever compromised, then the master key must also be treated as compromised.
**Important:**
If multiple Minio servers are configured as [gateways](https://github.com/minio/minio/blob/master/docs/gateway/README.md)
If multiple MinIO servers are configured as [gateways](https://github.com/minio/minio/blob/master/docs/gateway/README.md)
pointing to the *same* backend - for example the same NAS storage - then the KMS configuration **must** be the same for
all gateways. Otherwise one gateway may not be able to decrypt objects created by another gateway. It is the operators'
responsibility to ensure consistency.
@@ -28,7 +28,7 @@ responsibility to ensure consistency.
## Get started
### 1. Prerequisites
Install Minio - [Minio Quickstart Guide](https://docs.minio.io/docs/minio-quickstart-guide).
Install MinIO - [MinIO Quickstart Guide](https://docs.min.io/docs/minio-quickstart-guide).
### 2. Setup a KMS
@@ -38,7 +38,7 @@ Either use Hashicorp Vault as external KMS or specify a master key directly depe
Here is a sample quick start for configuring vault with a transit backend and Approle with correct policy
Minio requires the following Vault setup:
MinIO requires the following Vault setup:
- The [transit backend](https://www.vaultproject.io/api/secret/transit/index.html) configured with a named encryption key-ring
- [AppRole](https://www.vaultproject.io/docs/auth/approle.html) based authentication with read/update policy for transit backend. In particular, read and update policy are required for the [Generate Data Key](https://www.vaultproject.io/api/secret/transit/index.html#generate-data-key) endpoint and [Decrypt Data](https://www.vaultproject.io/api/secret/transit/index.html#decrypt-data) endpoint.
@@ -108,7 +108,7 @@ export MINIO_SSE_VAULT_NAMESPACE=ns1
Note: If [Vault Namespaces](https://learn.hashicorp.com/vault/operations/namespaces) are in use, MINIO_SSE_VAULT_NAMESPACE variable needs to be set before setting approle and transit secrets engine.
Minio gateway to S3 supports encryption. Three encryption modes are possible - encryption can be set to ``pass-through`` to backend, ``single encryption`` (at the gateway) or ``double encryption`` (single encryption at gateway and pass through to backend). This can be specified by setting MINIO_GATEWAY_SSE and KMS environment variables set in Step 2.1.2.
MinIO gateway to S3 supports encryption. Three encryption modes are possible - encryption can be set to ``pass-through`` to backend, ``single encryption`` (at the gateway) or ``double encryption`` (single encryption at gateway and pass through to backend). This can be specified by setting MINIO_GATEWAY_SSE and KMS environment variables set in Step 2.1.2.
If MINIO_GATEWAY_SSE and KMS are not setup, all encryption headers are passed through to the backend. If KMS environment variables are set up, ``single encryption`` is automatically performed at the gateway and encrypted object is saved at the backend.
@@ -145,11 +145,11 @@ To test this setup, start minio server with environment variables set in Step 3,
### Auto-Encryption
Minio can also enable auto-encryption **if** a valid KMS configuration is specified and the storage backend supports
MinIO can also enable auto-encryption **if** a valid KMS configuration is specified and the storage backend supports
encrypted objects. Auto-Encryption, if enabled, ensures that all uploaded objects are encrypted using the specified
KMS configuration.
Auto-Encryption is useful especially if the Minio operator wants to ensure that objects are **never** stored in
Auto-Encryption is useful especially if the MinIO operator wants to ensure that objects are **never** stored in
plaintext - for example if sensitive data is stored on public cloud storage.
To enable auto-encryption set the environment variable to `on`:
@@ -176,8 +176,8 @@ and S3 only allows either SSE-S3 or SSE-C but not both for the same object.
# Explore Further
- [Use `mc` with Minio Server](https://docs.minio.io/docs/minio-client-quickstart-guide)
- [Use `aws-cli` with Minio Server](https://docs.minio.io/docs/aws-cli-with-minio)
- [Use `s3cmd` with Minio Server](https://docs.minio.io/docs/s3cmd-with-minio)
- [Use `minio-go` SDK with Minio Server](https://docs.minio.io/docs/golang-client-quickstart-guide)
- [The Minio documentation website](https://docs.minio.io)
- [Use `mc` with MinIO Server](https://docs.min.io/docs/minio-client-quickstart-guide)
- [Use `aws-cli` with MinIO Server](https://docs.min.io/docs/aws-cli-with-minio)
- [Use `s3cmd` with MinIO Server](https://docs.min.io/docs/s3cmd-with-minio)
- [Use `minio-go` SDK with MinIO Server](https://docs.min.io/docs/golang-client-quickstart-guide)
- [The MinIO documentation website](https://docs.min.io)

4
docs/large-bucket/DESIGN.md
View File

@@ -1,4 +1,4 @@
# Large Bucket Support Design Guide [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io)
# Large Bucket Support Design Guide [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)
This document explains the design approach, advanced use cases and limits of the large bucket feature. If you're looking to get started with large bucket support, we suggest you go through the [getting started document](https://github.com/minio/minio/blob/master/docs/large-bucket/README.md) first.
@@ -64,7 +64,7 @@ minio server http://rack1-host{1...8}.example.net/export{1...16} http://rack2-ho
### Expected expansion for double ellipses
Minio server internally expands ellipses passed as arguments. Here is a sample expansion to demonstrate the process
MinIO server internally expands ellipses passed as arguments. Here is a sample expansion to demonstrate the process
```
minio server http://host{1...4}/export{1...8}

34
docs/large-bucket/README.md
View File

@@ -1,25 +1,25 @@
# Large Bucket Support Quickstart Guide [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
# Large Bucket Support Quickstart Guide [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
Erasure code in Minio is limited to 16 disks. This on its own allows storage space to hold a tenant's data. However, to cater to cases which may need larger number of disks or high storage space requirements, large bucket support was introduced.
Erasure code in MinIO is limited to 16 disks. This on its own allows storage space to hold a tenant's data. However, to cater to cases which may need larger number of disks or high storage space requirements, large bucket support was introduced.
We call it large-bucket as it allows a single Minio bucket to expand over multiple erasure code deployment sets. Without any special configuration it helps you create peta-scale storage systems. With large bucket support, you can use more than 16 disks upfront while deploying the Minio server. Internally Minio creates multiple smaller erasure coded sets, and these sets are further combined into a single namespace. This document gives a brief introduction on how to get started with large bucket deployments. To explore further on advanced uses and limitations, refer to the [design document](https://github.com/minio/minio/blob/master/docs/large-bucket/DESIGN.md).
We call it large-bucket as it allows a single MinIO bucket to expand over multiple erasure code deployment sets. Without any special configuration it helps you create peta-scale storage systems. With large bucket support, you can use more than 16 disks upfront while deploying the MinIO server. Internally MinIO creates multiple smaller erasure coded sets, and these sets are further combined into a single namespace. This document gives a brief introduction on how to get started with large bucket deployments. To explore further on advanced uses and limitations, refer to the [design document](https://github.com/minio/minio/blob/master/docs/large-bucket/DESIGN.md).
## Get started
If you're aware of distributed Minio setup, the installation and configuration remains the same. Only new addition to the input syntax is `...` convention to abbreviate the drive arguments. Remote drives in a distributed setup are encoded as HTTP(s) URIs which can be similarly abbreviated as well.
If you're aware of distributed MinIO setup, the installation and configuration remains the same. Only new addition to the input syntax is `...` convention to abbreviate the drive arguments. Remote drives in a distributed setup are encoded as HTTP(s) URIs which can be similarly abbreviated as well.
### 1. Prerequisites
Install Minio - [Minio Quickstart Guide](https://docs.minio.io/docs/minio-quickstart-guide).
Install MinIO - [MinIO Quickstart Guide](https://docs.min.io/docs/minio-quickstart-guide).
### 2. Run Minio on many drives
### 2. Run MinIO on many drives
We'll see examples on how to do this in the following sections.
*Note*
- All the nodes running distributed Minio need to have same access key and secret key. To achieve this, we export access key and secret key as environment variables on all the nodes before executing Minio server command.
- All the nodes running distributed MinIO need to have same access key and secret key. To achieve this, we export access key and secret key as environment variables on all the nodes before executing MinIO server command.
- The drive paths below are for demonstration purposes only, you need to replace these with the actual drive paths/folders.
#### Minio large bucket on multiple drives (standalone)
You'll need the path to the disks e.g. `/export1, /export2 .... /export24`. Then run the following commands on all the nodes you'd like to launch Minio.
#### MinIO large bucket on multiple drives (standalone)
You'll need the path to the disks e.g. `/export1, /export2 .... /export24`. Then run the following commands on all the nodes you'd like to launch MinIO.
```sh
export MINIO_ACCESS_KEY=<ACCESS_KEY>
@@ -27,8 +27,8 @@ export MINIO_SECRET_KEY=<SECRET_KEY>
minio server /export{1...24}
```
#### Minio large bucket on multiple servers (distributed)
You'll need the path to the disks e.g. `http://host1/export1, http://host2/export2 .... http://host4/export16`. Then run the following commands on all the nodes you'd like to launch Minio.
#### MinIO large bucket on multiple servers (distributed)
You'll need the path to the disks e.g. `http://host1/export1, http://host2/export2 .... http://host4/export16`. Then run the following commands on all the nodes you'd like to launch MinIO.
```sh
export MINIO_ACCESS_KEY=<ACCESS_KEY>
@@ -37,11 +37,11 @@ minio server http://host{1...4}/export{1...16}
```
### 3. Test your setup
To test this setup, access the Minio server via browser or [`mc`](https://docs.minio.io/docs/minio-client-quickstart-guide). Youll see the uploaded files are accessible from the all the Minio endpoints.
To test this setup, access the MinIO server via browser or [`mc`](https://docs.min.io/docs/minio-client-quickstart-guide). Youll see the uploaded files are accessible from the all the MinIO endpoints.
## Explore Further
- [Use `mc` with Minio Server](https://docs.minio.io/docs/minio-client-quickstart-guide)
- [Use `aws-cli` with Minio Server](https://docs.minio.io/docs/aws-cli-with-minio)
- [Use `s3cmd` with Minio Server](https://docs.minio.io/docs/s3cmd-with-minio)
- [Use `minio-go` SDK with Minio Server](https://docs.minio.io/docs/golang-client-quickstart-guide)
- [The Minio documentation website](https://docs.minio.io)
- [Use `mc` with MinIO Server](https://docs.min.io/docs/minio-client-quickstart-guide)
- [Use `aws-cli` with MinIO Server](https://docs.min.io/docs/aws-cli-with-minio)
- [Use `s3cmd` with MinIO Server](https://docs.min.io/docs/s3cmd-with-minio)
- [Use `minio-go` SDK with MinIO Server](https://docs.min.io/docs/golang-client-quickstart-guide)
- [The MinIO documentation website](https://docs.min.io)

28
docs/logging/README.md
View File

@@ -1,16 +1,16 @@
# Minio Logging Quickstart Guide [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io)
This document explains how to configure Minio server to log to different logging targets.
# MinIO Logging Quickstart Guide [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)
This document explains how to configure MinIO server to log to different logging targets.
## Log Targets
Minio supports currently two target types
MinIO supports currently two target types
- console
- http
### Console Target
Console target logs to `/dev/stderr` and is enabled by default. To turn-off console logging you would have to update your Minio server configuration using `mc admin config set` command.
Console target logs to `/dev/stderr` and is enabled by default. To turn-off console logging you would have to update your MinIO server configuration using `mc admin config set` command.
Assuming `mc` is already [configured](https://docs.minio.io/docs/minio-client-quickstart-guide.html)
Assuming `mc` is already [configured](https://docs.min.io/docs/minio-client-quickstart-guide.html)
```
mc admin config get myminio/ > /tmp/config
```
@@ -32,9 +32,9 @@ mc admin restart myminio/
```
### HTTP Target
HTTP target logs to a generic HTTP endpoint in JSON format and is not enabled by default. To enable HTTP target logging you would have to update your Minio server configuration using `mc admin config set` command.
HTTP target logs to a generic HTTP endpoint in JSON format and is not enabled by default. To enable HTTP target logging you would have to update your MinIO server configuration using `mc admin config set` command.
Assuming `mc` is already [configured](https://docs.minio.io/docs/minio-client-quickstart-guide.html)
Assuming `mc` is already [configured](https://docs.min.io/docs/minio-client-quickstart-guide.html)
```
mc admin config get myminio/ > /tmp/config
```
@@ -61,13 +61,13 @@ mc admin config set myminio/ < /tmp/config
mc admin restart myminio/
```
Minio also honors environment variable for HTTP target logging as shown below, this setting will override the endpoint settings in the Minio server config.
MinIO also honors environment variable for HTTP target logging as shown below, this setting will override the endpoint settings in the MinIO server config.
```
MINIO_LOGGER_HTTP_ENDPOINT=http://localhost:8080/minio/logs minio server /mnt/data
```
## Audit Targets
For audit logging Minio supports only HTTP target type for now. Audit logging is currently only available through environment variable.
For audit logging MinIO supports only HTTP target type for now. Audit logging is currently only available through environment variable.
```
MINIO_AUDIT_LOGGER_HTTP_ENDPOINT=http://localhost:8080/minio/logs/audit minio server /mnt/data
```
@@ -87,7 +87,7 @@ Setting this environment variable automatically enables audit logging to the HTT
},
"remotehost": "127.0.0.1",
"requestID": "156946C6C1E7842C",
"userAgent": "Minio (linux; amd64) minio-go/v6.0.6",
"userAgent": "MinIO (linux; amd64) minio-go/v6.0.6",
"requestClaims": {
"accessKey": "A1YABB5YPX3ZPL4227XJ",
"aud": "PoEgXP6uVO45IsENRngDXj5Au5Ya",
@@ -101,7 +101,7 @@ Setting this environment variable automatically enables audit logging to the HTT
"Authorization": "AWS4-HMAC-SHA256 Credential=A1YABB5YPX3ZPL4227XJ/20181121/us-east-1/s3/aws4_request,SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-decoded-content-length;x-amz-security-token,Signature=689d9b8f67b5625ea2f0b8cbb3f777d8839a91d50aa81e6a5555f5a6360c1714",
"Content-Length": "184",
"Content-Type": "application/octet-stream",
"User-Agent": "Minio (linux; amd64) minio-go/v6.0.6",
"User-Agent": "MinIO (linux; amd64) minio-go/v6.0.6",
"X-Amz-Content-Sha256": "STREAMING-AWS4-HMAC-SHA256-PAYLOAD",
"X-Amz-Date": "20181121T231606Z",
"X-Amz-Decoded-Content-Length": "12",
@@ -112,7 +112,7 @@ Setting this environment variable automatically enables audit logging to the HTT
"Content-Security-Policy": "block-all-mixed-content",
"Content-Type": "application/xml",
"Etag": "",
"Server": "Minio/DEVELOPMENT.2018-11-21T23-15-06Z (linux; amd64)",
"Server": "MinIO/DEVELOPMENT.2018-11-21T23-15-06Z (linux; amd64)",
"Vary": "Origin",
"X-Amz-Request-Id": "156946C6C1E7842C",
"X-Minio-Deployment-Id": "1b3002bf-5005-4d9b-853e-64a05008ebb2",
@@ -122,5 +122,5 @@ Setting this environment variable automatically enables audit logging to the HTT
```
## Explore Further
* [Minio Quickstart Guide](https://docs.minio.io/docs/minio-quickstart-guide)
* [Configure Minio Server with TLS](https://docs.minio.io/docs/how-to-secure-access-to-minio-server-with-tls)
* [MinIO Quickstart Guide](https://docs.min.io/docs/minio-quickstart-guide)
* [Configure MinIO Server with TLS](https://docs.min.io/docs/how-to-secure-access-to-minio-server-with-tls)

12
docs/metrics/README.md
View File

@@ -1,20 +1,20 @@
## Minio Monitoring Guide
## MinIO Monitoring Guide
Minio server exposes monitoring data over un-authenticated endpoints so monitoring tools can pick the data without you having to share Minio server credentials. This document lists the monitoring endpoints and relevant documentation.
MinIO server exposes monitoring data over un-authenticated endpoints so monitoring tools can pick the data without you having to share MinIO server credentials. This document lists the monitoring endpoints and relevant documentation.
### Healthcheck Probe
Minio server has two healthcheck related endpoints, a liveness probe to indicate if server is working fine and a readiness probe to indicate if server is not accepting connections due to heavy load.
MinIO server has two healthcheck related endpoints, a liveness probe to indicate if server is working fine and a readiness probe to indicate if server is not accepting connections due to heavy load.
- Liveness probe available at `/minio/health/live`
- Readiness probe available at `/minio/health/ready`
Read more on how to use these endpoints in [Minio healthcheck guide](https://github.com/minio/minio/blob/master/docs/metrics/healthcheck/README.md).
Read more on how to use these endpoints in [MinIO healthcheck guide](https://github.com/minio/minio/blob/master/docs/metrics/healthcheck/README.md).
### Prometheus Probe
Minio server exposes Prometheus compatible data on a single endpoint.
MinIO server exposes Prometheus compatible data on a single endpoint.
- Prometheus data available at `/minio/prometheus/metrics`
To use this endpoint, setup Prometheus to scrape data from this endpoint. Read more on how to use Prometheues to monitor Minio server in [How to monitor Minio server with Prometheus](https://github.com/minio/cookbook/blob/master/docs/how-to-monitor-minio-with-prometheus.md).
To use this endpoint, setup Prometheus to scrape data from this endpoint. Read more on how to use Prometheues to monitor MinIO server in [How to monitor MinIO server with Prometheus](https://github.com/minio/cookbook/blob/master/docs/how-to-monitor-minio-with-prometheus.md).

8
docs/metrics/healthcheck/README.md
View File

@@ -1,12 +1,12 @@
## Minio Healthcheck
## MinIO Healthcheck
Minio server exposes two un-authenticated, healthcheck endpoints - liveness probe and readiness probe at `/minio/health/live` and `/minio/health/ready` respectively.
MinIO server exposes two un-authenticated, healthcheck endpoints - liveness probe and readiness probe at `/minio/health/live` and `/minio/health/ready` respectively.
### Liveness probe
This probe is used to identify situations where the server is running but may not behave optimally, i.e. sluggish response or corrupt back-end. Such problems can be *only* fixed by a restart.
Internally, Minio liveness probe handler does a ListBuckets call. If successful, the server returns 200 OK, otherwise 503 Service Unavailable.
Internally, MinIO liveness probe handler does a ListBuckets call. If successful, the server returns 200 OK, otherwise 503 Service Unavailable.
When liveness probe fails, Kubernetes like platforms restart the container.
@@ -14,7 +14,7 @@ When liveness probe fails, Kubernetes like platforms restart the container.
This probe is used to identify situations where the server is not ready to accept requests yet. In most cases, such conditions recover in some time.
Internally, Minio readiness probe handler checks for total go-routines. If the number of go-routines is less than 1000 (threshold), the server returns 200 OK, otherwise 503 Service Unavailable.
Internally, MinIO readiness probe handler checks for total go-routines. If the number of go-routines is less than 1000 (threshold), the server returns 200 OK, otherwise 503 Service Unavailable.
Platforms like Kubernetes *do not* forward traffic to a pod until its readiness probe is successful.

20
docs/minio-limits.md
View File

@@ -1,4 +1,4 @@
## Minio Server Limits Per Tenant
## MinIO Server Limits Per Tenant
### Erasure Code (Multiple Drives / Servers)
@@ -31,26 +31,26 @@
|Maximum number of objects returned per list objects request| 1000|
|Maximum number of multipart uploads returned per list multipart uploads request| 1000|
### List of Amazon S3 API's not supported on Minio
### List of Amazon S3 API's not supported on MinIO
We found the following APIs to be redundant or less useful outside of AWS S3. If you have a different view on any of the APIs we missed, please open a [github issue](https://github.com/minio/minio/issues).
#### List of Amazon S3 Bucket API's not supported on Minio
#### List of Amazon S3 Bucket API's not supported on MinIO
- BucketACL (Use [bucket policies](https://docs.minio.io/docs/minio-client-complete-guide#policy) instead)
- BucketACL (Use [bucket policies](https://docs.min.io/docs/minio-client-complete-guide#policy) instead)
- BucketCORS (CORS enabled by default on all buckets for all HTTP verbs)
- BucketLifecycle (Not required for Minio erasure coded backend)
- BucketReplication (Use [`mc mirror`](https://docs.minio.io/docs/minio-client-complete-guide#mirror) instead)
- BucketLifecycle (Not required for MinIO erasure coded backend)
- BucketReplication (Use [`mc mirror`](https://docs.min.io/docs/minio-client-complete-guide#mirror) instead)
- BucketVersions, BucketVersioning (Use [`s3git`](https://github.com/s3git/s3git))
- BucketWebsite (Use [`caddy`](https://github.com/mholt/caddy) or [`nginx`](https://www.nginx.com/resources/wiki/))
- BucketAnalytics, BucketMetrics, BucketLogging (Use [bucket notification](https://docs.minio.io/docs/minio-client-complete-guide#events) APIs)
- BucketAnalytics, BucketMetrics, BucketLogging (Use [bucket notification](https://docs.min.io/docs/minio-client-complete-guide#events) APIs)
- BucketRequestPayment
- BucketTagging
#### List of Amazon S3 Object API's not supported on Minio
#### List of Amazon S3 Object API's not supported on MinIO
- ObjectACL (Use [bucket policies](https://docs.minio.io/docs/minio-client-complete-guide#policy) instead)
- ObjectACL (Use [bucket policies](https://docs.min.io/docs/minio-client-complete-guide#policy) instead)
- ObjectTorrent
- ObjectVersions
### Object name restrictions on Minio
### Object name restrictions on MinIO
Object names that contain characters `^*|\/&";` are unsupported on Windows and other file systems which do not support filenames with these characters. Note that this list is not exhaustive, and depends on the maintainers of the filesystem itself.

8
docs/multi-tenancy/README.md
View File

@@ -1,4 +1,4 @@
# Minio Multi-Tenant Deployment Guide [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
# MinIO Multi-Tenant Deployment Guide [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
This topic provides commands to set up different configurations of hosts, nodes, and drives. The examples provided here can be used as a starting point for other configurations.
@@ -8,7 +8,7 @@ This topic provides commands to set up different configurations of hosts, nodes,
## <a name="standalone-deployment"></a>1. Standalone Deployment
To host multiple tenants on a single machine, run one Minio Server per tenant with a dedicated HTTPS port, configuration, and data directory.
To host multiple tenants on a single machine, run one MinIO Server per tenant with a dedicated HTTPS port, configuration, and data directory.
### 1.1 Host Multiple Tenants on a Single Drive
@@ -36,7 +36,7 @@ minio server --address :9003 /disk1/data/tenant3 /disk2/data/tenant3 /disk3/data
## <a name="distributed-deployment"></a>2. Distributed Deployment
To host multiple tenants in a distributed environment, run several distributed Minio Server instances concurrently.
To host multiple tenants in a distributed environment, run several distributed MinIO Server instances concurrently.
### 2.1 Host Multiple Tenants on Multiple Drives (Erasure Code)
@@ -64,4 +64,4 @@ minio server --address :9003 http://192.168.10.11/data/tenant3 http://192.168.10
## <a name="cloud-scale-deployment"></a>Cloud Scale Deployment
A container orchestration platform (e.g. Kubernetes, DC/OS, or Docker Swarm) is recommended for large-scale, multi-tenant Minio deployments. See the [Minio Deployment Quickstart Guide](https://docs.minio.io/docs/minio-deployment-quickstart-guide) to get started with Minio on orchestration platforms.
A container orchestration platform (e.g. Kubernetes, DC/OS, or Docker Swarm) is recommended for large-scale, multi-tenant MinIO deployments. See the [MinIO Deployment Quickstart Guide](https://docs.min.io/docs/minio-deployment-quickstart-guide) to get started with MinIO on orchestration platforms.

20
docs/multi-user/README.md
View File

@@ -1,17 +1,17 @@
# Minio Multi-user Quickstart Guide [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io)
Minio supports multiple long term users in addition to default user created during server startup. New users can be added after server starts up, and server can be configured to deny or allow access to buckets and resources to each of these users. This document explains how to add/remove users and modify their access rights.
# MinIO Multi-user Quickstart Guide [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)
MinIO supports multiple long term users in addition to default user created during server startup. New users can be added after server starts up, and server can be configured to deny or allow access to buckets and resources to each of these users. This document explains how to add/remove users and modify their access rights.
## Get started
In this document we will explain in detail on how to configure multiple users.
### 1. Prerequisites
- Install mc - [Minio Client Quickstart Guide](https://docs.minio.io/docs/minio-client-quickstart-guide.html)
- Install Minio - [Minio Quickstart Guide](https://docs.minio.io/docs/minio-quickstart-guide)
- Install mc - [MinIO Client Quickstart Guide](https://docs.min.io/docs/minio-client-quickstart-guide.html)
- Install MinIO - [MinIO Quickstart Guide](https://docs.min.io/docs/minio-quickstart-guide)
- Configure etcd (optional needed only in gateway or federation mode) - [Etcd V3 Quickstart Guide](https://github.com/minio/minio/blob/master/docs/sts/etcd.md)
### 2. Create a new user with canned policy
Use [`mc admin policy`](https://docs.minio.io/docs/minio-admin-complete-guide.html#policies) to create canned policies. Server provides a default set of canned policies namely `writeonly`, `readonly` and `readwrite` *(these policies apply to all resources on the server)*. These can be overridden by custom policies using `mc admin policy` command.
Use [`mc admin policy`](https://docs.min.io/docs/minio-admin-complete-guide.html#policies) to create canned policies. Server provides a default set of canned policies namely `writeonly`, `readonly` and `readwrite` *(these policies apply to all resources on the server)*. These can be overridden by custom policies using `mc admin policy` command.
Create new canned policy file `getonly.json`. This policy enables users to download all objects under `my-bucketname`.
```json
@@ -39,7 +39,7 @@ Create new canned policy by name `getonly` using `getonly.json` policy file.
mc admin policy add myminio getonly getonly.json
```
Create a new user `newuser` on Minio use `mc admin user`, specify `getonly` canned policy for this `newuser`.
Create a new user `newuser` on MinIO use `mc admin user`, specify `getonly` canned policy for this `newuser`.
```
mc admin user add myminio newuser newuser123 getonly
```
@@ -75,7 +75,7 @@ mc cat myminio-newuser/my-bucketname/my-objectname
```
## Explore Further
- [Minio Client Complete Guide](https://docs.minio.io/docs/minio-client-complete-guide)
- [Minio STS Quickstart Guide](https://docs.minio.io/docs/minio-sts-quickstart-guide)
- [Minio Admin Complete Guide](https://docs.minio.io/docs/minio-admin-complete-guide.html)
- [The Minio documentation website](https://docs.minio.io)
- [MinIO Client Complete Guide](https://docs.min.io/docs/minio-client-complete-guide)
- [MinIO STS Quickstart Guide](https://docs.min.io/docs/minio-sts-quickstart-guide)
- [MinIO Admin Complete Guide](https://docs.min.io/docs/minio-admin-complete-guide.html)
- [The MinIO documentation website](https://docs.min.io)

20
docs/orchestration/README.md
View File

@@ -1,23 +1,23 @@
# Minio Deployment Quickstart Guide [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
# MinIO Deployment Quickstart Guide [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
Minio is a cloud-native application designed to scale in a sustainable manner in multi-tenant environments. Orchestration platforms provide perfect launchpad for Minio to scale. Below is the list of Minio deployment documents for various orchestration platforms:
MinIO is a cloud-native application designed to scale in a sustainable manner in multi-tenant environments. Orchestration platforms provide perfect launchpad for MinIO to scale. Below is the list of MinIO deployment documents for various orchestration platforms:
| Orchestration platforms|
|:---|
| [`Docker Swarm`](https://docs.minio.io/docs/deploy-minio-on-docker-swarm) |
| [`Docker Compose`](https://docs.minio.io/docs/deploy-minio-on-docker-compose) |
| [`Kubernetes`](https://docs.minio.io/docs/deploy-minio-on-kubernetes) |
| [`DC/OS`](https://docs.minio.io/docs/deploy-minio-on-dc-os) |
| [`Docker Swarm`](https://docs.min.io/docs/deploy-minio-on-docker-swarm) |
| [`Docker Compose`](https://docs.min.io/docs/deploy-minio-on-docker-compose) |
| [`Kubernetes`](https://docs.min.io/docs/deploy-minio-on-kubernetes) |
| [`DC/OS`](https://docs.min.io/docs/deploy-minio-on-dc-os) |
## Why is Minio cloud-native?
## Why is MinIO cloud-native?
The term cloud-native revolves around the idea of applications deployed as micro services, that scale well. It is not about just retrofitting monolithic applications onto modern container based compute environment. A cloud-native application is portable and resilient by design, and can scale horizontally by simply replicating. Modern orchestration platforms like Swarm, Kubernetes and DC/OS make replicating and managing containers in huge clusters easier than ever.
While containers provide isolated application execution environment, orchestration platforms allow seamless scaling by helping replicate and manage containers. Minio extends this by adding isolated storage environment for each tenant.
While containers provide isolated application execution environment, orchestration platforms allow seamless scaling by helping replicate and manage containers. MinIO extends this by adding isolated storage environment for each tenant.
Minio is built ground up on the cloud-native premise. With features like erasure-coding, distributed and shared setup, it focuses only on storage and does it very well. While, it can be scaled by just replicating Minio instances per tenant via an orchestration platform.
MinIO is built ground up on the cloud-native premise. With features like erasure-coding, distributed and shared setup, it focuses only on storage and does it very well. While, it can be scaled by just replicating MinIO instances per tenant via an orchestration platform.
> In a cloud-native environment, scalability is not a function of the application but the orchestration platform.
In a typical modern infrastructure deployment, application, database, key-store, etc. already live in containers and are managed by orchestration platforms. Minio brings robust, scalable, AWS S3 compatible object storage to the lot.
In a typical modern infrastructure deployment, application, database, key-store, etc. already live in containers and are managed by orchestration platforms. MinIO brings robust, scalable, AWS S3 compatible object storage to the lot.
![Cloud-native](https://github.com/minio/minio/blob/master/docs/screenshots/Minio_Cloud_Native_Arch.jpg?raw=true)

26
docs/orchestration/dcos/README.md
View File

@@ -1,6 +1,6 @@
# Deploy Minio on DC/OS [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
# Deploy MinIO on DC/OS [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
To deploy Minio on DC/OS, you can use our [official universe package](https://github.com/mesosphere/universe/tree/version-3.x/repo/packages/M/minio/6).
To deploy MinIO on DC/OS, you can use our [official universe package](https://github.com/mesosphere/universe/tree/version-3.x/repo/packages/M/minio/6).
## 1. Prerequisites
@@ -9,28 +9,28 @@ To deploy Minio on DC/OS, you can use our [official universe package](https://gi
- Identify [IP of the public agent](https://dcos.io/docs/1.9/administration/locate-public-agent/) where Marathon-LB or an available hostname configured to point to the public agent(s) where Marathon-LB is running.
## 2. Setting up Minio
## 2. Setting up MinIO
You can install Minio Universe package using the DC/OS GUI or CLI.
You can install MinIO Universe package using the DC/OS GUI or CLI.
### Minio installation on DC/OS GUI
- Visit the DC/OS admin page, and click on Universe on the left menu bar. Then click on the Packages tab and search for Minio, click on the ```Install``` button on the right hand side.
### MinIO installation on DC/OS GUI
- Visit the DC/OS admin page, and click on Universe on the left menu bar. Then click on the Packages tab and search for MinIO, click on the ```Install``` button on the right hand side.
- Click on the `Install Package` button for the single-click default installation. This installs Minio server instance with factory defaults. You can reach your Minio server at `host:9000` where `host` is IP address or hostname of public-agent where Marathon-LB is installed. `minio` and `minio123` are the default access key and secret keys respectively.
- Click on the `Install Package` button for the single-click default installation. This installs MinIO server instance with factory defaults. You can reach your MinIO server at `host:9000` where `host` is IP address or hostname of public-agent where Marathon-LB is installed. `minio` and `minio123` are the default access key and secret keys respectively.
- For more information on advanced installation of Minio on DC/OS GUI, look [here](https://github.com/dcos/examples/blob/master/minio/1.9/README.md#minio-installation-using-gui).
- For more information on advanced installation of MinIO on DC/OS GUI, look [here](https://github.com/dcos/examples/blob/master/minio/1.9/README.md#minio-installation-using-gui).
### Minio installation on DC/OS CLI
### MinIO installation on DC/OS CLI
To install Minio package via CLI, type
To install MinIO package via CLI, type
```bash
$ dcos package install minio
```
## 3. Uninstalling Minio
## 3. Uninstalling MinIO
To uninstall Minio package via CLI, type
To uninstall MinIO package via CLI, type
```bash
$ dcos package uninstall minio
@@ -38,6 +38,6 @@ $ dcos package uninstall minio
### Explore Further
- [Minio Erasure Code QuickStart Guide](https://docs.minio.io/docs/minio-erasure-code-quickstart-guide)
- [MinIO Erasure Code QuickStart Guide](https://docs.min.io/docs/minio-erasure-code-quickstart-guide)
- [DC/OS Project](https://docs.mesosphere.com/)

22
docs/orchestration/docker-compose/README.md
View File

@@ -1,17 +1,17 @@
# Deploy Minio on Docker Compose [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
# Deploy MinIO on Docker Compose [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
Docker Compose allows defining and running single host, multi-container Docker applications.
With Compose, you use a Compose file to configure Minio services. Then, using a single command, you can create and launch all the Distributed Minio instances from your configuration. Distributed Minio instances will be deployed in multiple containers on the same host. This is a great way to set up development, testing, and staging environments, based on Distributed Minio.
With Compose, you use a Compose file to configure MinIO services. Then, using a single command, you can create and launch all the Distributed MinIO instances from your configuration. Distributed MinIO instances will be deployed in multiple containers on the same host. This is a great way to set up development, testing, and staging environments, based on Distributed MinIO.
## 1. Prerequisites
* Familiarity with [Docker Compose](https://docs.docker.com/compose/overview/).
* Docker installed on your machine. Download the relevant installer from [here](https://www.docker.com/community-edition#/download).
## 2. Run Distributed Minio on Docker Compose
## 2. Run Distributed MinIO on Docker Compose
To deploy Distributed Minio on Docker Compose, please download [docker-compose.yaml](https://github.com/minio/minio/blob/master/docs/orchestration/docker-compose/docker-compose.yaml?raw=true) to your current working directory. Note that Docker Compose pulls the Minio Docker image, so there is no need to explicitly download Minio binary. Then run one of the below commands
To deploy Distributed MinIO on Docker Compose, please download [docker-compose.yaml](https://github.com/minio/minio/blob/master/docs/orchestration/docker-compose/docker-compose.yaml?raw=true) to your current working directory. Note that Docker Compose pulls the MinIO Docker image, so there is no need to explicitly download MinIO binary. Then run one of the below commands
### GNU/Linux and macOS
@@ -31,19 +31,19 @@ Each instance is now accessible on the host at ports 9001 through 9004, proceed
### Notes
* By default the Docker Compose file uses the Docker image for latest Minio server release. You can change the image tag to pull a specific [Minio Docker image](https://hub.docker.com/r/minio/minio/).
* By default the Docker Compose file uses the Docker image for latest MinIO server release. You can change the image tag to pull a specific [MinIO Docker image](https://hub.docker.com/r/minio/minio/).
* There are 4 minio distributed instances created by default. You can add more Minio services (up to total 16) to your Minio Compose deployment. To add a service
* There are 4 minio distributed instances created by default. You can add more MinIO services (up to total 16) to your MinIO Compose deployment. To add a service
* Replicate a service definition and change the name of the new service appropriately.
* Update the command section in each service.
* Update the port number to exposed for the new service. Also, make sure the port assigned for the new service is not already being used on the host.
Read more about distributed Minio [here](https://docs.minio.io/docs/distributed-minio-quickstart-guide).
Read more about distributed MinIO [here](https://docs.min.io/docs/distributed-minio-quickstart-guide).
* Minio services in the Docker compose file expose ports 9001 to 9004. This allows multiple services to run on a host.
* MinIO services in the Docker compose file expose ports 9001 to 9004. This allows multiple services to run on a host.
### Explore Further
- [Overview of Docker Compose](https://docs.docker.com/compose/overview/)
- [Minio Docker Quickstart Guide](https://docs.minio.io/docs/minio-docker-quickstart-guide)
- [Deploy Minio on Docker Swarm](https://docs.minio.io/docs/deploy-minio-on-docker-swarm)
- [Minio Erasure Code QuickStart Guide](https://docs.minio.io/docs/minio-erasure-code-quickstart-guide)
- [MinIO Docker Quickstart Guide](https://docs.min.io/docs/minio-docker-quickstart-guide)
- [Deploy MinIO on Docker Swarm](https://docs.min.io/docs/deploy-minio-on-docker-swarm)
- [MinIO Erasure Code QuickStart Guide](https://docs.min.io/docs/minio-erasure-code-quickstart-guide)

34
docs/orchestration/docker-swarm/README.md
View File

@@ -1,8 +1,8 @@
# Deploy Minio on Docker Swarm [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
# Deploy MinIO on Docker Swarm [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
Docker Engine provides cluster management and orchestration features in Swarm mode. Minio server can be easily deployed in distributed mode on Swarm to create a multi-tenant, highly-available and scalable object store.
Docker Engine provides cluster management and orchestration features in Swarm mode. MinIO server can be easily deployed in distributed mode on Swarm to create a multi-tenant, highly-available and scalable object store.
As of [Docker Engine v1.13.0](https://blog.docker.com/2017/01/whats-new-in-docker-1-13/) (Docker Compose v3.0), Docker Swarm and Compose are [cross-compatible](https://docs.docker.com/compose/compose-file/#version-3). This allows a Compose file to be used as a template to deploy services on Swarm. We have used a Docker Compose file to create distributed Minio setup.
As of [Docker Engine v1.13.0](https://blog.docker.com/2017/01/whats-new-in-docker-1-13/) (Docker Compose v3.0), Docker Swarm and Compose are [cross-compatible](https://docs.docker.com/compose/compose-file/#version-3). This allows a Compose file to be used as a template to deploy services on Swarm. We have used a Docker Compose file to create distributed MinIO setup.
## 1. Prerequisites
@@ -25,16 +25,16 @@ docker swarm join \
You can now [add worker nodes](https://docs.docker.com/engine/swarm/swarm-tutorial/add-nodes/) to the swarm by running the above command. Find detailed steps to create the swarm on [Docker documentation site](https://docs.docker.com/engine/swarm/swarm-tutorial/create-swarm/).
## 3. Create Docker secrets for Minio
## 3. Create Docker secrets for MinIO
```shell
echo "AKIAIOSFODNN7EXAMPLE" | docker secret create access_key -
echo "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY" | docker secret create secret_key -
```
## 4. Deploy distributed Minio services
## 4. Deploy distributed MinIO services
The example Minio stack uses 4 Docker volumes, which are created automatically by deploying the stack. We have to make sure that the services in the stack are always (re)started on the same node, where the service is deployed the first time.
The example MinIO stack uses 4 Docker volumes, which are created automatically by deploying the stack. We have to make sure that the services in the stack are always (re)started on the same node, where the service is deployed the first time.
Otherwise Docker will create a new volume upon restart of the service on another Docker node, which is not in sync with the other volumes and the stack will fail to start healthy.
Before deploying the stack, add labels to the Docker nodes where you want the minio services to run:
@@ -55,16 +55,16 @@ docker stack deploy --compose-file=docker-compose-secrets.yaml minio_stack
This deploys services described in the Compose file as Docker stack `minio_stack`. Look up the `docker stack` [command reference](https://docs.docker.com/engine/reference/commandline/stack/) for more info.
After the stack is successfully deployed, you should be able to access Minio server via [Minio Client](https://docs.minio.io/docs/minio-client-complete-guide) `mc` or your browser at http://[Node_Public_IP_Address]:[Expose_Port_on_Host]
After the stack is successfully deployed, you should be able to access MinIO server via [MinIO Client](https://docs.min.io/docs/minio-client-complete-guide) `mc` or your browser at http://[Node_Public_IP_Address]:[Expose_Port_on_Host]
## 4. Remove distributed Minio services
## 4. Remove distributed MinIO services
Remove the distributed Minio services and related network by
Remove the distributed MinIO services and related network by
```shell
docker stack rm minio_stack
```
Swarm doesn't automatically remove host volumes created for services. This may lead to corruption when a new Minio service is created in the swarm. So, we recommend removing all the volumes used by Minio, manually. To do this, logon to each node in the swarm and run
Swarm doesn't automatically remove host volumes created for services. This may lead to corruption when a new MinIO service is created in the swarm. So, we recommend removing all the volumes used by MinIO, manually. To do this, logon to each node in the swarm and run
```shell
docker volume prune
@@ -74,24 +74,24 @@ This will remove all the volumes not associated with any container.
### Notes
* By default the Docker Compose file uses the Docker image for latest Minio server release. You can change the image tag to pull a specific [Minio Docker image](https://hub.docker.com/r/minio/minio/).
* By default the Docker Compose file uses the Docker image for latest MinIO server release. You can change the image tag to pull a specific [MinIO Docker image](https://hub.docker.com/r/minio/minio/).
* There are 4 minio distributed instances created by default. You can add more Minio services (up to total 16) to your Minio Swarm deployment. To add a service
* There are 4 minio distributed instances created by default. You can add more MinIO services (up to total 16) to your MinIO Swarm deployment. To add a service
* Replicate a service definition and change the name of the new service appropriately.
* Add a volume in volumes section, and update volume section in the service accordingly.
* Update the command section in each service. Specifically, add the drive location to be used as storage on the new service.
* Update the port number to exposed for the new service.
Read more about distributed Minio [here](https://docs.minio.io/docs/distributed-minio-quickstart-guide).
Read more about distributed MinIO [here](https://docs.min.io/docs/distributed-minio-quickstart-guide).
* By default the services use `local` volume driver. Refer to [Docker documentation](https://docs.docker.com/compose/compose-file/#/volume-configuration-reference) to explore further options.
* Minio services in the Docker compose file expose ports 9001 to 9004. This allows multiple services to run on a host. Explore other configuration options in [Docker documentation](https://docs.docker.com/compose/compose-file/#/ports).
* MinIO services in the Docker compose file expose ports 9001 to 9004. This allows multiple services to run on a host. Explore other configuration options in [Docker documentation](https://docs.docker.com/compose/compose-file/#/ports).
* Docker Swarm uses ingress load balancing by default. You can configure [external load balancer based](https://docs.docker.com/engine/swarm/ingress/#/configure-an-external-load-balancer) on requirements.
### Explore Further
- [Overview of Docker Swarm mode](https://docs.docker.com/engine/swarm/)
- [Minio Docker Quickstart Guide](https://docs.minio.io/docs/minio-docker-quickstart-guide)
- [Deploy Minio on Docker Compose](https://docs.minio.io/docs/deploy-minio-on-docker-compose)
- [Minio Erasure Code QuickStart Guide](https://docs.minio.io/docs/minio-erasure-code-quickstart-guide)
- [MinIO Docker Quickstart Guide](https://docs.min.io/docs/minio-docker-quickstart-guide)
- [Deploy MinIO on Docker Compose](https://docs.min.io/docs/deploy-minio-on-docker-compose)
- [MinIO Erasure Code QuickStart Guide](https://docs.min.io/docs/minio-erasure-code-quickstart-guide)

84
docs/orchestration/kubernetes/README.md
View File

@@ -1,18 +1,18 @@
# Deploy Minio on Kubernetes [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
# Deploy MinIO on Kubernetes [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
Kubernetes concepts like Deployments and StatefulSets provide perfect platform to deploy Minio server in standalone, distributed or gateway mode. There are multiple options to deploy Minio on Kubernetes, you can choose the one that best suits your requirements.
Kubernetes concepts like Deployments and StatefulSets provide perfect platform to deploy MinIO server in standalone, distributed or gateway mode. There are multiple options to deploy MinIO on Kubernetes, you can choose the one that best suits your requirements.
- Helm Chart: Minio Helm Chart offers customizable and easy Minio deployment with a single command. Refer [Minio Helm Chart repository documentation](https://github.com/helm/charts/tree/master/stable/minio) for more details.
- Helm Chart: MinIO Helm Chart offers customizable and easy MinIO deployment with a single command. Refer [MinIO Helm Chart repository documentation](https://github.com/helm/charts/tree/master/stable/minio) for more details.
- YAML File: Minio can be deployed with `yaml` files via `kubectl`. This document outlines steps required to deploy Minio using `yaml` files.
- YAML File: MinIO can be deployed with `yaml` files via `kubectl`. This document outlines steps required to deploy MinIO using `yaml` files.
## Table of Contents
- [Prerequisites](#Prerequisites)
- [Minio Standalone Server Deployment](#minio-standalone-server-deployment)
- [Minio Distributed Server Deployment](#minio-distributed-server-deployment)
- [Minio GCS Gateway Deployment](#minio-gcs-gateway-deployment)
- [Monitoring Minio in Kubernetes](#monitoring-minio)
- [MinIO Standalone Server Deployment](#minio-standalone-server-deployment)
- [MinIO Distributed Server Deployment](#minio-distributed-server-deployment)
- [MinIO GCS Gateway Deployment](#minio-gcs-gateway-deployment)
- [Monitoring MinIO in Kubernetes](#monitoring-minio)
<a name="Prerequisites"></a>
@@ -22,9 +22,9 @@ To run this example, you need Kubernetes version >=1.4 cluster installed and run
<a name="minio-standalone-server-deployment"></a>
## Minio Standalone Server Deployment
## MinIO Standalone Server Deployment
The following section describes the process to deploy standalone [Minio](https://minio.io/) server on Kubernetes. The deployment uses the [official Minio Docker image](https://hub.docker.com/r/minio/minio/~/dockerfile/) from Docker Hub.
The following section describes the process to deploy standalone [MinIO](https://min.io/) server on Kubernetes. The deployment uses the [official MinIO Docker image](https://hub.docker.com/r/minio/minio/~/dockerfile/) from Docker Hub.
This section uses following core components of Kubernetes:
@@ -45,9 +45,9 @@ kubectl create -f https://github.com/minio/minio/blob/master/docs/orchestration/
### Create Persistent Volume Claim
Minio needs persistent storage to store objects. If there is no persistent storage, the data stored in Minio instance will be stored in the container file system and will be wiped off as soon as the container restarts.
MinIO needs persistent storage to store objects. If there is no persistent storage, the data stored in MinIO instance will be stored in the container file system and will be wiped off as soon as the container restarts.
Create a persistent volume claim (PVC) to request storage for the Minio instance. Kubernetes looks out for PVs matching the PVC request in the cluster and binds it to the PVC automatically. Create the PersistentVolumeClaim
Create a persistent volume claim (PVC) to request storage for the MinIO instance. Kubernetes looks out for PVs matching the PVC request in the cluster and binds it to the PVC automatically. Create the PersistentVolumeClaim
```sh
@@ -55,20 +55,20 @@ kubectl create -f https://github.com/minio/minio/blob/master/docs/orchestration/
persistentvolumeclaim "minio-pv-claim" created
```
### Create Minio Deployment
### Create MinIO Deployment
A deployment encapsulates replica sets and pods. If a pod goes down, replication controller makes sure another pod comes up automatically. This way you wont need to bother about pod failures and will have a stable Minio service available. Create the Deployment using the following command
A deployment encapsulates replica sets and pods. If a pod goes down, replication controller makes sure another pod comes up automatically. This way you wont need to bother about pod failures and will have a stable MinIO service available. Create the Deployment using the following command
```sh
kubectl create -f https://github.com/minio/minio/blob/master/docs/orchestration/kubernetes/minio-standalone-deployment.yaml?raw=true
deployment "minio-deployment" created
```
### Create Minio Service
### Create MinIO Service
Now that you have a Minio deployment running, you may either want to access it internally (within the cluster) or expose it as a Service onto an external (outside of your cluster, maybe public internet) IP address, depending on your use case. You can achieve this using Services. There are 3 major service typesdefault type is ClusterIP, which exposes a service to connection from inside the cluster. NodePort and LoadBalancer are two types that expose services to external traffic.
Now that you have a MinIO deployment running, you may either want to access it internally (within the cluster) or expose it as a Service onto an external (outside of your cluster, maybe public internet) IP address, depending on your use case. You can achieve this using Services. There are 3 major service typesdefault type is ClusterIP, which exposes a service to connection from inside the cluster. NodePort and LoadBalancer are two types that expose services to external traffic.
In this example, we expose the Minio Deployment by creating a LoadBalancer service. Create the Minio service using the following command
In this example, we expose the MinIO Deployment by creating a LoadBalancer service. Create the MinIO service using the following command
```sh
kubectl create -f https://github.com/minio/minio/blob/master/docs/orchestration/kubernetes/minio-standalone-service.yaml?raw=true
@@ -83,9 +83,9 @@ NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
minio-service 10.55.248.23 104.199.249.165 9000:31852/TCP 1m
```
### Update existing Minio Deployment
### Update existing MinIO Deployment
You can update an existing Minio deployment to use a newer Minio release. To do this, use the `kubectl set image` command:
You can update an existing MinIO deployment to use a newer MinIO release. To do this, use the `kubectl set image` command:
```sh
kubectl set image deployment/minio-deployment minio=<replace-with-new-minio-image>
@@ -109,9 +109,9 @@ kubectl delete deployment minio \
<a name="minio-distributed-server-deployment"></a>
## Minio Distributed Server Deployment
## MinIO Distributed Server Deployment
The following document describes the process to deploy [distributed Minio](https://docs.minio.io/docs/distributed-minio-quickstart-guide) server on Kubernetes. This example uses the [official Minio Docker image](https://hub.docker.com/r/minio/minio/~/dockerfile/) from Docker Hub.
The following document describes the process to deploy [distributed MinIO](https://docs.min.io/docs/distributed-minio-quickstart-guide) server on Kubernetes. This example uses the [official MinIO Docker image](https://hub.docker.com/r/minio/minio/~/dockerfile/) from Docker Hub.
This example uses following core components of Kubernetes:
@@ -129,7 +129,7 @@ kubectl create -f https://github.com/minio/minio/blob/master/docs/orchestration/
kubectl create -f https://github.com/minio/minio/blob/master/docs/orchestration/kubernetes/minio-distributed-service.yaml?raw=true
```
### Create Minio Headless Service
### Create MinIO Headless Service
Headless Service controls the domain within which StatefulSets are created. The domain managed by this Service takes the form: `$(service name).$(namespace).svc.cluster.local` (where “cluster.local” is the cluster domain), and the pods in this domain take the form: `$(pod-name-{i}).$(service name).$(namespace).svc.cluster.local`. This is required to get a DNS resolvable URL for each of the pods created within the Statefulset. Create the Headless Service using the following command
@@ -138,18 +138,18 @@ $ kubectl create -f https://github.com/minio/minio/blob/master/docs/orchestratio
service "minio" created
```
### Create Minio Statefulset
### Create MinIO Statefulset
A StatefulSet provides a deterministic name and a unique identity to each pod, making it easy to deploy stateful distributed applications. To launch distributed Minio you need to pass drive locations as parameters to the minio server command. Then, youll need to run the same command on all the participating pods. StatefulSets offer a perfect way to handle this requirement. Create the Statefulset using the following command
A StatefulSet provides a deterministic name and a unique identity to each pod, making it easy to deploy stateful distributed applications. To launch distributed MinIO you need to pass drive locations as parameters to the minio server command. Then, youll need to run the same command on all the participating pods. StatefulSets offer a perfect way to handle this requirement. Create the Statefulset using the following command
```sh
$ kubectl create -f https://github.com/minio/minio/blob/master/docs/orchestration/kubernetes/minio-distributed-statefulset.yaml?raw=true
statefulset "minio" created
```
### Create Minio Service
### Create MinIO Service
Now that you have a Minio statefulset running, you may either want to access it internally (within the cluster) or expose it as a Service onto an external (outside of your cluster, maybe public internet) IP address, depending on your use case. You can achieve this using Services. There are 3 major service typesdefault type is ClusterIP, which exposes a service to connection from inside the cluster. NodePort and LoadBalancer are two types that expose services to external traffic. Create the Minio service using the following command
Now that you have a MinIO statefulset running, you may either want to access it internally (within the cluster) or expose it as a Service onto an external (outside of your cluster, maybe public internet) IP address, depending on your use case. You can achieve this using Services. There are 3 major service typesdefault type is ClusterIP, which exposes a service to connection from inside the cluster. NodePort and LoadBalancer are two types that expose services to external traffic. Create the MinIO service using the following command
```sh
$ kubectl create -f https://github.com/minio/minio/blob/master/docs/orchestration/kubernetes/minio-distributed-service.yaml?raw=true
@@ -164,9 +164,9 @@ NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
minio-service 10.55.248.23 104.199.249.165 9000:31852/TCP 1m
```
### Update existing Minio StatefulSet
### Update existing MinIO StatefulSet
You can update an existing Minio StatefulSet to use a newer Minio release. To do this, use the `kubectl patch statefulset` command:
You can update an existing MinIO StatefulSet to use a newer MinIO release. To do this, use the `kubectl patch statefulset` command:
```sh
kubectl patch statefulset minio --type='json' -p='[{"op": "replace", "path": "/spec/template/spec/containers/0/image", "value":"<replace-with-new-minio-image>"}]'
@@ -195,7 +195,7 @@ kubectl delete statefulset minio \
### Deploying on cluster nodes with local host path
If your cluster does not have a storage solution or PV abstraction, you must explicitly define what nodes you wish to run Minio on, and define a homogeneous path to a local fast block device available on every host.
If your cluster does not have a storage solution or PV abstraction, you must explicitly define what nodes you wish to run MinIO on, and define a homogeneous path to a local fast block device available on every host.
This must be changed in the example daemonset: [minio-distributed-daemonset.yaml](https://github.com/minio/minio/blob/master/docs/orchestration/kubernetes/minio-distributed-daemonset.yaml)
@@ -224,9 +224,9 @@ kubectl label node hostname4 -l minio-server=true
<a name="minio-gcs-gateway-deployment"></a>
## Minio GCS Gateway Deployment
## MinIO GCS Gateway Deployment
The following section describes the process to deploy [Minio](https://minio.io/) GCS Gateway on Kubernetes. The deployment uses the [official Minio Docker image](https://hub.docker.com/r/minio/minio/~/dockerfile/) from Docker Hub.
The following section describes the process to deploy [MinIO](https://min.io/) GCS Gateway on Kubernetes. The deployment uses the [official MinIO Docker image](https://hub.docker.com/r/minio/minio/~/dockerfile/) from Docker Hub.
This section uses following core components of Kubernetes:
@@ -269,11 +269,11 @@ Use the path of file generated above to create a Kubernetes `secret`.
kubectl create secret generic gcs-credentials --from-file=/path/to/gcloud/credentials/application_default_credentials.json
```
### Create Minio GCS Gateway Deployment
### Create MinIO GCS Gateway Deployment
A deployment encapsulates replica sets and podsso, if a pod goes down, replication controller makes sure another pod comes up automatically. This way you wont need to bother about pod failures and will have a stable Minio service available.
A deployment encapsulates replica sets and podsso, if a pod goes down, replication controller makes sure another pod comes up automatically. This way you wont need to bother about pod failures and will have a stable MinIO service available.
Minio Gateway uses GCS as its storage backend and need to use a GCP `projectid` to identify your credentials. Update the section `gcp_project_id` with your
MinIO Gateway uses GCS as its storage backend and need to use a GCP `projectid` to identify your credentials. Update the section `gcp_project_id` with your
GCS project ID. Create the Deployment using the following command
```sh
@@ -281,9 +281,9 @@ kubectl create -f https://github.com/minio/minio/blob/master/docs/orchestration/
deployment "minio-deployment" created
```
### Create Minio LoadBalancer Service
### Create MinIO LoadBalancer Service
Now that you have a Minio deployment running, you may either want to access it internally (within the cluster) or expose it as a Service onto an external (outside of your cluster, maybe public internet) IP address, depending on your use case. You can achieve this using Services. There are 3 major service typesdefault type is ClusterIP, which exposes a service to connection from inside the cluster. NodePort and LoadBalancer are two types that expose services to external traffic. Create the Minio service using the following command
Now that you have a MinIO deployment running, you may either want to access it internally (within the cluster) or expose it as a Service onto an external (outside of your cluster, maybe public internet) IP address, depending on your use case. You can achieve this using Services. There are 3 major service typesdefault type is ClusterIP, which exposes a service to connection from inside the cluster. NodePort and LoadBalancer are two types that expose services to external traffic. Create the MinIO service using the following command
```sh
kubectl create -f https://github.com/minio/minio/blob/master/docs/orchestration/kubernetes/minio-gcs-gateway-service.yaml?raw=true
@@ -298,9 +298,9 @@ NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
minio-service 10.55.248.23 104.199.249.165 9000:31852/TCP 1m
```
### Update Existing Minio GCS Deployment
### Update Existing MinIO GCS Deployment
You can update an existing Minio deployment to use a newer Minio release. To do this, use the `kubectl set image` command:
You can update an existing MinIO deployment to use a newer MinIO release. To do this, use the `kubectl set image` command:
```sh
kubectl set image deployment/minio-deployment minio=<replace-with-new-minio-image>
@@ -323,13 +323,13 @@ kubectl delete deployment minio-deployment \
<a name="monitoring-minio"></a>
## Monitoring Minio in Kubernetes
## Monitoring MinIO in Kubernetes
Minio server exposes un-authenticated readiness and liveness endpoints so Kubernetes can natively identify unhealthy Minio containers. Minio also exposes Prometheus compatible data on a different endpoint to enable Prometheus users to natively monitor their Minio deployments.
MinIO server exposes un-authenticated readiness and liveness endpoints so Kubernetes can natively identify unhealthy MinIO containers. MinIO also exposes Prometheus compatible data on a different endpoint to enable Prometheus users to natively monitor their MinIO deployments.
_Note_ : Readiness check is not allowed in distributed Minio deployment. This is because Kubernetes doesn't allow any traffic to containers whose Readiness checks fail, and in a distributed setup, Minio server can't respond to Readiness checks until all the nodes are reachable. So, Liveness checks are recommended native Kubernetes monitoring approach for distributed Minio StatefulSets. Read more about Kubernetes recommendations for [container probes](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes).
_Note_ : Readiness check is not allowed in distributed MinIO deployment. This is because Kubernetes doesn't allow any traffic to containers whose Readiness checks fail, and in a distributed setup, MinIO server can't respond to Readiness checks until all the nodes are reachable. So, Liveness checks are recommended native Kubernetes monitoring approach for distributed MinIO StatefulSets. Read more about Kubernetes recommendations for [container probes](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes).
## Explore Further
- [Minio Erasure Code QuickStart Guide](https://docs.minio.io/docs/minio-erasure-code-quickstart-guide)
- [MinIO Erasure Code QuickStart Guide](https://docs.min.io/docs/minio-erasure-code-quickstart-guide)
- [Kubernetes Documentation](https://kubernetes.io/docs/home/)
- [Helm package manager for kubernetes](https://helm.sh/)

2
docs/orchestration/kubernetes/minio-distributed-statefulset.yaml
View File

@@ -35,7 +35,7 @@ spec:
volumeMounts:
- name: data
mountPath: /data
# Liveness probe detects situations where Minio server instance
# Liveness probe detects situations where MinIO server instance
# is not working properly and needs restart. Kubernetes automatically
# restarts the pods if liveness checks fail.
livenessProbe:

2
docs/orchestration/kubernetes/minio-gcs-gateway-deployment.yaml
View File

@@ -27,7 +27,7 @@ spec:
- gcs
- gcp_project_id
env:
# Minio access key and secret key
# MinIO access key and secret key
- name: MINIO_ACCESS_KEY
value: "minio"
- name: MINIO_SECRET_KEY

6
docs/orchestration/kubernetes/minio-standalone-deployment.yaml
View File

@@ -34,14 +34,14 @@ spec:
- server
- /data
env:
# Minio access key and secret key
# MinIO access key and secret key
- name: MINIO_ACCESS_KEY
value: "minio"
- name: MINIO_SECRET_KEY
value: "minio123"
ports:
- containerPort: 9000
# Readiness probe detects situations when Minio server instance
# Readiness probe detects situations when MinIO server instance
# is not ready to accept traffic. Kubernetes doesn't forward
# traffic to the pod while readiness checks fail.
readinessProbe:
@@ -50,7 +50,7 @@ spec:
port: 9000
initialDelaySeconds: 120
periodSeconds: 20
# Liveness probe detects situations where Minio server instance
# Liveness probe detects situations where MinIO server instance
# is not working properly and needs restart. Kubernetes automatically
# restarts the pods if liveness checks fail.
livenessProbe:

42
docs/security/README.md
View File

@@ -1,24 +1,24 @@
# Minio Security Overview [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io)
# MinIO Security Overview [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)
## Server-Side Encryption
Minio supports two different types of server-side encryption ([SSE](#sse)):
- **SSE-C**: The Minio server en/decrypts an object with a secret key provided by the S3 client
MinIO supports two different types of server-side encryption ([SSE](#sse)):
- **SSE-C**: The MinIO server en/decrypts an object with a secret key provided by the S3 client
as part of the HTTP request headers. Therefore, [SSE-C](#ssec) requires TLS/HTTPS.
- **SSE-S3**: The Minio server en/decrypts an object with a secret key managed by a KMS.
Therefore, Minio requires a valid KMS configuration for [SSE-S3](#sses3).
- **SSE-S3**: The MinIO server en/decrypts an object with a secret key managed by a KMS.
Therefore, MinIO requires a valid KMS configuration for [SSE-S3](#sses3).
### Server-Side Encryption - Preliminaries
#### Secret Keys
The Minio server uses an unique, randomly generated secret key per object also known as,
The MinIO server uses an unique, randomly generated secret key per object also known as,
Object Encryption Key ([OEK](#oek)). Neither the client-provided SSE-C key nor the KMS-managed
key is directly used to en/decrypt an object. Instead, the OEK is stored as part of the object
metadata next to the object in an encrypted form. To en/decrypt the OEK another secret key is
needed also known as, Key Encryption Key ([KEK](#kek)).
The Minio server runs a key-derivation algorithm to generate the KEK using a pseudo-random
The MinIO server runs a key-derivation algorithm to generate the KEK using a pseudo-random
function ([PRF](#prf)):
`KEK := PRF(EK, IV, context_values)` where
- [EK](#ek): is the external key. In case of SSE-C this is the client-provided key. In case of SSE-S3
@@ -41,7 +41,7 @@ To summarize for any encrypted object there exists (at least) three different ke
#### Content Encryption
The Minio server uses an authenticated encryption scheme ([AEAD](#aead)) to en/decrypt and
The MinIO server uses an authenticated encryption scheme ([AEAD](#aead)) to en/decrypt and
authenticate the object content. The AEAD is combined with some state to build a
*Secure Channel*. A *Secure Channel* is a cryptographic construction that ensures confidentiality
and integrity of the processed data. In particular the *Secure Channel* splits the plaintext content
@@ -66,7 +66,7 @@ is used as secret key.
#### Cryptographic Primitives
The SSE schemes described in [Secret Keys](#Secret-Keys) and [Content Encryption](#Content-Encryption)
are generic over the cryptographic primitives. However, the Minio server uses the following
are generic over the cryptographic primitives. However, the MinIO server uses the following
cryptographic primitive implementations:
- [PRF](#prf): HMAC-SHA-256
- [AEAD](#aead): AES-256-GCM if the CPU supports AES-NI, ChaCha20-Poly1305 otherwise.
@@ -82,20 +82,20 @@ attacks. The nonce value is 96 bits long and generated randomly per object / mul
#### Randomness
The Minio server generates unique keys and other cryptographic values using a cryptographically
The MinIO server generates unique keys and other cryptographic values using a cryptographically
secure pseudo-random number generator ([CSPRNG](#csprng)). However, in the context of SSE,
the Minio server does not require that the CSPRNG generates values that are indistinguishable
the MinIO server does not require that the CSPRNG generates values that are indistinguishable
from truly random bit strings. Instead, it is sufficient if the generated values are unique - which
is a weaker requirement. Nevertheless other parts - for example the TLS-stack - may require that
CSPRNG-generated values are indistinguishable from truly random bit strings.
### Server-Side Encryption with client-provided Keys
SSE-C allows an S3 client to en/decrypt an object at the Minio server. Therefore the S3 client
SSE-C allows an S3 client to en/decrypt an object at the MinIO server. Therefore the S3 client
sends a secret key as part of the HTTP request. This secret key is **never** stored by the
Minio server and only resides in RAM during the en/decryption process.
MinIO server and only resides in RAM during the en/decryption process.
Minio does not assume or require that the client-provided key is unique. It may be used for
MinIO does not assume or require that the client-provided key is unique. It may be used for
multiple objects or buckets. Especially a single client-provided key may be used for all
objects - even though all objects must be treated as compromised if that key is ever compromised.
@@ -111,7 +111,7 @@ Such a special COPY request is also known as S3 SSE-C key rotation.
### Server-Side Encryption with a KMS
SSE-S3 allows an S3 client to en/decrypt an object at the Minio server using a KMS. The Minio
SSE-S3 allows an S3 client to en/decrypt an object at the MinIO server using a KMS. The MinIO
server only assumes that the KMS provides two services:
1. `GenerateKey`: Takes a key ID and generates a new data key from a master key referenced by
the key ID. It returns the new data key in two different forms: The plain data key
@@ -122,10 +122,10 @@ server only assumes that the KMS provides two services:
More details about supported KMS implementations and configuration can be found at the [KMS guide](https://github.com/minio/minio/blob/master/docs/kms/README.md).
The Minio server requests a new data key from the KMS for each uploaded object and uses that data key
The MinIO server requests a new data key from the KMS for each uploaded object and uses that data key
as EK. Additionally it stores the encrypted form of the data key and the master key ID as part
of the object metadata. The plain data only resides in RAM during the en/decryption process.
The Minio server does not store any SSE-related key at the KMS. Instead the KMS is treated as trusted
The MinIO server does not store any SSE-related key at the KMS. Instead the KMS is treated as trusted
component that performs key sealing/unsealing operations to build a key hierarchy:
```
@@ -158,11 +158,11 @@ component that performs key sealing/unsealing operations to build a key hierarch
#### Key rotation - Basic Operation
The Minio server supports key rotation for SSE-S3 encrypted objects. Therefore, an S3 client
The MinIO server supports key rotation for SSE-S3 encrypted objects. Therefore, an S3 client
must perform a S3 COPY operation where the copy source and destination are equal and the SSE-S3 HTTP
header is set. The minio server decrypts the OEK using the current encrypted data key and the
master key ID of the object metadata. If this succeeds, the server requests a new data key
from the KMS using the master key ID of the **current Minio KMS configuration** and re-wraps the
from the KMS using the master key ID of the **current MinIO KMS configuration** and re-wraps the
*OEK* with a new *KEK* derived from the new data key / EK:
```
@@ -221,10 +221,10 @@ functional API's at this time.
#### Secure Erasure and Locking
The Minio server requires an available KMS to en/decrypt SSE-S3 encrypted objects. Therefore it
The MinIO server requires an available KMS to en/decrypt SSE-S3 encrypted objects. Therefore it
is possible to erase or lock some or all encrypted objects. For example in case of a detected attack
or other emergency situations the following actions can be taken:
- Seal the KMS such that it cannot be accessed by Minio server anymore. That will lock **all**
- Seal the KMS such that it cannot be accessed by MinIO server anymore. That will lock **all**
SSE-S3 encrypted objects protected by master keys stored on the KMS. All these objects
can not be decrypted as long as the KMS is sealed.
- Seal/Unmount one/some master keys. That will lock all SSE-S3 encrypted objects protected by

18
docs/select/README.md
View File

@@ -1,4 +1,4 @@
# Select API Quickstart Guide [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io)
# Select API Quickstart Guide [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)
Traditional retrieval of objects is always as whole entities, i.e GetObject for a 5 GiB object, will always return 5 GiB of data. S3 Select API allows us to retrieve a subset of data by using simple SQL expressions. By using Select API to retrieve only the data needed by the application, drastic performance improvements can be achieved.
You can use the Select API to query objects with following features:
@@ -11,7 +11,7 @@ You can use the Select API to query objects with following features:
Type inference and automatic conversion of values is performed based on the context when the value is un-typed (such as when reading CSV data). If present, the CAST function overrides automatic conversion.
## 1. Prerequisites
- Install Minio Server from [here](http://docs.minio.io/docs/minio-quickstart-guide).
- Install MinIO Server from [here](http://docs.min.io/docs/minio-quickstart-guide).
- Familiarity with AWS S3 API.
- Familiarity with Python and installing dependencies.
@@ -60,7 +60,7 @@ for event in r['Payload']:
```
## 4. Run the Program
Upload a sample dataset to Minio using the following commands.
Upload a sample dataset to MinIO using the following commands.
```sh
$ curl "https://esa.un.org/unpd/wpp/DVD/Files/1_Indicators%20(Standard)/CSV_FILES/WPP2017_TotalPopulationBySex.csv" > TotalPopulation.csv
$ mc mb myminio/mycsvbucket
@@ -91,12 +91,12 @@ Stats details bytesProcessed:
For a more detailed SELECT SQL reference, please see [here](https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-glacier-select-sql-reference-select.html)
## 5. Explore Further
- [Use `mc` with Minio Server](https://docs.minio.io/docs/minio-client-quickstart-guide)
- [Use `mc sql` with Minio Server](https://docs.minio.io/docs/minio-client-complete-guide.html#sql)
- [Use `minio-go` SDK with Minio Server](https://docs.minio.io/docs/golang-client-quickstart-guide)
- [Use `aws-cli` with Minio Server](https://docs.minio.io/docs/aws-cli-with-minio)
- [Use `s3cmd` with Minio Server](https://docs.minio.io/docs/s3cmd-with-minio)
- [The Minio documentation website](https://docs.minio.io)
- [Use `mc` with MinIO Server](https://docs.min.io/docs/minio-client-quickstart-guide)
- [Use `mc sql` with MinIO Server](https://docs.min.io/docs/minio-client-complete-guide.html#sql)
- [Use `minio-go` SDK with MinIO Server](https://docs.min.io/docs/golang-client-quickstart-guide)
- [Use `aws-cli` with MinIO Server](https://docs.min.io/docs/aws-cli-with-minio)
- [Use `s3cmd` with MinIO Server](https://docs.min.io/docs/s3cmd-with-minio)
- [The MinIO documentation website](https://docs.min.io)
## 6. Implementation Status
- Full AWS S3 [SELECT SQL](https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-glacier-select-sql-reference-select.html) syntax is supported.

14
docs/shared-backend/DESIGN.md
View File

@@ -1,12 +1,12 @@
Introduction [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io)
Introduction [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)
------------
This feature allows Minio to serve a shared NAS drive across multiple Minio instances. There are no special configuration changes required to enable this feature. Access to files stored on NAS volume are locked and synchronized by default.
This feature allows MinIO to serve a shared NAS drive across multiple MinIO instances. There are no special configuration changes required to enable this feature. Access to files stored on NAS volume are locked and synchronized by default.
Motivation
----------
Since Minio instances serve the purpose of a single tenant there is an increasing requirement where users want to run multiple Minio instances on a same backend which is managed by an existing NAS (NFS, GlusterFS, Other distributed filesystems) rather than a local disk. This feature is implemented also with minimal disruption in mind for the user and overall UI.
Since MinIO instances serve the purpose of a single tenant there is an increasing requirement where users want to run multiple MinIO instances on a same backend which is managed by an existing NAS (NFS, GlusterFS, Other distributed filesystems) rather than a local disk. This feature is implemented also with minimal disruption in mind for the user and overall UI.
Restrictions
------------
@@ -17,11 +17,11 @@ Restrictions
## How To Run?
Running Minio instances on shared backend is no different than running on a stand-alone disk. There are no special configuration changes required to enable this feature. Access to files stored on NAS volume are locked and synchronized by default. Following examples will clarify this further for each operating system of your choice:
Running MinIO instances on shared backend is no different than running on a stand-alone disk. There are no special configuration changes required to enable this feature. Access to files stored on NAS volume are locked and synchronized by default. Following examples will clarify this further for each operating system of your choice:
### Ubuntu 16.04 LTS
Example 1: Start Minio instance on a shared backend mounted and available at `/path/to/nfs-volume`.
Example 1: Start MinIO instance on a shared backend mounted and available at `/path/to/nfs-volume`.
On linux server1
```shell
@@ -35,7 +35,7 @@ minio gateway nas /path/to/nfs-volume
### Windows 2012 Server
Example 1: Start Minio instance on a shared backend mounted and available at `\\remote-server\cifs`.
Example 1: Start MinIO instance on a shared backend mounted and available at `\\remote-server\cifs`.
On windows server1
```cmd
@@ -66,7 +66,7 @@ Architecture
### Lock process
With in the same Minio instance locking is handled by existing in-memory namespace locks (**sync.RWMutex** et. al). To synchronize locks between many Minio instances we leverage POSIX `fcntl()` locks on Unixes and on Windows `LockFileEx()` Win32 API. Requesting write lock block if there are any read locks held by neighboring Minio instance on the same path. So does the read lock if there are any active write locks in-progress.
With in the same MinIO instance locking is handled by existing in-memory namespace locks (**sync.RWMutex** et. al). To synchronize locks between many MinIO instances we leverage POSIX `fcntl()` locks on Unixes and on Windows `LockFileEx()` Win32 API. Requesting write lock block if there are any read locks held by neighboring MinIO instance on the same path. So does the read lock if there are any active write locks in-progress.
### Unlock process

44
docs/shared-backend/README.md
View File

@@ -1,37 +1,37 @@
# Shared Backend Minio Quickstart Guide [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
# Shared Backend MinIO Quickstart Guide [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
Minio shared mode lets you use single [NAS](https://en.wikipedia.org/wiki/Network-attached_storage) (like NFS, GlusterFS, and other
distributed filesystems) as the storage backend for multiple Minio servers. Synchronization among Minio servers is taken care by design.
Read more about the Minio shared mode design [here](https://github.com/minio/minio/blob/master/docs/shared-backend/DESIGN.md).
MinIO shared mode lets you use single [NAS](https://en.wikipedia.org/wiki/Network-attached_storage) (like NFS, GlusterFS, and other
distributed filesystems) as the storage backend for multiple MinIO servers. Synchronization among MinIO servers is taken care by design.
Read more about the MinIO shared mode design [here](https://github.com/minio/minio/blob/master/docs/shared-backend/DESIGN.md).
Minio shared mode is developed to solve several real world use cases, without any special configuration changes. Some of these are
MinIO shared mode is developed to solve several real world use cases, without any special configuration changes. Some of these are
- You have already invested in NAS and would like to use Minio to add S3 compatibility to your storage tier.
- You have already invested in NAS and would like to use MinIO to add S3 compatibility to your storage tier.
- You need to use NAS with an S3 interface due to your application architecture requirements.
- You expect huge traffic and need a load balanced S3 compatible server, serving files from a single NAS backend.
With a proxy running in front of multiple, shared mode Minio servers, it is very easy to create a Highly Available, load balanced, AWS S3 compatible storage system.
With a proxy running in front of multiple, shared mode MinIO servers, it is very easy to create a Highly Available, load balanced, AWS S3 compatible storage system.
# Get started
If you're aware of stand-alone Minio set up, the installation and running remains the same.
If you're aware of stand-alone MinIO set up, the installation and running remains the same.
## 1. Prerequisites
Install Minio - [Minio Quickstart Guide](https://docs.minio.io/docs/minio-quickstart-guide).
Install MinIO - [MinIO Quickstart Guide](https://docs.min.io/docs/minio-quickstart-guide).
## 2. Run Minio on Shared Backend
## 2. Run MinIO on Shared Backend
To run Minio shared backend instances, you need to start multiple Minio servers pointing to the same backend storage. We'll see examples on how to do this in the following sections.
To run MinIO shared backend instances, you need to start multiple MinIO servers pointing to the same backend storage. We'll see examples on how to do this in the following sections.
*Note*
- All the nodes running shared Minio need to have same access key and secret key. To achieve this, we export access key and secret key as environment variables on all the nodes before executing Minio server command.
- All the nodes running shared MinIO need to have same access key and secret key. To achieve this, we export access key and secret key as environment variables on all the nodes before executing MinIO server command.
- The drive paths below are for demonstration purposes only, you need to replace these with the actual drive paths/folders.
#### Minio shared mode on Ubuntu 16.04 LTS.
#### MinIO shared mode on Ubuntu 16.04 LTS.
You'll need the path to the shared volume, e.g. `/path/to/nfs-volume`. Then run the following commands on all the nodes you'd like to launch Minio.
You'll need the path to the shared volume, e.g. `/path/to/nfs-volume`. Then run the following commands on all the nodes you'd like to launch MinIO.
```sh
export MINIO_ACCESS_KEY=<ACCESS_KEY>
@@ -39,9 +39,9 @@ export MINIO_SECRET_KEY=<SECRET_KEY>
minio gateway nas /path/to/nfs-volume
```
#### Minio shared mode on Windows 2012 Server
#### MinIO shared mode on Windows 2012 Server
You'll need the path to the shared volume, e.g. `\\remote-server\smb`. Then run the following commands on all the nodes you'd like to launch Minio.
You'll need the path to the shared volume, e.g. `\\remote-server\smb`. Then run the following commands on all the nodes you'd like to launch MinIO.
```cmd
set MINIO_ACCESS_KEY=my-username
@@ -62,11 +62,11 @@ minio.exe gateway nas M:\export
## 3. Test your setup
To test this setup, access the Minio server via browser or [`mc`](https://docs.minio.io/docs/minio-client-quickstart-guide). Youll see the uploaded files are accessible from the all the Minio shared backend endpoints.
To test this setup, access the MinIO server via browser or [`mc`](https://docs.min.io/docs/minio-client-quickstart-guide). Youll see the uploaded files are accessible from the all the MinIO shared backend endpoints.
## Explore Further
- [Use `mc` with Minio Server](https://docs.minio.io/docs/minio-client-quickstart-guide)
- [Use `aws-cli` with Minio Server](https://docs.minio.io/docs/aws-cli-with-minio)
- [Use `s3cmd` with Minio Server](https://docs.minio.io/docs/s3cmd-with-minio)
- [Use `minio-go` SDK with Minio Server](https://docs.minio.io/docs/golang-client-quickstart-guide)
- [The Minio documentation website](https://docs.minio.io)
- [Use `mc` with MinIO Server](https://docs.min.io/docs/minio-client-quickstart-guide)
- [Use `aws-cli` with MinIO Server](https://docs.min.io/docs/aws-cli-with-minio)
- [Use `s3cmd` with MinIO Server](https://docs.min.io/docs/s3cmd-with-minio)
- [Use `minio-go` SDK with MinIO Server](https://docs.min.io/docs/golang-client-quickstart-guide)
- [The MinIO documentation website](https://docs.min.io)

26
docs/sts/README.md
View File

@@ -1,7 +1,7 @@
# Minio STS Quickstart Guide [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io)
The Minio Security Token Service (STS) is an endpoint service that enables clients to request temporary credentials for Minio resources. Temporary credentials work almost identically to default admin credentials, with some differences:
# MinIO STS Quickstart Guide [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)
The MinIO Security Token Service (STS) is an endpoint service that enables clients to request temporary credentials for MinIO resources. Temporary credentials work almost identically to default admin credentials, with some differences:
- Temporary credentials are short-term, as the name implies. They can be configured to last for anywhere from a few minutes to several hours. After the credentials expire, Minio no longer recognizes them or allows any kind of access from API requests made with them.
- Temporary credentials are short-term, as the name implies. They can be configured to last for anywhere from a few minutes to several hours. After the credentials expire, MinIO no longer recognizes them or allows any kind of access from API requests made with them.
- Temporary credentials do not need to be stored with the application but are generated dynamically and provided to the application when requested. When (or even before) the temporary credentials expire, the application can request new credentials.
Following are advantages for using temporary credentials:
@@ -11,9 +11,9 @@ Following are advantages for using temporary credentials:
- Temporary credentials have a limited lifetime, there is no need to rotate them or explicitly revoke them. Expired temporary credentials cannot be reused.
## Identity Federation
- [**Client grants**](https://github.com/minio/minio/blob/master/docs/sts/client-grants.md) - Let applications request `client_grants` using any well-known third party identity provider such as KeyCloak, WSO2. This is known as the client grants approach to temporary access. Using this approach helps clients keep Minio credentials to be secured. Minio STS supports client grants, tested against identity providers such as WSO2, KeyCloak.
- [**Client grants**](https://github.com/minio/minio/blob/master/docs/sts/client-grants.md) - Let applications request `client_grants` using any well-known third party identity provider such as KeyCloak, WSO2. This is known as the client grants approach to temporary access. Using this approach helps clients keep MinIO credentials to be secured. MinIO STS supports client grants, tested against identity providers such as WSO2, KeyCloak.
- [**WebIdentity**](https://github.com/minio/minio/blob/master/docs/sts/web-identity.md) - Let users request temporary credentials using any OpenID(OIDC) compatible web identity providers such as Facebook, Google etc.
- [**AssumeRole**](https://github.com/minio/minio/blob/master/docs/sts/assume-role.md) - Let Minio users request temporary credentials using user access and secret keys.
- [**AssumeRole**](https://github.com/minio/minio/blob/master/docs/sts/assume-role.md) - Let MinIO users request temporary credentials using user access and secret keys.
## Get started
In this document we will explain in detail on how to configure all the prerequisites, primarily WSO2, OPA (open policy agent).
@@ -25,8 +25,8 @@ In this document we will explain in detail on how to configure all the prerequis
- [Configuring opa (optional)](https://github.com/minio/minio/blob/master/docs/sts/opa.md)
- [Configuring etcd (optional needed only in gateway or federation mode)](https://github.com/minio/minio/blob/master/docs/sts/etcd.md)
### 2. Setup Minio with WSO2
Make sure we have followed the previous step and configured each software independently, once done we can now proceed to use Minio STS API and Minio server to use these credentials to perform object API operations.
### 2. Setup MinIO with WSO2
Make sure we have followed the previous step and configured each software independently, once done we can now proceed to use MinIO STS API and MinIO server to use these credentials to perform object API operations.
```
export MINIO_ACCESS_KEY=minio
@@ -35,10 +35,10 @@ export MINIO_IAM_JWKS_URL=https://localhost:9443/oauth2/jwks
minio server /mnt/data
```
### 3. Setup Minio Gateway with WSO2, ETCD
Make sure we have followed the previous step and configured each software independently, once done we can now proceed to use Minio STS API and Minio gateway to use these credentials to perform object API operations.
### 3. Setup MinIO Gateway with WSO2, ETCD
Make sure we have followed the previous step and configured each software independently, once done we can now proceed to use MinIO STS API and MinIO gateway to use these credentials to perform object API operations.
> NOTE: Minio gateway requires etcd to be configured to use STS API.
> NOTE: MinIO gateway requires etcd to be configured to use STS API.
```
export MINIO_ACCESS_KEY=aws_access_key
@@ -49,7 +49,7 @@ minio gateway s3
```
### 4. Test using client-grants.go
On another terminal run `client-grants.go` a sample client application which obtains JWT access tokens from an identity provider, in our case its WSO2. Uses the returned access token response to get new temporary credentials from the Minio server using the STS API call `AssumeRoleWithClientGrants`.
On another terminal run `client-grants.go` a sample client application which obtains JWT access tokens from an identity provider, in our case its WSO2. Uses the returned access token response to get new temporary credentials from the MinIO server using the STS API call `AssumeRoleWithClientGrants`.
```
go run client-grants.go -cid PoEgXP6uVO45IsENRngDXj5Au5Ya -csec eKsw6z8CtOJVBtrOWvhRWL4TUCga
@@ -64,5 +64,5 @@ go run client-grants.go -cid PoEgXP6uVO45IsENRngDXj5Au5Ya -csec eKsw6z8CtOJVBtrO
```
## Explore Further
- [Minio Admin Complete Guide](https://docs.minio.io/docs/minio-admin-complete-guide.html)
- [The Minio documentation website](https://docs.minio.io)
- [MinIO Admin Complete Guide](https://docs.min.io/docs/minio-admin-complete-guide.html)
- [The MinIO documentation website](https://docs.min.io)

10
docs/sts/assume-role.md
View File

@@ -1,10 +1,10 @@
## AssumeRole [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io)
Returns a set of temporary security credentials that you can use to access Minio resources. AssumeRole requires authorization credentials for an existing user on Minio. The advantages of this API are
## AssumeRole [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)
Returns a set of temporary security credentials that you can use to access MinIO resources. AssumeRole requires authorization credentials for an existing user on MinIO. The advantages of this API are
- To be able to reliably use S3 multipart APIs feature of the SDKs without re-inventing the wheel of pre-signing the each URL in multipart API. This is very tedious to implement with all the scenarios of fault tolerance that's already implemented by the client SDK. The general client SDKs don't support multipart with presigned URLs.
- To be able to easily get the temporary credentials to upload to a prefix. Make it possible for a client to upload a whole folder using the session. The server side applications need not create a presigned URL and serve to the client for each file. Since, the client would have the session it can do it by itself.
The temporary security credentials returned by this API consists of an access key, a secret key, and a security token. Applications can use these temporary security credentials to sign calls to Minio API operations. The policy applied to these temporary credentials is inherited from the Minio user credentials. By default, the temporary security credentials created by AssumeRole last for one hour. However, use the optional DurationSeconds parameter to specify the duration of the credentials. This value varies from 900 seconds (15 minutes) up to the maximum session duration to 12 hours.
The temporary security credentials returned by this API consists of an access key, a secret key, and a security token. Applications can use these temporary security credentials to sign calls to MinIO API operations. The policy applied to these temporary credentials is inherited from the MinIO user credentials. By default, the temporary security credentials created by AssumeRole last for one hour. However, use the optional DurationSeconds parameter to specify the duration of the credentials. This value varies from 900 seconds (15 minutes) up to the maximum session duration to 12 hours.
### Request Parameters
#### DurationSeconds
@@ -67,7 +67,7 @@ $ export MINIO_SECRET_KEY=minio123
$ minio server ~/test
```
Create new users following the multi-user guide [here](https://docs.minio.io/docs/minio-multi-user-quickstart-guide.html)
Create new users following the multi-user guide [here](https://docs.min.io/docs/minio-multi-user-quickstart-guide.html)
Testing with an example
> Use the same username and password created in the previous steps.
@@ -79,7 +79,7 @@ aws_access_key_id = foobar
aws_secret_access_key = foo12345
```
> NOTE: In the following commands `--role-arn` and `--role-session-name` are not meaningful for Minio and can be set to any value satisfying the command line requirements.
> NOTE: In the following commands `--role-arn` and `--role-session-name` are not meaningful for MinIO and can be set to any value satisfying the command line requirements.
```
$ aws --profile foobar --endpoint-url http://localhost:9000 sts assume-role --role-arn arn:xxx:xxx:xxx:xxx --role-session-name anything

4
docs/sts/client-grants.go
View File

@@ -1,7 +1,7 @@
// +build ignore
/*
* Minio Cloud Storage, (C) 2018 Minio, Inc.
* MinIO Cloud Storage, (C) 2018 MinIO, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -99,7 +99,7 @@ func main() {
log.Fatal(err)
}
// Uncommend this to use Minio API operations by initializing minio
// Uncommend this to use MinIO API operations by initializing minio
// client with obtained credentials.
opts := &minio.Options{

4
docs/sts/client-grants.md
View File

@@ -1,7 +1,7 @@
## AssumeRoleWithClientGrants [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io)
## AssumeRoleWithClientGrants [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)
Returns a set of temporary security credentials for applications/clients who have been authenticated through client credential grants provided by identity provider. Example providers include WSO2, KeyCloak etc.
Calling AssumeRoleWithClientGrants does not require the use of Minio default credentials. Therefore, client application can be distributed that requests temporary security credentials without including Minio default credentials. Instead, the identity of the caller is validated by using a JWT access token from the identity provider. The temporary security credentials returned by this API consists of an access key, a secret key, and a security token. Applications can use these temporary security credentials to sign calls to Minio API operations.
Calling AssumeRoleWithClientGrants does not require the use of MinIO default credentials. Therefore, client application can be distributed that requests temporary security credentials without including MinIO default credentials. Instead, the identity of the caller is validated by using a JWT access token from the identity provider. The temporary security credentials returned by this API consists of an access key, a secret key, and a security token. Applications can use these temporary security credentials to sign calls to MinIO API operations.
By default, the temporary security credentials created by AssumeRoleWithClientGrants last for one hour. However, use the optional DurationSeconds parameter to specify the duration of the credentials. This value varies from 900 seconds (15 minutes) up to the maximum session duration to 12 hours.

16
docs/sts/etcd.md
View File

@@ -1,4 +1,4 @@
# etcd V3 Quickstart Guide [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io)
# etcd V3 Quickstart Guide [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)
etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines.
## Get started
@@ -31,8 +31,8 @@ rm -rf /tmp/etcd-data.tmp && mkdir -p /tmp/etcd-data.tmp && \
You may also setup etcd with TLS following this documentation [here](https://coreos.com/etcd/docs/latest/op-guide/security.html)
### 3. Setup Minio with etcd
Minio server expects environment variable for etcd as `MINIO_ETCD_ENDPOINTS`, this environment variable takes many comma separated entries.
### 3. Setup MinIO with etcd
MinIO server expects environment variable for etcd as `MINIO_ETCD_ENDPOINTS`, this environment variable takes many comma separated entries.
```
export MINIO_ETCD_ENDPOINTS=http://localhost:2379
minio server /data
@@ -40,8 +40,8 @@ minio server /data
NOTE: If `etcd` is configured with `Client-to-server authentication with HTTPS client certificates` then you need to use additional envs such as `MINIO_ETCD_CLIENT_CERT` pointing to path to `etcd-client.crt` and `MINIO_ETCD_CLIENT_CERT_KEY` path to `etcd-client.key` .
### 4. Test with Minio STS API
Assuming that you have configured Minio server to support STS API by following the doc [Minio STS Quickstart Guide](https://docs.minio.io/docs/minio-sts-quickstart-guide) and once you have obtained the JWT from WSO2 as mentioned in [WSO2 Quickstart Guide](https://github.com/minio/minio/blob/master/docs/sts/wso2.md).
### 4. Test with MinIO STS API
Assuming that you have configured MinIO server to support STS API by following the doc [MinIO STS Quickstart Guide](https://docs.min.io/docs/minio-sts-quickstart-guide) and once you have obtained the JWT from WSO2 as mentioned in [WSO2 Quickstart Guide](https://github.com/minio/minio/blob/master/docs/sts/wso2.md).
```
go run client-grants.go -cid PoEgXP6uVO45IsENRngDXj5Au5Ya -csec eKsw6z8CtOJVBtrOWvhRWL4TUCga
@@ -54,8 +54,8 @@ go run client-grants.go -cid PoEgXP6uVO45IsENRngDXj5Au5Ya -csec eKsw6z8CtOJVBtrO
}
```
These credentials can now be used to perform Minio API operations, these credentials automatically expire in 1hr. To understand more about credential expiry duration and client grants STS API read further [here](https://github.com/minio/minio/blob/master/docs/sts/client-grants.md).
These credentials can now be used to perform MinIO API operations, these credentials automatically expire in 1hr. To understand more about credential expiry duration and client grants STS API read further [here](https://github.com/minio/minio/blob/master/docs/sts/client-grants.md).
## Explore Further
- [Minio STS Quickstart Guide](https://docs.minio.io/docs/minio-sts-quickstart-guide)
- [The Minio documentation website](https://docs.minio.io)
- [MinIO STS Quickstart Guide](https://docs.min.io/docs/minio-sts-quickstart-guide)
- [The MinIO documentation website](https://docs.min.io)

20
docs/sts/opa.md
View File

@@ -1,7 +1,7 @@
**Using OPA is optional with Minio. We recommend using [`policy` JWT claims](https://github.com/minio/minio/blob/master/docs/sts/wso2.md#4-jwt-claims) instead, let Minio manage your policies using `mc admin policy` and apply them on the STS credentials.**
**Using OPA is optional with MinIO. We recommend using [`policy` JWT claims](https://github.com/minio/minio/blob/master/docs/sts/wso2.md#4-jwt-claims) instead, let MinIO manage your policies using `mc admin policy` and apply them on the STS credentials.**
# OPA Quickstart Guide [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io)
OPA is a lightweight general-purpose policy engine that can be co-located with Minio server, in this document we talk about how to use OPA HTTP API to authorize Minio STS credentials.
# OPA Quickstart Guide [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)
OPA is a lightweight general-purpose policy engine that can be co-located with MinIO server, in this document we talk about how to use OPA HTTP API to authorize MinIO STS credentials.
## Get started
### 1. Prerequisites
@@ -59,15 +59,15 @@ curl -X PUT --data-binary @putobject.rego \
localhost:8181/v1/policies/putobject
```
### 4. Setup Minio with OPA
Minio server expects environment variable for OPA http API url as `MINIO_IAM_OPA_URL`, this environment variable takes a single entry.
### 4. Setup MinIO with OPA
MinIO server expects environment variable for OPA http API url as `MINIO_IAM_OPA_URL`, this environment variable takes a single entry.
```
export MINIO_IAM_OPA_URL=http://localhost:8181/v1/data/httpapi/authz
minio server /mnt/data
```
### 5. Test with Minio STS API
Assuming that Minio server is configured to support STS API by following the doc [Minio STS Quickstart Guide](https://docs.minio.io/docs/minio-sts-quickstart-guide), execute the following command to temporary credentials from Minio server.
### 5. Test with MinIO STS API
Assuming that MinIO server is configured to support STS API by following the doc [MinIO STS Quickstart Guide](https://docs.min.io/docs/minio-sts-quickstart-guide), execute the following command to temporary credentials from MinIO server.
```
go run client-grants.go -cid PoEgXP6uVO45IsENRngDXj5Au5Ya -csec eKsw6z8CtOJVBtrOWvhRWL4TUCga
@@ -80,8 +80,8 @@ go run client-grants.go -cid PoEgXP6uVO45IsENRngDXj5Au5Ya -csec eKsw6z8CtOJVBtrO
}
```
These credentials can now be used to perform Minio API operations, these credentials automatically expire in 1hr. To understand more about credential expiry duration and client grants STS API read further [here](https://github.com/minio/minio/blob/master/docs/sts/client-grants.md).
These credentials can now be used to perform MinIO API operations, these credentials automatically expire in 1hr. To understand more about credential expiry duration and client grants STS API read further [here](https://github.com/minio/minio/blob/master/docs/sts/client-grants.md).
## Explore Further
- [Minio STS Quickstart Guide](https://docs.minio.io/docs/minio-sts-quickstart-guide)
- [The Minio documentation website](https://docs.minio.io)
- [MinIO STS Quickstart Guide](https://docs.min.io/docs/minio-sts-quickstart-guide)
- [The MinIO documentation website](https://docs.min.io)

4
docs/sts/web-identity.go
View File

@@ -1,7 +1,7 @@
// +build ignore
/*
* Minio Cloud Storage, (C) 2018 Minio, Inc.
* MinIO Cloud Storage, (C) 2018 MinIO, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -55,7 +55,7 @@ type AssumeRoleWithWebIdentityResponse struct {
}
// WebIdentityResult - Contains the response to a successful AssumeRoleWithWebIdentity
// request, including temporary credentials that can be used to make Minio API requests.
// request, including temporary credentials that can be used to make MinIO API requests.
type WebIdentityResult struct {
AssumedRoleUser AssumedRoleUser `xml:",omitempty"`
Audience string `xml:",omitempty"`

6
docs/sts/web-identity.md
View File

@@ -1,5 +1,5 @@
## AssumeRoleWithWebIdentity [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io)
Calling AssumeRoleWithWebIdentity does not require the use of Minio default credentials. Therefore, you can distribute an application (for example, on mobile devices) that requests temporary security credentials without including Minio default credentials in the application. Instead, the identity of the caller is validated by using a JWT access token from the web identity provider. The temporary security credentials returned by this API consists of an access key, a secret key, and a security token. Applications can use these temporary security credentials to sign calls to Minio API operations.
## AssumeRoleWithWebIdentity [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)
Calling AssumeRoleWithWebIdentity does not require the use of MinIO default credentials. Therefore, you can distribute an application (for example, on mobile devices) that requests temporary security credentials without including MinIO default credentials in the application. Instead, the identity of the caller is validated by using a JWT access token from the web identity provider. The temporary security credentials returned by this API consists of an access key, a secret key, and a security token. Applications can use these temporary security credentials to sign calls to MinIO API operations.
By default, the temporary security credentials created by AssumeRoleWithWebIdentity last for one hour. However, use the optional DurationSeconds parameter to specify the duration of the credentials. This value varies from 900 seconds (15 minutes) up to the maximum session duration to 12 hours.
@@ -92,5 +92,5 @@ $ go run web-identity.go -cid 204367807228-ok7601k6gj1pgge7m09h7d79co8p35xx.apps
- Visit http://localhost:8080, login will direct the user to the Google OAuth2 Auth URL to obtain a permission grant.
- The redirection URI (callback handler) receives the OAuth2 callback, verifies the state parameter, and obtains a Token.
- Using the access token the callback handler further talks to Google OAuth2 Token URL to obtain an JWT id_token.
- Once obtained the JWT id_token is further sent to STS endpoint i.e Minio to retrive temporary credentials.
- Once obtained the JWT id_token is further sent to STS endpoint i.e MinIO to retrive temporary credentials.
- Temporary credentials are displayed on the browser upon successful retrieval.

20
docs/sts/wso2.md
View File

@@ -1,5 +1,5 @@
# WSO2 Quickstart Guide [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io)
WSO2 is an Identity Server open source and is released under Apache Software License Version 2.0, this document covers configuring WSO2 to be used as an identity provider for Minio server STS API.
# WSO2 Quickstart Guide [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)
WSO2 is an Identity Server open source and is released under Apache Software License Version 2.0, this document covers configuring WSO2 to be used as an identity provider for MinIO server STS API.
## Get started
### 1. Prerequisites
@@ -12,7 +12,7 @@ Once WSO2 is up and running, configure WSO2 to generate Self contained access to
1. The access token is an identifier that is hard to guess. For example, a randomly generated string of sufficient length, that the server handling the protected resource can use to lookup the associated authorization information.
2. The access token self-contains the authorization information in a manner that can be verified. For example, by encoding authorization information along with a signature into the token.
WSO2 generates tokens in first style by default, but if to be used with Minio we should configure WSO2 to provide JWT tokens instead.
WSO2 generates tokens in first style by default, but if to be used with MinIO we should configure WSO2 to provide JWT tokens instead.
### 3. Generate Self-contained Access Tokens
By default, a UUID is issued as an access token in WSO2 Identity Server, which is of the first type above. But, it also can be configured to issue a self-contained access token (JWT), which is of the second type above.
@@ -62,18 +62,18 @@ The access token received is a signed JSON Web Token (JWT). Use a JWT decoder to
|jti| _string_ | Unique identifier for the JWT token. |
|policy| _string_ | Canned policy name to be applied for STS credentials. (Recommended) |
Using the above `access_token` we can perform an STS request to Minio to get temporary credentials for Minio API operations. Minio STS API uses [JSON Web Key Set Endpoint](https://docs.wso2.com/display/IS541/JSON+Web+Key+Set+Endpoint) to validate if JWT is valid and is properly signed.
Using the above `access_token` we can perform an STS request to MinIO to get temporary credentials for MinIO API operations. MinIO STS API uses [JSON Web Key Set Endpoint](https://docs.wso2.com/display/IS541/JSON+Web+Key+Set+Endpoint) to validate if JWT is valid and is properly signed.
**We recommend setting `policy` as a custom claim for the JWT service provider follow [here](https://docs.wso2.com/display/IS550/Configuring+Claims+for+a+Service+Provider) and [here](https://docs.wso2.com/display/IS550/Handling+Custom+Claims+with+the+JWT+Bearer+Grant+Type) for relevant docs on how to configure claims for a service provider.**
### 5. Setup Minio with JWKS URL
Minio server expects environment variable for JWKS url as `MINIO_IAM_JWKS_URL`, this environment variable takes a single entry.
### 5. Setup MinIO with JWKS URL
MinIO server expects environment variable for JWKS url as `MINIO_IAM_JWKS_URL`, this environment variable takes a single entry.
```
export MINIO_IAM_JWKS_URL=https://localhost:9443/oauth2/jwks
minio server /mnt/data
```
Assuming that Minio server is configured to support STS API by following the doc [Minio STS Quickstart Guide](https://docs.minio.io/docs/minio-sts-quickstart-guide), execute the following command to temporary credentials from Minio server.
Assuming that MinIO server is configured to support STS API by following the doc [MinIO STS Quickstart Guide](https://docs.min.io/docs/minio-sts-quickstart-guide), execute the following command to temporary credentials from MinIO server.
```
go run client-grants.go -cid PoEgXP6uVO45IsENRngDXj5Au5Ya -csec eKsw6z8CtOJVBtrOWvhRWL4TUCga
@@ -86,8 +86,8 @@ go run client-grants.go -cid PoEgXP6uVO45IsENRngDXj5Au5Ya -csec eKsw6z8CtOJVBtrO
}
```
These credentials can now be used to perform Minio API operations, these credentials automatically expire in 1hr. To understand more about credential expiry duration and client grants STS API read further [here](https://github.com/minio/minio/blob/master/docs/sts/client-grants.md).
These credentials can now be used to perform MinIO API operations, these credentials automatically expire in 1hr. To understand more about credential expiry duration and client grants STS API read further [here](https://github.com/minio/minio/blob/master/docs/sts/client-grants.md).
## Explore Further
- [Minio STS Quickstart Guide](https://docs.minio.io/docs/minio-sts-quickstart-guide)
- [The Minio documentation website](https://docs.minio.io)
- [MinIO STS Quickstart Guide](https://docs.min.io/docs/minio-sts-quickstart-guide)
- [The MinIO documentation website](https://docs.min.io)

38
docs/tls/README.md
View File

@@ -1,19 +1,19 @@
# How to secure access to Minio server with TLS [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io)
# How to secure access to MinIO server with TLS [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)
This guide explains how to configure Minio Server with TLS certificates on Linux and Windows platforms.
This guide explains how to configure MinIO Server with TLS certificates on Linux and Windows platforms.
1. [Install Minio Server](#install-minio-server)
2. [Use an Existing Key and Certificate with Minio](#use-an-existing-key-and-certificate-with-minio)
3. [Generate and use Self-signed Keys and Certificates with Minio](#generate-use-self-signed-keys-certificates)
1. [Install MinIO Server](#install-minio-server)
2. [Use an Existing Key and Certificate with MinIO](#use-an-existing-key-and-certificate-with-minio)
3. [Generate and use Self-signed Keys and Certificates with MinIO](#generate-use-self-signed-keys-certificates)
4. [Install Certificates from Third-party CAs](#install-certificates-from-third-party-cas)
## <a name="install-minio-server"></a>1. Install Minio Server
## <a name="install-minio-server"></a>1. Install MinIO Server
Install Minio Server using the instructions in the [Minio Quickstart Guide](http://docs.minio.io/docs/minio-quickstart-guide).
Install MinIO Server using the instructions in the [MinIO Quickstart Guide](http://docs.min.io/docs/minio-quickstart-guide).
## <a name="use-an-existing-key-and-certificate-with-minio"></a>2. Use an Existing Key and Certificate with Minio
## <a name="use-an-existing-key-and-certificate-with-minio"></a>2. Use an Existing Key and Certificate with MinIO
This section describes how to use a private key and public certificate that have been obtained from a certificate authority (CA). If these files have not been obtained, skip to [3. Generate Self-signed Certificates](#generate-use-self-signed-keys-certificates) or generate them with [Let's Encrypt](https://letsencrypt.org) using these instructions: [https://docs.minio.io/docs/generate-let-s-encypt-certificate-using-concert-for-minio](https://docs.minio.io/docs/).
This section describes how to use a private key and public certificate that have been obtained from a certificate authority (CA). If these files have not been obtained, skip to [3. Generate Self-signed Certificates](#generate-use-self-signed-keys-certificates) or generate them with [Let's Encrypt](https://letsencrypt.org) using these instructions: [https://docs.min.io/docs/generate-let-s-encypt-certificate-using-concert-for-minio](https://docs.min.io/docs/).
Copy the existing private key and public certificate to the `certs` directory. The default certs directory is:
* **Linux:** `${HOME}/.minio/certs`
@@ -25,7 +25,7 @@ Copy the existing private key and public certificate to the `certs` directory. T
* The key and certificate files must be appended with `.key` and `.crt`, respectively.
* A certificate signed by a CA contains information about the issued identity (e.g. name, expiry, public key) and any intermediate certificates. The root CA is not included.
## <a name="generate-use-self-signed-keys-certificates"></a>3. Generate and use Self-signed Keys and Certificates with Minio
## <a name="generate-use-self-signed-keys-certificates"></a>3. Generate and use Self-signed Keys and Certificates with MinIO
This section describes how to generate a self-signed certificate using various tools:
@@ -35,8 +35,8 @@ This section describes how to generate a self-signed certificate using various t
3.4 [Use GnuTLS (for Windows) to Generate a Certificate](#using-gnu-tls)
**Note:**
* Minio only supports keys and certificates in PEM format on Linux and Windows.
* Minio doesn't currently support PFX certificates.
* MinIO only supports keys and certificates in PEM format on Linux and Windows.
* MinIO doesn't currently support PFX certificates.
### <a name="using-go"></a>3.1 Use generate_cert.go to Generate a Certificate
@@ -117,7 +117,7 @@ openssl genrsa -aes256 -out private.key 2048 -passout pass:PASSWORD
export MINIO_CERT_PASSWD=<PASSWORD>
```
The default OpenSSL format for private encrypted keys is PKCS-8, but Minio only supports PKCS-1. An RSA key that has been formatted with PKCS-8 can be converted to PKCS-1 using the following command:
The default OpenSSL format for private encrypted keys is PKCS-8, but MinIO only supports PKCS-1. An RSA key that has been formatted with PKCS-8 can be converted to PKCS-1 using the following command:
```sh
openssl rsa -in private-pkcs8-key.key -aes256 -passout pass:PASSWORD -out private.key
@@ -133,7 +133,7 @@ openssl req -new -x509 -days 3650 -key private.key -out public.crt -subj "/C=US/
**Note:** Replace `<domain.com>` with the development domain name.
Alternatively, use the command below to generate a self-signed wildcard certificate that is valid for all subdomains under `<domain.com>`. Wildcard certificates are useful for deploying distributed Minio instances, where each instance runs on a subdomain under a single parent domain.
Alternatively, use the command below to generate a self-signed wildcard certificate that is valid for all subdomains under `<domain.com>`. Wildcard certificates are useful for deploying distributed MinIO instances, where each instance runs on a subdomain under a single parent domain.
```sh
openssl req -new -x509 -days 3650 -key private.key -out public.crt -subj "/C=US/ST=state/L=location/O=organization/CN=<*.domain.com>"
@@ -254,12 +254,12 @@ certtool.exe --generate-self-signed --load-privkey private.key --template cert.c
## <a name="install-certificates-from-third-party-cas"></a>4. Install Certificates from Third-party CAs
Minio can connect to other servers, including Minio nodes or other server types such as NATs and Redis. If these servers use certificates that were not registered with a known CA, add trust for these certificates to Minio Server by placing these certificates under one of the following Minio configuration paths:
MinIO can connect to other servers, including MinIO nodes or other server types such as NATs and Redis. If these servers use certificates that were not registered with a known CA, add trust for these certificates to MinIO Server by placing these certificates under one of the following MinIO configuration paths:
* **Linux:** `~/.minio/certs/CAs/`
* **Windows**: `C:\Users\<Username>\.minio\certs\CAs`
# Explore Further
* [TLS Configuration for Minio server on Kubernetes](https://github.com/minio/minio/tree/master/docs/tls/kubernetes)
* [Minio Client Complete Guide](https://docs.minio.io/docs/minio-client-complete-guide)
* [Generate Let's Encrypt Certificate](https://docs.minio.io/docs/generate-let-s-encypt-certificate-using-concert-for-minio)
* [Setup nginx Proxy with Minio Server](https://docs.minio.io/docs/setup-nginx-proxy-with-minio)
* [TLS Configuration for MinIO server on Kubernetes](https://github.com/minio/minio/tree/master/docs/tls/kubernetes)
* [MinIO Client Complete Guide](https://docs.min.io/docs/minio-client-complete-guide)
* [Generate Let's Encrypt Certificate](https://docs.min.io/docs/generate-let-s-encypt-certificate-using-concert-for-minio)
* [Setup nginx Proxy with MinIO Server](https://docs.min.io/docs/setup-nginx-proxy-with-minio)

14
docs/tls/kubernetes/README.md
View File

@@ -1,16 +1,16 @@
# How to secure access to Minio on Kubernetes with TLS [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io)
# How to secure access to MinIO on Kubernetes with TLS [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)
This document explains how to configure Minio server with TLS certificates on Kubernetes.
This document explains how to configure MinIO server with TLS certificates on Kubernetes.
## 1. Prerequisites
- Familiarity with [Minio deployment process on Kubernetes](https://docs.minio.io/docs/deploy-minio-on-kubernetes).
- Familiarity with [MinIO deployment process on Kubernetes](https://docs.min.io/docs/deploy-minio-on-kubernetes).
- Kubernetes cluster with `kubectl` configured.
- Acquire TLS certificates, either from a CA or [create self-signed certificates](https://docs.minio.io/docs/how-to-secure-access-to-minio-server-with-tls).
- Acquire TLS certificates, either from a CA or [create self-signed certificates](https://docs.min.io/docs/how-to-secure-access-to-minio-server-with-tls).
For a [distributed Minio setup](https://docs.minio.io/docs/distributed-minio-quickstart-guide), where there are multiple pods with different domain names expected to run, you will either need wildcard certificates valid for all the domains or have specific certificates for each domain. If you are going to use specific certificates, make sure to create Kubernetes secrets accordingly.
For a [distributed MinIO setup](https://docs.min.io/docs/distributed-minio-quickstart-guide), where there are multiple pods with different domain names expected to run, you will either need wildcard certificates valid for all the domains or have specific certificates for each domain. If you are going to use specific certificates, make sure to create Kubernetes secrets accordingly.
For testing purposes, here is [how to create self-signed certificates](https://github.com/minio/minio/tree/master/docs/tls#3-generate-self-signed-certificates).
@@ -64,8 +64,8 @@ Note that the `secretName` should be same as the secret name created in previous
```
Here the name of `volumeMount` should match the name of `volume` created previously. Also `mountPath` must be set to the path of
the Minio server's config sub-directory that is used to store certificates. By default, the location is
the MinIO server's config sub-directory that is used to store certificates. By default, the location is
`/<user-running-minio>/.minio/certs`.
*Tip*: In a standard Kubernetes configuration, this will be `/root/.minio/certs`. Kubernetes will mount the secrets volume read-only,
so avoid setting `mountPath` to a path that Minio server expects to write to.
so avoid setting `mountPath` to a path that MinIO server expects to write to.

14
docs/zh_CN/FreeBSD.md
View File

@@ -1,6 +1,6 @@
# Minio FreeBSD 快速入门 [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io)
# MinIO FreeBSD 快速入门 [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)
### Minio with ZFS backend - FreeBSD
### MinIO with ZFS backend - FreeBSD
此示例假设你已经有正在运行的FreeBSD 11.x。
#### 启动 ZFS service
@@ -51,13 +51,13 @@ zpool status -x
all pools are healthy
```
#### 启动Minio服务
从FreeBSD port安装 [Minio](https://minio.io)。
#### 启动MinIO服务
从FreeBSD port安装 [MinIO](https://min.io)。
```sh
pkg install minio
```
配置Minio,让其使用挂载在`/minio-example/compressed-objects`的ZFS卷。
配置MinIO,让其使用挂载在`/minio-example/compressed-objects`的ZFS卷。
```
sysrc minio_enable=yes
sysrc minio_disks=/minio-example/compressed-objects
@@ -68,9 +68,9 @@ sysrc minio_disks=/minio-example/compressed-objects
service minio start
```
现在你已经成功的让Minio运行在ZFS上你上传的对象都获得了磁盘级别的压缩功能访问 http://localhost:9000。
现在你已经成功的让MinIO运行在ZFS上你上传的对象都获得了磁盘级别的压缩功能访问 http://localhost:9000。
#### 关闭Minio服务
#### 关闭MinIO服务
```sh
service minio stop
```

2
docs/zh_CN/backend/README.md
View File

@@ -2,7 +2,7 @@
Minio目前支持两种类型的后端。
| Minio | FS | Erasure | Stability |
| MinIO | FS | Erasure | Stability |
|:-----------:|:----:|:----:|:---:|
| Standalone | x | x | Stable |
| Distributed | x | x | Stable |

2
docs/zh_CN/backend/fs/README.md
View File

@@ -14,7 +14,7 @@ type ObjectPartInfo struct {
type fsMetaV1 struct {
Version string `json:"version"`
Format string `json:"format"`
Minio struct {
MinIO struct {
Release string `json:"release"`
} `json:"minio"`
// Metadata map for current object `fs.json`.

4
docs/zh_CN/backend/xl/README.md
View File

@@ -42,8 +42,8 @@ type xlMetaV1 struct {
Stat statInfo `json:"stat"` // Stat of the current object `xl.json`.
// Erasure coded info for the current object `xl.json`.
Erasure erasureInfo `json:"erasure"`
// Minio release tag for current object `xl.json`.
Minio struct {
// MinIO release tag for current object `xl.json`.
MinIO struct {
Release string `json:"release"`
} `json:"minio"`
// Metadata map for current object `xl.json`.

4
docs/zh_CN/browser/README.md
View File

@@ -1,6 +1,6 @@
## Minio Browser
## MinIO Browser
Minio Browser使用Json Web Token来验证JSON RPC请求。
MinIO Browser使用Json Web Token来验证JSON RPC请求。
初使请求为用户提供的`AccessKey``SecretKey`生成一个token令牌

168
docs/zh_CN/bucket/notifications/README.md
View File

@@ -1,4 +1,4 @@
# Minio存储桶通知指南 [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io)
# MinIO存储桶通知指南 [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)
存储桶Bucket如果发生改变,比如上传对象和删除对象,可以使用存储桶事件通知机制进行监控,并通过以下方式发布出去:
@@ -16,17 +16,17 @@
## 前提条件
* 从[这里](https://docs.minio.io/cn/minio-quickstart-guide)下载并安装Minio Server。
* 从[这里](https://docs.minio.io/cn/minio-client-quickstart-guide)下载并安装Minio Client。
* 从[这里](https://docs.min.io/cn/minio-quickstart-guide)下载并安装MinIO Server。
* 从[这里](https://docs.min.io/cn/minio-client-quickstart-guide)下载并安装MinIO Client。
<a name="AMQP"></a>
## 使用AMQP发布Minio事件
## 使用AMQP发布MinIO事件
从[这里](https://www.rabbitmq.com/)下载安装RabbitMQ。
### 第一步: 将AMQP endpoint添加到Minio
### 第一步: 将AMQP endpoint添加到MinIO
Minio Server的配置文件默认路径是 ``~/.minio/config.json``。AMQP配置信息是在`notify`这个节点下的`amqp`节点下在这里为你的AMQP实例创建配置信息键值对key是你的AMQP endpoint的名称value是下面表格中列列的键值对集合。
MinIO Server的配置文件默认路径是 ``~/.minio/config.json``。AMQP配置信息是在`notify`这个节点下的`amqp`节点下在这里为你的AMQP实例创建配置信息键值对key是你的AMQP endpoint的名称value是下面表格中列列的键值对集合。
| 参数 | 类型 | 描述 |
|:---|:---|:---|
@@ -64,14 +64,14 @@ Minio Server的配置文件默认路径是 ``~/.minio/config.json``。AMQP配置
}
```
更新完配置文件后重启Minio Server让配置生效。如果一切顺利Minio Server会在启动时输出一行信息类似 `SQS ARNs: arn:minio:sqs:us-east-1:1:amqp`。
更新完配置文件后重启MinIO Server让配置生效。如果一切顺利MinIO Server会在启动时输出一行信息类似 `SQS ARNs: arn:minio:sqs:us-east-1:1:amqp`。
Minio支持[RabbitMQ](https://www.rabbitmq.com/)中所有的交换方式,这次我们采用 ``fanout`` 交换。
MinIO支持[RabbitMQ](https://www.rabbitmq.com/)中所有的交换方式,这次我们采用 ``fanout`` 交换。
注意一下你可以听从你内心的想法想配几个AMQP服务就配几个只要每个AMQP服务实例有不同的ID (比如前面示例中的"1") 和配置信息。
### 第二步: 使用Minio客户端启用bucket通知
### 第二步: 使用MinIO客户端启用bucket通知
如果一个JPEG图片上传到``myminio`` server里的``images`` 存储桶或者从桶中删除,一个存储桶事件通知就会被触发。 这里ARN值是``arn:minio:sqs:us-east-1:1:amqp``想了解更多关于ARN的信息请参考[AWS ARN](http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) documentation.
@@ -135,13 +135,13 @@ python rabbit.py
```
<a name="MQTT"></a>
## 使用MQTT发布Minio事件
## 使用MQTT发布MinIO事件
从 [这里](https://mosquitto.org/)安装MQTT Broker。
### 第一步: 添加MQTT endpoint到Minio
### 第一步: 添加MQTT endpoint到MinIO
Minio Server的配置文件默认路径是 ``~/.minio/config.json``。MQTT配置信息是在`notify`这个节点下的`mqtt`节点下在这里为你的MQTT实例创建配置信息键值对key是你的MQTT endpoint的名称value是下面表格中列列的键值对集合。
MinIO Server的配置文件默认路径是 ``~/.minio/config.json``。MQTT配置信息是在`notify`这个节点下的`mqtt`节点下在这里为你的MQTT实例创建配置信息键值对key是你的MQTT endpoint的名称value是下面表格中列列的键值对集合。
| 参数 | 类型 | 描述 |
@@ -150,7 +150,7 @@ Minio Server的配置文件默认路径是 ``~/.minio/config.json``。MQTT配置
| `broker` | _string_ | (必须) MQTT server endpoint, 例如. `tcp://localhost:1883` |
| `topic` | _string_ | (必须) 要发布的MQTT主题的名称, 例如. `minio` |
| `qos` | _int_ | 设置服务质量级别 |
| `clientId` | _string_ | MQTT代理识别Minio的唯一ID |
| `clientId` | _string_ | MQTT代理识别MinIO的唯一ID |
| `username` | _string_ | 连接MQTT server的用户名 (如果需要的话) |
| `password` | _string_ | 链接MQTT server的密码 (如果需要的话) |
@@ -170,14 +170,14 @@ Minio Server的配置文件默认路径是 ``~/.minio/config.json``。MQTT配置
}
```
更新完配置文件后重启Minio Server让配置生效。如果一切顺利Minio Server会在启动时输出一行信息类似 `SQS ARNs: arn:minio:sqs:us-east-1:1:mqtt`。
更新完配置文件后重启MinIO Server让配置生效。如果一切顺利MinIO Server会在启动时输出一行信息类似 `SQS ARNs: arn:minio:sqs:us-east-1:1:mqtt`。
Minio支持任何支持MQTT 3.1或3.1.1的MQTT服务器并且可以通过TCPTLS或Websocket连接使用``tcp://``, ``tls://``, or ``ws://``分别作为代理URL的方案。 更多信息,请参考 [Go Client](http://www.eclipse.org/paho/clients/golang/)。
MinIO支持任何支持MQTT 3.1或3.1.1的MQTT服务器并且可以通过TCPTLS或Websocket连接使用``tcp://``, ``tls://``, or ``ws://``分别作为代理URL的方案。 更多信息,请参考 [Go Client](http://www.eclipse.org/paho/clients/golang/)。
注意一下你还是和之前AMQP一样可以听从你内心的想法想配几个MQTT服务就配几个只要每个MQTT服务实例有不同的ID (比如前面示例中的"1") 和配置信息。
### 第二步: 使用Minio客户端启用bucket通知
### 第二步: 使用MinIO客户端启用bucket通知
如果一个JPEG图片上传到``myminio`` server里的``images`` 存储桶或者从桶中删除,一个存储桶事件通知就会被触发。 这里ARN值是``arn:minio:sqs:us-east-1:1:mqtt``。
@@ -242,33 +242,33 @@ python mqtt.py
```
<a name="Elasticsearch"></a>
## 使用Elasticsearch发布Minio事件
## 使用Elasticsearch发布MinIO事件
安装 [Elasticsearch](https://www.elastic.co/downloads/elasticsearch) 。
这个通知目标支持两种格式: _namespace_ and _access_。
如果使用的是 _namespace_ 格式, Minio将桶中的对象与索引中的文档进行同步。对于Minio的每一个事件ES都会创建一个document,这个document的ID就是存储桶以及存储对象的名称。事件的其他细节存储在document的正文中。因此如果一个已经存在的对象在Minio中被覆盖在ES中的相对应的document也会被更新。如果一个对象被删除相对应的document也会从index中删除。
如果使用的是 _namespace_ 格式, MinIO将桶中的对象与索引中的文档进行同步。对于MinIO的每一个事件ES都会创建一个document,这个document的ID就是存储桶以及存储对象的名称。事件的其他细节存储在document的正文中。因此如果一个已经存在的对象在MinIO中被覆盖在ES中的相对应的document也会被更新。如果一个对象被删除相对应的document也会从index中删除。
如果使用的是_access_格式Minio将事件作为document加到ES的index中。对于每一个事件ES同样会创建一个document,这个document包含事件的所有细节document的时间戳设置为事件的时间戳并将该document加到ES的index中。这个document的ID是由ES随机生成的。在_access_格式下没有文档会被删除或者修改对于一个对象的操作都会生成新的document附加到index中。
如果使用的是_access_格式MinIO将事件作为document加到ES的index中。对于每一个事件ES同样会创建一个document,这个document包含事件的所有细节document的时间戳设置为事件的时间戳并将该document加到ES的index中。这个document的ID是由ES随机生成的。在_access_格式下没有文档会被删除或者修改对于一个对象的操作都会生成新的document附加到index中。
下面的步骤展示的是在`namespace`格式下,如何使用通知目标。另一种格式和这个很类似,为了不让你们说我墨迹,就不再赘述了。
### 第一步:确保至少满足第低要求
Minio要求使用的是ES 5.X系统版本。如果使用的是低版本的ES也没关系ES官方支持升级迁移详情请看[这里](https://www.elastic.co/guide/en/elasticsearch/reference/current/setup-upgrade.html)。
MinIO要求使用的是ES 5.X系统版本。如果使用的是低版本的ES也没关系ES官方支持升级迁移详情请看[这里](https://www.elastic.co/guide/en/elasticsearch/reference/current/setup-upgrade.html)。
### 第二步把ES集成到Minio
### 第二步把ES集成到MinIO
Minio Server的配置文件默认路径是 ``~/.minio/config.json``。ES配置信息是在`notify`这个节点下的`elasticsearch`节点下在这里为你的ES实例创建配置信息键值对key是你的ES的名称value是下面表格中列列的键值对集合。
MinIO Server的配置文件默认路径是 ``~/.minio/config.json``。ES配置信息是在`notify`这个节点下的`elasticsearch`节点下在这里为你的ES实例创建配置信息键值对key是你的ES的名称value是下面表格中列列的键值对集合。
| 参数 | 类型 | 描述 |
|:---|:---|:---|
| `enable` | _bool_ | (必须) 是否启用这个配置? |
| `format` | _string_ | (必须) 是`namespace` 还是 `access` |
| `url` | _string_ | (必须) ES地址比如: `http://localhost:9200` |
| `index` | _string_ | (必须) 给Minio用的index |
| `index` | _string_ | (必须) 给MinIO用的index |
以下是ES的一个配置示例:
@@ -283,17 +283,17 @@ Minio Server的配置文件默认路径是 ``~/.minio/config.json``。ES配置
},
```
更新完配置文件后重启Minio Server让配置生效。如果一切顺利Minio Server会在启动时输出一行信息类似 `SQS ARNs: arn:minio:sqs:us-east-1:1:elasticsearch`。
更新完配置文件后重启MinIO Server让配置生效。如果一切顺利MinIO Server会在启动时输出一行信息类似 `SQS ARNs: arn:minio:sqs:us-east-1:1:elasticsearch`。
注意一下你又可以再一次听从你内心的想法想配几个ES服务就配几个只要每个ES服务实例有不同的ID (比如前面示例中的"1") 和配置信息。
### 第三步使用Minio客户端启用bucket通知
### 第三步使用MinIO客户端启用bucket通知
我们现在可以在一个叫`images`的存储桶上开启事件通知。一旦有文件被创建或者覆盖一个新的ES的document会被创建或者更新到之前咱配的index里。如果一个已经存在的对象被删除这个对应的document也会从index中删除。因此这个ES index里的行就映射着`images`存储桶里的对象。
要配置这种存储桶通知我们需要用到前面步骤Minio输出的ARN信息。更多有关ARN的资料请参考[这里](http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)。
要配置这种存储桶通知我们需要用到前面步骤MinIO输出的ARN信息。更多有关ARN的资料请参考[这里](http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)。
有了`mc`这个工具这些配置信息很容易就能添加上。假设咱们的Minio服务别名叫`myminio`,可执行下列脚本:
有了`mc`这个工具这些配置信息很容易就能添加上。假设咱们的MinIO服务别名叫`myminio`,可执行下列脚本:
```
mc mb myminio/images
@@ -369,7 +369,7 @@ $ curl "http://localhost:9200/minio_events/_search?pretty=true"
"source" : {
"host" : "127.0.0.1",
"port" : "38062",
"userAgent" : "Minio (linux; amd64) minio-go/2.0.3 mc/2017-02-15T17:57:25Z"
"userAgent" : "MinIO (linux; amd64) minio-go/2.0.3 mc/2017-02-15T17:57:25Z"
}
}
]
@@ -385,21 +385,21 @@ $ curl "http://localhost:9200/minio_events/_search?pretty=true"
这里我们可以看到这个document ID就是存储桶和对象的名称。如果用的是`access`格式这个document ID就是由ES随机生成的。
<a name="Redis"></a>
## 使用Redis发布Minio事件
## 使用Redis发布MinIO事件
安装 [Redis](http://redis.io/download)。为了演示,我们将数据库密码设为"yoursecret"。
这种通知目标支持两种格式: _namespace_ 和 _access_。
如果用的是_namespacee_格式Minio将存储桶里的对象同步成Redis hash中的条目。对于每一个条目对应一个存储桶里的对象其key都被设为"存储桶名称/对象名称"value都是一个有关这个Minio对象的JSON格式的事件数据。如果对象更新或者删除hash中对象的条目也会相应的更新或者删除。
如果用的是_namespacee_格式MinIO将存储桶里的对象同步成Redis hash中的条目。对于每一个条目对应一个存储桶里的对象其key都被设为"存储桶名称/对象名称"value都是一个有关这个MinIO对象的JSON格式的事件数据。如果对象更新或者删除hash中对象的条目也会相应的更新或者删除。
如果使用的是_access_,Minio使用[RPUSH](https://redis.io/commands/rpush)将事件添加到list中。这个list中每一个元素都是一个JSON格式的list,这个list中又有两个元素第一个元素是时间戳的字符串第二个元素是一个含有在这个存储桶上进行操作的事件数据的JSON对象。在这种格式下list中的元素不会更新或者删除。
如果使用的是_access_,MinIO使用[RPUSH](https://redis.io/commands/rpush)将事件添加到list中。这个list中每一个元素都是一个JSON格式的list,这个list中又有两个元素第一个元素是时间戳的字符串第二个元素是一个含有在这个存储桶上进行操作的事件数据的JSON对象。在这种格式下list中的元素不会更新或者删除。
下面的步骤展示如何在`namespace`和`access`格式下使用通知目标。
### 第一步集成Redis到Minio
### 第一步集成Redis到MinIO
Minio Server的配置文件默认路径是 ``~/.minio/config.json``。Redis配置信息是在`notify`这个节点下的`redis`节点下在这里为你的Redis实例创建配置信息键值对key是你的Redis端的名称value是下面表格中的键值对里面值的集合。
MinIO Server的配置文件默认路径是 ``~/.minio/config.json``。Redis配置信息是在`notify`这个节点下的`redis`节点下在这里为你的Redis实例创建配置信息键值对key是你的Redis端的名称value是下面表格中的键值对里面值的集合。
| 参数 | 类型 | 描述 |
|:---|:---|:---|
@@ -422,17 +422,17 @@ Minio Server的配置文件默认路径是 ``~/.minio/config.json``。Redis配
}
```
更新完配置文件后重启Minio Server让配置生效。如果一切顺利Minio Server会在启动时输出一行信息类似 `SQS ARNs: arn:minio:sqs:us-east-1:1:redis`。
更新完配置文件后重启MinIO Server让配置生效。如果一切顺利MinIO Server会在启动时输出一行信息类似 `SQS ARNs: arn:minio:sqs:us-east-1:1:redis`。
注意一下你永远都可以听从你内心的想法想配几个Redis服务就配几个只要每个Redis服务实例有不同的ID (比如前面示例中的"1") 和配置信息。
### 第二步: 使用Minio客户端启用bucket通知
### 第二步: 使用MinIO客户端启用bucket通知
我们现在可以在一个叫`images`的存储桶上开启事件通知。一旦有文件被创建或者覆盖一个新的key会被创建,或者一个已经存在的key就会被更新到之前配置好的redis hash里。如果一个已经存在的对象被删除这个对应的key也会从hash中删除。因此这个Redis hash里的行就映射着`images`存储桶里的`.jpg`对象。
要配置这种存储桶通知我们需要用到前面步骤Minio输出的ARN信息。更多有关ARN的资料请参考[这里](http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)。
要配置这种存储桶通知我们需要用到前面步骤MinIO输出的ARN信息。更多有关ARN的资料请参考[这里](http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)。
有了`mc`这个工具这些配置信息很容易就能添加上。假设咱们的Minio服务别名叫`myminio`,可执行下列脚本:
有了`mc`这个工具这些配置信息很容易就能添加上。假设咱们的MinIO服务别名叫`myminio`,可执行下列脚本:
```
mc mb myminio/images
@@ -457,27 +457,27 @@ OK
mc cp myphoto.jpg myminio/images
```
在上一个终端中你将看到Minio在Redis上执行的操作
在上一个终端中你将看到MinIO在Redis上执行的操作
```
127.0.0.1:6379> monitor
OK
1490686879.650649 [0 172.17.0.1:44710] "PING"
1490686879.651061 [0 172.17.0.1:44710] "HSET" "minio_events" "images/myphoto.jpg" "{\"Records\":[{\"eventVersion\":\"2.0\",\"eventSource\":\"minio:s3\",\"awsRegion\":\"us-east-1\",\"eventTime\":\"2017-03-28T07:41:19Z\",\"eventName\":\"s3:ObjectCreated:Put\",\"userIdentity\":{\"principalId\":\"minio\"},\"requestParameters\":{\"sourceIPAddress\":\"127.0.0.1:52234\"},\"responseElements\":{\"x-amz-request-id\":\"14AFFBD1ACE5F632\",\"x-minio-origin-endpoint\":\"http://192.168.86.115:9000\"},\"s3\":{\"s3SchemaVersion\":\"1.0\",\"configurationId\":\"Config\",\"bucket\":{\"name\":\"images\",\"ownerIdentity\":{\"principalId\":\"minio\"},\"arn\":\"arn:aws:s3:::images\"},\"object\":{\"key\":\"myphoto.jpg\",\"size\":2586,\"eTag\":\"5d284463f9da279f060f0ea4d11af098\",\"sequencer\":\"14AFFBD1ACE5F632\"}},\"source\":{\"host\":\"127.0.0.1\",\"port\":\"52234\",\"userAgent\":\"Minio (linux; amd64) minio-go/2.0.3 mc/2017-02-15T17:57:25Z\"}}]}"
1490686879.651061 [0 172.17.0.1:44710] "HSET" "minio_events" "images/myphoto.jpg" "{\"Records\":[{\"eventVersion\":\"2.0\",\"eventSource\":\"minio:s3\",\"awsRegion\":\"us-east-1\",\"eventTime\":\"2017-03-28T07:41:19Z\",\"eventName\":\"s3:ObjectCreated:Put\",\"userIdentity\":{\"principalId\":\"minio\"},\"requestParameters\":{\"sourceIPAddress\":\"127.0.0.1:52234\"},\"responseElements\":{\"x-amz-request-id\":\"14AFFBD1ACE5F632\",\"x-minio-origin-endpoint\":\"http://192.168.86.115:9000\"},\"s3\":{\"s3SchemaVersion\":\"1.0\",\"configurationId\":\"Config\",\"bucket\":{\"name\":\"images\",\"ownerIdentity\":{\"principalId\":\"minio\"},\"arn\":\"arn:aws:s3:::images\"},\"object\":{\"key\":\"myphoto.jpg\",\"size\":2586,\"eTag\":\"5d284463f9da279f060f0ea4d11af098\",\"sequencer\":\"14AFFBD1ACE5F632\"}},\"source\":{\"host\":\"127.0.0.1\",\"port\":\"52234\",\"userAgent\":\"MinIO (linux; amd64) minio-go/2.0.3 mc/2017-02-15T17:57:25Z\"}}]}"
```
在这我们可以看到Minio在`minio_events`这个key上执行了`HSET`命令。
在这我们可以看到MinIO在`minio_events`这个key上执行了`HSET`命令。
如果用的是`access`格式,那么`minio_events`就是一个list,Minio就会调用`RPUSH`添加到list中。这个list的消费者会使用`BLPOP`从list的最左端删除list元素。
如果用的是`access`格式,那么`minio_events`就是一个list,MinIO就会调用`RPUSH`添加到list中。这个list的消费者会使用`BLPOP`从list的最左端删除list元素。
<a name="NATS"></a>
## 使用NATS发布Minio事件
## 使用NATS发布MinIO事件
安装 [NATS](http://nats.io/).
### 第一步集成NATS到Minio
### 第一步集成NATS到MinIO
Minio Server的配置文件默认路径是 ``~/.minio/config.json``。参考下面的示例修改NATS的配置:
MinIO Server的配置文件默认路径是 ``~/.minio/config.json``。参考下面的示例修改NATS的配置:
```
"nats": {
@@ -501,9 +501,9 @@ Minio Server的配置文件默认路径是 ``~/.minio/config.json``。参考下
},
```
更新完配置文件后重启Minio Server让配置生效。``bucketevents``是NATS在这个例子中使用的主题。
更新完配置文件后重启MinIO Server让配置生效。``bucketevents``是NATS在这个例子中使用的主题。
Minio服务也支持 [NATS Streaming mode](http://nats.io/documentation/streaming/nats-streaming-intro/) ,这种模式额外提供了像 `Message/event persistence`, `At-least-once-delivery`, 以及 `Publisher rate limiting`这样的功能。如果想让Minio服务发送通知到NATS Streaming server,参考下面示面进行配置:
MinIO服务也支持 [NATS Streaming mode](http://nats.io/documentation/streaming/nats-streaming-intro/) ,这种模式额外提供了像 `Message/event persistence`, `At-least-once-delivery`, 以及 `Publisher rate limiting`这样的功能。如果想让MinIO服务发送通知到NATS Streaming server,参考下面示面进行配置:
```
"nats": {
@@ -528,7 +528,7 @@ Minio服务也支持 [NATS Streaming mode](http://nats.io/documentation/streamin
```
更多关于 `clusterID`, `clientID` 的信息,请看 [NATS documentation](https://github.com/nats-io/nats-streaming-server/blob/master/README.md). 关于 `maxPubAcksInflight` ,请看 [这里](https://github.com/nats-io/go-nats-streaming#publisher-rate-limiting).
### 第二步: 使用Minio客户端启用bucket通知
### 第二步: 使用MinIO客户端启用bucket通知
我们现在可以在一个叫`images`的存储桶上开启事件通知,一旦``myminio`` server上有文件 从``images``存储桶里删除或者上传到存储桶中事件即被触发。在这里ARN的值是``arn:minio:sqs:us-east-1:1:nats``。 更多有关ARN的资料请参考[这里](http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)。
@@ -638,29 +638,29 @@ mc cp myphoto.jpg myminio/images
``nats.go``示例程序将事件通知打印到控制台。
```
Received a message: {"EventType":"s3:ObjectCreated:Put","Key":"images/myphoto.jpg","Records":[{"eventVersion":"2.0","eventSource":"minio:s3","awsRegion":"","eventTime":"2017-07-07T18:46:37Z","eventName":"s3:ObjectCreated:Put","userIdentity":{"principalId":"minio"},"requestParameters":{"sourceIPAddress":"192.168.1.80:55328"},"responseElements":{"x-amz-request-id":"14CF20BD1EFD5B93","x-minio-origin-endpoint":"http://127.0.0.1:9000"},"s3":{"s3SchemaVersion":"1.0","configurationId":"Config","bucket":{"name":"images","ownerIdentity":{"principalId":"minio"},"arn":"arn:aws:s3:::images"},"object":{"key":"myphoto.jpg","size":248682,"eTag":"f1671feacb8bbf7b0397c6e9364e8c92","contentType":"image/jpeg","userDefined":{"content-type":"image/jpeg"},"versionId":"1","sequencer":"14CF20BD1EFD5B93"}},"source":{"host":"192.168.1.80","port":"55328","userAgent":"Minio (linux; amd64) minio-go/2.0.4 mc/DEVELOPMENT.GOGET"}}],"level":"info","msg":"","time":"2017-07-07T11:46:37-07:00"}
Received a message: {"EventType":"s3:ObjectCreated:Put","Key":"images/myphoto.jpg","Records":[{"eventVersion":"2.0","eventSource":"minio:s3","awsRegion":"","eventTime":"2017-07-07T18:46:37Z","eventName":"s3:ObjectCreated:Put","userIdentity":{"principalId":"minio"},"requestParameters":{"sourceIPAddress":"192.168.1.80:55328"},"responseElements":{"x-amz-request-id":"14CF20BD1EFD5B93","x-minio-origin-endpoint":"http://127.0.0.1:9000"},"s3":{"s3SchemaVersion":"1.0","configurationId":"Config","bucket":{"name":"images","ownerIdentity":{"principalId":"minio"},"arn":"arn:aws:s3:::images"},"object":{"key":"myphoto.jpg","size":248682,"eTag":"f1671feacb8bbf7b0397c6e9364e8c92","contentType":"image/jpeg","userDefined":{"content-type":"image/jpeg"},"versionId":"1","sequencer":"14CF20BD1EFD5B93"}},"source":{"host":"192.168.1.80","port":"55328","userAgent":"MinIO (linux; amd64) minio-go/2.0.4 mc/DEVELOPMENT.GOGET"}}],"level":"info","msg":"","time":"2017-07-07T11:46:37-07:00"}
```
<a name="PostgreSQL"></a>
## 使用PostgreSQL发布Minio事件
## 使用PostgreSQL发布MinIO事件
安装 [PostgreSQL](https://www.postgresql.org/) 数据库。为了演示,我们将"postgres"用户的密码设为`password`,并且创建了一个`minio_events`数据库来存储事件信息。
这个通知目标支持两种格式: _namespace_ and _access_。
如果使用的是_namespace_格式Minio将存储桶里的对象同步成数据库表中的行。每一行有两列key和value。key是这个对象的存储桶名字加上对象名value都是一个有关这个Minio对象的JSON格式的事件数据。如果对象更新或者删除表中相应的行也会相应的更新或者删除。
如果使用的是_namespace_格式MinIO将存储桶里的对象同步成数据库表中的行。每一行有两列key和value。key是这个对象的存储桶名字加上对象名value都是一个有关这个MinIO对象的JSON格式的事件数据。如果对象更新或者删除表中相应的行也会相应的更新或者删除。
如果使用的是_access_,Minio将将事件添加到表里行有两列event_time 和 event_data。event_time是事件在Minio server里发生的时间event_data是有关这个Minio对象的JSON格式的事件数据。在这种格式下不会有行会被删除或者修改。
如果使用的是_access_,MinIO将将事件添加到表里行有两列event_time 和 event_data。event_time是事件在MinIO server里发生的时间event_data是有关这个MinIO对象的JSON格式的事件数据。在这种格式下不会有行会被删除或者修改。
下面的步骤展示的是如何在`namespace`格式下使用通知目标,`_access_`差不多,不再赘述,我相信你可以触类旁通,举一反三,不要让我失望哦。
### 第一步:确保确保至少满足第低要求
Minio要求PostgresSQL9.5版本及以上。 Minio用了PostgreSQL9.5引入的[`INSERT ON CONFLICT`](https://www.postgresql.org/docs/9.5/static/sql-insert.html#SQL-ON-CONFLICT) (aka UPSERT) 特性,以及9.4引入的 [JSONB](https://www.postgresql.org/docs/9.4/static/datatype-json.html) 数据类型。
MinIO要求PostgresSQL9.5版本及以上。 MinIO用了PostgreSQL9.5引入的[`INSERT ON CONFLICT`](https://www.postgresql.org/docs/9.5/static/sql-insert.html#SQL-ON-CONFLICT) (aka UPSERT) 特性,以及9.4引入的 [JSONB](https://www.postgresql.org/docs/9.4/static/datatype-json.html) 数据类型。
### 第二步集成PostgreSQL到Minio
### 第二步集成PostgreSQL到MinIO
Minio Server的配置文件默认路径是 ``~/.minio/config.json``。PostgreSQL配置信息是在`notify`这个节点下的`postgresql`节点下在这里为你的PostgreSQL实例创建配置信息键值对key是你的PostgreSQL的名称value是下面表格中列列的键值对集合。
MinIO Server的配置文件默认路径是 ``~/.minio/config.json``。PostgreSQL配置信息是在`notify`这个节点下的`postgresql`节点下在这里为你的PostgreSQL实例创建配置信息键值对key是你的PostgreSQL的名称value是下面表格中列列的键值对集合。
| 参数 | 类型 | 描述 |
|:---|:---|:---|
@@ -670,7 +670,7 @@ Minio Server的配置文件默认路径是 ``~/.minio/config.json``。PostgreSQL
| `table` | _string_ | (必须) 事件对应的表名如果该表不存在Mniio server会在启动时创建。|
| `host` | _string_ | (可选) PostgresSQL的主机名默认是`localhost`|
| `port` | _string_ | (可选) PostgreSQL的端口号默认是`5432` |
| `user` | _string_ | (可选)数据库用户名默认是运行Minio server进程的用户|
| `user` | _string_ | (可选)数据库用户名默认是运行MinIO server进程的用户|
| `password` | _string_ | (可选) 数据库密码 |
| `database` | _string_ | (可选)库名 |
@@ -694,18 +694,18 @@ Minio Server的配置文件默认路径是 ``~/.minio/config.json``。PostgreSQL
注意一下为了演示咱们这把SSL禁掉了但是为了安全起见不建议在生产环境这么弄。
更新完配置文件后重启Minio Server让配置生效。如果一切顺利Minio Server会在启动时输出一行信息类似 `SQS ARNs: arn:minio:sqs:us-east-1:1:postgresql`。
更新完配置文件后重启MinIO Server让配置生效。如果一切顺利MinIO Server会在启动时输出一行信息类似 `SQS ARNs: arn:minio:sqs:us-east-1:1:postgresql`。
和之前描述的一样你也可以添加多个PostreSQL实例只要ID不重复就行。
### 第三步使用Minio客户端启用bucket通知
### 第三步使用MinIO客户端启用bucket通知
我们现在可以在一个叫`images`的存储桶上开启事件通知一旦上有文件上传到存储桶中PostgreSQL中会insert一条新的记录或者一条已经存在的记录会被update如果一个存在对象被删除一条对应的记录也会从PostgreSQL表中删除。因此PostgreSQL表中的行对应的就是存储桶里的一个对象。
要配置这种存储桶通知我们需要用到前面步骤中Minio输出的ARN信息。更多有关ARN的资料请参考[这里](http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)。
要配置这种存储桶通知我们需要用到前面步骤中MinIO输出的ARN信息。更多有关ARN的资料请参考[这里](http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)。
有了`mc`这个工具这些配置信息很容易就能添加上。假设Minio服务别名叫`myminio`,可执行下列脚本:
有了`mc`这个工具这些配置信息很容易就能添加上。假设MinIO服务别名叫`myminio`,可执行下列脚本:
```
# Create bucket named `images` in myminio
@@ -739,25 +739,25 @@ key | value
```
<a name="MySQL"></a>
## 使用MySQL发布Minio事件
## 使用MySQL发布MinIO事件
安装 [MySQL](https://dev.mysql.com/downloads/mysql/). 为了演示,我们将"postgres"用户的密码设为`password`,并且创建了一个`miniodb`数据库来存储事件信息。
这个通知目标支持两种格式: _namespace_ and _access_。
如果使用的是_namespace_格式Minio将存储桶里的对象同步成数据库表中的行。每一行有两列key_name和value。key_name是这个对象的存储桶名字加上对象名value都是一个有关这个Minio对象的JSON格式的事件数据。如果对象更新或者删除表中相应的行也会相应的更新或者删除。
如果使用的是_namespace_格式MinIO将存储桶里的对象同步成数据库表中的行。每一行有两列key_name和value。key_name是这个对象的存储桶名字加上对象名value都是一个有关这个MinIO对象的JSON格式的事件数据。如果对象更新或者删除表中相应的行也会相应的更新或者删除。
如果使用的是_access_,Minio将将事件添加到表里行有两列event_time 和 event_data。event_time是事件在Minio server里发生的时间event_data是有关这个Minio对象的JSON格式的事件数据。在这种格式下不会有行会被删除或者修改。
如果使用的是_access_,MinIO将将事件添加到表里行有两列event_time 和 event_data。event_time是事件在MinIO server里发生的时间event_data是有关这个MinIO对象的JSON格式的事件数据。在这种格式下不会有行会被删除或者修改。
下面的步骤展示的是如何在`namespace`格式下使用通知目标,`_access_`差不多,不再赘述。
### 第一步:确保确保至少满足第低要求
Minio要求MySQL 版本 5.7.8及以上Minio使用了MySQL5.7.8版本引入的 [JSON](https://dev.mysql.com/doc/refman/5.7/en/json.html) 数据类型。我们使用的是MySQL5.7.17进行的测试。
MinIO要求MySQL 版本 5.7.8及以上MinIO使用了MySQL5.7.8版本引入的 [JSON](https://dev.mysql.com/doc/refman/5.7/en/json.html) 数据类型。我们使用的是MySQL5.7.17进行的测试。
### 第二步集成MySQL到Minio
### 第二步集成MySQL到MinIO
Minio Server的配置文件默认路径是 ``~/.minio/config.json``。MySQL配置信息是在`notify`这个节点下的`mysql`节点下在这里为你的MySQL实例创建配置信息键值对key是你的PostgreSQL的名称value是下面表格中列列的键值对集合。
MinIO Server的配置文件默认路径是 ``~/.minio/config.json``。MySQL配置信息是在`notify`这个节点下的`mysql`节点下在这里为你的MySQL实例创建配置信息键值对key是你的PostgreSQL的名称value是下面表格中列列的键值对集合。
| 参数 | 类型 | 描述 |
|:---|:---|:---|
@@ -788,18 +788,18 @@ Minio Server的配置文件默认路径是 ``~/.minio/config.json``。MySQL配
}
```
更新完配置文件后重启Minio Server让配置生效。如果一切顺利Minio Server会在启动时输出一行信息类似 `SQS ARNs: arn:minio:sqs:us-east-1:1:mysql`。
更新完配置文件后重启MinIO Server让配置生效。如果一切顺利MinIO Server会在启动时输出一行信息类似 `SQS ARNs: arn:minio:sqs:us-east-1:1:mysql`。
和之前描述的一样你也可以添加多个MySQL实例只要ID不重复就行。
### 第三步使用Minio客户端启用bucket通知
### 第三步使用MinIO客户端启用bucket通知
我们现在可以在一个叫`images`的存储桶上开启事件通知一旦上有文件上传到存储桶中MySQL中会insert一条新的记录或者一条已经存在的记录会被update如果一个存在对象被删除一条对应的记录也会从MySQL表中删除。因此MySQL表中的行对应的就是存储桶里的一个对象。
要配置这种存储桶通知我们需要用到前面步骤Minio输出的ARN信息。更多有关ARN的资料请参考[这里](http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)。
要配置这种存储桶通知我们需要用到前面步骤MinIO输出的ARN信息。更多有关ARN的资料请参考[这里](http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)。
有了`mc`这个工具这些配置信息很容易就能添加上。假设咱们的Minio服务别名叫`myminio`,可执行下列脚本:
有了`mc`这个工具这些配置信息很容易就能添加上。假设咱们的MinIO服务别名叫`myminio`,可执行下列脚本:
```
# Create bucket named `images` in myminio
@@ -834,17 +834,17 @@ mysql> select * from minio_images;
```
<a name="apache-kafka"></a>
## 使用Kafka发布Minio事件
## 使用Kafka发布MinIO事件
安装[ Apache Kafka](http://kafka.apache.org/).
### 第一步:确保确保至少满足第低要求
Minio要求Kafka版本0.10或者0.9.Minio内部使用了 [Shopify/sarama](https://github.com/Shopify/sarama/) 库,因此需要和该库有同样的版本兼容性。
MinIO要求Kafka版本0.10或者0.9.MinIO内部使用了 [Shopify/sarama](https://github.com/Shopify/sarama/) 库,因此需要和该库有同样的版本兼容性。
###第二步集成Kafka到Minio
###第二步集成Kafka到MinIO
Minio Server的配置文件默认路径是 ``~/.minio/config.json``。参考下面的示例更新Kafka配置
MinIO Server的配置文件默认路径是 ``~/.minio/config.json``。参考下面的示例更新Kafka配置
```
"kafka": {
@@ -856,9 +856,9 @@ Minio Server的配置文件默认路径是 ``~/.minio/config.json``。参考下
}
```
重启Minio server让配置生效。``bucketevents``是本示例用到的Kafka主题topic
重启MinIO server让配置生效。``bucketevents``是本示例用到的Kafka主题topic
### 第三步使用Minio客户端启用bucket通知
### 第三步使用MinIO客户端启用bucket通知
我们现在可以在一个叫`images`的存储桶上开启事件通知一旦上有文件上传到存储桶中事件将被触发。在这里ARN的值是``arn:minio:sqs:us-east-1:1:kafka``。更多有关ARN的资料请参考[这里](http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)。
@@ -892,13 +892,13 @@ kafkacat -b localhost:9092 -t bucketevents
```
<a name="webhooks"></a>
## 使用Webhook发布Minio事件
## 使用Webhook发布MinIO事件
[Webhooks](https://en.wikipedia.org/wiki/Webhook) 采用推的方式获取数据,而不是一直去拉取。
### 第一步集成MySQL到Minio
### 第一步集成MySQL到MinIO
Minio Server的配置文件默认路径是 ``~/.minio/config.json``。参考下面的示例更新Webhook配置
MinIO Server的配置文件默认路径是 ``~/.minio/config.json``。参考下面的示例更新Webhook配置
```
"webhook": {
@@ -907,9 +907,9 @@ Minio Server的配置文件默认路径是 ``~/.minio/config.json``。参考下
"endpoint": "http://localhost:3000/"
}
```
endpoint是监听webhook通知的服务。保存配置文件并重启Minio服务让配配置生效。注意一下在重启Minio这个endpoint必须是启动并且可访问到。
endpoint是监听webhook通知的服务。保存配置文件并重启MinIO服务让配配置生效。注意一下在重启MinIO这个endpoint必须是启动并且可访问到。
### 第二步使用Minio客户端启用bucket通知
### 第二步使用MinIO客户端启用bucket通知
我们现在可以在一个叫`images`的存储桶上开启事件通知一旦上有文件上传到存储桶中事件将被触发。在这里ARN的值是``arn:minio:sqs:us-east-1:1:webhook``。更多有关ARN的资料请参考[这里](http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)。
@@ -933,7 +933,7 @@ arn:minio:sqs:us-east-1:1:webhook s3:ObjectCreated:* Filter: suffix=".jpg"
### 第三步采用Thumbnailer进行验证
我们使用 [Thumbnailer](https://github.com/minio/thumbnailer) 来监听Minio通知。如果有文件上传于是Minio服务Thumnailer监听到该通知生成一个缩略图并上传到Minio服务。
我们使用 [Thumbnailer](https://github.com/minio/thumbnailer) 来监听MinIO通知。如果有文件上传于是MinIO服务Thumnailer监听到该通知生成一个缩略图并上传到MinIO服务。
安装Thumbnailer:
```
@@ -941,13 +941,13 @@ git clone https://github.com/minio/thumbnailer/
npm install
```
然后打开Thumbnailer的``config/webhook.json``配置文件添加有关Minio server的配置使用下面的方式启动Thumbnailer:
然后打开Thumbnailer的``config/webhook.json``配置文件添加有关MinIO server的配置使用下面的方式启动Thumbnailer:
```
NODE_ENV=webhook node thumbnail-webhook.js
```
Thumbnailer运行在``http://localhost:3000/``。下一步配置Minio server,让其发送消息到这个URL第一步提到的并使用 ``mc`` 来设置存储桶通知第二步提到的。然后上传一张图片到Minio server:
Thumbnailer运行在``http://localhost:3000/``。下一步配置MinIO server,让其发送消息到这个URL第一步提到的并使用 ``mc`` 来设置存储桶通知第二步提到的。然后上传一张图片到MinIO server:
```
mc cp ~/images.jpg myminio/images
@@ -960,4 +960,4 @@ mc ls myminio/images-thumbnail
[2017-02-08 11:39:40 IST] 992B images-thumbnail.jpg
```
*注意* 如果你用的是 [distributed Minio](https://docs.minio.io/cn/distributed-minio-quickstart-guide),请修改所有节点的 ``~/.minio/config.json``。
*注意* 如果你用的是 [distributed MinIO](https://docs.min.io/cn/distributed-minio-quickstart-guide),请修改所有节点的 ``~/.minio/config.json``。

28
docs/zh_CN/config/README.md
View File

@@ -1,18 +1,18 @@
# Minio Server `config.json` (v18) 指南 [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
# MinIO Server `config.json` (v18) 指南 [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
Minio server在默认情况下会将所有配置信息存到 `${HOME}/.minio/config.json` 文件中。 以下部分提供每个字段的详细说明以及如何自定义它们。一个完整的 `config.json` 在 [这里](https://raw.githubusercontent.com/minio/minio/master/docs/config/config.sample.json)
MinIO server在默认情况下会将所有配置信息存到 `${HOME}/.minio/config.json` 文件中。 以下部分提供每个字段的详细说明以及如何自定义它们。一个完整的 `config.json` 在 [这里](https://raw.githubusercontent.com/minio/minio/master/docs/config/config.sample.json)
## 配置目录
默认的配置目录是 `${HOME}/.minio`,你可以使用`--config-dir`命令行选项重写之。Minio server在首次启动时会生成一个新的`config.json`,里面带有自动生成的访问凭据。
默认的配置目录是 `${HOME}/.minio`,你可以使用`--config-dir`命令行选项重写之。MinIO server在首次启动时会生成一个新的`config.json`,里面带有自动生成的访问凭据。
```sh
minio server --config-dir /etc/minio /data
```
### 证书目录
TLS证书存在``${HOME}/.minio/certs``目录下,你需要将证书放在该目录下来启用`HTTPS` 。如果你是一个乐学上进的好青年,这里有一本免费的秘籍传授一你: [如何使用TLS安全的访问minio](https://docs.minio.io/cn/how-to-secure-access-to-minio-server-with-tls).
TLS证书存在``${HOME}/.minio/certs``目录下,你需要将证书放在该目录下来启用`HTTPS` 。如果你是一个乐学上进的好青年,这里有一本免费的秘籍传授一你: [如何使用TLS安全的访问minio](https://docs.min.io/cn/how-to-secure-access-to-minio-server-with-tls).
以下是一个带来TLS证书的Minio server的目录结构。
以下是一个带来TLS证书的MinIO server的目录结构。
```sh
$ tree ~/.minio
@@ -73,14 +73,14 @@ minio server /data
|参数|类型|描述|
|:---|:---|:---|
|``notify``| |通知通过以下方式开启存储桶事件通知用于lambda计算|
|``notify.amqp``| |[通过AMQP发布Minio事件](https://docs.minio.io/cn/minio-bucket-notification-guide#AMQP)|
|``notify.mqtt``| |[通过MQTT发布Minio事件](https://docs.minio.io/cn/minio-bucket-notification-guide#MQTT)|
|``notify.elasticsearch``| |[通过Elasticsearch发布Minio事件](https://docs.minio.io/cn/minio-bucket-notification-guide#Elasticsearch)|
|``notify.redis``| |[通过Redis发布Minio事件](https://docs.minio.io/cn/minio-bucket-notification-guide#Redis)|
|``notify.nats``| |[通过NATS发布Minio事件](https://docs.minio.io/cn/minio-bucket-notification-guide#NATS)|
|``notify.postgresql``| |[通过PostgreSQL发布Minio事件](https://docs.minio.io/cn/minio-bucket-notification-guide#PostgreSQL)|
|``notify.kafka``| |[通过Apache Kafka发布Minio事件](https://docs.minio.io/cn/minio-bucket-notification-guide#apache-kafka)|
|``notify.webhook``| |[通过Webhooks发布Minio事件](https://docs.minio.io/cn/minio-bucket-notification-guide#webhooks)|
|``notify.amqp``| |[通过AMQP发布MinIO事件](https://docs.min.io/cn/minio-bucket-notification-guide#AMQP)|
|``notify.mqtt``| |[通过MQTT发布MinIO事件](https://docs.min.io/cn/minio-bucket-notification-guide#MQTT)|
|``notify.elasticsearch``| |[通过Elasticsearch发布MinIO事件](https://docs.min.io/cn/minio-bucket-notification-guide#Elasticsearch)|
|``notify.redis``| |[通过Redis发布MinIO事件](https://docs.min.io/cn/minio-bucket-notification-guide#Redis)|
|``notify.nats``| |[通过NATS发布MinIO事件](https://docs.min.io/cn/minio-bucket-notification-guide#NATS)|
|``notify.postgresql``| |[通过PostgreSQL发布MinIO事件](https://docs.min.io/cn/minio-bucket-notification-guide#PostgreSQL)|
|``notify.kafka``| |[通过Apache Kafka发布MinIO事件](https://docs.min.io/cn/minio-bucket-notification-guide#apache-kafka)|
|``notify.webhook``| |[通过Webhooks发布MinIO事件](https://docs.min.io/cn/minio-bucket-notification-guide#webhooks)|
## 了解更多
* [Minio Quickstart Guide](https://docs.minio.io/docs/minio-quickstart-guide)
* [MinIO Quickstart Guide](https://docs.min.io/docs/minio-quickstart-guide)

2
docs/zh_CN/deployment/kernel-tuning/README.md
View File

@@ -1,4 +1,4 @@
# Linux服务器上Minio生产环境的内核调优 [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
# Linux服务器上Minio生产环境的内核调优 [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
## 调优网络参数

16
docs/zh_CN/disk-caching/README.md
View File

@@ -1,4 +1,4 @@
# 磁盘缓存快速入门 [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io)
# 磁盘缓存快速入门 [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)
这里的磁盘缓存功能是指使用缓存磁盘来存储租户常用的一些数据。例如,假设你通过`gateway azure`设置访问一个对象并下载下来进行缓存那接下来的请求都会直接访问缓存磁盘上的对象直至其过期失效。此功能允许Minio用户
- 对象的读取速度性能最佳。
@@ -7,7 +7,7 @@
## 开始
### 1. 前期条件
安装Minio - [Minio快速入门](https://docs.minio.io/docs/minio-quickstart-guide)。
安装Minio - [Minio快速入门](https://docs.min.io/docs/minio-quickstart-guide)。
### 2. 运行Minio缓存
磁盘缓存可以通过修改Minio服务的`cache`配置来进行开启。配置`cache`设置需要指定磁盘路径、缓存过期时间(以天为单位)以及使用统配符方式指定的不需要进行缓存的对象。
@@ -30,12 +30,12 @@ minio server /export{1...24}
```
### 3. 验证设置是否成功
要验证是否部署成功,你可以通过浏览器或者[`mc`](https://docs.minio.io/docs/minio-client-quickstart-guide)来访问刚刚部署的Minio服务。你应该可以看到上传的文件在所有Minio节点上都可以访问。
要验证是否部署成功,你可以通过浏览器或者[`mc`](https://docs.min.io/docs/minio-client-quickstart-guide)来访问刚刚部署的Minio服务。你应该可以看到上传的文件在所有Minio节点上都可以访问。
# 了解更多
- [磁盘缓存设计](https://github.com/minio/minio/blob/master/docs/disk-caching/DESIGN.md)
- [mc快速入门](https://docs.minio.io/docs/minio-client-quickstart-guide)
- [使用 aws-cli](https://docs.minio.io/docs/aws-cli-with-minio)
- [使用 s3cmd](https://docs.minio.io/docs/s3cmd-with-minio)
- [使用 minio-go SDK](https://docs.minio.io/docs/golang-client-quickstart-guide)
- [Minio文档](https://docs.minio.io)
- [mc快速入门](https://docs.min.io/docs/minio-client-quickstart-guide)
- [使用 aws-cli](https://docs.min.io/docs/aws-cli-with-minio)
- [使用 s3cmd](https://docs.min.io/docs/s3cmd-with-minio)
- [使用 minio-go SDK](https://docs.min.io/docs/golang-client-quickstart-guide)
- [Minio文档](https://docs.min.io)

20
docs/zh_CN/distributed/README.md
View File

@@ -1,4 +1,4 @@
# 分布式Minio快速入门 [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
# 分布式Minio快速入门 [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
分布式Minio可以让你将多块硬盘甚至在不同的机器上组成一个对象存储服务。由于硬盘分布在不同的节点上分布式Minio避免了单点故障。
@@ -9,7 +9,7 @@
### 数据保护
分布式Minio采用 [erasure code](https://docs.minio.io/cn/minio-erasure-code-quickstart-guide)来防范多个节点宕机和[位衰减`bit rot`](https://github.com/minio/minio/blob/master/docs/zh_CN/erasure/README.md#what-is-bit-rot-protection)。
分布式Minio采用 [erasure code](https://docs.min.io/cn/minio-erasure-code-quickstart-guide)来防范多个节点宕机和[位衰减`bit rot`](https://github.com/minio/minio/blob/master/docs/zh_CN/erasure/README.md#what-is-bit-rot-protection)。
分布式Minio至少需要4个节点使用分布式Minio自动引入了纠删码功能。
@@ -35,7 +35,7 @@ Minio在分布式和单机模式下所有读写操作都严格遵守**read-af
## 1. 前提条件
安装Minio - [Minio快速入门](https://docs.minio.io/cn/minio-quickstart-guide).
安装Minio - [Minio快速入门](https://docs.min.io/cn/minio-quickstart-guide).
## 2. 运行分布式Minio
@@ -110,14 +110,14 @@ minio.exe server http://192.168.1.11/C:/data1 http://192.168.1.11/C:/data2 ^
## 3. 验证
验证是否部署成功使用浏览器访问Minio服务或者使用 [`mc`](https://docs.minio.io/cn/minio-client-quickstart-guide)。多个节点的存储容量和就是分布式Minio的存储容量。
验证是否部署成功使用浏览器访问Minio服务或者使用 [`mc`](https://docs.min.io/cn/minio-client-quickstart-guide)。多个节点的存储容量和就是分布式Minio的存储容量。
## 了解更多
- [Minio纠删码快速入门](https://docs.minio.io/cn/minio-erasure-code-quickstart-guide)
- [使用 `mc`](https://docs.minio.io/cn/minio-client-quickstart-guide)
- [使用 `aws-cli`](https://docs.minio.io/cn/aws-cli-with-minio)
- [使用 `s3cmd](https://docs.minio.io/cn/s3cmd-with-minio)
- [使用 `minio-go` SDK ](https://docs.minio.io/cn/golang-client-quickstart-guide)
- [Minio纠删码快速入门](https://docs.min.io/cn/minio-erasure-code-quickstart-guide)
- [使用 `mc`](https://docs.min.io/cn/minio-client-quickstart-guide)
- [使用 `aws-cli`](https://docs.min.io/cn/aws-cli-with-minio)
- [使用 `s3cmd](https://docs.min.io/cn/s3cmd-with-minio)
- [使用 `minio-go` SDK ](https://docs.min.io/cn/golang-client-quickstart-guide)
- [minio官方文档](https://docs.minio.io)
- [minio官方文档](https://docs.min.io)

40
docs/zh_CN/docker/README.md
View File

@@ -1,16 +1,16 @@
# Minio Docker 快速入门 [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
# MinIO Docker 快速入门 [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
## 前提条件
您的机器已经安装docker. 从 [这里](https://www.docker.com/community-edition#/download)下载相关软件。
## 在Docker中运行Minio单点模式。
Minio 需要一个持久卷来存储配置和应用数据。不过, 如果只是为了测试一下, 您可以通过简单地传递一个目录(在下面的示例中为`/ data`启动Minio。这个目录会在容器启动时在容器的文件系统中创建,不过所有的数据都会在容器退出时丢失。
## 在Docker中运行MinIO单点模式。
MinIO 需要一个持久卷来存储配置和应用数据。不过, 如果只是为了测试一下, 您可以通过简单地传递一个目录(在下面的示例中为`/ data`启动MinIO。这个目录会在容器启动时在容器的文件系统中创建,不过所有的数据都会在容器退出时丢失。
```sh
docker run -p 9000:9000 minio/minio server /data
```
要创建具有永久存储的Minio容器,您需要将本地持久目录从主机操作系统映射到虚拟配置`~/.minio` 并导出`/data`目录。 为此,请运行以下命令
要创建具有永久存储的MinIO容器,您需要将本地持久目录从主机操作系统映射到虚拟配置`~/.minio` 并导出`/data`目录。 为此,请运行以下命令
#### GNU/Linux 和 macOS
```sh
@@ -28,15 +28,15 @@ docker run -p 9000:9000 --name minio1 \
minio/minio server /data
```
## 在Docker中运行Minio分布式模式
分布式Minio可以通过 [Docker Compose](https://docs.minio.io/cn/deploy-minio-on-docker-compose) 或者 [Swarm mode](https://docs.minio.io/cn/deploy-minio-on-docker-swarm)进行部署。这两者之间的主要区别是Docker Compose创建了单个主机多容器部署而Swarm模式创建了一个多主机多容器部署。
## 在Docker中运行MinIO分布式模式
分布式MinIO可以通过 [Docker Compose](https://docs.min.io/cn/deploy-minio-on-docker-compose) 或者 [Swarm mode](https://docs.min.io/cn/deploy-minio-on-docker-swarm)进行部署。这两者之间的主要区别是Docker Compose创建了单个主机多容器部署而Swarm模式创建了一个多主机多容器部署。
这意味着Docker Compose可以让你快速的在你的机器上快速使用分布式Minio-非常适合开发测试环境而Swarm模式提供了更健壮生产级别的部署。
这意味着Docker Compose可以让你快速的在你的机器上快速使用分布式MinIO-非常适合开发测试环境而Swarm模式提供了更健壮生产级别的部署。
## Minio Docker提示
## MinIO Docker提示
### Minio自定义Access和Secret密钥
要覆盖Minio的自动生成的密钥您可以将Access和Secret密钥设为环境变量。 Minio允许常规字符串作为Access和Secret密钥。
### MinIO自定义Access和Secret密钥
要覆盖MinIO的自动生成的密钥您可以将Access和Secret密钥设为环境变量。 MinIO允许常规字符串作为Access和Secret密钥。
#### GNU/Linux 和 macOS
```sh
@@ -58,15 +58,15 @@ docker run -p 9000:9000 --name minio1 \
minio/minio server /data
```
### 使用Docker secrets进行Minio Access和Secret密钥自定义
要覆盖Minio的自动生成的密钥,你可以把secret和access秘钥创建成[Docker secrets](https://docs.docker.com/engine/swarm/secrets/). Minio允许常规字符串作为Access和Secret密钥。
### 使用Docker secrets进行MinIO Access和Secret密钥自定义
要覆盖MinIO的自动生成的密钥,你可以把secret和access秘钥创建成[Docker secrets](https://docs.docker.com/engine/swarm/secrets/). MinIO允许常规字符串作为Access和Secret密钥。
```
echo "AKIAIOSFODNN7EXAMPLE" | docker secret create access_key -
echo "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY" | docker secret create secret_key -
```
使用`docker service`创建Minio服务并读取Docker secrets。
使用`docker service`创建MinIO服务并读取Docker secrets。
```
docker service create --name="minio-service" --secret="access_key" --secret="secret_key" minio/minio server /data
```
@@ -94,15 +94,15 @@ docker start <container_id>
docker stop <container_id>
```
### Minio容器日志
获取Minio日志,使用 [`docker logs`](https://docs.docker.com/engine/reference/commandline/logs/) 命令。
### MinIO容器日志
获取MinIO日志,使用 [`docker logs`](https://docs.docker.com/engine/reference/commandline/logs/) 命令。
```sh
docker logs <container_id>
```
### 监控MinioDocker容器
监控Minio容器使用的资源,使用 [`docker stats`](https://docs.docker.com/engine/reference/commandline/stats/) 命令.
监控MinIO容器使用的资源,使用 [`docker stats`](https://docs.docker.com/engine/reference/commandline/stats/) 命令.
```sh
docker stats <container_id>
@@ -111,8 +111,8 @@ docker stats <container_id>
## 了解更多
* [在Docker Compose上部署Minio](https://docs.minio.io/cn/deploy-minio-on-docker-compose)
* [在Docker Swarm上部署Minio](https://docs.minio.io/cn/deploy-minio-on-docker-swarm)
* [分布式Minio快速入门](https://docs.minio.io/cn/distributed-minio-quickstart-guide)
* [Minio纠删码模式快速入门](https://docs.minio.io/cn/minio-erasure-code-quickstart-guide)
* [在Docker Compose上部署MinIO](https://docs.min.io/cn/deploy-minio-on-docker-compose)
* [在Docker Swarm上部署MinIO](https://docs.min.io/cn/deploy-minio-on-docker-swarm)
* [分布式MinIO快速入门](https://docs.min.io/cn/distributed-minio-quickstart-guide)
* [MinIO纠删码模式快速入门](https://docs.min.io/cn/minio-erasure-code-quickstart-guide)

6
docs/zh_CN/erasure/README.md
View File

@@ -1,4 +1,4 @@
# Minio纠删码快速入门 [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io)
# Minio纠删码快速入门 [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)
Minio使用纠删码`erasure code`和校验和`checksum`来保护数据免受硬件故障和无声数据损坏。 即便您丢失一半数量N/2的硬盘您仍然可以恢复数据。
@@ -14,13 +14,13 @@ Minio使用纠删码`erasure code`和校验和`checksum`来保护数据免受硬
## 什么是位衰减`bit rot`保护?
位衰减又被称为数据腐化`Data Rot`、无声数据损坏`Silent Data Corruption`,是目前硬盘数据的一种严重数据丢失问题。硬盘上的数据可能会神不知鬼不觉就损坏了,也没有什么错误日志。正所谓明枪易躲,暗箭难防,这种背地里犯的错比硬盘直接咔咔宕了还危险。 不过不用怕Minio纠删码采用了高速[BLAKE2](https://blog.minio.io/accelerating-blake2b-by-4x-using-simd-in-go-assembly-33ef16c8a56b#.jrp1fdwer) 基于哈希的校验和来防范位衰减。
位衰减又被称为数据腐化`Data Rot`、无声数据损坏`Silent Data Corruption`,是目前硬盘数据的一种严重数据丢失问题。硬盘上的数据可能会神不知鬼不觉就损坏了,也没有什么错误日志。正所谓明枪易躲,暗箭难防,这种背地里犯的错比硬盘直接咔咔宕了还危险。 不过不用怕Minio纠删码采用了高速[BLAKE2](https://blog.min.io/accelerating-blake2b-by-4x-using-simd-in-go-assembly-33ef16c8a56b#.jrp1fdwer) 基于哈希的校验和来防范位衰减。
## Minio纠删码快速入门
### 1. 前提条件:
安装Minio- [Minio快速入门](https://docs.minio.io/cn/minio-quickstart-guide)
安装Minio- [Minio快速入门](https://docs.min.io/cn/minio-quickstart-guide)
### 2. 以纠删码模式运行Minio

6
docs/zh_CN/gateway/README.md
View File

@@ -1,9 +1,9 @@
# Minio 网关 [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io)
Minio网关将Amazon S3兼容性添加到第三方云存储提供者。
# MinIO 网关 [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)
MinIO网关将Amazon S3兼容性添加到第三方云存储提供者。
- [Microsoft Azure Blob Storage](https://github.com/minio/minio/blob/master/docs/gateway/azure.md)
- [Google Cloud Storage](https://github.com/minio/minio/blob/master/docs/gateway/gcs.md) _Alpha release_
## 路线图
* Minio & AWS S3
* MinIO & AWS S3
* Edge Caching - 基于磁盘的代理缓存

2
docs/zh_CN/gateway/azure-limitations.md
View File

@@ -1,4 +1,4 @@
## Minio Azure网关限制
## MinIO Azure网关限制
网关继承了下列Azure限制:

18
docs/zh_CN/gateway/azure.md
View File

@@ -1,8 +1,8 @@
# Minio Azure 网关 [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io)
Minio网关将亚马逊S3兼容性添加到微软Azure Blob存储。
# MinIO Azure 网关 [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)
MinIO网关将亚马逊S3兼容性添加到微软Azure Blob存储。
## 运行支持微软Azure Blob存储的Minio网关
## 运行支持微软Azure Blob存储的MinIO网关
### 使用Docker
```
docker run -p 9000:9000 --name azure-s3 \
@@ -17,11 +17,11 @@ export MINIO_ACCESS_KEY=azureaccountname
export MINIO_SECRET_KEY=azureaccountkey
minio gateway azure
```
## 使用Minio浏览器验证
Minio Gateway配有嵌入式网络对象浏览器。 将您的Web浏览器指向http://127.0.0.1:9000确保您的服务器已成功启动。
## 使用MinIO浏览器验证
MinIO Gateway配有嵌入式网络对象浏览器。 将您的Web浏览器指向http://127.0.0.1:9000确保您的服务器已成功启动。
![截图](https://github.com/minio/minio/blob/master/docs/screenshots/minio-browser-gateway.png?raw=true)
## 使用Minio客户端 `mc`验证
## 使用MinIO客户端 `mc`验证
`mc` 提供了诸如lscatcpmirrordiff等UNIX命令的替代方案。它支持文件系统和Amazon S3兼容的云存储服务。
### 配置 `mc`
@@ -38,6 +38,6 @@ mc ls myazure
```
## 了解更多
- [`mc` 命令行接口](https://docs.minio.io/cn/minio-client-quickstart-guide)
- [`aws` 命令行接口](https://docs.minio.io/cn/aws-cli-with-minio)
- [`minio-go` Go SDK](https://docs.minio.io/cn/golang-client-quickstart-guide)
- [`mc` 命令行接口](https://docs.min.io/cn/minio-client-quickstart-guide)
- [`aws` 命令行接口](https://docs.min.io/cn/aws-cli-with-minio)
- [`minio-go` Go SDK](https://docs.min.io/cn/golang-client-quickstart-guide)

2
docs/zh_CN/gateway/gcs-limitations.md
View File

@@ -1,4 +1,4 @@
## Minio GCS 网关限制
## MinIO GCS 网关限制
网关继承了以下GCS限制:

18
docs/zh_CN/gateway/gcs.md
View File

@@ -1,7 +1,7 @@
# Minio GCS 网关 [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io)
Minio GCS网关将亚马逊S3兼容性添加到Google云存储。
# MinIO GCS 网关 [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)
MinIO GCS网关将亚马逊S3兼容性添加到Google云存储。
## 运行支持GCS的Minio 网关
## 运行支持GCS的MinIO 网关
### 为GCS创建服务帐户密钥并获取凭据文件
1. 访问 [API控制台凭证页面](https://console.developers.google.com/project/_/apis/credentials).
2. 选择您的项目或创建一个新项目, 记下你的项目ID。
@@ -31,12 +31,12 @@ export MINIO_SECRET_KEY=miniosecretkey
minio gateway gcs yourprojectid
```
## 使用Minio Browser验证
Minio Gateway配有嵌入式网络对象浏览器。 将您的Web浏览器指向http://127.0.0.1:9000确保您的服务器已成功启动。
## 使用MinIO Browser验证
MinIO Gateway配有嵌入式网络对象浏览器。 将您的Web浏览器指向http://127.0.0.1:9000确保您的服务器已成功启动。
![Screenshot](https://github.com/minio/minio/blob/master/docs/screenshots/minio-browser-gateway.png?raw=true)
## 使用Minio客户端 `mc`验证
## 使用MinIO客户端 `mc`验证
`mc` 提供了诸如lscatcpmirrordiff等UNIX命令的替代方案。它支持文件系统和Amazon S3兼容的云存储服务。
### 配置 `mc`
@@ -53,7 +53,7 @@ mc ls mygcs
```
## 了解更多
- [`mc` 命令行接口](https://docs.minio.io/cn/minio-client-quickstart-guide)
- [`aws` 命令行接口](https://docs.minio.io/cn/aws-cli-with-minio)
- [`minio-go` Go SDK](https://docs.minio.io/cn/golang-client-quickstart-guide)
- [`mc` 命令行接口](https://docs.min.io/cn/minio-client-quickstart-guide)
- [`aws` 命令行接口](https://docs.min.io/cn/aws-cli-with-minio)
- [`minio-go` Go SDK](https://docs.min.io/cn/golang-client-quickstart-guide)

12
docs/zh_CN/gateway/nas.md
View File

@@ -1,7 +1,7 @@
# Minio NAS网关 [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io)
Minio网关使用NAS存储支持Amazon S3。你可以在同一个共享NAS卷上运行多个minio实例作为一个分布式的对象网关。
# MinIO NAS网关 [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)
MinIO网关使用NAS存储支持Amazon S3。你可以在同一个共享NAS卷上运行多个minio实例作为一个分布式的对象网关。
## 为NAS存储运行Minio网关
## 为NAS存储运行MinIO网关
### 使用Docker
```
docker run -p 9000:9000 --name nas-s3 \
@@ -38,6 +38,6 @@ mc ls mynas
```
## 了解更多
- [`mc`快速入门](https://docs.minio.io/docs/minio-client-quickstart-guide)
- [使用 aws-cli](https://docs.minio.io/docs/aws-cli-with-minio)
- [使用 minio-go SDK](https://docs.minio.io/docs/golang-client-quickstart-guide)
- [`mc`快速入门](https://docs.min.io/docs/minio-client-quickstart-guide)
- [使用 aws-cli](https://docs.min.io/docs/aws-cli-with-minio)
- [使用 minio-go SDK](https://docs.min.io/docs/golang-client-quickstart-guide)

16
docs/zh_CN/large-bucket/README.md
View File

@@ -1,4 +1,4 @@
# 超大存储桶快速入门 [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
# 超大存储桶快速入门 [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
Minio的纠删码功能限制了最多只能使用16块磁盘。这就限制了一个租户的数据可以用多少存储空间。不过为了满足需要大量磁盘或者是超大容量存储空间的需求我们引入了超大存储桶的支持。
@@ -8,7 +8,7 @@ Minio的纠删码功能限制了最多只能使用16块磁盘。这就限制了
安装和部署方式和分布式Minio一样。只不过是在输入参数的语法上`...`来做为磁盘参数的简写。分布式设置中的远程磁盘被编码为HTTPsURI它也可以被同样的缩写。
### 1. 前提条件
安装Minio - [Minio快速入门](https://docs.minio.io/docs/minio-quickstart-guide)。
安装Minio - [Minio快速入门](https://docs.min.io/docs/minio-quickstart-guide)。
### 2. 在多个磁盘上运行Minio
我们将在下面的章节中看到如何做到这一点的例子。
@@ -37,11 +37,11 @@ minio server http://host{1...4}/export{1...16}
```
### 3. 验证设置是否成功
要验证是否部署成功,你可以通过浏览器或者[`mc`](https://docs.minio.io/docs/minio-client-quickstart-guide)来访问刚刚部署的Minio服务。你应该可以看到上传的文件在所有Minio节点上都可以访问。
要验证是否部署成功,你可以通过浏览器或者[`mc`](https://docs.min.io/docs/minio-client-quickstart-guide)来访问刚刚部署的Minio服务。你应该可以看到上传的文件在所有Minio节点上都可以访问。
## 了解更多
- [mc快速入门](https://docs.minio.io/docs/minio-client-quickstart-guide)
- [使用 aws-cli](https://docs.minio.io/docs/aws-cli-with-minio)
- [使用 s3cmd](https://docs.minio.io/docs/s3cmd-with-minio)
- [使用 minio-go SDK](https://docs.minio.io/docs/golang-client-quickstart-guide)
- [Minio文档](https://docs.minio.io)
- [mc快速入门](https://docs.min.io/docs/minio-client-quickstart-guide)
- [使用 aws-cli](https://docs.min.io/docs/aws-cli-with-minio)
- [使用 s3cmd](https://docs.min.io/docs/s3cmd-with-minio)
- [使用 minio-go SDK](https://docs.min.io/docs/golang-client-quickstart-guide)
- [Minio文档](https://docs.min.io)

8
docs/zh_CN/minio-limits.md
View File

@@ -35,17 +35,17 @@
### Minio不支持的Amazon S3 Bucket API
- BucketACL (可以用 [bucket policies](https://docs.minio.io/docs/minio-client-complete-guide#policy))
- BucketACL (可以用 [bucket policies](https://docs.min.io/docs/minio-client-complete-guide#policy))
- BucketCORS (所有HTTP方法的所有存储桶都默认启用CORS)
- BucketLifecycle (Minio纠删码不需要)
- BucketReplication (可以用 [`mc mirror`](https://docs.minio.io/docs/minio-client-complete-guide#mirror))
- BucketReplication (可以用 [`mc mirror`](https://docs.min.io/docs/minio-client-complete-guide#mirror))
- BucketVersions, BucketVersioning (可以用 [`s3git`](https://github.com/s3git/s3git))
- BucketWebsite (可以用 [`caddy`](https://github.com/mholt/caddy) or [`nginx`](https://www.nginx.com/resources/wiki/))
- BucketAnalytics, BucketMetrics, BucketLogging (可以用 [bucket notification](https://docs.minio.io/docs/minio-client-complete-guide#events) APIs)
- BucketAnalytics, BucketMetrics, BucketLogging (可以用 [bucket notification](https://docs.min.io/docs/minio-client-complete-guide#events) APIs)
- BucketRequestPayment
- BucketTagging
### Minio不支持的Amazon S3 Object API.
- ObjectACL (可以用 [bucket policies](https://docs.minio.io/docs/minio-client-complete-guide#policy))
- ObjectACL (可以用 [bucket policies](https://docs.min.io/docs/minio-client-complete-guide#policy))
- ObjectTorrent

4
docs/zh_CN/multi-tenancy/README.md
View File

@@ -1,4 +1,4 @@
# Minio多租户Multi-tenant部署指南 [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
# Minio多租户Multi-tenant部署指南 [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
## 单机部署
@@ -49,6 +49,6 @@ minio --config-dir ~/tenant3 server --address :9003 http://192.168.10.11/data/te
![示例3](https://github.com/minio/minio/blob/master/docs/screenshots/Example-3.jpg?raw=true)
## 云端可伸缩部署
对于大型多租户Minio部署我们建议使用一个流行的容器编排平台比如Kubernetes、DC/OS或者是Docker Swarm.参考 [这个文档](https://docs.minio.io/cn/minio-deployment-quickstart-guide) ,学习如何在编排平台中使用Minio。
对于大型多租户Minio部署我们建议使用一个流行的容器编排平台比如Kubernetes、DC/OS或者是Docker Swarm.参考 [这个文档](https://docs.min.io/cn/minio-deployment-quickstart-guide) ,学习如何在编排平台中使用Minio。

10
docs/zh_CN/orchestration/README.md
View File

@@ -1,13 +1,13 @@
# Minio部署快速入门 [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
# Minio部署快速入门 [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
Minio是一个[云原生](https://baike.baidu.com/item/Cloud%20Native/19865304?fr=aladdin)的应用程序旨在在多租户环境中以可持续的方式进行扩展。编排orchestration平台为Minio的扩展提供了非常好的支撑。以下是各种编排平台的Minio部署文档:
| Orchestration平台|
|:---|
| [`Docker Swarm`](https://docs.minio.io/cn/deploy-minio-on-docker-swarm) |
| [`Docker Compose`](https://docs.minio.io/cn/deploy-minio-on-docker-compose) |
| [`Kubernetes`](https://docs.minio.io/cn/deploy-minio-on-kubernetes) |
| [`DC/OS`](https://docs.minio.io/cn/deploy-minio-on-dc-os) |
| [`Docker Swarm`](https://docs.min.io/cn/deploy-minio-on-docker-swarm) |
| [`Docker Compose`](https://docs.min.io/cn/deploy-minio-on-docker-compose) |
| [`Kubernetes`](https://docs.min.io/cn/deploy-minio-on-kubernetes) |
| [`DC/OS`](https://docs.min.io/cn/deploy-minio-on-dc-os) |
## 为什么说Minio是云原生的cloud-native?
云原生这个词代表的是一些思想的集合比如微服务部署可伸缩而不是说把一个单体应用改造成容器部署。一个云原生的应用在设计时就考虑了移植性和可伸缩性而且可以通过简单的复制即可实现水平扩展。现在兴起的编排平台像Swarm、Kubernetes以及DC/OS让大规模集群的复制和管理变得前所未有的简单哪里不会点哪里。

20
docs/zh_CN/orchestration/dcos/README.md
View File

@@ -1,6 +1,6 @@
# 在 DC/OS上部署minio [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
# 在 DC/OS上部署minio [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
要在DC/OS上部署Minio,可以使用我们的 [official universe package](https://github.com/mesosphere/universe/tree/version-3.x/repo/packages/M/minio/6).
要在DC/OS上部署MinIO,可以使用我们的 [official universe package](https://github.com/mesosphere/universe/tree/version-3.x/repo/packages/M/minio/6).
## 1. 前提条件
@@ -9,18 +9,18 @@
- 识别Marathon-LB或者一个指向Marathon-LB的public agent(s)的可用主机名的 [IP of the public agent](https://dcos.io/docs/1.9/administration/locate-public-agent/) 。
## 2. 设置Minio
## 2. 设置MinIO
你可以使用DC/OS GUI或者CLI安装Minio Universe package。
你可以使用DC/OS GUI或者CLI安装MinIO Universe package。
### 使用DC/OS GUI安装Minio
- 访问DC/OS admin页面然后点击左边栏的Universe,然后点击Packages页签搜索Minio,点击左边栏的```Install```按钮。
### 使用DC/OS GUI安装MinIO
- 访问DC/OS admin页面然后点击左边栏的Universe,然后点击Packages页签搜索MinIO,点击左边栏的```Install```按钮。
- 点击按钮`Install Package`进行一键安装。你可以通过`host:9000`访问你的Minio server,其中`host`是Marathon-LB所在服务器的IP或者主机名。 `minio``minio123` 分别是默认的access key和secret key。
- 点击按钮`Install Package`进行一键安装。你可以通过`host:9000`访问你的MinIO server,其中`host`是Marathon-LB所在服务器的IP或者主机名。 `minio``minio123` 分别是默认的access key和secret key。
- 更多关于自定义安装的内容,请看[这里](https://github.com/dcos/zh_CN/examples/blob/master/minio/1.9/README.md#minio-installation-using-gui).
### 使用DC/OS CLI安装Minio
### 使用DC/OS CLI安装MinIO
使用命令行安装, 输入
@@ -28,7 +28,7 @@
$ dcos package install minio
```
## 3. 卸载Minio
## 3. 卸载MinIO
你确定要这么做吗,如果你真要这么做,我们也不会像国内的软件那么无赖。如需卸载,请输入
@@ -38,7 +38,7 @@ $ dcos package uninstall minio
### 了解更多
- [Minio Erasure Code QuickStart Guide](https://docs.minio.io/cn/minio-erasure-code-quickstart-guide)
- [MinIO Erasure Code QuickStart Guide](https://docs.min.io/cn/minio-erasure-code-quickstart-guide)
- [DC/OS Project](https://docs.mesosphere.com/)

22
docs/zh_CN/orchestration/docker-compose/README.md
View File

@@ -1,17 +1,17 @@
# 使用Docker Compose部署Minio [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
# 使用Docker Compose部署MinIO [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
Docker Compose允许定义和运行单主机多容器Docker应用程序。
使用Compose您可以使用Compose文件来配置Minio服务。 然后使用单个命令您可以通过你的配置创建并启动所有分布式Minio实例。 分布式Minio实例将部署在同一主机上的多个容器中。 这是建立基于分布式Minio的开发,测试和分期环境的好方法。
使用Compose您可以使用Compose文件来配置MinIO服务。 然后使用单个命令您可以通过你的配置创建并启动所有分布式MinIO实例。 分布式MinIO实例将部署在同一主机上的多个容器中。 这是建立基于分布式MinIO的开发,测试和分期环境的好方法。
## 1. 前提条件
* 熟悉 [Docker Compose](https://docs.docker.com/compose/overview/).
* Docker已经在本机安装从[这里](https://www.docker.com/community-edition#/download)下载相关的安装器。
## 2. 在Docker Compose上运行分布式Minio
## 2. 在Docker Compose上运行分布式MinIO
在Docker Compose上部署分布式Minio,请下载[docker-compose.yaml](https://github.com/minio/minio/blob/master/docs/orchestration/docker-compose/docker-compose.yaml?raw=true)到你的当前工作目录。Docker Compose会pull Minio Docker Image,所以你不需要手动去下载Minio binary。然后运行下面的命令
在Docker Compose上部署分布式MinIO,请下载[docker-compose.yaml](https://github.com/minio/minio/blob/master/docs/orchestration/docker-compose/docker-compose.yaml?raw=true)到你的当前工作目录。Docker Compose会pull MinIO Docker Image,所以你不需要手动去下载MinIO binary。然后运行下面的命令
### GNU/Linux and macOS
@@ -31,19 +31,19 @@ docker-compose.exe up
### 注意事项
* 默认情况下Docker Compose file使用的是最新版的Minio server的Docker镜像你可以修改image tag来拉取指定版本的[Minio Docker image](https://hub.docker.com/r/minio/minio/).
* 默认情况下Docker Compose file使用的是最新版的MinIO server的Docker镜像你可以修改image tag来拉取指定版本的[MinIO Docker image](https://hub.docker.com/r/minio/minio/).
* 默认情况下会创建4个minio实例你可以添加更多的Minio服务最多总共16个到你的Minio Comose deployment。添加一个服务
* 默认情况下会创建4个minio实例你可以添加更多的MinIO服务最多总共16个到你的MinIO Comose deployment。添加一个服务
* 复制服务定义并适当地更改新服务的名称。
* 更新每个服务中的命令部分。
* 更新要为新服务公开的端口号。 另外,请确保分配给新服务的端口尚未使用。
关于分布式Minio的更多资料,请访问[这里](https://docs.minio.io/cn/distributed-minio-quickstart-guide).
关于分布式MinIO的更多资料,请访问[这里](https://docs.min.io/cn/distributed-minio-quickstart-guide).
* Docker compose file中的Minio服务使用的端口是9001到9004这允许多个服务在主机上运行。
* Docker compose file中的MinIO服务使用的端口是9001到9004这允许多个服务在主机上运行。
### 了解更多
- [Docker Compose概述](https://docs.docker.com/compose/overview/)
- [Minio Docker快速入门](https://docs.minio.io/cn/minio-docker-quickstart-guide)
- [使用Docker Swarm部署Minio](https://docs.minio.io/cn/deploy-minio-on-docker-swarm)
- [Minio纠删码快速入门](https://docs.minio.io/cn/minio-erasure-code-quickstart-guide)
- [MinIO Docker快速入门](https://docs.min.io/cn/minio-docker-quickstart-guide)
- [使用Docker Swarm部署MinIO](https://docs.min.io/cn/deploy-minio-on-docker-swarm)
- [MinIO纠删码快速入门](https://docs.min.io/cn/minio-erasure-code-quickstart-guide)

32
docs/zh_CN/orchestration/docker-swarm/README.md
View File

@@ -1,8 +1,8 @@
# 使用Docker Swarm部署Minio [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
# 使用Docker Swarm部署MinIO [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
Docker Engine在Swarm模式下提供集群管理和编排功能。 Minio服务器可以在Swarm的分布式模式下轻松部署创建一个多租户高可用性和可扩展的对象存储。
Docker Engine在Swarm模式下提供集群管理和编排功能。 MinIO服务器可以在Swarm的分布式模式下轻松部署创建一个多租户高可用性和可扩展的对象存储。
从[Docker Engine v1.13.0](https://blog.docker.com/2017/01/whats-new-in-docker-1-13/) (Docker Compose v3.0)开始, Docker Swarm和Compose 二者[cross-compatible](https://docs.docker.com/compose/compose-file/#version-3)。这允许将Compose file用作在Swarm上部署服务的模板。 我们使用Docker Compose file创建分布式Minio设置。
从[Docker Engine v1.13.0](https://blog.docker.com/2017/01/whats-new-in-docker-1-13/) (Docker Compose v3.0)开始, Docker Swarm和Compose 二者[cross-compatible](https://docs.docker.com/compose/compose-file/#version-3)。这允许将Compose file用作在Swarm上部署服务的模板。 我们使用Docker Compose file创建分布式MinIO设置。
## 1. 前提条件
@@ -25,7 +25,7 @@ docker swarm join \
你现在可以运行上述命令[添加worker节点](https://docs.docker.com/engine/swarm/swarm-tutorial/add-nodes/)到swarm。更多关于创建swarm的细节步骤请访问[Docker documentation site](https://docs.docker.com/engine/swarm/swarm-tutorial/create-swarm/).
## 3. 为Minio创建Docker secret
## 3. 为MinIO创建Docker secret
```shell
echo "AKIAIOSFODNN7EXAMPLE" | docker secret create access_key -
@@ -42,16 +42,16 @@ docker stack deploy --compose-file=docker-compose-secrets.yaml minio_stack
这将把Compose file里描述的服务部署为Docker stack`minio_stack`。 更多 `docker stack` [命令参考](https://docs.docker.com/engine/reference/commandline/stack/)。
在stack成功部署之后你可以通过[Minio Client](https://docs.minio.io/cn/minio-client-complete-guide) `mc` 或者浏览器访问http://[Node_Public_IP_Address]:[Expose_Port_on_Host]来访问你的Minio server。
在stack成功部署之后你可以通过[MinIO Client](https://docs.min.io/cn/minio-client-complete-guide) `mc` 或者浏览器访问http://[Node_Public_IP_Address]:[Expose_Port_on_Host]来访问你的MinIO server。
## 4. 删除分布式Minio services
## 4. 删除分布式MinIO services
删除分布式Minio services以及相关的网络请运行下面的命令
删除分布式MinIO services以及相关的网络请运行下面的命令
```shell
docker stack rm minio_stack
```
Swarm不会自动删除为Minio服务创建的host volumes,如果下次新的Minio服务不熟到swarm上可能会导致损坏。因此我们建议手动删除所有Minio使用的volumes。为此到每一个swarm的节点上列出所有的volumes
Swarm不会自动删除为MinIO服务创建的host volumes,如果下次新的MinIO服务不熟到swarm上可能会导致损坏。因此我们建议手动删除所有MinIO使用的volumes。为此到每一个swarm的节点上列出所有的volumes
```shell
docker volume ls
@@ -64,23 +64,23 @@ docker volume rm volume_name
### 注意事项
* 默认情况下Docker Compose file使用的是最新版的Minio server的Docker镜像你可以修改image tag来拉取指定版本的[Minio Docker image](https://hub.docker.com/r/minio/minio/).
* 默认情况下Docker Compose file使用的是最新版的MinIO server的Docker镜像你可以修改image tag来拉取指定版本的[MinIO Docker image](https://hub.docker.com/r/minio/minio/).
* 默认情况下会创建4个minio实例你可以添加更多的Minio服务最多总共16个到你的Minio Comose deployment。添加一个服务
* 默认情况下会创建4个minio实例你可以添加更多的MinIO服务最多总共16个到你的MinIO Comose deployment。添加一个服务
* 复制服务定义并适当地更改新服务的名称。
* 更新每个服务中的命令部分。
* 更新要为新服务公开的端口号。 另外,请确保分配给新服务的端口尚未使用。
关于分布式Minio的更多资料,请访问[这里](https://docs.minio.io/cn/distributed-minio-quickstart-guide).
关于分布式MinIO的更多资料,请访问[这里](https://docs.min.io/cn/distributed-minio-quickstart-guide).
* 默认情况下Minio服务使用的是`local` volume driver. 更多配置选项,请访问[Docker documentation](https://docs.docker.com/compose/compose-file/#/volume-configuration-reference) 。
* 默认情况下MinIO服务使用的是`local` volume driver. 更多配置选项,请访问[Docker documentation](https://docs.docker.com/compose/compose-file/#/volume-configuration-reference) 。
* Docker compose file中的Minio服务使用的端口是9001到9004这允许多个服务在主机上运行。更多配置选项请访问[Docker documentation](https://docs.docker.com/compose/compose-file/#/ports).
* Docker compose file中的MinIO服务使用的端口是9001到9004这允许多个服务在主机上运行。更多配置选项请访问[Docker documentation](https://docs.docker.com/compose/compose-file/#/ports).
* Docker Swarm默认使用的是ingress做负载均衡你可以跟据需要配置[external load balancer based](https://docs.docker.com/engine/swarm/ingress/#/configure-an-external-load-balancer)。
### 了解更多
- [Docker Swarm mode概述](https://docs.docker.com/engine/swarm/)
- [Minio Docker快速入门](https://docs.minio.io/cn/minio-docker-quickstart-guide)
- [使用Docker Compose部署Minio](https://docs.minio.io/cn/deploy-minio-on-docker-compose)
- [Minio纠删码快速入门](https://docs.minio.io/cn/minio-erasure-code-quickstart-guide)
- [MinIO Docker快速入门](https://docs.min.io/cn/minio-docker-quickstart-guide)
- [使用Docker Compose部署MinIO](https://docs.min.io/cn/deploy-minio-on-docker-compose)
- [MinIO纠删码快速入门](https://docs.min.io/cn/minio-erasure-code-quickstart-guide)

102
docs/zh_CN/orchestration/kubernetes-yaml/README.md
View File

@@ -1,38 +1,38 @@
# 使用Kubernetes做Minio的云原生部署 [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
# 使用Kubernetes做MinIO的云原生部署 [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
## 目录
- [前提条件](#前提条件)
- [Minio独立模式部署](#Minio-Standalone模式部署)
- [Minio独立模式快速入门](#Minio独立模式快速入门)
- [创建持久卷声明](#Minio独立模式快速入门)
- [创建Minio的部署](#创建Minio的部署)
- [MinIO独立模式部署](#MinIO-Standalone模式部署)
- [MinIO独立模式快速入门](#MinIO独立模式快速入门)
- [创建持久卷声明](#MinIO独立模式快速入门)
- [创建MinIO的部署](#创建MinIO的部署)
- [创建Miniio服务](#创建Miniio服务)
- [更新已有的Minio部署](#更新已有的Minio部署)
- [更新已有的MinIO部署](#更新已有的MinIO部署)
- [独立模式资源清理](#独立模式资源清理)
- [Minio分布式服务部署](#Minio分布式服务部署)
- [MinIO分布式服务部署](#MinIO分布式服务部署)
- [分布式快速入门](#分布式快速入门)
- [创建Minio Headless服务](#创建Minio-Headless服务)
- [创建Minio Statefulset](#创建Minio-Statefulset)
- [创建MinIO Headless服务](#创建MinIO-Headless服务)
- [创建MinIO Statefulset](#创建MinIO-Statefulset)
- [创建负载均衡服务](#创建负载均衡服务)
- [更新已存在的Minio StatefulSet](#更新已存在的Minio-StatefulSet)
- [更新已存在的MinIO StatefulSet](#更新已存在的MinIO-StatefulSet)
- [分布式模式资源清理](#分布式模式资源清理)
- [Minio GCS 网关部署](#Minio-GCS网关部署)
- [MinIO GCS 网关部署](#MinIO-GCS网关部署)
- [GCS 网关快速入门](#GCS-网关快速入门)
- [创建GCS凭据](#创建GCS凭据)
- [创建Minio GCS Gateway部署](#创建Minio-GCS-Gateway部署)
- [创建Minio LoadBalancer服务](#创建Minio-LoadBalancer服务)
- [更新现有的Minio GCS部署](#更新现有的Minio-GCS部署)
- [创建MinIO GCS Gateway部署](#创建MinIO-GCS-Gateway部署)
- [创建MinIO LoadBalancer服务](#创建MinIO-LoadBalancer服务)
- [更新现有的MinIO GCS部署](#更新现有的MinIO-GCS部署)
- [GCS网关资源清理](#GCS网关资源清理)
## 前提条件
运行该示例你需要安装并运行Kubernetes版本>=1.4的集群,而且已经安装 [`kubectl`](https://kubernetes.io/docs/tasks/kubectl/install/) 命令行工具。请访问
[getting started guides](https://kubernetes.io/docs/getting-started-guides/)获取响应平台的安装指导。
## Minio Standalone模式部署
## MinIO Standalone模式部署
以下部分描述了如何在Kubernetes上部署一个独立的 [Minio](https://minio.io/) 服务。部署使用的是Docker Hub上的 [官方Minio Docker image](https://hub.docker.com/r/minio/minio/~/dockerfile/) 。
以下部分描述了如何在Kubernetes上部署一个独立的 [MinIO](https://min.io/) 服务。部署使用的是Docker Hub上的 [官方MinIO Docker image](https://hub.docker.com/r/minio/minio/~/dockerfile/) 。
此部分使用了以下Kubernetes的核心组件:
@@ -41,7 +41,7 @@
- [_Deployments_](https://kubernetes.io/docs/user-guide/deployments/)
- [_Persistent Volume Claims_](https://kubernetes.io/docs/user-guide/persistent-volumes/#persistentvolumeclaims)
### Minio独立模式快速入门
### MinIO独立模式快速入门
运行下面的命令快速启动
@@ -53,8 +53,8 @@ kubectl create -f https://github.com/minio/minio/blob/master/docs/orchestration/
### 创建持久卷声明
Minio需要持久卷来存储对象。如果没有持久卷Minio实例中的数据将会存到容器的文件系统中,而且在容器重启时会被清除的干干净净。
创建一个持久卷声明PVC为Minio实例请求存储。Kubernetes寻找与群集中的PVC请求匹配的PV并自动将其绑定到PVC。
MinIO需要持久卷来存储对象。如果没有持久卷MinIO实例中的数据将会存到容器的文件系统中,而且在容器重启时会被清除的干干净净。
创建一个持久卷声明PVC为MinIO实例请求存储。Kubernetes寻找与群集中的PVC请求匹配的PV并自动将其绑定到PVC。
这是一个PVC的描述
@@ -85,9 +85,9 @@ kubectl create -f https://github.com/minio/minio/blob/master/docs/orchestration/
persistentvolumeclaim "minio-pv-claim" created
```
### 创建Minio的部署
### 创建MinIO的部署
部署封装了副本集和pod - 因此如果pod掉线复制控制器会确保另一个pod自动出现。 这样您就不必担心pod失败并且可以提供稳定的Minio服务。
部署封装了副本集和pod - 因此如果pod掉线复制控制器会确保另一个pod自动出现。 这样您就不必担心pod失败并且可以提供稳定的MinIO服务。
这是一个部署的描述
@@ -114,13 +114,13 @@ spec:
claimName: minio-pv-claim
containers:
- name: minio
# Pulls the default Minio image from Docker Hub
# Pulls the default MinIO image from Docker Hub
image: minio/minio:RELEASE.2017-05-05T01-14-51Z
args:
- server
- /data
env:
# Minio access key and secret key
# MinIO access key and secret key
- name: MINIO_ACCESS_KEY
value: "minio"
- name: MINIO_SECRET_KEY
@@ -142,9 +142,9 @@ deployment "minio-deployment" created
### 创建Miniio服务
现在您正在运行Minio部署您可能希望在内部集群内访问它或者将其作为服务暴露在外部集群外部也可能是公共InternetIP地址具体取决于用例。 您可以使用服务来实现此目的。 有三种主要的服务类型 - 默认类型是ClusterIP它将集群内部的连接暴露给服务。 NodePort和LoadBalancer是向外部流量提供服务的两种类型。
现在您正在运行MinIO部署您可能希望在内部集群内访问它或者将其作为服务暴露在外部集群外部也可能是公共InternetIP地址具体取决于用例。 您可以使用服务来实现此目的。 有三种主要的服务类型 - 默认类型是ClusterIP它将集群内部的连接暴露给服务。 NodePort和LoadBalancer是向外部流量提供服务的两种类型。
在此示例中我们通过创建LoadBalancer服务来公开Minio部署。
在此示例中我们通过创建LoadBalancer服务来公开MinIO部署。
这是服务描述。
```sh
@@ -161,7 +161,7 @@ spec:
selector:
app: minio
```
创建Minio服务
创建MinIO服务
```sh
kubectl create -f https://github.com/minio/minio/blob/master/docs/orchestration/kubernetes-yaml/minio-standalone-service.yaml?raw=true
@@ -176,9 +176,9 @@ NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
minio-service 10.55.248.23 104.199.249.165 9000:31852/TCP 1m
```
### 更新已有的Minio部署
### 更新已有的MinIO部署
您可以更新现有的Minio部署以使用较新的Minio版本。 为此,请使用`kubectl set image`命令:
您可以更新现有的MinIO部署以使用较新的MinIO版本。 为此,请使用`kubectl set image`命令:
```sh
kubectl set image deployment/minio-deployment minio=<replace-with-new-minio-image>
@@ -200,9 +200,9 @@ kubectl delete deployment minio-deployment \
&& kubectl delete svc minio-service
```
## Minio分布式服务部署
## MinIO分布式服务部署
以下文档介绍了在Kubernetes上部署[分布式Minio](https://docs.minio.io/cn/distributed-minio-quickstart-guide)服务器的过程。 本示例使用Docker Hub的[官方Minio Docker镜像](https://hub.docker.com/r/minio/minio/~/dockerfile/)。
以下文档介绍了在Kubernetes上部署[分布式MinIO](https://docs.min.io/cn/distributed-minio-quickstart-guide)服务器的过程。 本示例使用Docker Hub的[官方MinIO Docker镜像](https://hub.docker.com/r/minio/minio/~/dockerfile/)。
此示例使用以下Kubernetes的核心组件
@@ -220,7 +220,7 @@ kubectl create -f https://github.com/minio/minio/blob/master/docs/orchestration/
kubectl create -f https://github.com/minio/minio/blob/master/docs/orchestration/kubernetes-yaml/minio-distributed-service.yaml?raw=true
```
###创建Minio Headless服务
###创建MinIO Headless服务
Headless服务控制在其中创建StatefulSets的域。此服务管理的域采用以下格式`$(service name).$(namespace).svc.cluster.local`其中“cluster.local”是集群域此域中的pod采用形式: `$(pod-name-{i}).$(service name).$(namespace).svc.cluster.local`。这里需要DNS来解析在Statefulset中创建的每个pods的URL。
@@ -249,9 +249,9 @@ $ kubectl create -f https://github.com/minio/minio/blob/master/docs/orchestratio
service "minio" created
```
###创建Minio Statefulset
###创建MinIO Statefulset
StatefulSet为每个pod提供确定性名称和唯一身份从而轻松部署有状态的分布式应用程序。 要启动分布式Minio您需要将驱动器位置作为参数传递到minio服务的命令。 然后您需要在所有参与的pod上运行相同的命令。 StatefulSets提供了一个完美的方式来处理这个要求。
StatefulSet为每个pod提供确定性名称和唯一身份从而轻松部署有状态的分布式应用程序。 要启动分布式MinIO您需要将驱动器位置作为参数传递到minio服务的命令。 然后您需要在所有参与的pod上运行相同的命令。 StatefulSets提供了一个完美的方式来处理这个要求。
这是Statefulset的描述。
@@ -315,9 +315,9 @@ statefulset "minio" created
### 创建负载均衡服务
现在您已经运行了Minio statefulset您可能希望在内部集群内访问它或将其作为服务暴露在外部集群外也可能是公用Internet的IP地址具体取决于用例。 您可以使用服务来实现此目的。 有三种主要的服务类型 - 默认类型是ClusterIP它将集群内部的连接暴露给服务。 NodePort和LoadBalancer是向外部流量提供服务的两种类型。
现在您已经运行了MinIO statefulset您可能希望在内部集群内访问它或将其作为服务暴露在外部集群外也可能是公用Internet的IP地址具体取决于用例。 您可以使用服务来实现此目的。 有三种主要的服务类型 - 默认类型是ClusterIP它将集群内部的连接暴露给服务。 NodePort和LoadBalancer是向外部流量提供服务的两种类型。
在此示例中我们通过创建LoadBalancer服务来公开Minio部署。
在此示例中我们通过创建LoadBalancer服务来公开MinIO部署。
这是服务描述。
```sh
@@ -334,7 +334,7 @@ spec:
selector:
app: minio
```
创建Minio service
创建MinIO service
```sh
$ kubectl create -f https://github.com/minio/minio/blob/master/docs/orchestration/kubernetes-yaml/minio-distributed-service.yaml?raw=true
@@ -349,8 +349,8 @@ NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
minio-service 10.55.248.23 104.199.249.165 9000:31852/TCP 1m
```
###更新已经存在的Minio StatefulSet
您可以更新现有的Minio StatefulSet以使用较新的Minio版本。 为此,请使用`kubectl patch statefulset`命令:
###更新已经存在的MinIO StatefulSet
您可以更新现有的MinIO StatefulSet以使用较新的MinIO版本。 为此,请使用`kubectl patch statefulset`命令:
```sh
kubectl patch statefulset minio --type='json' -p='[{"op": "replace", "path": "/spec/template/spec/containers/0/image", "value":"<replace-with-new-minio-image>"}]'
@@ -377,9 +377,9 @@ kubectl delete statefulset minio \
&& kubectl delete svc minio-service
```
## Minio GCS网关部署
## MinIO GCS网关部署
以下部分介绍在Kubernetes上部署[Minio](https://minio.io/)GCS Gateway的过程。 部署使用Docker Hub的[官方Minio Docker映像](https://hub.docker.com/r/minio/minio/~/dockerfile/)。
以下部分介绍在Kubernetes上部署[MinIO](https://min.io/)GCS Gateway的过程。 部署使用Docker Hub的[官方MinIO Docker映像](https://hub.docker.com/r/minio/minio/~/dockerfile/)。
此示例使用以下Kubernetes的核心组件
@@ -422,11 +422,11 @@ kubectl create -f https://github.com/minio/minio/blob/master/docs/orchestration/
kubectl create secret generic gcs-credentials --from-file=/path/to/gcloud/credentials/application_default_credentials.json
```
### 创建Minio GCS Gateway部署
### 创建MinIO GCS Gateway部署
部署封装了副本集和pod - 因此如果pod掉线复制控制器会确保另一个pod自动出现。 这样您就不必担心pod失败并且可以提供稳定的Minio服务。
部署封装了副本集和pod - 因此如果pod掉线复制控制器会确保另一个pod自动出现。 这样您就不必担心pod失败并且可以提供稳定的MinIO服务。
Minio Gateway使用GCS作为其存储后端需要使用GCP“projectid”来识别您的凭据。 使用GCS项目ID更新“gcp_project_id”部分。 这是部署描述。
MinIO Gateway使用GCS作为其存储后端需要使用GCP“projectid”来识别您的凭据。 使用GCS项目ID更新“gcp_project_id”部分。 这是部署描述。
```sh
apiVersion: extensions/v1beta1
@@ -451,14 +451,14 @@ spec:
secretName: gcs-credentials
containers:
- name: minio
# Pulls the default Minio image from Docker Hub
# Pulls the default MinIO image from Docker Hub
image: minio/minio:RELEASE.2017-08-05T00-00-53Z
args:
- gateway
- gcs
- gcp_project_id
env:
# Minio access key and secret key
# MinIO access key and secret key
- name: MINIO_ACCESS_KEY
value: "minio"
- name: MINIO_SECRET_KEY
@@ -482,11 +482,11 @@ kubectl create -f https://github.com/minio/minio/blob/master/docs/orchestration/
deployment "minio-deployment" created
```
### 创建Minio LoadBalancer服务
### 创建MinIO LoadBalancer服务
现在您正在运行Minio您可能希望在内部集群内访问它或者将其作为服务暴露在外部集群外部也可能是公共InternetIP地址具体取决于用例。 您可以使用服务来实现此目的。 有三种主要的服务类型 - 默认类型是ClusterIP它将集群内部的连接暴露给服务。 NodePort和LoadBalancer是向外部流量提供服务的两种类型。
现在您正在运行MinIO您可能希望在内部集群内访问它或者将其作为服务暴露在外部集群外部也可能是公共InternetIP地址具体取决于用例。 您可以使用服务来实现此目的。 有三种主要的服务类型 - 默认类型是ClusterIP它将集群内部的连接暴露给服务。 NodePort和LoadBalancer是向外部流量提供服务的两种类型。
在此示例中我们通过创建LoadBalancer服务来暴露Minio。 这是服务描述。
在此示例中我们通过创建LoadBalancer服务来暴露MinIO。 这是服务描述。
```sh
apiVersion: v1
@@ -502,7 +502,7 @@ spec:
selector:
app: minio
```
创建Minio服务
创建MinIO服务
```sh
kubectl create -f https://github.com/minio/minio/blob/master/docs/orchestration/kubernetes-yaml/minio-gcs-gateway-service.yaml?raw=true
@@ -517,9 +517,9 @@ NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
minio-service 10.55.248.23 104.199.249.165 9000:31852/TCP 1m
```
### 更新现有的Minio GCS部署
### 更新现有的MinIO GCS部署
您可以更新现有的Minio部署以使用较新的Minio版本。 为此,请使用`kubectl set image`命令:
您可以更新现有的MinIO部署以使用较新的MinIO版本。 为此,请使用`kubectl set image`命令:
```sh
kubectl set image deployment/minio-deployment minio=<replace-with-new-minio-image>

48
docs/zh_CN/orchestration/kubernetes/README.md
View File

@@ -1,10 +1,10 @@
# 使用Kubernetes部署Minio [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
# 使用Kubernetes部署MinIO [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
Kubernetes的部署和状态集提供了在独立分布式或共享模式下部署Minio服务器的完美平台。 在Kubernetes上部署Minio有多种选择,您可以选择最适合您的。
Kubernetes的部署和状态集提供了在独立分布式或共享模式下部署MinIO服务器的完美平台。 在Kubernetes上部署MinIO有多种选择,您可以选择最适合您的。
- Minio [Helm](https://helm.sh) Chart通过一个简单的命令即可提供自定义而且简单的Minio部署。更多关于Minio Helm部署的资料请访问[这里](#prerequisites).
- MinIO [Helm](https://helm.sh) Chart通过一个简单的命令即可提供自定义而且简单的MinIO部署。更多关于MinIO Helm部署的资料请访问[这里](#prerequisites).
- 你也可以浏览Kubernetes [Minio示例](https://github.com/minio/minio/blob/master/docs/orchestration/kubernetes/README.md) ,通过`.yaml`文件来部署Minio
- 你也可以浏览Kubernetes [MinIO示例](https://github.com/minio/minio/blob/master/docs/orchestration/kubernetes/README.md) ,通过`.yaml`文件来部署MinIO
<a name="prerequisites"></a>
## 1. 前提条件
@@ -14,23 +14,23 @@ Kubernetes的部署和状态集提供了在独立分布式或共享模式下
* 底层支持PV provisioner。
* 你的K8s集群里需要有Helm package manager [installed](https://github.com/kubernetes/helm#install)。
## 2. 使用Helm Chart部署Minio
## 2. 使用Helm Chart部署MinIO
安装 Minio chart
安装 MinIO chart
```bash
$ helm install stable/minio
```
以上命令以默认配置在Kubernetes群集上部署Minio。 以下部分列出了Minio图表的所有可配置参数及其默认值。
以上命令以默认配置在Kubernetes群集上部署MinIO。 以下部分列出了MinIO图表的所有可配置参数及其默认值。
### 配置
| 参数 | 描述 | 默认值 |
|----------------------------|-------------------------------------|---------------------------------------------------------|
| `image` | Minio镜像名称 | `minio/minio` |
| `imageTag` | Minio镜像tag. 可选值在 [这里](https://hub.docker.com/r/minio/minio/tags/).| `RELEASE.2017-08-05T00-00-53Z`|
| `image` | MinIO镜像名称 | `minio/minio` |
| `imageTag` | MinIO镜像tag. 可选值在 [这里](https://hub.docker.com/r/minio/minio/tags/).| `RELEASE.2017-08-05T00-00-53Z`|
| `imagePullPolicy` | Image pull policy | `Always` |
| `mode` | Minio server模式 (`standalone`, `shared` 或者 `distributed`)| `standalone` |
| `mode` | MinIO server模式 (`standalone`, `shared` 或者 `distributed`)| `standalone` |
| `numberOfNodes` | 节点数 (仅对分布式模式生效). 可选值 4 <= x <= 16 | `4` |
| `accessKey` | 默认access key | `AKIAIOSFODNN7EXAMPLE` |
| `secretKey` | 默认secret key | `wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY` |
@@ -52,7 +52,7 @@ $ helm install --name my-release \
stable/minio
```
上述命令部署了一个带上100G持久卷的Minio服务。
上述命令部署了一个带上100G持久卷的MinIO服务。
或者您可以提供一个YAML文件用于在安装chart时指定参数值。 例如,
@@ -60,43 +60,43 @@ $ helm install --name my-release \
$ helm install --name my-release -f values.yaml stable/minio
```
### 分布式Minio
### 分布式MinIO
默认情况下此图表以独立模式提供Minio服务器。 要在[分布式模式](https://docs.minio.io/cn/distributed-minio-quickstart-guide)中配置Minio服务器,请将`mode`字段设置为`distributed`,
默认情况下此图表以独立模式提供MinIO服务器。 要在[分布式模式](https://docs.min.io/cn/distributed-minio-quickstart-guide)中配置MinIO服务器,请将`mode`字段设置为`distributed`,
```bash
$ helm install --set mode=distributed stable/minio
```
上述命令部署了个带有4个节点的分布式Minio服务器。 要更改分布式Minio服务器中的节点数,请设置`numberOfNodes`属性。
上述命令部署了个带有4个节点的分布式MinIO服务器。 要更改分布式MinIO服务器中的节点数,请设置`numberOfNodes`属性。
```bash
$ helm install --set mode=distributed,numberOfNodes=8 stable/minio
```
上述命令部署了个带有8个节点的分布式Minio服务器。注意一下,`numberOfNodes`取值范围是[4,16]。
上述命令部署了个带有8个节点的分布式MinIO服务器。注意一下,`numberOfNodes`取值范围是[4,16]。
#### StatefulSet [限制](http://kubernetes.io/docs/concepts/abstractions/controllers/statefulsets/#limitations)适用于分布式Minio
#### StatefulSet [限制](http://kubernetes.io/docs/concepts/abstractions/controllers/statefulsets/#limitations)适用于分布式MinIO
* StatefulSets需要持久化存储所以如果 `mode`设成 `distributed`的话,`persistence.enabled`参数不生效。
* 卸载分布式Minio版本时需要手动删除与StatefulSet关联的卷。
* 卸载分布式MinIO版本时需要手动删除与StatefulSet关联的卷。
### Shared Minio
### Shared MinIO
如需采用[shared mode](https://github.com/minio/minio/blob/master/docs/shared-backend/README.md)部署Minio, 将`mode` 设为`shared`,
如需采用[shared mode](https://github.com/minio/minio/blob/master/docs/shared-backend/README.md)部署MinIO, 将`mode` 设为`shared`,
```bash
$ helm install --set mode=shared stable/minio
```
上述命令规定了4个Minio服务器节点,一个存储。 要更改共享的Minio部署中的节点数,请设置`numberOfNodes`字段,
上述命令规定了4个MinIO服务器节点,一个存储。 要更改共享的MinIO部署中的节点数,请设置`numberOfNodes`字段,
```bash
$ helm install --set mode=shared,numberOfNodes=8 stable/minio
```
上述命令规定了Minio服务有8个节点采用shared模式。
上述命令规定了MinIO服务有8个节点采用shared模式。
### 持久化
@@ -108,9 +108,9 @@ $ helm install --set persistence.enabled=false stable/minio
> *"当Pod分配给节点时首先创建一个emptyDir卷只要该节点上的Pod正在运行它就会存在。 当某个Pod由于任何原因从节点中删除时emptyDir中的数据将永久删除。"*
## 3. 使用Helm更新Minio版本
## 3. 使用Helm更新MinIO版本
您可以更新现有的Minio Helm Release以使用较新的Minio Docker镜像。 为此,请使用`helm upgrade`命令:
您可以更新现有的MinIO Helm Release以使用较新的MinIO Docker镜像。 为此,请使用`helm upgrade`命令:
```bash
$ helm upgrade --set imageTag=<replace-with-minio-docker-image-tag> <helm-release-name> stable/minio
@@ -149,6 +149,6 @@ $ helm install --set accessKey=myaccesskey,secretKey=mysecretkey \
### 了解更多
- [Minio纠删码快速入门](https://docs.minio.io/cn/minio-erasure-code-quickstart-guide)
- [MinIO纠删码快速入门](https://docs.min.io/cn/minio-erasure-code-quickstart-guide)
- [Kubernetes文档](https://kubernetes.io/docs/home/)
- [Helm package manager for kubernetes](https://helm.sh/)

2
docs/zh_CN/shared-backend/DESIGN.md
View File

@@ -1,4 +1,4 @@
介绍 [![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io)
介绍 [![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)
------------
该特性可以让多个Minio实例使用一个共享的NAS存储而且不需要做什么特殊的设置。文件默认已经做了同步以及加锁。

42
docs/zh_CN/shared-backend/README.md
View File

@@ -1,36 +1,36 @@
# Minio共享后端存储快速入门[![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
# MinIO共享后端存储快速入门[![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io) [![Go Report Card](https://goreportcard.com/badge/minio/minio)](https://goreportcard.com/report/minio/minio) [![Docker Pulls](https://img.shields.io/docker/pulls/minio/minio.svg?maxAge=604800)](https://hub.docker.com/r/minio/minio/) [![codecov](https://codecov.io/gh/minio/minio/branch/master/graph/badge.svg)](https://codecov.io/gh/minio/minio)
Minio共享模式可以让你使用一个[NAS](https://en.wikipedia.org/wiki/Network-attached_storage) 做为多个Minio服务的存储后端。我我们在设计时已经对多个Minio服务之间的同步做了很多的处理。更多Minio共享模式的设计文档,请访问[这里](https://github.com/minio/minio/blob/master/docs/shared-backend/DESIGN.md).
MinIO共享模式可以让你使用一个[NAS](https://en.wikipedia.org/wiki/Network-attached_storage) 做为多个MinIO服务的存储后端。我我们在设计时已经对多个MinIO服务之间的同步做了很多的处理。更多MinIO共享模式的设计文档,请访问[这里](https://github.com/minio/minio/blob/master/docs/shared-backend/DESIGN.md).
Minio共享模式是为了解决在真实场景中存在的一些问题,而且不需要做额外的配置。
如果你有下列需求则可以考虑Minio共享模式
MinIO共享模式是为了解决在真实场景中存在的一些问题,而且不需要做额外的配置。
如果你有下列需求则可以考虑MinIO共享模式
- 你已经买了NAS设备并想在存储层使用Minio来增加S3兼容。
- 你已经买了NAS设备并想在存储层使用MinIO来增加S3兼容。
- 你的应用架构要求你使用带有S3接口的NAS。
- 你的应用存在亚历山大的流量你想给你的NAS设备增加一个有负载均衡能力的S3兼容的服务。
在多个共享模式的Minio服务前面加一层代理你很容易就能获得一个高可用负载均衡AWS S3兼容的存储系统。
在多个共享模式的MinIO服务前面加一层代理你很容易就能获得一个高可用负载均衡AWS S3兼容的存储系统。
# 开始
如果你知道怎么部署单机Minio,共享模式的部署和运行也是一样一样的。
如果你知道怎么部署单机MinIO,共享模式的部署和运行也是一样一样的。
## 1. 前提条件
安装Minio - [Minio快速入门](https://docs.minio.io/cn/).
安装MinIO - [MinIO快速入门](https://docs.min.io/cn/).
## 2. 在共享后端存储上运行Minio
## 2. 在共享后端存储上运行MinIO
为了让Minio在共享后端上运行起来你需要启动多个Minio服务,这些服务指向同一个后端存储。下面我们就来讲解如何设置。
为了让MinIO在共享后端上运行起来你需要启动多个MinIO服务,这些服务指向同一个后端存储。下面我们就来讲解如何设置。
*注意*
- 使用共享存储的所有Minio节点需要有相同的access key和secret key。为了做到这一点我们在所有节点上将access key和secret key export成环境变量然后再去启动Minio服务。
- 使用共享存储的所有MinIO节点需要有相同的access key和secret key。为了做到这一点我们在所有节点上将access key和secret key export成环境变量然后再去启动MinIO服务。
- 下面出现的存储路径都是为了演示目的,在真实环境中使用时,你应该替换成你真实要用的路径。
#### Minio shared mode on Ubuntu 16.04 LTS.
#### MinIO shared mode on Ubuntu 16.04 LTS.
你需要将文件夹指向共享存储,比如`/path/to/nfs-volume`然后在所有Minio节点上运行下面的命令。
你需要将文件夹指向共享存储,比如`/path/to/nfs-volume`然后在所有MinIO节点上运行下面的命令。
```sh
export MINIO_ACCESS_KEY=<ACCESS_KEY>
@@ -38,9 +38,9 @@ export MINIO_SECRET_KEY=<SECRET_KEY>
minio gateway nas /path/to/nfs-volume
```
#### Minio shared mode on Windows 2012 Server
#### MinIO shared mode on Windows 2012 Server
你需要将文件夹指向共享存储,比如`\\remote-server\smb`. 然后在所有Minio节点上运行下面的命令。
你需要将文件夹指向共享存储,比如`\\remote-server\smb`. 然后在所有MinIO节点上运行下面的命令。
```cmd
set MINIO_ACCESS_KEY=my-username
@@ -61,11 +61,11 @@ minio.exe gateway nas M:\export
## 3. 验证
为了验证部署是否成功,可能通过浏览器或者[`mc`](https://docs.minio.io/cn/minio-client-quickstart-guide)访问Minio。你应该可以从各个Minio节点访问上传的文件。
为了验证部署是否成功,可能通过浏览器或者[`mc`](https://docs.min.io/cn/minio-client-quickstart-guide)访问MinIO。你应该可以从各个MinIO节点访问上传的文件。
## 了解更多
- [使用`mc`](https://docs.minio.io/cn/minio-client-quickstart-guide)
- [使用`aws-cli`](https://docs.minio.io/cn/aws-cli-with-minio)
- [使用`s3cmd`](https://docs.minio.io/cn/s3cmd-with-minio)
- [使用`minio-go` SDK](https://docs.minio.io/cn/golang-client-quickstart-guide)
- [Minio文档](https://docs.minio.io)
- [使用`mc`](https://docs.min.io/cn/minio-client-quickstart-guide)
- [使用`aws-cli`](https://docs.min.io/cn/aws-cli-with-minio)
- [使用`s3cmd`](https://docs.min.io/cn/s3cmd-with-minio)
- [使用`minio-go` SDK](https://docs.min.io/cn/golang-client-quickstart-guide)
- [MinIO文档](https://docs.min.io)

10
docs/zh_CN/tls/README.md
View File

@@ -1,10 +1,10 @@
# 使用TLS安全的访问Minio服务[![Slack](https://slack.minio.io/slack?type=svg)](https://slack.minio.io)
# 使用TLS安全的访问Minio服务[![Slack](https://slack.min.io/slack?type=svg)](https://slack.min.io)
本文我们讲介绍如何在Linux和Windows上配置Minio服务使用TLS。
## 1. 前提条件
* 下载Minio server [这里](https://docs.minio.io/docs/minio-quickstart-guide)
* 下载Minio server [这里](https://docs.min.io/docs/minio-quickstart-guide)
## 2. 配置已存在的证书
@@ -20,7 +20,7 @@ Minio在Linux只支持使用PEM格式的key/certificate。
#### 使用 Let's Encrypt
更多信息,请访问 [这里](https://docs.minio.io/cn/generate-let-s-encypt-certificate-using-concert-for-minio)
更多信息,请访问 [这里](https://docs.min.io/cn/generate-let-s-encypt-certificate-using-concert-for-minio)
#### 使用 generate_cert.go (self-signed certificate)
@@ -125,5 +125,5 @@ certtool.exe --generate-self-signed --load-privkey private.key --template cert.c
Minio可以配置成连接其它服务不管是Minio节点还是像NATs、Redis这些。如果这些服务用的不是在已知证书机构注册的证书你可以让Minio服务信任这些CA怎么做呢将这些证书放到Minio配置路径下(`~/.minio/certs/CAs/` Linux 或者 `C:\Users\<Username>\.minio\certs\CAs` Windows).
# 了解更多
* [Minio快速入门](https://docs.minio.io/cn/minio-quickstart-guide)
* [Minio客户端权威指南](https://docs.minio.io/cn/minio-client-complete-guide)
* [Minio快速入门](https://docs.min.io/cn/minio-quickstart-guide)
* [Minio客户端权威指南](https://docs.min.io/cn/minio-client-complete-guide)