2019-07-12 10:41:57 +01:00
..
2019-06-19 14:28:03 -07:00

MinIO Server Config Guide Slack Go Report Card Docker Pulls

Configuration Directory

Till MinIO release RELEASE.2018-08-02T23-11-36Z, MinIO server configuration file (config.json) was stored in the configuration directory specified by --config-dir or defaulted to ${HOME}/.minio. However from releases after RELEASE.2018-08-18T03-49-57Z, the configuration file (only), has been migrated to the storage backend (storage backend is the directory passed to MinIO server while starting the server).

You can specify the location of your existing config using --config-dir, MinIO will migrate the config.json to your backend storage. Your current config.json will be renamed upon successful migration as config.json.deprecated in your current --config-dir. All your existing configurations are honored after this migration.

Additionally --config-dir is now a legacy option which will is scheduled for removal in future, so please update your local startup, ansible scripts accordingly.

minio server /data

Certificate Directory

TLS certificates by default are stored under ${HOME}/.minio/certs directory. You need to place certificates here to enable HTTPS based access. Read more about How to secure access to MinIO server with TLS.

Following is the directory structure for MinIO server with TLS certificates.

$ tree ~/.minio
/home/user1/.minio
├── certs
│   ├── CAs
│   ├── private.key
│   └── public.crt

You can provide a custom certs directory using --certs-dir command line option.

Accessing configuration file

All configuration changes can be made using mc admin config get/set commands. Following sections provide brief explanation of fields and how to customize them. A complete example of config.json is available here

Editing configuration file fields

Get current configuration for MinIO deployment
$ mc admin config get myminio/ > /tmp/myconfig
Set current configuration for MinIO deployment
$ mc admin config set myminio < /tmp/myconfig

The mc admin config API will evolve soon to be able to configure specific fields using get/set commands.

Version

Field Type Description
version string version determines the configuration file format. Any older version will automatically be migrated to the latest version upon startup. [DO NOT EDIT THIS FIELD MANUALLY]

Credential

Field Type Description
credential Auth credential for object storage and web access.
credential.accessKey string Access key of minimum 3 characters in length. You may override this field with MINIO_ACCESS_KEY environment variable.
credential.secretKey string Secret key of minimum 8 characters in length. You may override this field with MINIO_SECRET_KEY environment variable.

NOTE: In distributed setup it is mandatory to use environment variables MINIO_ACCESS_KEY and MINIO_SECRET_KEY for credentials.

Example:

export MINIO_ACCESS_KEY=admin
export MINIO_SECRET_KEY=password
minio server /data

Region

Field Type Description
region string region describes the physical location of the server. By default it is blank. You may override this field with MINIO_REGION environment variable. If you are unsure leave it unset.

Example:

export MINIO_REGION="my_region"
minio server /data

Worm

Field Type Description
worm string Enable this to turn on Write-Once-Read-Many. By default it is set to off. You may override this field with MINIO_WORM environment variable.

Example:

export MINIO_WORM=on
minio server /data

Storage Class

Field Type Description
storageclass Set storage class for configurable data and parity, as per object basis.
storageclass.standard string Value for standard storage class. It should be in the format EC:Parity, for example to set 4 disk parity for standard storage class objects, set this field to EC:4.
storageclass.rrs string Value for reduced redundancy storage class. It should be in the format EC:Parity, for example to set 3 disk parity for reduced redundancy storage class objects, set this field to EC:3.

By default, parity for objects with standard storage class is set to N/2, and parity for objects with reduced redundancy storage class objects is set to 2. Read more about storage class support in MinIO server here.

Cache

Field Type Description
drives []string List of mounted file system drives with atime support enabled
exclude []string List of wildcard patterns for prefixes to exclude from cache
expiry int Days to cache expiry
maxuse int Percentage of disk available to cache

Notify

Field Type Description
notify Notify enables bucket notification events for lambda computing via the following targets.
notify.amqp Configure to publish MinIO events via AMQP target.
notify.nats Configure to publish MinIO events via NATS target.
notify.elasticsearch Configure to publish MinIO events via Elasticsearch target.
notify.redis Configure to publish MinIO events via Redis target.
notify.postgresql Configure to publish MinIO events via PostgreSQL target.
notify.kafka Configure to publish MinIO events via Apache Kafka target.
notify.webhook Configure to publish MinIO events via Webhooks target.
notify.mysql Configure to publish MinIO events via MySql target.
notify.mqtt Configure to publish MinIO events via MQTT target.

Environment only settings

Browser

Enable or disable access to web UI. By default it is set to on. You may override this field with MINIO_BROWSER environment variable.

Example:

export MINIO_BROWSER=off
minio server /data

Domain

By default, MinIO supports path-style requests that are of the format http://mydomain.com/bucket/object. MINIO_DOMAIN environment variable is used to enable virtual-host-style requests. If the request Host header matches with (.+).mydomain.com then the matched pattern $1 is used as bucket and the path is used as object. More information on path-style and virtual-host-style here Example:

export MINIO_DOMAIN=mydomain.com
minio server /data

For advanced use cases MINIO_DOMAIN environment variable supports multiple-domains with comma separated values.

export MINIO_DOMAIN=sub1.mydomain.com,sub2.mydomain.com
minio server /data

Drive Sync

By default, MinIO writes to disk in synchronous mode for all metadata operations. Set MINIO_DRIVE_SYNC environment variable to enable synchronous mode for all data operations as well.

Example:

export MINIO_DRIVE_SYNC=on
minio server /data

HTTP Trace

HTTP tracing can be enabled by using mc admin trace command.

Example:

minio server /data

Default trace is succinct only to indicate the API operations being called and the HTTP response status.

mc admin trace myminio
17:21:45.729309964 objectAPIHandlers.GetBucketLocation localhost:9000/vk-photos/?location= 	200 OK
17:21:45.738167329 objectAPIHandlers.HeadBucket localhost:9000/vk-photos/ 	200 OK
17:21:45.747676811 objectAPIHandlers.ListObjectsV1 localhost:9000/vk-photos/?delimiter=%2F&max-keys=1000&prefix= 	200 OK

To trace entire HTTP request

mc admin trace --verbose myminio
127.0.0.1 [REQUEST objectAPIHandlers.GetBucketLocation] [17:23:21.404025835]
127.0.0.1 GET /yyy/?location=
127.0.0.1 Host: localhost:9000
127.0.0.1 Content-Length: 0
127.0.0.1 User-Agent: MinIO (linux; amd64) minio-go/v6.0.29 mc/2019-06-15T10:29:41Z
127.0.0.1 X-Amz-Content-Sha256: UNSIGNED-PAYLOAD
127.0.0.1 X-Amz-Date: 20190619T172321Z
127.0.0.1 Authorization: AWS4-HMAC-SHA256 Credential=Q3AM3UQ867SPQQA43P2F/20190619/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=8e53d8574db3424aa00dd73637575512b250c923edcad3cbf58a727305205709
127.0.0.1
127.0.0.1 [RESPONSE] [17:23:21.404780651]
127.0.0.1 200 OK
127.0.0.1 X-Amz-Request-Id: 15A9A965FF7A7546
127.0.0.1 X-Minio-Deployment-Id: 41e39f4a-3b66-415b-9ddf-025d76a58668
127.0.0.1 X-Xss-Protection: 1; mode=block
127.0.0.1 Accept-Ranges: bytes
127.0.0.1 Server: MinIO/DEVELOPMENT.2019-06-18T17-17-02Z
127.0.0.1 Content-Type: application/xml
127.0.0.1 Vary: Origin
127.0.0.1 X-Amz-Bucket-Region: us-east-1
127.0.0.1 Content-Length: 137
127.0.0.1 Content-Security-Policy: block-all-mixed-content
127.0.0.1 <?xml version="1.0" encoding="UTF-8"?>
<LocationConstraint xmlns="http://s3.amazonaws.com/doc/2006-03-01/">us-east-1</LocationConstraint>127.0.0.1
127.0.0.1 [REQUEST objectAPIHandlers.HeadBucket] [17:23:21.412985428]
127.0.0.1 HEAD /yyy/
127.0.0.1 Host: localhost:9000
127.0.0.1 User-Agent: MinIO (linux; amd64) minio-go/v6.0.29 mc/2019-06-15T10:29:41Z
127.0.0.1 X-Amz-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
127.0.0.1 X-Amz-Date: 20190619T172321Z
127.0.0.1 Authorization: AWS4-HMAC-SHA256 Credential=Q3AM3UQ867SPQQA43P2F/20190619/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=e0a02a62d39994d0206586f01dd2ab3a4aea74e60da9ff4d427629f705c62c02
127.0.0.1 Content-Length: 0
127.0.0.1
127.0.0.1 [RESPONSE] [17:23:21.413457159]
127.0.0.1 200 OK
127.0.0.1 Vary: Origin
127.0.0.1 Accept-Ranges: bytes
127.0.0.1 Content-Length: 0
127.0.0.1 X-Amz-Bucket-Region: us-east-1
127.0.0.1 X-Amz-Request-Id: 15A9A9660005982D
127.0.0.1 X-Minio-Deployment-Id: 41e39f4a-3b66-415b-9ddf-025d76a58668
127.0.0.1 X-Xss-Protection: 1; mode=block
127.0.0.1 Content-Security-Policy: block-all-mixed-content
127.0.0.1 Server: MinIO/DEVELOPMENT.2019-06-18T17-17-02Z
127.0.0.1
127.0.0.1 [REQUEST objectAPIHandlers.ListObjectsV1] [17:23:21.423153668]
127.0.0.1 GET /yyy/?delimiter=%2F&max-keys=1000&prefix=
127.0.0.1 Host: localhost:9000
127.0.0.1 Content-Length: 0
127.0.0.1 User-Agent: MinIO (linux; amd64) minio-go/v6.0.29 mc/2019-06-15T10:29:41Z
127.0.0.1 X-Amz-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
127.0.0.1 X-Amz-Date: 20190619T172321Z
127.0.0.1 Authorization: AWS4-HMAC-SHA256 Credential=Q3AM3UQ867SPQQA43P2F/20190619/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=46ee3d2fc5085432b94bc3205076abd8166ffa3e35c639f84e9684c7c6a181c9
127.0.0.1
127.0.0.1 [RESPONSE] [17:23:21.424260967]
127.0.0.1 200 OK
127.0.0.1 Content-Security-Policy: block-all-mixed-content
127.0.0.1 Content-Type: application/xml
127.0.0.1 Server: MinIO/DEVELOPMENT.2019-06-18T17-17-02Z
127.0.0.1 X-Amz-Bucket-Region: us-east-1
127.0.0.1 X-Minio-Deployment-Id: 41e39f4a-3b66-415b-9ddf-025d76a58668
127.0.0.1 Accept-Ranges: bytes
127.0.0.1 Content-Length: 253
127.0.0.1 Vary: Origin
127.0.0.1 X-Amz-Request-Id: 15A9A966009F94A6
127.0.0.1 X-Xss-Protection: 1; mode=block
127.0.0.1 <?xml version="1.0" encoding="UTF-8"?>
<ListBucketResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/"><Name>yyy</Name><Prefix></Prefix><Marker></Marker><MaxKeys>1000</MaxKeys><Delimiter>/</Delimiter><IsTruncated>false</IsTruncated></ListBucketResult>

Explore Further