MinIO: Difference between revisions

From Chorke Wiki
Jump to navigation Jump to search
(8 intermediate revisions by the same user not shown)
Line 122: Line 122:
ls -lah ~/.mc/
ls -lah ~/.mc/
</syntaxhighlight>
</syntaxhighlight>
|-
|colspan="2"|
----
|-
|valign="top"|
<syntaxhighlight lang="bash">
mc anonymous -h
mc config    host ls
mc anonymous set public local/my_public_bucket
</syntaxhighlight>
|valign="top"|


|}
|}
Line 283: Line 297:
|-
|-
| valign="top" |
| valign="top" |
* [https://medium.com/picus-security-engineering/on-premises-s3-bucket-object-storage-with-minio-server-gateway-4c44fc321b1c MinIO » On-premises AWS S3 Object Storage]
* [https://stackoverflow.com/questions/65353889/ MinIO » Set Policy » Storage Public Access]
* [https://min.io/docs/minio/windows/operations/monitoring/minio-logging.html?ref=con MinIO » Audit Logs to an External Service]
* [https://github.com/minio/minio/issues/9530 MinIO » Bucket » ACL through Principal]
* [https://github.com/minio/minio/issues/9530 MinIO » Bucket » ACL through Principal]
* [https://superuser.com/questions/513159/ Systemd » Safe Remove Services]
* [https://superuser.com/questions/513159/ Systemd » Safe Remove Services]
Line 292: Line 309:


| valign="top" |
| valign="top" |
* [https://min.io/docs/minio/kubernetes/upstream/administration/object-management/transition-objects-to-s3.html MinIO » Transition Objects to AWS S3]
* [https://min.io/docs/minio/linux/integrations/setup-nginx-proxy-with-minio.html MinIO » Configure NGINX Proxy]


| valign="top" |
| valign="top" |


|}
|}

Revision as of 20:17, 18 November 2024

Linux:
export MINIO_HOME=/srv/minio
export MINIO_DATA=$MINIO_HOME/data
MacOS:
export MINIO_HOME=$HOME/minio
export MINIO_DATA=$MINIO_HOME/data
Chorke:
export MINIO_HOME=$HOME/.chorke/academia/var/minio
export MINIO_DATA=$MINIO_HOME/data
Local location Container location Usage
$MINIO_HOME/data /data MinIO data
docker run -it --rm \
--publish 9000:9000 \
--publish 9001:9001 \
quay.io/minio/minio \
--version
mkdir -p $HOME/.chorke/academia/var/minio/data
mkdir -p $MINIO_HOME/data
mkdir -p $MINIO_DATA

Docker

docker run --detach \
--publish 9000:9000 \
--publish 9001:9001 \
--restart always \
--name minio \
--volume  $MINIO_HOME/data:/data \
quay.io/minio/minio server /data --console-address ":9001"
docker run --detach \
--publish 9000:9000 \
--publish 9001:9001 \
--restart always \
--name minio \
--volume $HOME/.chorke/academia/var/minio/data:/data \
quay.io/minio/minio server /data --console-address ":9001"

Debian

Install


sudo apt -qq update;\
export MINIO_HOME=/var/minio;\
export MINIO_ADMIN_PASSWORD='academia';\
bash <(curl -s 'https://cdn.chorke.org/exec/cli/bash/install/minio/2022-07-30.sh.txt')

Remove


sudo systemctl stop minio.service 
sudo systemctl disable minio.service 
sudo rm -rf /etc/systemd/system/minio.service
sudo rm -rf /var/minio && sudo systemctl daemon-reload

Environments


MINIO_OPTS="--address :9000 --console-address :9001"
MINIO_VOLUMES="/var/minio/var/data"
MINIO_ROOT_USER=admin
MINIO_ROOT_PASSWORD=password
MINIO_CONFIG_ENV_FILE=/var/minio/etc/.env
MINIO_BROWSER_REDIRECT_URL="https://academia.chorke.org/minio"

Install Client


 sudo wget -c https://dl.min.io/client/mc/release/linux-amd64/mc -P /usr/local/bin/
sudo chmod +x /usr/local/bin/mc
mc alias set local http://s3.host.k8s.local admin sadaqah!
mc admin info local

mc alias set local http://s3.host.k8s.local O2PLF0Pznp12HNbT9FbJ YIISq1Srxf9gv24fxkryN5ilQDg8P5wxJXt1qgle
mc admin info local
cat ~/.mc/config.json|jq -r '.aliases.local'
ls -lah ~/.mc/

mc anonymous -h
mc config    host ls
mc anonymous set public local/my_public_bucket


Policy

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "s3:ListBucket"
      ],
      "Resource": [
        "arn:aws:s3:::academia",
        "arn:aws:s3:::academia-non-prod"
      ]
    },
    {
      "Effect": "Allow",
      "Action": [
        "s3:GetObject",
        "s3:PutObject",
        "s3:DeleteObject"
      ],
      "Resource": [
        "arn:aws:s3:::academia/*",
        "arn:aws:s3:::academia-non-prod/*"
      ]
    }
  ]
}
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "s3:GetBucketLocation",
        "s3:GetObject"
      ],
      "Resource": [
        "arn:aws:s3:::academia"
      ]
    }
  ]
}
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "s3:*"
      ],
      "Resource": [
        "arn:aws:s3:::academia"
      ]
    }
  ]
}

Knowledge

docker exec -it minio minio --version
docker exec -it minio minio --help
docker exec -it minio bash
http://localhost:9001/login
username: minioadmin
password: minioadmin
kubectl krew update
kubectl krew install minio
kubectl minio version

kubectl minio init
kubectl get pods -n minio-operator
kubectl get svc  -n minio-operator
kubectl get all --namespace minio-operator
kubectl minio proxy
sudo ss -tulwn | grep LISTEN
sudo ss -tulpn | grep LISTEN
sudo ss -tulpn | grep LISTEN | grep sshd
sudo ss -tulpn | grep LISTEN | grep minio
sudo ss -tulpn | grep LISTEN | grep resolve
ssh -L 9800:localhost:9800\
    -L 9801:localhost:9801\
 [email protected]

http://localhost:9801/

References