This article shows an example of how to deploy MinIO as an S3 object storage for ELMA365. The article covers deploying MinIO in a single-node single-drive configuration (SNSD). SNSD deployments don’t provide better reliability or availability apart from what the underlying storage volume (RAID, LVM, ZFS, etc.) implements. Learn more in the MinIO documentation.
начало внимание
In the example in this article, the bucket name is s3elma365, the user is elma365user, and the password is SecretPassword.
When you set up MinIO for your company, follow your organization’s security policies.
конец внимание
The configuration consists of 10 steps:
- Prepare the drive.
- Install MinIO.
- Install MinIO Client.
- Create a user and a group named minio-user.
- Create the systemd service for MinIO.
- Create an environment file for MinIO.
- Run the MinIO service.
- Set up connection to MinIO.
- Create a bucket.
- Connect ELMA365 to MinIO.
Step 1. Prepare the drive (optional)
- Create a directory to mount the drive:
sudo mkdir -p /var/lib/minio/data1
For better performance, we recommend that you use the XFS file system. In the example, we are going to use the /dev/sdb drive.
- Prepare the XFS file system on the drive:
sudo mkfs.xfs /dev/sdb -L DISK1
- Add a drive mount point in the
/etc/fstabfile:
LABEL=DISK1 /var/lib/minio/data1 xfs defaults,noatime 0 2
- Make sure the prepared drive has been mounted:
sudo mount -av
Step 2. Install MinIO
Download the latest stable MinIO binary file and install it in the system:
wget https://dl.min.io/server/minio/release/linux-amd64/minio
chmod +x minio
sudo mv minio /usr/local/bin/
Step 3. Install MinIO Client
Download the latest stable MinIO Client binary file and install it in the system:
wget https://dl.min.io/client/mc/release/linux-amd64/mc
chmod +x mс
sudo mv mc /usr/local/bin/
Step 4. Create a user and a group named minio-user
- Create a user and a group named
minio-user:
sudo groupadd -r minio-user
sudo useradd -M -r -g minio-user minio-user
sudo chown minio-user:minio-user /var/lib/minio/data1
- Create directories to store TLS certificates using the following command:
sudo mkdir -p /etc/minio/certs/CAs
- Set permissions for directories used in MinIO:
sudo chown -R minio-user:minio-user /etc/minio
sudo chown -R minio-user:minio-user /var/lib/minio
Step 5. Create the systemd service for MinIO
- Download the MinIO service official file:
sudo curl -O https://raw.githubusercontent.com/minio/minio-service/master/linux-systemd/minio.service
- Check the content of the
minio.servicefile before you use it by opening it in a text editor and move it to the systemd configuration directory:
sudo mv minio.service /etc/systemd/system
начало внимание
At this step, don’t run minio.service yet.
конец внимание
Step 6. Create an environment file for MinIO
Create an environment file in /etc/default/minio. The MinIO service uses this file as a source of all environment variables used by MinIO and the minio.service file.
Example of an environment file in /etc/default/minio:
# Set the hosts and volumes MinIO uses at startup
# The command uses MinIO expansion notation {x...y} to denote a
# sequential series.
# The following example covers four MinIO hosts
# with4 drives each at the specified hostname and drive locations.
# The command includes the port that each MinIO server listens on
# (default 9000)
MINIO_VOLUMES="/var/lib/minio/data1/minio"
# Set all MinIO server options
# The following explicitly sets the MinIO Console listen address to
# port 9001 on all network interfaces. The default behavior is dynamic
# port selection.
MINIO_OPTS="--certs-dir /etc/minio/certs --console-address :9001"
MINIO_REGION="eu-central-1"
# Set the root username. This user has unrestricted permissions to
# perform S3 and administrative API operations on any resource in the
# deployment.
# Defer to your organizations requirements for superadmin user name.
MINIO_ROOT_USER=elma365user
# Set the root password
# Use a long, random, unique string that meets your organizations
# requirements for passwords.
MINIO_ROOT_PASSWORD=SecretPassword
# Set to the URL of the load balancer for the MinIO deployment
# This value *must* match across all MinIO servers. If you do
# not have a load balancer, set this value to to any *one* of the
# MinIO hosts in the deployment as a temporary measure.
# MINIO_SERVER_URL="https://minio.example:9000"
Where:
MINIO_VOLUMESis the directory where files uploaded to S3 will be stored.
MINIO_ROOT_USERis the username of the MinIO administrator.MINIO_ROOT_PASSWORDis the password. We recommend using a password of at least 16 characters.
How to enable TSL/SSL in MinIO
To make TLS/SSL available in MinIO:
Read more about TLS/SSL in MinIO in the official MinIO documentation. |
Step 7. Run the MinIO service
- Run the following commands to start the MinIO service:
sudo systemctl daemon-reload
sudo systemctl enable --now minio.service
- Make sure that the MinIO service is running and works without errors:
sudo systemctl status minio.service
journalctl -f -u minio.service
Step 8. Set up connection to MinIO
Create an alias for MinIO:
/usr/local/bin/mc alias set minio http://minio.your_domain:9000 elma365user SecretPassword
Step 9. Create a bucket
The bucket in S3 should have the following format: s3elma365*.
Examples:
s3elma365s3elma365-devs3elma365-prod
For ELMA365 to work, create a bucket named s3elma365 by running the following command:
/usr/local/bin/mc mb -p minio/s3elma365 --region=eu-central-1
Step 10. Connect ELMA365 to MinIO
Here are the parameters used to establish a connection with MinIO:
- address:
minio.your_domain:9000 - bucket:
s3elma365 - region:
eu-central-1 - access key ID:
elma365user - secret access key:
SecretPassword - upload method:
PUT - enable SSL?
No
If TLS/SSL connection is used, set the enable SSL? parameter to Yes.
Found a typo? Highlight the text, press ctrl + enter and notify us