Minio ืืื ืื ืืช ืืืืืืงืืื ืคืฉืืื ืืืืืจื ืชืืืืช AWS S3. Minio ื ืืขื ืืืจื ื ืชืื ืื ืื ืืืื ืื ืืืื ืชืืื ืืช, ืกืจืืื ืื, ืงืืืฆื ืืืื, ืืืืืืื. minio ืชืืื ืื ืืืฆื ืืืืืจ, ืืืกืคืง ืืช ืืืืืืช ืืืืจ ืืืกืงืื ืืจืืืื ืืฉืจืช ืืืกืื ืืืืืืงืืื ืืื, ืืืื ืืื ืืืืืงืืื ืืืืื ืืช ืฉืื ืืช.
ืืืจืช ืืคืืกื ืืื ืืื ืืืืืืจ ืืื ืื ืื ืฉืื ืืฉืชืืฉ ืืืื ืืขืืื ืจืง ืขื ืืืื ืฉืื.
ืืืืคื ืืืื, Minio ืืชืืื ืืืงืจืื ืืืืื:
- ืืืกืื ืืื ืฉืืคืื ืขื ืืื ืืขืจืืช ืงืืฆืื ืืืื ื ืขื ืืืฉื ืืจื S3 (ืืืกืื ืงืื ืืืื ืื ื ืืืชืืจื ื-NAS ื-SAN);
- ืืืกืื ืื ืืฉืืืคื ืขื ืืื ืืขืจืืช ืงืืฆืื ืื ืืืื ื ืขื ืืืฉืช S3 (ืืคืืชืื ืืืืืงื);
- ืืืกืื ืขื ืฉืืคืื ืขื ืงืืืฆื ืงืื ื ืฉื ืฉืจืชืื ืืืืฃ ืืื ืขื ืืืฉื ืืืืฆืขืืช ืคืจืืืืงืื S3 (ืืืกืื ืืฉื ืขื ืชืืื ืืฉื ืฉืืื ื-rack).
ืืืขืจืืืช RedHat ืื ื ืืืืจืื ืืช ืืืืจ ืืืื ืื ืืื ืจืฉืื.
yum -y install yum-plugin-copr
yum copr enable -y lkiesow/minio
yum install -y minio minio-mcืฆืืจ ืืืืกืฃ ื-MINIO_ACCESS_KEY ืื-MINIO_SECRET_KEY ื-/etc/minio/minio.conf.
# Custom username or access key of minimum 3 characters in length.
MINIO_ACCESS_KEY=
# Custom password or secret key of minimum 8 characters in length.
MINIO_SECRET_KEY=ืื ืื ืชืฉืชืืฉ ื-nginx ืืคื ื Minio, ืื ืืชื ืฆืจืื ืืฉื ืืช.
--address 127.0.0.1:9000ืขื
--address 0.0.0.0:9000ืืืื ื ืฉืืง ืืช Minio.
systemctl start minioืื ื ืืืฆืจืื ืืืืืจ ืืืื ืื ืืฉื myminio.
minio-mc config host add myminio http://localhost:9000 MINIO_ACCESS_KEY
MINIO_SECRET_KEYืฆืืจ ืืื user1bucket.
minio-mc mb myminio/user1bucketืฆืืจ ืืื user2bucket.
minio-mc mb myminio/user2bucketืฆืืจ ืงืืืฅ ืืืื ืืืช user1-policy.json.
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"s3:PutBucketPolicy",
"s3:GetBucketPolicy",
"s3:DeleteBucketPolicy",
"s3:ListAllMyBuckets",
"s3:ListBucket"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::user1bucket"
],
"Sid": ""
},
{
"Action": [
"s3:AbortMultipartUpload",
"s3:DeleteObject",
"s3:GetObject",
"s3:ListMultipartUploadParts",
"s3:PutObject"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::user1bucket/*"
],
"Sid": ""
}
]
}ืฆืืจ ืงืืืฅ ืืืื ืืืช user2-policy.json.
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"s3:PutBucketPolicy",
"s3:GetBucketPolicy",
"s3:DeleteBucketPolicy",
"s3:ListAllMyBuckets",
"s3:ListBucket"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::user2bucket"
],
"Sid": ""
},
{
"Action": [
"s3:AbortMultipartUpload",
"s3:DeleteObject",
"s3:GetObject",
"s3:ListMultipartUploadParts",
"s3:PutObject"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::user2bucket/*"
],
"Sid": ""
}
]
}ืฆืืจ ืืฉืชืืฉ ืืฉืชืืฉ1 ืขื ืืกืืกืื test12345.
minio-mc admin user add myminio user1 test12345ืฆืืจ ืืฉืชืืฉ ืืฉืชืืฉ2 ืขื ืืกืืกืื test54321.
minio-mc admin user add myminio user2 test54321ืื ื ืืืฆืจืื ืืืื ืืืช ืืืื ืื ืืฉื user1-policy ืืืงืืืฅ user1-policy.json.
minio-mc admin policy add myminio user1-policy user1-policy.jsonืื ื ืืืฆืจืื ืืืื ืืืช ืืืื ืื ืืฉื user2-policy ืืืงืืืฅ user2-policy.json.
minio-mc admin policy add myminio user2-policy user2-policy.jsonืืื ืืช ืืืื ืืืช ืืฉืชืืฉ1 ืขื ืืฉืชืืฉ ืืฉืชืืฉ1.
minio-mc admin policy set myminio user1-policy user=user1ืืื ืืช ืืืื ืืืช ืืฉืชืืฉ2 ืขื ืืฉืชืืฉ ืืฉืชืืฉ2.
minio-mc admin policy set myminio user2-policy user=user2ืืืืงืช ืืืืืจ ืืืืื ืืืช ืืืฉืชืืฉืื
minio-mc admin user list myminioืืืืงืช ืืืืืจ ืืืืื ืืืช ืืืฉืชืืฉืื ืชืืจืื ืืขืจื ืื
enabled user1 user1-policy
enabled user2 user2-policyืืืืจืืจ, ืขืืืจ ืืจื ืืืคืืคื ืืืชืืืช
ืื ื ืจืืืื ืฉืืชืืืจื ื ื-Minio ืชืืช MINIO_ACCESS_KEY=user1. ืืื user1bucket ืืืื ืื ื.
ืื ื ืืชื ืืืื ืืืฆืืจ ืืื, ืืืืืื ืฉืืื ืคืขืืื ืืชืืืื ืืืืื ืืืช.
ืืืื ื ืืฆืืจ ืงืืืฅ ื-bucket user1bucket.
ืืืื ื ืชืืืจ ื-Minio ืชืืช MINIO_ACCESS_KEY=ืืฉืชืืฉ2. ืืื user2bucket ืืืื ืื ื.
ืืื ืื ื ืื ืจืืืื ืืช user1bucket ืื ืงืืฆืื ื-user1bucket.
ืืฆืจ ืฆ'ืื ืืืืืจื ืืืืฆืขืืช Minio
ืืงืืจ: www.habr.com