ProHoster > Π‘Π»ΠΎΠ³ > Maamulka > Dejinta Minio si uu isticmaaluhu ugu shaqeeyo oo keliya baaldigiisa

Dejinta Minio si uu isticmaaluhu ugu shaqeeyo oo keliya baaldigiisa

Minio waa bakhaar shay oo fudud, degdeg ah, AWS S3 ku habboon. Minio waxaa loogu talagalay inay martigeliso xogta aan habaysanayn sida sawiro, fiidyowyo, faylasha log, kaydinta. minio sidoo kale waxay taageertaa habka loo qaybiyay, kaas oo bixiya awooda lagu xiro saxanadaha badan hal server kaydinta shay, oo ay ku jiraan kuwa ku yaala mashiinada kala duwan.

Ujeedada boostadani waa in la habeeyo minio si isticmaale kasta uu ugu shaqeeyo kaliya baaldigiisa.

Guud ahaan, Minio waxay ku habboon tahay xaaladaha soo socda:

  • kaydinta aan-ku-celinta ahayn ee dusha sare ee nidaamka faylalka la isku halayn karo oo leh marin loo maro S3 (kaydinta yaryar iyo kuwa dhexdhexaadka ah ee lagu hayo NAS iyo SAN);
  • kaydinta aan la soo koobin ee dusha sare ee nidaamka faylalka aan la isku halleyn karin oo leh S3 gelitaanka (hormarinta iyo tijaabinta);
  • kaydinta oo leh ku celcelin koox yar oo adeegayaal ah oo ku jira hal rack oo leh marin loo maro hab-maamuuska S3 (kaydinta guuldarraysa ee leh domain guuldarraystay oo la mid ah rack).

Nidaamyada RedHat waxaan ku xireynaa keydka Minio ee aan rasmiga ahayn.

yum -y install yum-plugin-copr
yum copr enable -y lkiesow/minio
yum install -y minio minio-mc

Abuur oo ku dar MINIO_ACCESS_KEY iyo MINIO_SECRET_KEY gudaha /etc/minio/minio.conf.

# Custom username or access key of minimum 3 characters in length.
MINIO_ACCESS_KEY=

# Custom password or secret key of minimum 8 characters in length.
MINIO_SECRET_KEY=

Haddii aadan isticmaali doonin nginx ka hor Minio, markaa waxaad u baahan tahay inaad bedesho.

--address 127.0.0.1:9000

on

--address 0.0.0.0:9000

Aan bilowno Minio.

systemctl start minio

Waxaan abuurnaa xiriir Minio oo loo yaqaan myminio.

minio-mc config host add myminio http://localhost:9000 MINIO_ACCESS_KEY 
MINIO_SECRET_KEY

Abuur baaldi isticmaale1baaldi.

minio-mc mb myminio/user1bucket

Abuur baaldi isticmaale2baaldi.

minio-mc mb myminio/user2bucket

Samee faylka siyaasada user1-policy.json.

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": [
        "s3:PutBucketPolicy",
        "s3:GetBucketPolicy",
        "s3:DeleteBucketPolicy",
        "s3:ListAllMyBuckets",
        "s3:ListBucket"
      ],
      "Effect": "Allow",
      "Resource": [
        "arn:aws:s3:::user1bucket"
      ],
      "Sid": ""
    },
    {
      "Action": [
        "s3:AbortMultipartUpload",
        "s3:DeleteObject",
        "s3:GetObject",
        "s3:ListMultipartUploadParts",
        "s3:PutObject"
      ],
      "Effect": "Allow",
      "Resource": [
        "arn:aws:s3:::user1bucket/*"
      ],
      "Sid": ""
    }
  ]
}

Samee faylka siyaasada user2-policy.json.

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": [
        "s3:PutBucketPolicy",
        "s3:GetBucketPolicy",
        "s3:DeleteBucketPolicy",
        "s3:ListAllMyBuckets",
        "s3:ListBucket"
      ],
      "Effect": "Allow",
      "Resource": [
        "arn:aws:s3:::user2bucket"
      ],
      "Sid": ""
    },
    {
      "Action": [
        "s3:AbortMultipartUpload",
        "s3:DeleteObject",
        "s3:GetObject",
        "s3:ListMultipartUploadParts",
        "s3:PutObject"
      ],
      "Effect": "Allow",
      "Resource": [
        "arn:aws:s3:::user2bucket/*"
      ],
      "Sid": ""
    }
  ]
}

Abuur isticmaale1 wata lambarka sirta ah12345.

minio-mc admin user add myminio user1 test12345

Abuur isticmaale2 wata lambarka sirta ah54321.

minio-mc admin user add myminio user2 test54321

Waxaan ka abuurnaa Minio siyaasad loo yaqaan user1-policy ka faylka user1-policy.json.

minio-mc admin policy add myminio user1-policy user1-policy.json

Waxaan ka abuurnaa Minio siyaasad loo yaqaan user2-policy ka faylka user2-policy.json.

minio-mc admin policy add myminio user2-policy user2-policy.json

Ku dabaq siyaasada isticmaale1-siyaasadda isticmaalaha1.

minio-mc admin policy set myminio user1-policy user=user1

Ku dabaq siyaasada isticmaale2-siyaasadda isticmaalaha2.

minio-mc admin policy set myminio user2-policy user=user2

Hubinta xidhiidhka siyaasadaha isticmaalayaasha

minio-mc admin user list myminio

Hubinta isku xirka siyaasadaha isticmaalayaasha waxay u ekaan doontaa wax sidan oo kale ah

enabled    user1                 user1-policy
enabled    user2                 user2-policy

Si loo caddeeyo, u gudub browserka oo aad ciwaanka http://ip-сСрвСра-Π³Π΄Π΅-Π·Π°ΠΏΡƒΡ‰Π΅Π½-minio:9000/minio/

Waxaan aragnaa inaan ku xidhnay Minio hoosta MINIO_ACCESS_KEY=user1. Isticmaalaha1 baaldi baaldi waa noo diyaar.

Dejinta Minio si uu isticmaaluhu ugu shaqeeyo oo keliya baaldigiisa

Suurtagal ma noqon doonto in la abuuro baaldi, maadaama aysan jirin Tallaabo u dhiganta siyaasadda.

Dejinta Minio si uu isticmaaluhu ugu shaqeeyo oo keliya baaldigiisa

Aan ku abuurno fayl ku jira baaldiga isticmaalaha1backet-ka.

Dejinta Minio si uu isticmaaluhu ugu shaqeeyo oo keliya baaldigiisa

Aan ku xidhno Minio hoosta MINIO_ACCESS_KEY=user2. Baaldiga isticmaalaha2bucket waa noo diyaar.

Mana aragno isticmaal1baaldi ama faylal ka yimid user1backet.

Dejinta Minio si uu isticmaaluhu ugu shaqeeyo oo keliya baaldigiisa

Sameeyay wada sheekaysiga Telegram iyadoo la isticmaalayo Minio https://t.me/minio_s3_ru

Source: www.habr.com