I-Minio yinto elula, ekhawulezayo, ye-AWS S3 ehambelana nevenkile. I-Minio yenzelwe ukusingatha idatha engacwangciswanga njengeefoto, iividiyo, iifayile zelog, ii-backups. i-minio ikwaxhasa imo yosasazo, ebonelela ngokukwazi ukudibanisa iidiski ezininzi kumncedisi wogcino wento enye, kuquka nezo zibekwe koomatshini abahlukeneyo.
Injongo yesi sithuba kukuqwalasela i-minio ukuze umsebenzisi ngamnye asebenze kuphela ngebhakethi yakhe.
Ngokubanzi, iMinio ifanelekile kwezi meko zilandelayo:
- ukugcinwa okungenakuphinda-phinda phezulu kwenkqubo yefayile ethembekileyo kunye nokufikelela nge-S3 (indawo yokugcina encinci kunye nephakathi ebanjwe kwi-NAS kunye ne-SAN);
- ukugcinwa okungenakuphindwa phezulu kwenkqubo yefayile engathembekanga kunye nokufikelela kwe-S3 (uphuhliso nokuvavanya);
- ukugcinwa ngokuphindaphinda kwiqela elincinane labancedisi kwirack enye kunye nokufikelela nge-S3 protocol (ukugcinwa kwe-failover kunye ne-domain yokusilela elingana ne-rack).
Kwiinkqubo zeRedHat sidibanisa i-Minio repository engekho mthethweni.
yum -y install yum-plugin-copr
yum copr enable -y lkiesow/minio
yum install -y minio minio-mc
Yenza kwaye wongeze kwi-MINIO_ACCESS_KEY kunye ne-MINIO_SECRET_KEY kwi /etc/minio/minio.conf.
# Custom username or access key of minimum 3 characters in length.
MINIO_ACCESS_KEY=
# Custom password or secret key of minimum 8 characters in length.
MINIO_SECRET_KEY=
Ukuba awuyi kusebenzisa nginx phambi kweMinio, kuya kufuneka utshintshe.
--address 127.0.0.1:9000
phezu
--address 0.0.0.0:9000
Masiqalise iMinio.
systemctl start minio
Senza uqhagamshelo kwiMinio ebizwa ngokuba yi-myminio.
minio-mc config host add myminio http://localhost:9000 MINIO_ACCESS_KEY
MINIO_SECRET_KEY
Yenza ibhakethi yomsebenzisi1ibhakethi.
minio-mc mb myminio/user1bucket
Yenza ibhakethi yomsebenzisi2ibhakethi.
minio-mc mb myminio/user2bucket
Yenza ifayile yomgaqo-nkqubo user1-policy.json.
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"s3:PutBucketPolicy",
"s3:GetBucketPolicy",
"s3:DeleteBucketPolicy",
"s3:ListAllMyBuckets",
"s3:ListBucket"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::user1bucket"
],
"Sid": ""
},
{
"Action": [
"s3:AbortMultipartUpload",
"s3:DeleteObject",
"s3:GetObject",
"s3:ListMultipartUploadParts",
"s3:PutObject"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::user1bucket/*"
],
"Sid": ""
}
]
}
Yenza ifayile yomgaqo-nkqubo user2-policy.json.
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"s3:PutBucketPolicy",
"s3:GetBucketPolicy",
"s3:DeleteBucketPolicy",
"s3:ListAllMyBuckets",
"s3:ListBucket"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::user2bucket"
],
"Sid": ""
},
{
"Action": [
"s3:AbortMultipartUpload",
"s3:DeleteObject",
"s3:GetObject",
"s3:ListMultipartUploadParts",
"s3:PutObject"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::user2bucket/*"
],
"Sid": ""
}
]
}
Yenza umsebenzisi1 nge-password test12345.
minio-mc admin user add myminio user1 test12345
Yenza umsebenzisi2 nge-password test54321.
minio-mc admin user add myminio user2 test54321
Senza umgaqo-nkqubo kwiMinio ebizwa ngokuba ngumgaqo-nkqubo we-1 osuka kwifayile yomsebenzisi1-nkqubo.json.
minio-mc admin policy add myminio user1-policy user1-policy.json
Senza umgaqo-nkqubo kwiMinio ebizwa ngokuba ngumgaqo-nkqubo we-2 osuka kwifayile yomsebenzisi2-nkqubo.json.
minio-mc admin policy add myminio user2-policy user2-policy.json
Sebenzisa umgaqo-nkqubo we-user1 kumsebenzisi1.
minio-mc admin policy set myminio user1-policy user=user1
Sebenzisa umgaqo-nkqubo we-user2 kumsebenzisi2.
minio-mc admin policy set myminio user2-policy user=user2
Ukujonga unxibelelwano lwemigaqo-nkqubo kubasebenzisi
minio-mc admin user list myminio
Ukujonga unxibelelwano lwemigaqo-nkqubo kubasebenzisi kuya kujongeka ngolu hlobo
enabled user1 user1-policy
enabled user2 user2-policy
Ukucaca, yiya kwisikhangeli kwidilesi
Siyabona ukuba siqhagamshele kwiMinio phantsi kwe-MINIO_ACCESS_KEY=user1. Ibhakethi yebhakethi yomsebenzisi iyafumaneka kuthi.
Akunakwenzeka ukwenza ibhakethi, kuba akukho nyathelo elihambelanayo kumgaqo-nkqubo.
Masenze ifayile kwibhakethi yomsebenzisi1.
Masiqhagamshele kwi-Minio phantsi kwe-MINIO_ACCESS_KEY=user2. I-bucket bucket yomsebenzisi iyafumaneka kuthi.
Kwaye asiboni nokuba yi-user1bucket okanye iifayile ezivela kumsebenzisi1bucket.
Yenza incoko yeTelegram usebenzisa iMinio
umthombo: www.habr.com