ProHoster > Ibhulogi > Ulawulo > Ukuseta iMinio ukuze umsebenzisi asebenze ngebhakethi yakhe kuphela

Ukuseta iMinio ukuze umsebenzisi asebenze ngebhakethi yakhe kuphela

I-Minio yinto elula, ekhawulezayo, ye-AWS S3 ehambelana nevenkile. I-Minio yenzelwe ukusingatha idatha engacwangciswanga njengeefoto, iividiyo, iifayile zelog, ii-backups. i-minio ikwaxhasa imo yosasazo, ebonelela ngokukwazi ukudibanisa iidiski ezininzi kumncedisi wogcino wento enye, kuquka nezo zibekwe koomatshini abahlukeneyo.

Injongo yesi sithuba kukuqwalasela i-minio ukuze umsebenzisi ngamnye asebenze kuphela ngebhakethi yakhe.

Ngokubanzi, iMinio ifanelekile kwezi meko zilandelayo:

  • ukugcinwa okungenakuphinda-phinda phezulu kwenkqubo yefayile ethembekileyo kunye nokufikelela nge-S3 (indawo yokugcina encinci kunye nephakathi ebanjwe kwi-NAS kunye ne-SAN);
  • ukugcinwa okungenakuphindwa phezulu kwenkqubo yefayile engathembekanga kunye nokufikelela kwe-S3 (uphuhliso nokuvavanya);
  • ukugcinwa ngokuphindaphinda kwiqela elincinane labancedisi kwirack enye kunye nokufikelela nge-S3 protocol (ukugcinwa kwe-failover kunye ne-domain yokusilela elingana ne-rack).

Kwiinkqubo zeRedHat sidibanisa i-Minio repository engekho mthethweni.

yum -y install yum-plugin-copr
yum copr enable -y lkiesow/minio
yum install -y minio minio-mc

Yenza kwaye wongeze kwi-MINIO_ACCESS_KEY kunye ne-MINIO_SECRET_KEY kwi /etc/minio/minio.conf.

# Custom username or access key of minimum 3 characters in length.
MINIO_ACCESS_KEY=

# Custom password or secret key of minimum 8 characters in length.
MINIO_SECRET_KEY=

Ukuba awuyi kusebenzisa nginx phambi kweMinio, kuya kufuneka utshintshe.

--address 127.0.0.1:9000

phezu

--address 0.0.0.0:9000

Masiqalise iMinio.

systemctl start minio

Senza uqhagamshelo kwiMinio ebizwa ngokuba yi-myminio.

minio-mc config host add myminio http://localhost:9000 MINIO_ACCESS_KEY 
MINIO_SECRET_KEY

Yenza ibhakethi yomsebenzisi1ibhakethi.

minio-mc mb myminio/user1bucket

Yenza ibhakethi yomsebenzisi2ibhakethi.

minio-mc mb myminio/user2bucket

Yenza ifayile yomgaqo-nkqubo user1-policy.json.

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": [
        "s3:PutBucketPolicy",
        "s3:GetBucketPolicy",
        "s3:DeleteBucketPolicy",
        "s3:ListAllMyBuckets",
        "s3:ListBucket"
      ],
      "Effect": "Allow",
      "Resource": [
        "arn:aws:s3:::user1bucket"
      ],
      "Sid": ""
    },
    {
      "Action": [
        "s3:AbortMultipartUpload",
        "s3:DeleteObject",
        "s3:GetObject",
        "s3:ListMultipartUploadParts",
        "s3:PutObject"
      ],
      "Effect": "Allow",
      "Resource": [
        "arn:aws:s3:::user1bucket/*"
      ],
      "Sid": ""
    }
  ]
}

Yenza ifayile yomgaqo-nkqubo user2-policy.json.

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": [
        "s3:PutBucketPolicy",
        "s3:GetBucketPolicy",
        "s3:DeleteBucketPolicy",
        "s3:ListAllMyBuckets",
        "s3:ListBucket"
      ],
      "Effect": "Allow",
      "Resource": [
        "arn:aws:s3:::user2bucket"
      ],
      "Sid": ""
    },
    {
      "Action": [
        "s3:AbortMultipartUpload",
        "s3:DeleteObject",
        "s3:GetObject",
        "s3:ListMultipartUploadParts",
        "s3:PutObject"
      ],
      "Effect": "Allow",
      "Resource": [
        "arn:aws:s3:::user2bucket/*"
      ],
      "Sid": ""
    }
  ]
}

Yenza umsebenzisi1 nge-password test12345.

minio-mc admin user add myminio user1 test12345

Yenza umsebenzisi2 nge-password test54321.

minio-mc admin user add myminio user2 test54321

Senza umgaqo-nkqubo kwiMinio ebizwa ngokuba ngumgaqo-nkqubo we-1 osuka kwifayile yomsebenzisi1-nkqubo.json.

minio-mc admin policy add myminio user1-policy user1-policy.json

Senza umgaqo-nkqubo kwiMinio ebizwa ngokuba ngumgaqo-nkqubo we-2 osuka kwifayile yomsebenzisi2-nkqubo.json.

minio-mc admin policy add myminio user2-policy user2-policy.json

Sebenzisa umgaqo-nkqubo we-user1 kumsebenzisi1.

minio-mc admin policy set myminio user1-policy user=user1

Sebenzisa umgaqo-nkqubo we-user2 kumsebenzisi2.

minio-mc admin policy set myminio user2-policy user=user2

Ukujonga unxibelelwano lwemigaqo-nkqubo kubasebenzisi

minio-mc admin user list myminio

Ukujonga unxibelelwano lwemigaqo-nkqubo kubasebenzisi kuya kujongeka ngolu hlobo

enabled    user1                 user1-policy
enabled    user2                 user2-policy

Ukucaca, yiya kwisikhangeli kwidilesi http://ip-сСрвСра-Π³Π΄Π΅-Π·Π°ΠΏΡƒΡ‰Π΅Π½-minio:9000/minio/

Siyabona ukuba siqhagamshele kwiMinio phantsi kwe-MINIO_ACCESS_KEY=user1. Ibhakethi yebhakethi yomsebenzisi iyafumaneka kuthi.

Ukuseta iMinio ukuze umsebenzisi asebenze ngebhakethi yakhe kuphela

Akunakwenzeka ukwenza ibhakethi, kuba akukho nyathelo elihambelanayo kumgaqo-nkqubo.

Ukuseta iMinio ukuze umsebenzisi asebenze ngebhakethi yakhe kuphela

Masenze ifayile kwibhakethi yomsebenzisi1.

Ukuseta iMinio ukuze umsebenzisi asebenze ngebhakethi yakhe kuphela

Masiqhagamshele kwi-Minio phantsi kwe-MINIO_ACCESS_KEY=user2. I-bucket bucket yomsebenzisi iyafumaneka kuthi.

Kwaye asiboni nokuba yi-user1bucket okanye iifayile ezivela kumsebenzisi1bucket.

Ukuseta iMinio ukuze umsebenzisi asebenze ngebhakethi yakhe kuphela

Yenza incoko yeTelegram usebenzisa iMinio https://t.me/minio_s3_ru

umthombo: www.habr.com