原文链接:
Deploy MinIO: Multi-Node Multi-Drive --- MinIO Object Storage for Linux
The procedures on this page cover deploying MinIO in a Multi-Node Multi-Drive (MNMD) or "Distributed" configuration. MNMD deployments provide enterprise-grade performance, availability, and scalability and are the recommended topology for all production workloads.
MNMD deployments support erasure coding configurations which tolerate the loss of up to half the nodes or drives in the deployment while continuing to serve read operations. Use the MinIO Erasure Code Calculator when planning and designing your MinIO deployment to explore the effect of erasure code settings on your intended topology.
本页中的步骤介绍了在多节点多驱动器(MNMD)或**"分布式"配置中部署MinIO**。MNMD部署提供了企业级的性能、可用性和可扩展性,是所有生产工作负载的推荐拓扑。
MNMD部署支持擦除编码配置,该配置允许部署中多达一半的节点或驱动器丢失,同时继续为读取操作提供服务。在规划和设计MinIO部署时,请使用MinIO擦除代码计算器来探索擦除代码设置对预期拓扑的影响。
1.Prerequisites 环境准备
Networking and Firewalls
Each node should have full bidirectional network access to every other node in the deployment. For containerized or orchestrated infrastructures, this may require specific configuration of networking and routing components such as ingress or load balancers. Certain operating systems may also require setting firewall rules. For example, the following command explicitly opens the default MinIO server API port 9000 for servers running firewalld : :
先决条件
网络和防火墙
每个节点都应该具有对部署中其他每个节点的完全双向网络访问权限。对于容器化或编排的基础设施,这可能需要网络和路由组件的特定配置,如入口或负载平衡器。某些操作系统可能还需要设置防火墙规则。例如,以下命令为运行firewalld的服务器显式打开默认的MinIO服务器API端口9000:
bash
firewall-cmd --permanent --zone=public --add-port=9000/tcp
firewall-cmd --reload
All MinIO servers in the deployment must use the same listen port.
If you set a static MinIO Console port (e.g. :9001
) you must also grant access to that port to ensure connectivity from external clients.
MinIO strongly recomends using a load balancer to manage connectivity to the cluster. The Load Balancer should use a "Least Connections" algorithm for routing requests to the MinIO deployment, since any MinIO node in the deployment can receive, route, or process client requests.
The following load balancers are known to work well with MinIO:
Configuring firewalls or load balancers to support MinIO is out of scope for this procedure. The Configure NGINX Proxy for MinIO Server reference provides a baseline configuration for using NGINX as a reverse proxy with basic load balancing configured.
部署中的所有MinIO服务器都必须使用相同的侦听端口。
如果设置了静态MinIO控制台端口(例如:9001),则还必须授予对该端口的访问权限,以确保与外部客户端的连接。
MinIO强烈建议使用负载均衡器来管理到集群的连接。负载均衡器应使用"最少连接"算法将请求路由到MinIO部署,因为部署中的任何MinIO节点都可以接收、路由或处理客户端请求。
众所周知,以下负载均衡器可以与MinIO配合使用:
NGINX
HAProxy
配置防火墙或负载平衡器以支持MinIO超出了此教程的范围。"为MinIO Server配置NGINX代理"参考提供了使用NGINX作为反向代理的基线配置,并配置了基本负载平衡。
NGINX配置官网翻译:为MinIO Server配置NGINX代理官网文档翻译-CSDN博客
2.Sequential Hostnames 顺序主机名
MinIO requires using expansion notation {x...y} to denote a sequential series of MinIO hosts when creating a server pool. MinIO supports using either a sequential series of hostnames or IP addresses to represent each minio server process in the deployment.
This procedure assumes use of sequential hostnames due to the lower overhead of management, especially in larger distributed clusters.
Create the necessary DNS hostname mappings prior to starting this procedure. For example, the following hostnames would support a 4-node distributed deployment:
创建服务器池时,MinIO需要使用扩展符号{x...y}来表示一系列连续的MinIO主机。MinIO支持使用一系列主机名或IP地址来表示部署中的每个MinIO服务器进程。
由于管理开销较低,特别是在较大的分布式集群中,此过程假定使用顺序主机名。
在开始此过程之前,请创建必要的DNS主机名映射 。例如,以下主机名将支持4节点分布式部署:
minio-01.example.com
minio-02.example.com
minio-03.example.com
minio-04.example.com
You can specify the entire range of hostnames using the expansion notation minio-0{1...4}.example.com
.
您可以使用扩展表示法minio-0{1...4}.example.com指定整个主机名范围。
3.non-sequential hostnames or IP addresses 非顺序主机名或IP地址
MinIO does not support non-sequential hostnames or IP addresses for distributed deployments. You can instead use /etc/hosts
on each node to set a simple DNS scheme that supports expansion notation. For example:
bash
# /etc/hosts
198.0.2.10 minio-01.example.net
198.51.100.3 minio-02.example.net
198.0.2.43 minio-03.example.net
198.51.100.12 minio-04.example.net
MinIO不支持分布式部署的非顺序主机名或IP地址。相反,您可以在每个节点上使用/etc/hosts来设置一个支持扩展符号的简单DNS方案。例如:
4.Local JBOD Storage with Sequential Mounts 具有顺序安装的本地JBOD存储
MinIO strongly recommends direct-attached JBOD arrays with XFS-formatted disks for best performance.
Direct-Attached Storage (DAS) has significant performance and consistency advantages over networked storage (NAS, SAN, NFS).
Deployments using non-XFS filesystems (ext4, btrfs, zfs) tend to have lower performance while exhibiting unexpected or undesired behavior.
RAID or similar technologies do not provide additional resilience or availability benefits when used with distributed MinIO deployments, and typically reduce system performance.
Ensure all nodes in the deployment use the same type (NVMe, SSD, or HDD) of drive with identical capacity (e.g. N TB) . MinIO does not distinguish drive types and does not benefit from mixed storage types. Additionally. MinIO limits the size used per drive to the smallest drive in the deployment. For example, if the deployment has 15 10TB drives and 1 1TB drive, MinIO limits the per-drive capacity to 1TB.
MinIO requires using expansion notation {x...y} to denote a sequential series of drives when creating the new deployment, where all nodes in the deployment have an identical set of mounted drives. MinIO also requires that the ordering of physical drives remain constant across restarts, such that a given mount point always points to the same formatted drive. MinIO therefore strongly recommends using /etc/fstab or a similar file-based mount configuration to ensure that drive ordering cannot change after a reboot. For example:
MinIO强烈建议使用XFS格式磁盘的直连JBOD阵列以获得最佳性能。
与网络存储(NAS、SAN、NFS)相比,直连存储(DAS)具有显著的性能和一致性优势。
使用非XFS文件系统(ext4、btrfs、zfs)的部署往往具有较低的性能,同时表现出意外或不期望的行为。
当与分布式MinIO部署一起使用时,RAID或类似技术不能提供额外的弹性或可用性优势,并且通常会降低系统性能。
确保部署中的所有节点使用相同类型(NVMe、SSD或HDD)、具有相同容量 (例如N TB)的驱动器。MinIO不区分驱动器类型,也不会从混合存储类型中获益。此外。MinIO将每个驱动器使用的大小限制为部署中的最小驱动器。例如,如果部署有15个10TB驱动器和1个1TB驱动器,则MinIO将每个驱动器的容量限制为1TB。(ps:木桶的短板效应)
MinIO要求在创建新部署时使用扩展符号{x...y}来表示一系列连续的驱动器,其中部署中的所有节点都有一组相同的已安装驱动器。MinIO还要求物理驱动器的顺序在重新启动时保持不变,以便给定的装载点始终指向同一个格式化的驱动器。因此,MinIO强烈建议使用/etc/fstab或类似的基于文件的装载配置,以确保驱动器顺序在重新启动后不会更改。例如:
bash
$ mkfs.xfs /dev/sdb -L DISK1
$ mkfs.xfs /dev/sdc -L DISK2
$ mkfs.xfs /dev/sdd -L DISK3
$ mkfs.xfs /dev/sde -L DISK4
$ nano /etc/fstab
# <file system> <mount point> <type> <options> <dump> <pass>
LABEL=DISK1 /mnt/disk1 xfs defaults,noatime 0 2
LABEL=DISK2 /mnt/disk2 xfs defaults,noatime 0 2
LABEL=DISK3 /mnt/disk3 xfs defaults,noatime 0 2
LABEL=DISK4 /mnt/disk4 xfs defaults,noatime 0 2
++什么是JBOD: JBOD技术详解 -- 成都千喜数据恢复中心 简言之将多个磁盘虚拟为一个磁盘。++
You can then specify the entire range of drives using the expansion notation /mnt/disk{1...4}
. If you want to use a specific subfolder on each drive, specify it as /mnt/disk{1...4}/minio
.
MinIO does not support arbitrary migration of a drive with existing MinIO data to a new mount position, whether intentional or as the result of OS-level behavior.
然后,您可以使用扩展符号/mnt/disk{1...4}指定整个驱动器范围。如果要在每个驱动器上使用特定的子文件夹,请将其指定为/mnt/disk{1...4}/minio。
MinIO不支持将具有现有MinIO数据的驱动器任意迁移到新的装载位置,无论是有意的还是操作系统级行为的结果。
Note
Cloud environment instances which depend on mounted external storage may encounter boot failure if one or more of the remote file mounts return errors or failure. For example, an AWS ECS instances with mounted persistent EBS volumes may fail to boot with the standard /etc/fstab
configuration if one or more EBS volumes fail to mount.
You can set the nofail
option to silence error reporting at boot and allow the instance to boot with one or more mount issues.
You should not use this option on systems which have locally attached disks, as silencing drive errors prevents both MinIO and the OS from responding to those errors in a normal fashion.
注意:
如果一个或多个远程文件装载 返回错误或失败,那么依赖于装载的外部存储的云环境实例可能会遇到引导失败。例如,如果一个或多个EBS卷无法装载,则具有已装载的持久EBS卷的AWS ECS实例可能无法使用标准/etc/fstab配置进行引导。
您可以将nofail选项 设置为在启动时使错误报告静默,并允许实例在启动时出现一个或多个装载问题。
您不应该在具有本地连接磁盘的系统上使用此选项,因为静默 驱动器错误会阻止MinIO和操作系统以正常方式对这些错误做出响应。
Network File System Volumes Break Consistency Guarantees
MinIO's strict read-after-write and list-after-write consistency model requires local drive filesystems.
MinIO cannot provide consistency guarantees if the underlying storage volumes are NFS or a similar network-attached storage volume.
For deployments that require using network-attached storage, use NFSv4 for best results.
网络文件系统卷破坏一致性保证
MinIO严格的写后读取 和写后列表一致性模型 需要本地驱动器文件系统。
如果底层存储卷是NFS或类似的网络连接存储卷,则MinIO无法提供一致性保证。
对于需要使用网络连接存储的部署,请使用NFSv4以获得最佳效果。
5.Time Synchronization
Multi-node systems must maintain synchronized time and date to maintain stable internode operations and interactions. Make sure all nodes sync to the same time server regularly. Operating systems vary for methods used to synchronize time and date, such as with ntp, timedatectl, or timesyncd.
Check the documentation for your operating system for how to set up and maintain accurate and identical system clock times across nodes
多节点系统 必须保持同步的时间和日期,以保持稳定的节点间操作和交互。确保所有节点定期同步到同一时间服务器。操作系统用于同步时间和日期的方法各不相同,例如使用ntp 、timedatectl或timesyncd。
查看操作系统的文档,了解如何在节点之间设置和维护准确、相同的系统时钟时间。
ntp:服务器列表 - 全球可用的NTP服务器列表与解析服务 - ntp.org.cn & ntpdate.net
6.Considerations 最佳实践
6.1 Homogeneous Node Configurations 同质节点配置
MinIO strongly recommends selecting substantially similar hardware configurations for all nodes in the deployment. Ensure the hardware (CPU, memory, motherboard, storage adapters) and software (operating system, kernel settings, system services) is consistent across all nodes.
Deployment may exhibit unpredictable performance if nodes have heterogeneous hardware or software configurations. Workloads that benefit from storing aged data on lower-cost hardware should instead deploy a dedicated "warm" or "cold" MinIO deployment and transition data to that tier.
MinIO强烈建议为部署中的所有节点选择基本相似的硬件配置。确保硬件(CPU、内存、主板、存储适配器)和软件(操作系统、内核设置、系统服务)在所有节点上保持一致。
如果节点具有异构硬件或软件配置,则部署可能表现出不可预测的性能。受益于在低成本硬件上存储老化数据的工作负载应该部署专用的"热"或"冷"MinIO部署(热备冷备),并将数据转换到该层。
6.2 Erasure Coding Parity 擦除编码奇偶校验
MinIO erasure coding is a data redundancy and availability feature that allows MinIO deployments to automatically reconstruct objects on-the-fly despite the loss of multiple drives or nodes in the cluster. Erasure Coding provides object-level healing with less overhead than adjacent technologies such as RAID or replication. Distributed deployments implicitly enable and rely on erasure coding for core functionality.
Erasure Coding splits objects into data and parity blocks, where parity blocks support reconstruction of missing or corrupted data blocks. The number of parity blocks in a deployment controls the deployment's relative data redundancy. Higher levels of parity allow for higher tolerance of drive loss at the cost of total available storage.
MinIO defaults to EC:4
, or 4 parity blocks per erasure set. You can set a custom parity level by setting the appropriate MinIO Storage Class environment variable. Consider using the MinIO Erasure Code Calculator for guidance in selecting the appropriate erasure code parity level for your cluster.
MinIO纠删码 是一种数据冗余和可用性功能,允许MinIO部署在集群 中丢失多个驱动器 或节点的情况下自动动态重建 对象。与RAID或复制等相邻技术相比 ,擦除编码以更少的开销提供对象级修复。分布式部署隐含地支持并依赖纠删码实现核心功能。
纠删码 将对象划分为数据块 和奇偶校验块,其中奇偶校验块支持重建丢失或损坏的数据块 。部署中奇偶校验块的数量 控制着部署的相对数据冗余 。更高级别的奇偶校验 允许以总可用存储为代价 对驱动器丢失进行更高的容忍。
MinIO默认为EC:4,或每个纠删码 4个奇偶校验块。您可以通过设置适当的MinIO存储类环境变量来设置自定义奇偶校验级别。考虑使用MinIO纠删码 计算器来指导您为集群选择适当的纠删码奇偶校验级别。
6.3 Capacity-Based Planning 基于容量的规划
MinIO generally recommends planning capacity such that server pool expansion is only required after 2+ years of deployment uptime.
For example, consider an application suite that is estimated to produce 10TB of data per year. The MinIO deployment should provide at minimum:
10TB + 10TB + 10TB = 30TB
MinIO recommends adding buffer storage to account for potential growth in stored data (e.g. 40TB of total usable storage). As a rule-of-thumb, more capacity initially is preferred over frequent just-in-time expansion to meet capacity requirements.
Since MinIO erasure coding requires some storage for parity, the total raw storage must exceed the planned usable capacity. Consider using the MinIO Erasure Code Calculator for guidance in planning capacity around specific erasure code settings.
MinIO通常建议规划容量,以便在部署正常运行2年以上后才需要扩展服务器池。
例如,假设一个应用程序套件估计每年产生10TB的数据。MinIO部署应至少提供:
10TB+10TB+10TB=30TB
MinIO建议添加缓冲存储 ,以考虑存储数据的潜在增长(例如,总可用存储容量为40TB)。根据经验,为了满足容量需求,最初更倾向于增加容量,而不是频繁的即时扩展。
由于MinIO纠删码 需要一些奇偶校验存储空间 ,因此总的原始存储空间 必须超过计划的可用容量 。考虑使用MinIO纠删码 计算器来指导特定纠删码设置的规划能力。基于容量的规划
MinIO纠删码 计算器:MinIO | Erasure Code Calculator
6.4 Recommended Operating Systems 推荐的操作系统
This tutorial assumes all hosts running MinIO use a recommended Linux operating system such as RHEL8+ or Ubuntu 18.04+.
本教程假设所有运行MinIO的主机都使用推荐的Linux操作系统,如RHEL8+或Ubuntu 18.04+。
6.5 Pre-Existing Data. 数据迁移
When starting a new MinIO server in a distributed environment, the storage devices must not have existing data.
Once you start the MinIO server, all interactions with the data must be done through the S3 API. Use the MinIO Client, the MinIO Console, or one of the MinIO Software Development Kits to work with the buckets and objects.
在分布式环境中启动新的MinIO服务器时,存储设备不得具有现有数据,需要格式化后的盘。
一旦启动了MinIO服务器,所有与数据的交互都必须通过S3 API完成。使用MinIO客户端、MinIO控制台或其中一个MinIO软件开发工具包来处理存储桶和对象。
Warning
Modifying files on the backend drives can result in data corruption or data loss.
手动修改后端驱动器上的文件可能会导致数据损坏或数据丢失。
7.Deploy Distributed MinIO 部署分布式MinIO
The following procedure creates a new distributed MinIO deployment consisting of a single Server Pool.
All commands provided below use example values. Replace these values with those appropriate for your deployment.
Review the Prerequisites before starting this procedure.
以下过程创建由单个服务器池组成的新分布式MinIO部署。
下面提供的所有命令都使用示例值。将这些值替换为适合您的部署的值。
在开始此过程之前,请查看 第一节->环境准备
7.1 Install the MinIO Binary on Each Node 在每个节点上安装MinIO二进制文件
The following tabs provide examples of installing MinIO onto 64-bit Linux operating systems using RPM, DEB, or binary. The RPM and DEB packages automatically install MinIO to the necessary system paths and create a minio service for systemctl. MinIO strongly recommends using the RPM or DEB installation routes. To update deployments managed using systemctl, see Update systemctl-Managed MinIO Deployments.
以下选项卡提供了使用RPM、DEB或二进制在64位Linux操作系统上安装MinIO的示例。RPM和DEB包自动将MinIO安装到必要的系统路径 ,并为systemctl创建一个MinIO服务 。MinIO强烈建议使用RPM或DEB安装路线 。要使用systemctl来管理和部署,请参阅更新systemctl托管的MinIO部署:
官网原文:
Upgrade a MinIO Deployment --- MinIO Object Storage for Linux。
中文翻译:
7.1.1 amd64 (Intel or AMD 64-bit processors)
Use one of the following options to download the MinIO server installation file for a machine running Linux on an Intel or AMD 64-bit processor.
使用以下选项之一,为在英特尔或AMD 64位处理器上运行Linux的计算机下载MinIO服务器安装文件。
RPM(RHEL):
使用以下命令下载并安装最新稳定的MinIO RPM。
bash
wget https://dl.min.io/server/minio/release/linux-amd64/archive/minio-20231025063325.0.0.x86_64.rpm -O minio.rpm
sudo dnf install minio.rpm
DEB(Debian/Ubuntu)
使用以下命令下载并安装最新稳定的MinIO DEB:
bash
wget https://dl.min.io/server/minio/release/linux-amd64/archive/minio_20231025063325.0.0_amd64.deb -O minio.deb
sudo dpkg -i minio.deb
Binary
使用以下命令下载最新稳定的MinIO二进制文件并将其安装到系统$PATH:
bash
wget https://dl.min.io/server/minio/release/linux-amd64/minio
chmod +x minio
sudo mv minio /usr/local/bin/
7.1.2 arm64 (Apple M1/M2 or other ARM 64-bit processors)
RPM(RHEL):
使用以下命令下载并安装最新稳定的MinIO RPM。
bash
wget https://dl.min.io/server/minio/release/linux-arm64/archive/minio-20231025063325.0.0.aarch64.rpm -O minio.rpm
sudo dnf install minio.rpm
DEB(Debian/Ubuntu)
使用以下命令下载并安装最新稳定的MinIO DEB:
bash
wget https://dl.min.io/server/minio/release/linux-arm64/archive/minio_20231025063325.0.0_arm64.deb -O minio.deb
sudo dpkg -i minio.deb
Binary
使用以下命令下载最新稳定的MinIO二进制文件并将其安装到系统$PATH:
bash
wget https://dl.min.io/server/minio/release/linux-arm64/minio
chmod +x minio
MINIO_ROOT_USER=admin MINIO_ROOT_PASSWORD=password ./minio server /mnt/data --console-address ":9001"
7.1.3 Other Architectures 其他芯片架构
MinIO also supports additional architectures:
-
ppc64le
-
s390x
For instructions to download the binary, RPM, or DEB files for those architectures, see the MinIO download page.
MinIO还支持其他体系结构:
ppc64le
s390x
有关下载这些体系结构的二进制、RPM或DEB文件的说明,请参阅MinIO下载页面:
7.2 Create the systemd
Service File 创建systemd服务文件
The .deb
or .rpm
packages install the following systemd service file to /usr/lib/systemd/system/minio.service
. For binary installations, create this file manually on all MinIO hosts.
.deb或.rpm包将以下systemd服务文件 安装到/usr/lib/systemd/minio.service。对于二进制安装,请在所有minio主机上手动创建此文件。
Note 提示
systemd checks the /etc/systemd/... path before checking the /usr/lib/systemd/... path and uses the first file it finds. To avoid conflicting or unexpected configuration options, check that the file only exists at the /usr/lib/systemd/system/minio.service path.
Refer to the man page for systemd.unit for details on the file path search order.
systemd检查/etc/systemd/...路径,然后检查/usr/lib/systemd/...路径,并使用它找到的第一个文件。为了避免冲突或意外的配置选项,请检查该文件是否仅存在于/usr/lib/systemd/minio.service路径中。
有关文件路径搜索顺序的详细信息,请参阅systemd.unit的手册页:
配置注释已翻译:
bash
[Unit]
Description=MinIO
Documentation=https://min.io/docs/minio/linux/index.html
Wants=network-online.target
After=network-online.target
AssertFileIsExecutable=/usr/local/bin/minio
[Service]
WorkingDirectory=/usr/local
User=minio-user
Group=minio-user
ProtectProc=invisible
EnvironmentFile=-/etc/default/minio
ExecStartPre=/bin/bash -c "if [ -z \"${MINIO_VOLUMES}\" ]; then echo \"Variable MINIO_VOLUMES not set in /etc/default/minio\"; exit 1; fi"
ExecStart=/usr/local/bin/minio server $MINIO_OPTS $MINIO_VOLUMES
# MinIO RELEASE.2023-05-04T21-44-30Z adds support for Type=notify (https://www.freedesktop.org/software/systemd/man/systemd.service.html#Type=)
#MinIO发布.2023-05-04T21-44-30Z增加了对Type=notify的支持(https://www.freedesktop.org/software/systemd/man/systemd.service.html#Type=)
# This may improve systemctl setups where other services use `After=minio.server`
# 这可能会改进其他服务使用`After=minio.server的systemctl设置`
# Uncomment the line to enable the functionality
# 取消注释行以启用功能
# Type=notify
# Let systemd restart this service always
# 让systemd始终重新启动此服务
Restart=always
# Specifies the maximum file descriptor number that can be opened by this process
# 指定此进程可以打开的最大文件描述符编号
LimitNOFILE=65536
# Specifies the maximum number of threads this process can create
# 指定此进程可以创建的最大线程数
TasksMax=infinity
# Disable timeout logic and wait until process is stopped
# 禁用超时逻辑并等待进程停止
TimeoutStopSec=infinity
SendSIGKILL=no
[Install]
WantedBy=multi-user.target
# Built for ${project.name}-${project.version} (${project.name})
The minio.service
file runs as the minio-user
User and Group by default. You can create the user and group using the groupadd
and useradd
commands. The following example creates the user, group, and sets permissions to access the folder paths intended for use by MinIO. These commands typically require root (sudo
) permissions.
默认情况下,minio.service文件以minio用户user和Group的身份运行。您可以使用groupadd和useradd命令创建用户和组。以下示例创建用户、组并设置访问MinIO使用的文件夹路径的权限。这些命令通常需要root(sudo)权限。
bash
groupadd -r minio-user
useradd -M -r -g minio-user minio-user
chown minio-user:minio-user /mnt/disk1 /mnt/disk2 /mnt/disk3 /mnt/disk4
The specified drive paths are provided as an example. Change them to match the path to those drives intended for use by MinIO.
Alternatively, change the User and Group values to another user and group on the system host with the necessary access and permissions.
MinIO publishes additional startup script examples on GitHub - minio/minio-service: Collection of MinIO server scripts for upstart, systemd, sysvinit, launchd.
To update deployments managed using systemctl, see Update systemctl-Managed MinIO Deployments.
Upgrade a MinIO Deployment --- MinIO Object Storage for Linux
提供了指定的驱动器路径作为示例。将它们更改为与MinIO使用的驱动器的路径相匹配。
或者,将"用户"和"组"值更改为系统主机上具有必要访问权限和权限的另一个用户和组。
MinIO在github.com/MinIO/MinIO-service:GitHub - minio/minio-service: Collection of MinIO server scripts for upstart, systemd, sysvinit, launchd.上发布了其他启动脚本示例。
要更新使用systemctl管理的部署,请参阅更新systemctl托管的MinIO部署。
Upgrade a MinIO Deployment --- MinIO Object Storage for Linux
7.3 Create the Service Environment File 创建服务环境文件
Create an environment file at /etc/default/minio
. The MinIO service uses this file as the source of all environment variables used by MinIO and the minio.service
file.
在/etc/default/minio创建一个环境文件。MinIO服务使用此文件作为MinIO和MinIO.service文件使用的所有环境变量的源。
The following examples assumes that: 以下示例假设:
- The deployment has a single server pool consisting of four MinIO server hosts with sequential hostnames.
部署一个服务器池,由四个具有顺序主机名的MinIO服务器主机组成。
bash
minio1.example.com minio3.example.com
minio2.example.com minio4.example.com
- All hosts have four locally-attached drives with sequential mount-points:
所有主机都有四个带有顺序装载点的本地连接驱动器:
bash
/mnt/disk1/minio /mnt/disk3/minio
/mnt/disk2/minio /mnt/disk4/minio
- The deployment has a load balancer running at
https://minio.example.net
that manages connections across all four MinIO hosts.
部署的负载平衡器(一般Nginx代理实现)正在运行https://minio.example.net管理所有四个MinIO主机之间的连接。
Modify the example to reflect your deployment topology:
修改示例以适用于您的部署拓扑:
配置文件已翻译
bash
# Set the hosts and volumes MinIO uses at startup
# The command uses MinIO expansion notation {x...y} to denote a
# sequential series.
#
# The following example covers four MinIO hosts
# with 4 drives each at the specified hostname and drive locations.
# The command includes the port that each MinIO server listens on
# (default 9000)
# 设置MinIO在启动时使用的主机和卷,该命令使用MinIO扩展符号{x...y}来表示顺序序列。
# 以下示例介绍了四个MinIO主机,每个主机都指定了主机名和4个驱动器位置。该命令包括每个MinIO
# 服务器侦听的端口(默认值为9000
MINIO_VOLUMES="https://minio{1...4}.example.net:9000/mnt/disk{1...4}/minio"
# Set all MinIO server options
#
# The following explicitly sets the MinIO Console listen address to
# port 9001 on all network interfaces. The default behavior is dynamic
# port selection.
# 以下内容明确地将MinIO控制台监听地址设置9001。默认行为是动态端口
MINIO_OPTS="--console-address :9001"
# Set the root username. This user has unrestricted permissions to
# perform S3 and administrative API operations on any resource in the
# deployment.
# 设置root用户名。此用户具有对部署中的任何资源执行S3和管理API操作的不受限制的权限。
# Defer to your organizations requirements for superadmin user name.
# 根据您的组织对超级管理员用户名的要求设置。
MINIO_ROOT_USER=minioadmin
# Set the root password
#
# Use a long, random, unique string that meets your organizations
# requirements for passwords.
# 使用符合组织密码要求的长、随机、唯一字符串
MINIO_ROOT_PASSWORD=minio-secret-key-CHANGE-ME
# Set to the URL of the load balancer for the MinIO deployment
# This value *must* match across all MinIO servers. If you do
# not have a load balancer, set this value to to any *one* of the
# MinIO hosts in the deployment as a temporary measure.
# 设置为MinIO部署的负载平衡器的URL
# 此值*必须*在所有MinIO服务器中匹配。如果您没有负载均衡器,请将此值设置为部署中的任何一个MinIO主
# 机,作为临时措施。。。。。。。。
MINIO_SERVER_URL="https://minio.example.net:9000"
You may specify other environment variables or server commandline options as required by your deployment. All MinIO nodes in the deployment should include the same environment variables with the same values for each variable.
您可以根据部署的需要指定其他环境变量或服务器命令行选项。部署中的所有MinIO节点都应包括相同的环境变量,每个变量的值都相同
7.4 Add TLS/SSL Certificates 添加TLS/SSL证书
MinIO enables Transport Layer Security (TLS) 1.2+ automatically upon detecting a valid x.509 certificate (.crt) and private key (.key) in the MinIO ${HOME}/.minio/certs directory.
For systemd-managed deployments, use the $HOME directory for the user which runs the MinIO server process. The provided minio.service file runs the process as minio-user. The previous step includes instructions for creating this user with a home directory /home/minio-user.
当在MinIO${HOME}/.mino/certs目录中检测到有效的x.509证书(.crt)和私钥(.key)时,MinIO会自动启用传输层安全性(TLS)1.2+。
对于systemd管理的部署,请为运行MinIO服务器进程的用户使用$HOME目录。提供的minio.service文件以minio用户的身份运行进程。上一步包括使用主目录/home/minio用户创建此用户的说明。
-
Place TLS certificates into
/home/minio-user/.minio/certs
on each host. -
If any MinIO server or client uses certificates signed by an unknown Certificate Authority (self-signed or internal CA), you must place the CA certs in the
/home/minio-user/.minio/certs/CAs
on all MinIO hosts in the deployment. MinIO rejects invalid certificates (untrusted, expired, or malformed).
- 将TLS证书放入每个主机上的**/home/minio-user/.mino/certs**中。
- 如果任何MinIO服务器或客户端使用了由未知证书颁发机构(自签名或内部CA)签名的证书,则必须将CA证书放置在部署中所有MinIO主机上的/home/MinIO user/.mino/certs/CA中。MinIO拒绝无效证书(不受信任、过期或格式错误)。
If the minio.service
file specifies a different user account, use the $HOME
directory for that account. Alternatively, specify a custom certificate directory using the minio server --certs-dir commandline argument. Modify the MINIO_OPTS
variable in /etc/defaults/minio
to set this option. The systemd
user which runs the MinIO server process must have read and listing permissions for the specified directory.
For more specific guidance on configuring MinIO for TLS, including multi-domain support via Server Name Indication (SNI), see Network Encryption (TLS). You can optionally skip this step to deploy without TLS enabled. MinIO strongly recommends against non-TLS deployments outside of early development.
如果minio.service文件指定了不同的用户帐户,请使用该帐户的$HOME目录。或者,使用minio-server--certs-dir命令行参数指定一个自定义证书目录。修改**/etc/defaults/MINIO** 中的MINIO_OPS变量以设置此选项。运行MinIO服务器进程的systemd用户必须具有指定目录的读取和列出权限。
有关为TLS配置MinIO的更具体指导,包括通过服务器名称指示(SNI)支持多域,请参阅网络加密(TLS)。您可以选择跳过此步骤以在未启用TLS的情况下进行部署。MinIO强烈建议不要在早期开发之外进行非TLS部署。
7.5 Run the MinIO Server Process 运行MinIO服务器进程
Issue the following commands on each node in the deployment to start the MinIO service:
在部署中的每个节点上发出以下命令以启动MinIO服务
bash
sudo systemctl start minio.service
Use the following commands to confirm the service is online and functional:
使用以下命令确认服务处于联机状态并正常工作:
bash
sudo systemctl status minio.service
journalctl -f -u minio.service
MinIO may log an increased number of non-critical warnings while the server processes connect and synchronize. These warnings are typically transient and should resolve as the deployment comes online.
Changed in version RELEASE.2023-02-09T05-16-53Z: MinIO starts if it detects enough drives to meet the write quorum for the deployment.
If any drives remain offline after starting MinIO, check and cure any issues blocking their functionality before starting production workloads.
The MinIO service does not automatically start on host reboot. You must use systemctl enable minio.service
to start the process as part of the host boot.
当服务器进程连接和同步 时,MinIO可能会记录越来越多的非关键警告 。这些警告通常是暂时的,应该在部署联机时解决。
在版本RELEASE2023-02-09T05-16-53Z中更改:如果检测到足够的驱动器以满足部署的写入定额,则启动MinIO。
如果任何驱动器在启动MinIO后仍处于脱机状态,请在启动生产工作负载之前检查并解决阻止其功能的任何问题。
MinIO服务不会在主机重新启动时自动启动。作为主机引导的一部分,您必须使用systemctl-enable minio.service来启动该进程。
bash
sudo systemctl enable minio.service
7.6 Open the MinIO Console 打开MinIO后台
Open your browser and access any of the MinIO hostnames at port :9001
to open the MinIO Console login page. For example, https://minio1.example.com:9001
.
Log in with the MINIO_ROOT_USER and MINIO_ROOT_PASSWORD from the previous step.
打开浏览器,访问端口:9001的任何MinIO主机名,打开MinIO控制台登录页面。例如https://minio1.example.com:9001.
使用上一步中的MINIO_ROOT_USER和MINIO_ROT_PASSWORD登录。
You can use the MinIO Console for general administration tasks like Identity and Access Management, Metrics and Log Monitoring, or Server Configuration. Each MinIO server includes its own embedded MinIO Console.
您可以使用MinIO控制台执行常规管理任务 ,如身份和访问管理 、度量和日志监视或服务器配置。每个MinIO服务器都包含自己的嵌入式MinIO控制台。
博主实战:
实战为四个minio容器+nginx反向代理