minio/docs
1
0
Fork 0
mirror of https://github.com/minio/docs.git synced 2025-07-30 07:03:26 +03:00
Code Activity

DOCS-492: Container Platform Docs

Browse Source 
This commit also generally cleans up the Installation docs and uses /includes/<platform>/steps-*.rst as a pattern for storing platform-specific tutorials within a single root URL.

Finally, due to API rate limits, this commit adds some Makefile magic to allow skipping of sync'ing dependencies. Pass `make BUILD_DEPENDENCIES=FALSE <platform>` to skip building any deps and use what is already in the branch.
This commit is contained in:
Ravind Kumar
2022-07-13 18:28:06 -04:00
committed by Ravind Kumar
parent 9f6086fdc6
commit c783e10594
26 changed files with 919 additions and 721 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -12,3 +12,4 @@ output.log
.DS_Store
source/conf.py
package-lock.json
build.log

32
Makefile
View File

@ -3,7 +3,7 @@
# You can set these variables from the command line, and also
# from the environment for the first two.
SPHINXOPTS ?= -n -j "auto"
SPHINXOPTS ?= -n -j "auto" -w "build.log"
SPHINXBUILD ?= sphinx-build
SOURCEDIR = source
BUILDDIR = build
@ -35,35 +35,63 @@ stage-%:
@echo "Visit http://localhost:8000 to view the staged output"
linux:
ifeq ($(BUILD_DEPENDENCIES),FALSE)
@echo "Skipping Dependencies"
else
@cp source/default-conf.py source/conf.py
@make sync-minio-version
@make sync-kes-version
@make sync-sdks
endif
@$(SPHINXBUILD) -M html "$(SOURCEDIR)" "$(BUILDDIR)/$(GITDIR)/$@" $(SPHINXOPTS) $(O) -t $@
@npm run build
windows:
ifeq ($(BUILD_DEPENDENCIES),FALSE)
@echo "Skipping Dependencies"
else
@cp source/default-conf.py source/conf.py
@make sync-minio-version
@make sync-kes-version
@make sync-sdks
endif
@$(SPHINXBUILD) -M html "$(SOURCEDIR)" "$(BUILDDIR)/$(GITDIR)/$@" $(SPHINXOPTS) $(O) -t $@
@npm run build
macos:
ifeq ($(BUILD_DEPENDENCIES),FALSE)
@echo "Skipping Dependencies"
else
@cp source/default-conf.py source/conf.py
@make sync-minio-version
@make sync-kes-version
@make sync-sdks
endif
@$(SPHINXBUILD) -M html "$(SOURCEDIR)" "$(BUILDDIR)/$(GITDIR)/$@" $(SPHINXOPTS) $(O) -t $@
@npm run build
k8s:
ifeq ($(BUILD_DEPENDENCIES),FALSE)
@echo "Skipping Dependencies"
else
@cp source/default-conf.py source/conf.py
@make sync-operator-version
@make sync-minio-version
@make sync-kes-version
@make sync-sdks
endif
@$(SPHINXBUILD) -M html "$(SOURCEDIR)" "$(BUILDDIR)/$(GITDIR)/$@" $(SPHINXOPTS) $(O) -t $@
@npm run build
container:
ifeq ($(BUILD_DEPENDENCIES),FALSE)
@echo "Skipping Dependencies"
else
@cp source/default-conf.py source/conf.py
@make sync-minio-version
@make sync-kes-version
@make sync-sdks
endif
@$(SPHINXBUILD) -M html "$(SOURCEDIR)" "$(BUILDDIR)/$(GITDIR)/$@" $(SPHINXOPTS) $(O) -t $@
@npm run build
@ -302,6 +330,6 @@ sync-deps:
# "make mode" option. $(O) is meant as a shortcut for $(SPHINXOPTS).
%: Makefile
@echo -e "Specify one of the following supported build outputs"
@echo -e "- make linux\n- make macos\n- make windows\n- make k8s"
@echo -e "- make linux\n- make macos\n- make windows\n- make k8s\n- make container"
@echo -e "Clean targets with 'make clean-<target>'"
@echo -e "Clean all targets with `make clean-all`"

26
source/default-conf.py
View File

@ -173,6 +173,32 @@ elif tags.has("windows"):
'reference/kubectl-minio-plugin/kubectl-minio-tenant.rst',
'reference/kubectl-minio-plugin/kubectl-minio-version.rst',
]
elif tags.has("container"):
excludes = [
'operations/install-deploy-manage/deploy-minio-tenant.rst',
'operations/install-deploy-manage/modify-minio-tenant.rst',
'operations/install-deploy-manage/expand-minio-tenant.rst',
'operations/install-deploy-manage/upgrade-minio-tenant.rst',
'operations/install-deploy-manage/upgrade-minio-operator.rst',
'operations/install-deploy-manage/delete-minio-tenant.rst',
'operations/install-deploy-manage/minio-operator-console.rst',
'operations/install-deploy-manage/deploy-minio-multi-node-multi-drive.rst',
'operations/install-deploy-manage/multi-site-replication.rst',
'operations/deploy-manage-tenants.rst',
'reference/kubectl-minio-plugin.rst',
'reference/kubectl-minio-plugin/kubectl-minio-delete.rst',
'reference/kubectl-minio-plugin/kubectl-minio-init.rst',
'reference/kubectl-minio-plugin/kubectl-minio-proxy.rst',
'reference/kubectl-minio-plugin/kubectl-minio-tenant-create.rst',
'reference/kubectl-minio-plugin/kubectl-minio-tenant-delete.rst',
'reference/kubectl-minio-plugin/kubectl-minio-tenant-expand.rst',
'reference/kubectl-minio-plugin/kubectl-minio-tenant-info.rst',
'reference/kubectl-minio-plugin/kubectl-minio-tenant-list.rst',
'reference/kubectl-minio-plugin/kubectl-minio-tenant-report.rst',
'reference/kubectl-minio-plugin/kubectl-minio-tenant-upgrade.rst',
'reference/kubectl-minio-plugin/kubectl-minio-tenant.rst',
'reference/kubectl-minio-plugin/kubectl-minio-version.rst',
]
elif tags.has("k8s"):
excludes = [
'operations/install-deploy-manage/deploy-minio-single-node-single-drive.rst',

10
source/developers/java/quickstart.md
View File

@ -12,19 +12,19 @@ Java 1.8 or above.
<dependency>
<groupId>io.minio</groupId>
<artifactId>minio</artifactId>
<version>8.4.2</version>
<version>8.4.3</version>
</dependency>
```
## Gradle usage
```
dependencies {
implementation("io.minio:minio:8.4.2")
implementation("io.minio:minio:8.4.3")
}
```
## JAR download
The latest JAR can be downloaded from [here](https://repo1.maven.org/maven2/io/minio/minio/8.4.2/)
The latest JAR can be downloaded from [here](https://repo1.maven.org/maven2/io/minio/minio/8.4.3/)
## Quick Start Example - File Uploader
This example program connects to an object storage server, makes a bucket on the server and then uploads a file to the bucket.
@ -92,12 +92,12 @@ public class FileUploader {
#### Compile FileUploader
```sh
$ javac -cp minio-8.4.2-all.jar FileUploader.java
$ javac -cp minio-8.4.3-all.jar FileUploader.java
```
#### Run FileUploader
```sh
$ java -cp minio-8.4.2-all.jar:. FileUploader
$ java -cp minio-8.4.3-all.jar:. FileUploader
'/home/user/Photos/asiaphotos.zip' is successfully uploaded as object 'asiaphotos-2015.zip' to bucket 'asiatrip'.
$ mc ls play/asiatrip/

6
source/glossary.rst
View File

@ -76,7 +76,7 @@ Glossary
disk encryption
The conversion of all of the contents written to a disk to values that cannot be easily deciphered by an unauthorized entity.
Disk encryption can be used in conjuntion with other encryption technologies to create a robust data security system.
Disk encryption can be used in conjunction with other encryption technologies to create a robust data security system.
encryption at rest
A method of encryption that stores an object in an encrypted state.
@ -96,7 +96,7 @@ Glossary
erasure set
A group of drives within MinIO that support :term:`erasure coding`.
MinIO divides the number of drives in a deployment's server pool into groups of 4 to 16 drives that make up each _erasure set_.
MinIO divides the number of drives in a deployment's server pool into groups of 4 to 16 drives that make up each *erasure set*.
When writing objects, :term:`data` and :term:`parity` blocks write randomly to the drives in the erasure set.
hashing
@ -138,7 +138,7 @@ Glossary
A rule that prevents removal or deletion of an object until an authorized agent removes the rule or it expires.
monitoring
The act of reviewing the status, activity, and availility of a MinIO cluster, deployment, tenant, or server.
The act of reviewing the status, activity, and availability of a MinIO cluster, deployment, tenant, or server.
MinIO provides the following tools:
- `Prometheus <https://prometheus.io/>`__ compatible metrics and alerts

BIN
source/images/minio-console/console-bucket-none.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 132 KiB

107
source/includes/common/common-deploy.rst Normal file
View File

@ -0,0 +1,107 @@
.. start-common-deploy-create-environment-file-single-drive
Create an environment variable file at ``/etc/default/minio``.
For Windows hosts, specify a Windows-style path similar to ``C:\minio\config``.
The MinIO Server container can use this file as the source of all :ref:`environment variables <minio-server-environment-variables>`.
The following example provides a starting environment file:
.. code-block:: shell
:class: copyable
# MINIO_ROOT_USER and MINIO_ROOT_PASSWORD sets the root account for the MinIO server.
# This user has unrestricted permissions to perform S3 and administrative API operations on any resource in the deployment.
# Omit to use the default values 'minioadmin:minioadmin'.
# MinIO recommends setting non-default values as a best practice, regardless of environment
MINIO_ROOT_USER=myminioadmin
MINIO_ROOT_PASSWORD=minio-secret-key-change-me
# MINIO_VOLUMES sets the storage volume or path to use for the MinIO server.
MINIO_VOLUMES="/mnt/data"
# MINIO_SERVER_URL sets the hostname of the local machine for use with the MinIO Server
# MinIO assumes your network control plane can correctly resolve this hostname to the local machine
# Uncomment the following line and replace the value with the correct hostname for the local machine.
#MINIO_SERVER_URL="http://minio.example.net"
Include any other environment variables as required for your local deployment.
.. end-common-deploy-create-environment-file-single-drive
.. start-common-deploy-create-environment-file-multi-drive
Create an environment variable file at ``/etc/default/minio``.
For Windows hosts, specify a Windows-style path similar to ``C:\minio\config``.
The MinIO Server container can use this file as the source of all :ref:`environment variables <minio-server-environment-variables>`.
The following example provides a starting environment file:
.. code-block:: shell
:class: copyable
# MINIO_ROOT_USER and MINIO_ROOT_PASSWORD sets the root account for the MinIO server.
# This user has unrestricted permissions to perform S3 and administrative API operations on any resource in the deployment.
# Omit to use the default values 'minioadmin:minioadmin'.
# MinIO recommends setting non-default values as a best practice, regardless of environment.
MINIO_ROOT_USER=myminioadmin
MINIO_ROOT_PASSWORD=minio-secret-key-change-me
# MINIO_VOLUMES sets the storage volumes or paths to use for the MinIO server.
# The specified path uses MinIO expansion notation to denote a sequential series of drives between 1 and 4, inclusive.
# All drives or paths included in the expanded drive list must exist *and* be empty or freshly formatted for MinIO to start successfully.
MINIO_VOLUMES="/data-{1...4}"
# MINIO_SERVER_URL sets the hostname of the local machine for use with the MinIO Server.
# MinIO assumes your network control plane can correctly resolve this hostname to the local machine.
# Uncomment the following line and replace the value with the correct hostname for the local machine.
#MINIO_SERVER_URL="http://minio.example.net"
Include any other environment variables as required for your local deployment.
.. end-common-deploy-create-environment-file-multi-drive
.. start-common-deploy-connect-to-minio-deployment
.. tab-set::
.. tab-item:: MinIO Console
You can access the MinIO Console by entering any of the hostnames or IP addresses from the MinIO server ``Console`` block in your preferred browser, such as http://localhost:9090.
Log in with the :envvar:`MINIO_ROOT_USER` and :envvar:`MINIO_ROOT_PASSWORD` configured in the environment file specified to the container.
.. image:: /images/minio-console/console-bucket-none.png
:width: 600px
:alt: MinIO Console displaying Buckets view in a fresh installation
:align: center
You can use the MinIO Console for general administration tasks like Identity and Access Management, Metrics and Log Monitoring, or Server Configuration. Each MinIO server includes its own embedded MinIO Console.
If your local host firewall permits external access to the Console port, other hosts on the same network can access the Console using the IP or hostname for your local host.
.. tab-item:: MinIO CLI (mc)
You can access the MinIO deployment over a Terminal or Shell using the :ref:`MinIO Client <minio-client>` (:mc:`mc`).
See :ref:`MinIO Client Installation Quickstart <mc-install>` for instructions on installing :mc:`mc`.
Create a new :mc-cmd:`alias <mc alias set>` corresponding to the MinIO deployment.
Specify any of the hostnames or IP addresses from the MinIO Server ``API`` block, such as http://localhost:9000.
.. code-block:: shell
:class: copyable
mc alias set http://localhost:9000 myminioadmin minio-secret-key-change-me
Replace ``myminioadmin`` and ``minio-secret-key-change-me`` with the :envvar:`MINIO_ROOT_USER` and :envvar:`MINIO_ROOT_PASSWORD` values in the environment file specified to the container.
You can then interact with the container using any :mc:`mc` command.
If your local host firewall permits external access to the MinIO S3 API port, other hosts on the same network can access the MinIO deployment using the IP or hostname for your local host.
.. end-common-deploy-connect-to-minio-deployment

43
source/includes/common/installation.rst
View File

@ -14,30 +14,31 @@ MinIO is a software-defined high performance distributed object storage server.
You can run MinIO on consumer or enterprise-grade hardware and a variety
of operating systems and architectures.
MinIO supports three deployment modes:
MinIO supports three deployment topologies:
Standalone Single-Drive
A single MinIO server with a single storage volume or folder, also referred to as "Filesystem Mode".
Standalone single deployments are best suited for evaluation and initial development of applications using MinIO for object storage, *or* for providing an S3 access layer to single storage volume.
Standalone deployments do not provide access to the full set of MinIO's advanced S3 features and functionality - specifically those dependent on :ref:`Erasure Coding <minio-erasure-coding>`.
Single-Node Single-Drive (SNSD or "Standalone")
A single MinIO server with a single storage volume or folder.
|SNSD| deployment provides failover protections. Drive-level reliability and failover depends on the underlying storage volume.
Standalone Multi-Drive
A single MinIO server with *at least* four storage volumes or folders.
A standalone multi-drive deployment supports and enables :ref:`erasure coding <minio-erasure-coding>` and its dependent features.
|SNSD| deployments are best suited for evaluation and initial development of applications using MinIO for object storage.
Standalone multi-drive deployments can only provide drive-level availability and performance scaling.
Use standalone multi-drive deployments for small-scale environments which do not require high availability or scalable performance characteristics.
|SNSD| deployments implement a zero-parity erasure coding backend and include support for the following erasure-coding dependent features:
Distributed Deployments
One or more MinIO servers with *at least* four total storage volumes across all servers.
A distributed deployment supports and enables :ref:`erasure coding <minio-erasure-coding>` and its dependent features.
- :ref:`Versioning <minio-bucket-versioning>`
- :ref:`Object Locking / Retention <minio-object-retention>`
Distributed deployments provide drive and server-level availability and performance scaling.
Distributed deployments are best for production environments and workloads.
Single-Node Multi-Drive (SNMD or "Standalone Multi-Drive")
A single MinIO server with four or more storage volumes.
|SNMD| deployments provide drive-level reliability and failover only.
MinIO recommends a baseline topology of 4 nodes with 4 drives each for production environments.
This topology provides continuity with the loss of up to one server *or* four drives across all servers.
Multi-Node Multi-Drive (MNMD or "Distributed")
Multiple MinIO servers with at least four drives across all servers.
The distributed |MNMD| topology supports production-grade object storage with drive and node-level availability and resiliency.
For tutorials on deploying or expanding a distributed MinIO deployment, see:
- :ref:`deploy-minio-distributed`
- :ref:`expand-minio-distributed`
.. _minio-installation-comparison:
@ -48,9 +49,9 @@ The following table compares the key functional differences between MinIO deploy
:width: 100%
* -
- :guilabel:`Standalone Single-Drive`
- :guilabel:`Standalone Multi-Drive`
- :guilabel:`Distributed`
- :guilabel:`Single-Node Single-Drive`
- :guilabel:`Single-Node Multi-Drive`
- :guilabel:`Multi-Node Multi-Drive`
* - Site-to-Site Replication
- Client-Side via :mc:`mc mirror`

109
source/includes/container/common-deploy.rst Normal file
View File

@ -0,0 +1,109 @@
.. start-common-deploy-pull-latest-minio-image
Select the tab for either Podman or Docker to see instructions for pulling the MinIO container image.
The instructions include examples for both quay.io and DockerHub:
.. tab-set::
.. tab-item:: Podman
quay.io
.. code-block:: shell
:class: copyable
podman pull quay.io/minio/minio
DockerHub
.. code-block:: shell
:class: copyable
podman pull docker://minio/minio
.. tab-item:: Docker
quay.io
.. code-block:: shell
:class: copyable
docker pull quay.io/minio/minio
DockerHub
.. code-block:: shell
:class: copyable
docker pull docker://minio/minio
.. end-common-deploy-pull-latest-minio-image
.. start-common-deploy-validate-container-status
.. tab-set::
.. tab-item:: Podman
Run the following command to retrieve logs from the container.
Replace the container name with the value specified to ``--name`` in the previous step.
.. code-block:: shell
:class: copyable
podman logs minio
The command should return output similar to the following:
.. tab-item:: Docker
Run the following command to retrieve logs from the container.
Replace the container name with the value specified to ``--name`` in the previous step.
.. code-block:: shell
:class: copyable
docker logs minio
The command should return output similar to the following:
.. end-common-deploy-validate-container-status
.. start-common-deploy-connect-to-minio-service
.. tab-set::
.. tab-item:: MinIO Web Console
You can access the MinIO Web Console by entering http://localhost:9090 in your preferred browser.
Any traffic to the MinIO Console port on the local host redirects to the container.
Log in with the :envvar:`MINIO_ROOT_USER` and :envvar:`MINIO_ROOT_PASSWORD` configured in the environment file specified to the container.
.. image:: /images/minio-console/console-bucket-none.png
:width: 600px
:alt: MinIO Console displaying Buckets view in a fresh installation.
:align: center
You can use the MinIO Console for general administration tasks like Identity and Access Management, Metrics and Log Monitoring, or Server Configuration. Each MinIO server includes its own embedded MinIO Console.
If your local host firewall permits external access to the Console port, other hosts on the same network can access the Console using the IP or hostname for your local host.
.. tab-item:: MinIO CLI (mc)
You can access the MinIO deployment over a Terminal or Shell using the :ref:`MinIO Client <minio-client>` (:mc:`mc`).
See :ref:`MinIO Client Installation Quickstart <mc-install>` for instructions on installing :mc:`mc`.
Create a new :mc-cmd:`alias <mc alias set>` corresponding to the MinIO deployment.
Use a hostname or IP address for your local machine along with the S3 API port ``9000`` to access the MinIO deployment.
Any traffic to that port on the local host redirects to the container.
.. code-block:: shell
:class: copyable
mc alias set http://localhost:9000 myminioadmin minio-secret-key-change-me
Replace ``myminioadmin`` and ``minio-secret-key-change-me`` with the :envvar:`MINIO_ROOT_USER` and :envvar:`MINIO_ROOT_PASSWORD` values in the environment file specified to the container.
The command should return success if the container is running and accessible at the specified port.
You can then interact with the container using any :mc:`mc` command.
If your local host firewall permits external access to the MinIO S3 API port, other hosts on the same network can access the MinIO deployment using the IP or hostname for your local host.
.. end-common-deploy-connect-to-minio-service

58
source/includes/container/installation.rst Normal file
View File

@ -0,0 +1,58 @@
.. _minio-installation:
========================
Install and Deploy MinIO
========================
.. default-domain:: minio
.. contents:: Table of Contents
:local:
:depth: 1
MinIO is a software-defined high performance distributed object storage server.
You can run MinIO on consumer or enterprise-grade hardware and a variety of operating systems and architectures.
MinIO supports three deployment topologies:
Single-Node Single-Drive (SNSD or "Standalone")
A single MinIO server with a single storage volume or folder.
|SNSD| deployment provides failover protections. Drive-level reliability and failover depends on the underlying storage volume.
|SNSD| deployments are best suited for evaluation and initial development of applications using MinIO for object storage.
|SNSD| deployments implement a zero-parity erasure coding backend and include support for the following erasure-coding dependent features:
- :ref:`Versioning <minio-bucket-versioning>`
- :ref:`Object Locking / Retention <minio-object-retention>`
Single-Node Multi-Drive (SNMD or "Standalone Multi-Drive")
A single MinIO server with four or more storage volumes.
|SNMD| deployments provide drive-level reliability and failover only.
Multi-Node Multi-Drive (MNMD or "Distributed")
Multiple MinIO servers with at least four drives across all servers.
The distributed |MNMD| topology supports production-grade object storage with drive and node-level availability and resiliency.
This documentation provides instructions for |SNSD| and |SNMD| for supporting local development and evaluation of MinIO on a single host machine. For |MNMD| deployments, use the MinIO Kubernetes Operator to deploy and manage MinIO tenants in a containerized and orchestrated environment.
.. _minio-installation-platform-support:
Platform Support
----------------
MinIO provides container images at the following repositories:
- https://hub.docker.com/r/minio/minio
- https://quay.io/repository/minio/minio?tab=info
Use of MinIO images from any other repository, host, or organization is at your own risk.
The :ref:`Single-Node Single-Drive <minio-snsd>` and :ref:`Single-Node Multi-Drive <minio-snmd>` tutorials provide instructions for the `Docker <https://www.docker.com/>`__ and :podman-docs:`Podman <>` container managers.
.. toctree::
:titlesonly:
:hidden:
/operations/install-deploy-manage/deploy-minio-single-node-single-drive
/operations/install-deploy-manage/deploy-minio-single-node-multi-drive

0
source/includes/containers/quickstart.rst → source/includes/container/quickstart.rst
View File

158
source/includes/container/steps-deploy-minio-single-node-multi-drive.rst Normal file
View File

@ -0,0 +1,158 @@
1) Pull the Latest Stable Image of MinIO
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. include:: /includes/container/common-deploy.rst
:start-after: start-common-deploy-pull-latest-minio-image
:end-before: end-common-deploy-pull-latest-minio-image
2) Create the Environment Variable File
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. include:: /includes/common/common-deploy.rst
:start-after: start-common-deploy-create-environment-file-multi-drive
:end-before: end-common-deploy-create-environment-file-multi-drive
3) Create and Run the Container
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Select the container management interface of your choice for the relevant command syntax.
.. tab-set::
.. tab-item:: Podman
Copy the command to a text file for further modification.
.. code-block:: shell
:class: copyable
podman run -dt \
-p 9000:9000 -p 9090:9090 \
-v PATH1:/data-1 \
-v PATH2:/data-2 \
-v PATH3:/data-3 \
-v PATH4:/data-4 \
-v /etc/default/minio:/etc/config.env \
-e "MINIO_CONFIG_ENV_FILE=/etc/config.env" \
--name "minio_local" \
minio server --console-address ":9090"
Specify any other :podman-docs:`options <markdown/podman-run.1.html>` to ``podman run`` as necessary for your local environment.
.. tab-item:: Docker
Copy the command to a text file for further modification.
.. code-block:: shell
:class: copyable
docker run -dt \
-p 9000:9000 -p 9090:9090 \
-v PATH1:/data-1 \
-v PATH2:/data-2 \
-v PATH3:/data-3 \
-v PATH4:/data-4 \
-v /etc/default/minio:/etc/config.env \
-e "MINIO_CONFIG_ENV_FILE=/etc/config.env" \
--name "minio_local" \
minio server --console-address ":9090"
Specify any other `options <https://docs.docker.com/engine/reference/commandline/run/>`__ to ``docker run`` as necessary for your local environment.
For running Docker in Rootless mode, you may need to set the following additional Docker CLI options:
Linux
``--user $(id -u):$(id -g)`` - directs the container to run as the currently logged in user.
Windows
``--security-opt "credentialspec=file://path/to/file.json"`` - directs the container to run using a Windows `Group Managed Service Account <https://docs.microsoft.com/en-us/virtualization/windowscontainers/manage-containers/manage-serviceaccounts>`_.
The following table describes each line of the command and provides additional configuration instructions:
.. list-table::
:header-rows: 1
:widths: 40 60
:width: 100%
* - Line
- Description
* - | ``podman run -dt``
| ``docker run -dt``
- Directs Podman/Docker to create and start the container as a detached (``-d``) background process with a pseudo-TTY (``-t``).
This allows the container to run in the background with an open TTY for bash-like access.
* - ``-p 9000:9000 -p 9090:9090``
- Binds the ports ``9000`` and ``9090`` on the local machine to the same ports on the container.
This allows access to the container through the local machine.
* - ``-v PATHx:/mnt/data-x``
- Binds the storage volume ``PATH`` on the local machine to the ``/mnt/data-x`` path on the container.
Replace this value with the full path to each sequential storage volume or folder on the local machine.
For example:
Linux or MacOS
``/mnt/data-1/``
Windows
``D:\data\``
Include additional ``-v`` parameters such that one mount exists for each drive specified to the :envvar:`MINIO_VOLUMES` value in the environment file.
* - ``-v /etc/default/minio:/etc/config.env``
- Mounts the environment file created in the previous step to the ``/etc/config.env`` path on the Container.
For Windows hosts, specify the Windows-style path ``-v C:\minio\config:/etc/config.env``.
The MinIO Server uses this environment file for configuration.
* - ``-e "MINIO_CONFIG_ENV_FILE=/etc/config.env"``
- Sets a MinIO environment variable pointing to the container-mounted path of the environment file.
* - ``--name "minio_local"``
- Sets a custom name for the container.
Omit this value to allow Podman/Docker to automatically generate a container name.
You can replace this value to best reflect your requirements.
* - ``minio server --console-address ":9090"``
- Starts the MinIO server using the ``minio:minio`` image pulled from an earlier step.
The :mc:`minio server --console-address ":9090" <minio server --console-address>` option directs the server to set a static port for the MinIO Console Web Interface.
This option is *required* for containerized environments.
If you modify this value, ensure you set the proper port mapping using the ``-p`` flag to Podman/Docker to ensure traffic forwarding between the local host and the container.
4) Validate the Container Status
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. include:: /includes/container/common-deploy.rst
:start-after: start-common-deploy-validate-container-status
:end-before: end-common-deploy-validate-container-status
.. code-block:: none
Status: 1 Online, 0 Offline.
API: http://10.0.2.100:9000 http://127.0.0.1:9000
RootUser: myminioadmin
RootPass: minio-secret-key-change-me
Console: http://10.0.2.100:9090 http://127.0.0.1:9090
RootUser: myminioadmin
RootPass: minio-secret-key-change-me
Command-line: https://docs.min.io/docs/minio-client-quickstart-guide
$ mc alias set myminio http://10.0.2.100:9000 myminioadmin minio-secret-key-change-me
Documentation: https://docs.min.io
.. admonition:: Container Networks May Not Be Accessible Outside of the Host
The ``API`` and ``CONSOLE`` blocks may include the network interfaces for the container.
Clients outside of the container network cannot access the MinIO API or Console using these addresses.
External access requires using a network address for the container host machine and assumes the host firewall allows access to the related ports (``9000`` and ``9090`` in the examples).
5) Connect to the MinIO Service
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. include:: /includes/container/common-deploy.rst
:start-after: start-common-deploy-connect-to-minio-service
:end-before: end-common-deploy-connect-to-minio-service

152
source/includes/container/steps-deploy-minio-single-node-single-drive.rst Normal file
View File

@ -0,0 +1,152 @@
1) Pull the Latest Stable Image of MinIO
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. include:: /includes/container/common-deploy.rst
:start-after: start-common-deploy-pull-latest-minio-image
:end-before: end-common-deploy-pull-latest-minio-image
2) Create the Environment Variable File
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. include:: /includes/common/common-deploy.rst
:start-after: start-common-deploy-create-environment-file-single-drive
:end-before: end-common-deploy-create-environment-file-single-drive
3) Create and Run the Container
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Select the container management interface of your choice for the relevant command syntax.
.. tab-set::
.. tab-item:: Podman
Copy the command to a text file for further modification.
.. code-block:: shell
:class: copyable
podman run -dt \
-p 9000:9000 -p 9090:9090 \
-v PATH:/data/minio \
-v /etc/default/minio:/etc/config.env \
-e "MINIO_CONFIG_ENV_FILE=/etc/config.env" \
--name "minio_local" \
minio server --console-address ":9090"
Specify any other :podman-docs:`options <markdown/podman-run.1.html>` to ``podman run`` as necessary for your local environment.
.. tab-item:: Docker
Copy the command to a text file for further modification.
.. code-block:: shell
:class: copyable
docker run -dt \
-p 9000:9000 -p 9090:9090 \
-v PATH:/data/minio \
-v /etc/default/minio:/etc/config.env \
-e "MINIO_CONFIG_ENV_FILE=/etc/config.env" \
--name "minio_local" \
minio server --console-address ":9090"
Specify any other `options <https://docs.docker.com/engine/reference/commandline/run/>`__ to ``docker run`` as necessary for your local environment.
For running Docker in Rootless mode, you may need to set the following additional Docker CLI options:
Linux
``--user $(id -u):$(id -g)`` - directs the container to run as the currently logged in user.
Windows
``--security-opt "credentialspec=file://path/to/file.json"`` - directs the container to run using a Windows `Group Managed Service Account <https://docs.microsoft.com/en-us/virtualization/windowscontainers/manage-containers/manage-serviceaccounts>`_.
The following table describes each line of the command and provides additional configuration instructions:
.. list-table::
:header-rows: 1
:widths: 40 60
:width: 100%
* - Line
- Description
* - | ``podman run -dt``
| ``docker run -dt``
- Directs Podman/Docker to create and start the container as a detached (``-d``) background process with a pseudo-TTY (``-t``).
This allows the container to run in the background with an open TTY for bash-like access.
* - ``-p 9000:9000 -p 9090:9090``
- Binds the ports ``9000`` and ``9090`` on the local machine to the same ports on the container.
This allows access to the container through the local machine.
* - ``-v PATH:/data/minio``
- Binds the storage volume ``PATH`` on the local machine to the ``/data`` path on the container.
Replace this value with the full path to a storage volume or folder on the local machine.
For example:
Linux or MacOS
``~/minio/data/``
Windows
``C:\minio\data``
* - ``-v /etc/default/minio:/etc/config.env``
- Mounts the environment file created in the previous step to the ``/etc/config.env`` path on the Container.
For Windows hosts, specify the Windows-style path ``-v C:\minio\config:/etc/config.env``.
The MinIO Server uses this environment file for configuration.
* - ``-e "MINIO_CONFIG_ENV_FILE=/etc/config.env"``
- Sets a MinIO environment variable pointing to the container-mounted path of the environment file.
* - ``--name "minio_local"``
- Sets a custom name for the container.
Omit this value to allow Podman/Docker to automatically generate a container name.
You can replace this value to best reflect your requirements.
* - ``minio server --console-address ":9090"``
- Starts the MinIO server using the ``minio:minio`` image pulled from an earlier step.
The :mc:`minio server --console-address ":9090" <minio server --console-address>` option directs the server to set a static port for the MinIO Console Web Interface.
This option is *required* for containerized environments.
If you modify this value, ensure you set the proper port mapping using the ``-p`` flag to Podman/Docker to ensure traffic forwarding between the local host and the container.
Once you have applied any further customizations to the command, run it in your preferred terminal or shell environment.
The command should return a unique ID for the created container.
4) Validate the Container Status
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. include:: /includes/container/common-deploy.rst
:start-after: start-common-deploy-validate-container-status
:end-before: end-common-deploy-validate-container-status
.. code-block:: shell
Status: 1 Online, 0 Offline.
API: http://10.0.2.100:9000 http://127.0.0.1:9000
RootUser: myminioadmin
RootPass: minio-secret-key-change-me
Console: http://10.0.2.100:9090 http://127.0.0.1:9090
RootUser: myminioadmin
RootPass: minio-secret-key-change-me
Command-line: https://docs.min.io/docs/minio-client-quickstart-guide
$ mc alias set myminio http://10.0.2.100:9000 myminioadmin minio-secret-key-change-me
Documentation: https://docs.min.io
.. admonition:: Container Networks May Not Be Accessible Outside of the Host
The ``API`` and ``CONSOLE`` blocks may include the network interfaces for the container.
Clients outside of the container network cannot access the MinIO API or Console using these addresses.
External access requires using a network address for the container host machine and assumes the host firewall allows access to the related ports (``9000`` and ``9090`` in the examples).
5) Connect to the MinIO Service
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. include:: /includes/container/common-deploy.rst
:start-after: start-common-deploy-connect-to-minio-service
:end-before: end-common-deploy-connect-to-minio-service

1
source/includes/linux/common-installation.rst
View File

@ -63,7 +63,6 @@ The following example uses the ``~/minio-data`` folder:
mkdir ~/minio-data
minio server ~/minio-data --console-address ":9090"
The :mc:`minio server` process prints its output to the system console, similar
to the following:

56
source/includes/linux/steps-deploy-minio-single-node-multi-drive.rst Normal file
View File

@ -0,0 +1,56 @@
1) Download the MinIO Server
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. include:: /includes/linux/common-installation.rst
:start-after: start-install-minio-binary-desc
:end-before: end-install-minio-binary-desc
2) Create the ``systemd`` Service File
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. include:: /includes/linux/common-installation.rst
:start-after: start-install-minio-systemd-desc
:end-before: end-install-minio-systemd-desc
3) Create the Environment Variable File
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. include:: /includes/common/common-deploy.rst
:start-after: start-common-deploy-create-environment-file-multi-drive
:end-before: end-common-deploy-create-environment-file-multi-drive
4) Start the MinIO Service
~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue the following command on the local host to start the MinIO |SNSD| deployment as a service:
.. include:: /includes/linux/common-installation.rst
:start-after: start-install-minio-start-service-desc
:end-before: end-install-minio-start-service-desc
The ``journalctl`` output should resemble the following:
.. code-block:: shell
Status: 1 Online, 0 Offline.
API: http://192.168.2.100:9000 http://127.0.0.1:9000
RootUser: myminioadmin
RootPass: minio-secret-key-change-me
Console: http://192.168.2.100:9090 http://127.0.0.1:9090
RootUser: myminioadmin
RootPass: minio-secret-key-change-me
Command-line: https://docs.min.io/docs/minio-client-quickstart-guide
$ mc alias set myminio http://10.0.2.100:9000 myminioadmin minio-secret-key-change-me
Documentation: https://docs.min.io
The ``API`` block lists the network interfaces and port on which clients can access the MinIO S3 API.
The ``Console`` block lists the network interfaces and port on which clients can access the MinIO Web Console.
5) Connect to the MinIO Service
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. include:: /includes/common/common-deploy.rst
:start-after: start-common-deploy-connect-to-minio-deployment
:end-before: end-common-deploy-connect-to-minio-deployment

56
source/includes/linux/steps-deploy-minio-single-node-single-drive.rst Normal file
View File

@ -0,0 +1,56 @@
1) Download the MinIO Server
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. include:: /includes/linux/common-installation.rst
:start-after: start-install-minio-binary-desc
:end-before: end-install-minio-binary-desc
2) Create the ``systemd`` Service File
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. include:: /includes/linux/common-installation.rst
:start-after: start-install-minio-systemd-desc
:end-before: end-install-minio-systemd-desc
3) Create the Environment Variable File
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. include:: /includes/common/common-deploy.rst
:start-after: start-common-deploy-create-environment-file-single-drive
:end-before: end-common-deploy-create-environment-file-single-drive
4) Start the MinIO Service
~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue the following command on the local host to start the MinIO |SNSD| deployment as a service:
.. include:: /includes/linux/common-installation.rst
:start-after: start-install-minio-start-service-desc
:end-before: end-install-minio-start-service-desc
The ``journalctl`` output should resemble the following:
.. code-block:: shell
Status: 1 Online, 0 Offline.
API: http://192.168.2.100:9000 http://127.0.0.1:9000
RootUser: myminioadmin
RootPass: minio-secret-key-change-me
Console: http://192.168.2.100:9090 http://127.0.0.1:9090
RootUser: myminioadmin
RootPass: minio-secret-key-change-me
Command-line: https://docs.min.io/docs/minio-client-quickstart-guide
$ mc alias set myminio http://10.0.2.100:9000 myminioadmin minio-secret-key-change-me
Documentation: https://docs.min.io
The ``API`` block lists the network interfaces and port on which clients can access the MinIO S3 API.
The ``Console`` block lists the network interfaces and port on which clients can access the MinIO Web Console.
5) Connect to the MinIO Service
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. include:: /includes/common/common-deploy.rst
:start-after: start-common-deploy-connect-to-minio-deployment
:end-before: end-common-deploy-connect-to-minio-deployment

34
source/includes/macos/common-installation.rst
View File

@ -23,23 +23,25 @@
.. tab-item:: Binary - arm64
Open a Terminal, then use the following commands to download the standalone MinIO server for MacOS and make it executable.
Open a Terminal, then use the following commands to download the latest stable MinIO binary, set it to executable, and install it to the system ``$PATH``:
.. code-block:: shell
:class: copyable
curl -O https://dl.min.io/server/minio/release/darwin-arm64/minio
chmod +x minio
chmod +x minio
sudo mv ./minio /usr/local/bin/
.. tab-item:: Binary - amd64
Open a Terminal, then use the following commands to download the standalone MinIO server for MacOS and make it executable.
Open a Terminal, then use the following commands to download the latest stable MinIO binary, set it to executable, and install it to the system ``$PATH``:
.. code-block:: shell
:class: copyable
curl -O https://dl.min.io/server/minio/release/darwin-amd64/minio
chmod +x minio
sudo mv ./minio /usr/local/bin/
.. end-install-minio-binary-desc
@ -51,27 +53,25 @@ If desired, you can replace ``~/data`` with another location to which the user h
.. code-block:: shell
:class: copyable
~/.minio server ~/data --console-address :9090
If you installed with Homebrew, do not include the ``~/`` at the beginning of the command.
The :mc:`minio server` process prints its output to the system console, similar to the following:
export MINIO_CONFIG_ENV_FILE=/etc/default/minio
minio server --console-address :9090
.. code-block:: shell
API: http://192.0.2.10:9000 http://127.0.0.1:9000
RootUser: minioadmin
RootPass: minioadmin
Console: http://192.0.2.10:9090 http://127.0.0.1:9090
RootUser: minioadmin
RootPass: minioadmin
Status: 1 Online, 0 Offline.
API: http://192.168.2.100:9000 http://127.0.0.1:9000
RootUser: myminioadmin
RootPass: minio-secret-key-change-me
Console: http://192.168.2.100:9090 http://127.0.0.1:9090
RootUser: myminioadmin
RootPass: minio-secret-key-change-me
Command-line: https://docs.min.io/docs/minio-client-quickstart-guide
$ mc alias set myminio http://192.0.2.10:9000 minioadmin minioadmin
$ mc alias set myminio http://10.0.2.100:9000 myminioadmin minio-secret-key-change-me
Documentation: https://docs.min.io
WARNING: Detected default credentials 'minioadmin:minioadmin', we recommend that you change these values with 'MINIO_ROOT_USER' and 'MINIO_ROOT_PASSWORD' environment variables.
The ``API`` block lists the network interfaces and port on which clients can access the MinIO S3 API.
The ``Console`` block lists the network interfaces and port on which clients can access the MinIO Web Console.
.. end-run-minio-binary-desc

30
source/includes/macos/steps-deploy-minio-single-node-multi-drive.rst Normal file
View File

@ -0,0 +1,30 @@
1) Download the MinIO Server
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. include:: /includes/macos/common-installation.rst
:start-after: start-install-minio-binary-desc
:end-before: end-install-minio-binary-desc
2) Create the Environment Variable File
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. include:: /includes/common/common-deploy.rst
:start-after: start-common-deploy-create-environment-file-multi-drive
:end-before: end-common-deploy-create-environment-file-multi-drive
3) Start the MinIO Deployment
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue the following command on the local host to start the MinIO |SNSD| deployment as a foreground process.
You must keep the shell or terminal session open to keep the process running.
.. include:: /includes/macos/common-installation.rst
:start-after: start-run-minio-binary-desc
:end-before: start-run-minio-binary-desc
4) Connect to the MinIO Deployment
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. include:: /includes/common/common-deploy.rst
:start-after: start-common-deploy-connect-to-minio-deployment
:end-before: end-common-deploy-connect-to-minio-deployment

30
source/includes/macos/steps-deploy-minio-single-node-single-drive.rst Normal file
View File

@ -0,0 +1,30 @@
1) Download the MinIO Server
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. include:: /includes/macos/common-installation.rst
:start-after: start-install-minio-binary-desc
:end-before: end-install-minio-binary-desc
2) Create the Environment Variable File
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. include:: /includes/common/common-deploy.rst
:start-after: start-common-deploy-create-environment-file-single-drive
:end-before: end-common-deploy-create-environment-file-single-drive
3) Start the MinIO Deployment
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue the following command on the local host to start the MinIO |SNSD| deployment as a foreground process.
You must keep the shell or terminal session open to keep the process running.
.. include:: /includes/macos/common-installation.rst
:start-after: start-run-minio-binary-desc
:end-before: end-run-minio-binary-desc
4) Connect to the MinIO Deployment
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. include:: /includes/common/common-deploy.rst
:start-after: start-common-deploy-connect-to-minio-deployment
:end-before: end-common-deploy-connect-to-minio-deployment

0
source/includes/windows/steps-deploy-minio-single-node-single-drive.rst Normal file
View File

14
source/index.rst
View File

@ -10,7 +10,7 @@ MinIO High Performance Object Storage
MinIO is a high performance object storage solution that provides an Amazon Web Services S3-compatible API and supports all core S3 features.
MinIO is built to anywhere - public or private cloud, baremetal infrastructure, orchestrated environments, and edge infrastructure.
MinIO is built to deploy anywhere - public or private cloud, baremetal infrastructure, orchestrated environments, and edge infrastructure.
.. cond:: linux
@ -28,6 +28,10 @@ MinIO is built to anywhere - public or private cloud, baremetal infrastructure,
This site documents Operations, Administration, and Development of MinIO deployments on Kubernetes platform.
.. cond:: container
This site documents Operations, Administration, and Development of MinIO deployments on Containers.
This documentation targets the latest stable version of MinIO: |minio-tag|.
MinIO is released under `GNU Affero General Public License v3.0
@ -54,6 +58,10 @@ and non-protected.
.. include:: /includes/k8s/quickstart.rst
.. cond:: container
.. include:: /includes/container/quickstart.rst
Licensing
---------
@ -105,8 +113,8 @@ without validating their usage do so at their own risk.
/reference/minio-mc-admin
/reference/kubectl-minio-plugin
/glossary
.. cond:: linux or macos or windows
.. cond:: linux or macos or windows or container
.. toctree::
:titlesonly:

1
source/operations/install-deploy-manage/deploy-minio-multi-node-multi-drive.rst
View File

@ -1,4 +1,5 @@
.. _deploy-minio-distributed:
.. _minio-mnmd:
====================================
Deploy MinIO: Multi-Node Multi-Drive

343
source/operations/install-deploy-manage/deploy-minio-single-node-multi-drive.rst
View File

@ -1,3 +1,5 @@
.. _minio-snmd:
=====================================
Deploy MinIO: Single-Node Multi-Drive
=====================================
@ -6,13 +8,18 @@ Deploy MinIO: Single-Node Multi-Drive
.. contents:: Table of Contents
:local:
:depth: 1
:depth: 2
The procedures on this page cover deploying MinIO in :guilabel:`Standalone Mode` with multiple local volumes or folders.
This deployment supports and enables :ref:`erasure coding <minio-erasure-coding>` and its dependent features.
The procedures on this page cover deploying MinIO in a Single-Node Multi-Drive (SNMD) configuration.
This topology provides increased drive-level reliability and failover protection as compared to :ref:`Single-Node Single-Drive (SNSD) deployments <minio-snsd>`.
For extended development or production environments, *or* to access :ref:`advanced MinIO functionality <minio-installation-comparison>` deploy MinIO in :guilabel:`Distributed Mode`.
See :ref:`deploy-minio-distributed` for more information.
.. cond:: linux or macos or windows
For production environments, MinIO strongly recommends deploying with the :ref:`Multi-Node Multi-Drive (Distributed) <minio-mnmd>` topology.
.. cond:: container
For production environments, MinIO strongly recommends using the MinIO Kubernetes Operator to deploy Multi-Node Multi-Drive (MNMD) or "Distributed" Tenants.
Prerequisites
-------------
@ -40,331 +47,19 @@ Local JBOD Storage with Sequential Mounts
For deployments that *require* using network-attached storage, use
NFSv4 for best results.
Deploy Standalone Multi-Drive MinIO
-----------------------------------
Deploy Single-Node Multi-Drive MinIO
------------------------------------
The following procedure deploys MinIO in :guilabel:`Standalone Mode` consisting
of a single MinIO server and a single drive or storage volume. Standalone
deployments are best suited for evaluation and initial development environments.
.. admonition:: Network File System Volumes Break Consistency Guarantees
:class: note
MinIO's strict **read-after-write** and **list-after-write** consistency
model requires local disk filesystems (``xfs``, ``ext4``, etc.).
MinIO cannot provide consistency guarantees if the underlying storage
volumes are NFS or a similar network-attached storage volume.
For deployments that *require* using network-attached storage, use
NFSv4 for best results.
1) Download the MinIO Server
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The following procedure deploys MinIO consisting of a single MinIO server and a multiple drives or storage volumes.
.. cond:: linux
.. include:: /includes/linux/common-installation.rst
:start-after: start-install-minio-binary-desc
:end-before: end-install-minio-binary-desc
.. include:: /includes/linux/steps-deploy-minio-single-node-multi-drive.rst
.. cond:: macos
.. include:: /includes/macos/common-installation.rst
:start-after: start-install-minio-binary-desc
:end-before: end-install-minio-binary-desc
.. include:: /includes/macos/steps-deploy-minio-single-node-multi-drive.rst
2) Download and Run MinIO Server
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. cond:: container
.. cond:: linux
.. include:: /includes/linux/common-installation.rst
:start-after: start-run-minio-binary-desc
:end-before: end-run-minio-binary-desc
.. cond:: macos
.. include:: /includes/macos/common-installation.rst
:start-after: start-run-minio-binary-desc
:end-before: end-run-minio-binary-desc
3) Add TLS Certificates
~~~~~~~~~~~~~~~~~~~~~~~
MinIO supports enabling :ref:`Transport Layer Security (TLS) <minio-TLS>` 1.2+
automatically upon detecting a x.509 private key (``private.key``) and public
certificate (``public.crt``) in the MinIO ``certs`` directory:
.. cond:: linux
.. code-block:: shell
${HOME}/.minio/certs
.. cond:: macos
.. code-block:: shell
${HOME}/.minio/certs
.. cond:: windows
.. code-block:: shell
``%%USERPROFILE%%\.minio\certs``
You can override the certificate directory using the
:mc-cmd:`minio server --certs-dir` commandline argument.
4) Run the MinIO Server with Non-Default Credentials
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue the following command to start the :mc:`minio server` with non-default
credentials. The table following this command breaks down each portion of the
command:
.. code-block:: shell
:class: copyable
export MINIO_ROOT_USER=minio-admin
export MINIO_ROOT_PASSWORD=minio-secret-key-CHANGE-ME
#export MINIO_SERVER_URL=https://minio.example.net
minio server /mnt/disk-{1...4} --console-address ":9090"
The example command breaks down as follows:
.. list-table::
:widths: 40 60
:width: 100%
* - :envvar:`MINIO_ROOT_USER`
- The access key for the :ref:`root <minio-users-root>` user.
Replace this value with a unique, random, and long string.
* - :envvar:`MINIO_ROOT_PASSWORD`
- The corresponding secret key to use for the
:ref:`root <minio-users-root>` user.
Replace this value with a unique, random, and long string.
* - :envvar:`MINIO_SERVER_URL`
- The URL hostname the MinIO Console uses for connecting to the MinIO
server. This variable is *required* if specifying TLS certificates
which **do not** contain the IP address of the MinIO Server host
as a :rfc:`Subject Alternative Name <5280#section-4.2.1.6>`.
Specify a hostname covered by one of the TLS certificate SAN entries.
You may specify other :ref:`environment variables
<minio-server-environment-variables>` as required by your deployment.
5) Open the MinIO Console
~~~~~~~~~~~~~~~~~~~~~~~~~
Open your browser to the DNS name or IP address corresponding to the
container and the :ref:`MinIO Console <minio-console>` port. For example,
``https://127.0.0.1:9090``.
Log in with the :guilabel:`MINIO_ROOT_USER` and :guilabel:`MINIO_ROOT_PASSWORD`
from the previous step.
.. image:: /images/minio-console/minio-console.png
:width: 600px
:alt: MinIO Console Dashboard displaying Monitoring Data
:align: center
You can use the MinIO Console for general administration tasks like
Identity and Access Management, Metrics and Log Monitoring, or
Server Configuration. Each MinIO server includes its own embedded MinIO
Console.
Applications should use the ``https://HOST-ADDRESS:9000`` to perform S3
operations against the MinIO server.
.. _deploy-minio-standalone-multidrive-container:
Deploy Standalone Multi-Drive MinIO in a Container
--------------------------------------------------
The following procedure deploys a single MinIO container with multiple drives.
The procedure uses `Podman <https://podman.io/>`__ for running the MinIO
container in rootfull mode. Configuring for rootless mode is out of scope for
this procedure.
.. admonition:: Network File System Volumes Break Consistency Guarantees
:class: note
MinIO's strict **read-after-write** and **list-after-write** consistency
model requires local disk filesystems (``xfs``, ``ext4``, etc.).
MinIO cannot provide consistency guarantees if the underlying storage
volumes are NFS or a similar network-attached storage volume.
For deployments that *require* using network-attached storage, use
NFSv4 for best results.
1) Create a Configuration File to store Environment Variables
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
MinIO reads configuration values from environment variables. MinIO supports
reading these environment variables from ``/run/secrets/config.env``. Save
the ``config.env`` file as a :podman-docs:`Podman secret <secret.html>` and
specify it as part of running the container.
Create a file ``config.env`` using your preferred text editor and enter the
following environment variables:
.. code-block:: shell
:class: copyable
export MINIO_ROOT_USER=minio-admin
export MINIO_ROOT_PASSWORD=minio-secret-key-CHANGE-ME
#export MINIO_SERVER_URL=https://minio.example.net
Create the Podman secret using the ``config.env`` file:
.. code-block:: shell
:class: copyable
sudo podman secret create config.env config.env
The following table details each environment variable set in ``config.env``:
.. list-table::
:widths: 40 60
:width: 100%
* - :envvar:`MINIO_ROOT_USER`
- The access key for the :ref:`root <minio-users-root>` user.
Replace this value with a unique, random, and long string.
* - :envvar:`MINIO_ROOT_PASSWORD`
- The corresponding secret key to use for the
:ref:`root <minio-users-root>` user.
Replace this value with a unique, random, and long string.
* - :envvar:`MINIO_SERVER_URL`
- The URL hostname the MinIO Console uses for connecting to the MinIO
server. This variable is *required* if specifying TLS certificates
which **do not** contain the IP address of the MinIO Server host
as a :rfc:`Subject Alternative Name <5280#section-4.2.1.6>`.
Specify a hostname covered by one of the TLS certificate SAN entries.
You may specify other :ref:`environment variables
<minio-server-environment-variables>` as required by your deployment.
2) Add TLS Certificates
~~~~~~~~~~~~~~~~~~~~~~~
MinIO supports enabling :ref:`Transport Layer Security (TLS) <minio-TLS>` 1.2+
automatically upon detecting a x.509 private key (``private.key``) and public
certificate (``public.crt``) in the MinIO ``certs`` directory:
Create a Podman secret pointing to the x.509
``private.key`` and ``public.crt`` to use for the container.
.. code-block:: shell
:class: copyable
sudo podman secret create private.key /path/to/private.key
sudo podman secret create public.crt /path/to/public.crt
You can optionally skip this step to deploy without TLS enabled. MinIO
strongly recommends *against* non-TLS deployments outside of early development.
3) Run the MinIO Container
~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue the following command to start the MinIO server in a container:
.. code-block:: shell
:class: copyable
sudo podman run -p 9000:9000 -p 9090:9090 \
-v /mnt/disk-1:/mnt/disk-1 \
-v /mnt/disk-2:/mnt/disk-2 \
-v /mnt/disk-3:/mnt/disk-3 \
-v /mnt/disk-4:/mnt/disk-4 \
--secret private.key \
--secret public.crt \
--secret config.env \
minio/minio server /mnt/disk-{1...4} \
--console-address ":9090" \
--certs-dir "/run/secrets/"
The example command breaks down as follows:
.. list-table::
:widths: 40 60
:width: 100%
* - ``-p 9000:9000, -p 9090:9090``
- Exposes the container internal port ``9000`` and ``9090`` through
the node port ``9000`` and ``9090`` respectively.
Port ``9000`` is the default MinIO server listen port.
Port ``9090`` is the :ref:`MinIO Console <minio-console>` listen port
specified by the ``--console-address`` argument.
* - ``-v /mnt/disk-n:/mnt/disk-n``
- Mounts a local volume to the container at the specified path.
The ``/mnt/disk-{1...4}`` uses MinIO expansion notation to denote a sequential series of drives between 1 and 4 inclusive.
* - ``--secret ...``
- Mounts a secret to the container. The specified secrets correspond to
the following:
- The x.509 private and public key the MinIO server process uses for
enabling TLS.
- The ``config.env`` file from which MinIO looks for configuration
environment variables.
* - ``/data``
- The path to the container volume in which the ``minio`` server stores
all information related to the deployment.
See :mc-cmd:`minio server DIRECTORIES` for more information on
configuring the backing storage for the :mc:`minio server` process.
* - ``--console-address ":9090"``
- The static port on which the embedded MinIO Console listens for incoming
connections.
Omit to allow MinIO to select a dynamic port for the MinIO Console.
With dynamic port selection, browsers opening the root node hostname
``https://minio1.example.com:9000`` are automatically redirected to the
Console.
* - ``--cert /run/secrets/``
- Directs the MinIO server to use the ``/run/secrets/`` folder for
retrieving x.509 certificates to use for enabling TLS.
4) Open the MinIO Console
~~~~~~~~~~~~~~~~~~~~~~~~~
Open your browser to the DNS name or IP address corresponding to the
container and the :ref:`MinIO Console <minio-console>` port. For example,
``https://127.0.0.1:9090``.
Log in with the :guilabel:`MINIO_ROOT_USER` and :guilabel:`MINIO_ROOT_PASSWORD`
from the previous step.
.. image:: /images/minio-console/minio-console.png
:width: 600px
:alt: MinIO Console Dashboard displaying Monitoring Data
:align: center
You can use the MinIO Console for general administration tasks like
Identity and Access Management, Metrics and Log Monitoring, or
Server Configuration. Each MinIO server includes its own embedded MinIO
Console.
Applications should use the ``https://HOST-ADDRESS:9000`` to perform S3
operations against the MinIO server.
.. include:: /includes/container/steps-deploy-minio-single-node-multi-drive.rst

354
source/operations/install-deploy-manage/deploy-minio-single-node-single-drive.rst
View File

@ -1,3 +1,5 @@
.. _minio-snsd:
======================================
Deploy MinIO: Single-Node Single-Drive
======================================
@ -6,7 +8,7 @@ Deploy MinIO: Single-Node Single-Drive
.. contents:: Table of Contents
:local:
:depth: 1
:depth: 2
The procedures on this page cover deploying MinIO in a Single-Node Single-Drive (SNSD) configuration for early development and evaluation.
This mode was previously called :guilabel:`Standalone Mode` or 'filesystem' mode.
@ -15,9 +17,9 @@ Starting with :minio-release:`RELEASE.2022-06-02T02-11-04Z`, MinIO implements a
This feature allows access to :ref:`erasure coding dependent features <minio-erasure-coding>` without the requirement of multiple drives.
MinIO only starts in |SNSD| mode if the storage volume or path is empty *or* only contain files generated by a previous |SNSD| deployment.
See :ref:`minio-snsd-pre-existing-data <minio-snsd-pre-existing-data>` for more complete documentation on MinIO startup behavior in |SNSD| mode.
See the documentation on :ref:`SNSD behavior with pre-existing data <minio-snsd-pre-existing-data>` for more information.
For extended development or production environments, deploy MinIO in :guilabel:`Distributed Mode`. See :ref:`deploy-minio-distributed` for more information.
For extended development or production environments, deploy MinIO in :guilabel:`Distributed Mode`. See :ref:`deploy-minio-distributed </operations/install-deploy-manage/multi-site-replication>` for more information.
.. _minio-snsd-pre-existing-data:
@ -67,352 +69,14 @@ The following procedure deploys MinIO consisting of a single MinIO server and a
For deployments that *require* using network-attached storage, use
NFSv4 for best results.
1) Download the MinIO Server
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. cond:: linux
.. include:: /includes/linux/common-installation.rst
:start-after: start-install-minio-binary-desc
:end-before: end-install-minio-binary-desc
.. include:: /includes/linux/steps-deploy-minio-single-node-single-drive.rst
.. cond:: macos
.. include:: /includes/macos/common-installation.rst
:start-after: start-install-minio-binary-desc
:end-before: end-install-minio-binary-desc
.. include:: /includes/macos/steps-deploy-minio-single-node-single-drive.rst
2) Download and Run MinIO Server
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. cond:: container
.. cond:: linux
.. include:: /includes/linux/common-installation.rst
:start-after: start-run-minio-binary-desc
:end-before: end-run-minio-binary-desc
.. cond:: macos
.. include:: /includes/macos/common-installation.rst
:start-after: start-run-minio-binary-desc
:end-before: end-run-minio-binary-desc
3) Add TLS Certificates
~~~~~~~~~~~~~~~~~~~~~~~
MinIO supports enabling :ref:`Transport Layer Security (TLS) <minio-TLS>` 1.2+
automatically upon detecting a x.509 private key (``private.key``) and public
certificate (``public.crt``) in the MinIO ``certs`` directory:
.. cond:: linux
.. code-block:: shell
${HOME}/.minio/certs
.. cond:: macos
.. code-block:: shell
${HOME}/.minio/certs
.. cond:: windows
.. code-block:: shell
``%%USERPROFILE%%\.minio\certs``
You can override the certificate directory using the
:mc-cmd:`minio server --certs-dir` commandline argument.
4) Run the MinIO Server with Non-Default Credentials
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue the following command to start the :mc:`minio server` with non-default
credentials. The table following this command breaks down each portion of the
command:
.. cond:: linux
.. code-block:: shell
:class: copyable
export MINIO_ROOT_USER=minio-admin
export MINIO_ROOT_PASSWORD=minio-secret-key-CHANGE-ME
#export MINIO_SERVER_URL=https://minio.example.net
minio server /data --console-address ":9090"
.. cond:: macos
.. code-block:: shell
:class: copyable
export MINIO_ROOT_USER=minio-admin
export MINIO_ROOT_PASSWORD=minio-secret-key-CHANGE-ME
#export MINIO_SERVER_URL=https://minio.example.net
minio server /data --console-address ":9090"
.. cond:: windows
.. code-block:: powershell
:class: copyable
PS C:\minio> MINIO_ROOT_USER = 'minio-admin'
PS C:\minio> MINIO_ROOT_PASSWORD = 'minio-secret-key-CHANGE-ME'
PS C:\minio> MINIO_SERVER_URL = 'https://minio.example.net'
The example command breaks down as follows:
.. list-table::
:widths: 40 60
:width: 100%
* - :envvar:`MINIO_ROOT_USER`
- The access key for the :ref:`root <minio-users-root>` user.
Replace this value with a unique, random, and long string.
* - :envvar:`MINIO_ROOT_PASSWORD`
- The corresponding secret key to use for the
:ref:`root <minio-users-root>` user.
Replace this value with a unique, random, and long string.
* - :envvar:`MINIO_SERVER_URL`
- The URL hostname the MinIO Console uses for connecting to the MinIO
server. This variable is *required* if specifying TLS certificates
which **do not** contain the IP address of the MinIO Server host
as a :rfc:`Subject Alternative Name <5280#section-4.2.1.6>`.
Specify a hostname covered by one of the TLS certificate SAN entries.
* - ``/data``
- The path to each disk on the host machine.
See :mc-cmd:`minio server DIRECTORIES` for more information on
configuring the backing storage for the :mc:`minio server` process.
MinIO writes objects to the specified directory as is and without
:ref:`minio-erasure-coding`. Any other application accessing that
directory can read and modify stored objects.
* - ``--console-address ":9090"``
- The static port on which the embedded MinIO Console listens for incoming
connections.
Omit to allow MinIO to select a dynamic port for the MinIO Console.
With dynamic port selection, browsers opening the root node hostname
``https://minio1.example.com:9000`` are automatically redirected to the
Console.
You may specify other :ref:`environment variables
<minio-server-environment-variables>` as required by your deployment.
5) Open the MinIO Console
~~~~~~~~~~~~~~~~~~~~~~~~~
Open your browser to the DNS name or IP address corresponding to the
container and the :ref:`MinIO Console <minio-console>` port. For example,
``https://127.0.0.1:9090``.
Log in with the :guilabel:`MINIO_ROOT_USER` and :guilabel:`MINIO_ROOT_PASSWORD`
from the previous step.
.. image:: /images//minio-console/minio-console.png
:width: 600px
:alt: MinIO Console Dashboard displaying Monitoring Data
:align: center
You can use the MinIO Console for general administration tasks like
Identity and Access Management, Metrics and Log Monitoring, or
Server Configuration. Each MinIO server includes its own embedded MinIO
Console.
Applications should use the ``https://HOST-ADDRESS:9000`` to perform S3
operations against the MinIO server.
.. _deploy-minio-standalone-container:
Deploy Containerized Single-Node Single-Drive MinIO
---------------------------------------------------
The following procedure deploys a single MinIO container with a single drive.
The procedure uses `Podman <https://podman.io/>`__ for running the MinIO
container in rootfull mode. Configuring for rootless mode is out of scope for
this procedure.
.. admonition:: Network File System Volumes Break Consistency Guarantees
:class: note
MinIO's strict **read-after-write** and **list-after-write** consistency
model requires local disk filesystems (``xfs``, ``ext4``, etc.).
MinIO cannot provide consistency guarantees if the underlying storage
volumes are NFS or a similar network-attached storage volume.
For deployments that *require* using network-attached storage, use
NFSv4 for best results.
1) Create a Configuration File to store Environment Variables
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
MinIO reads configuration values from environment variables. MinIO supports
reading these environment variables from ``/run/secrets/config.env``. Save
the ``config.env`` file as a :podman-docs:`Podman secret <secret.html>` and
specify it as part of running the container.
Create a file ``config.env`` using your preferred text editor and enter the
following environment variables:
.. code-block:: shell
:class: copyable
export MINIO_ROOT_USER=minio-admin
export MINIO_ROOT_PASSWORD=minio-secret-key-CHANGE-ME
#export MINIO_SERVER_URL=https://minio.example.net
Create the Podman secret using the ``config.env`` file:
.. code-block:: shell
:class: copyable
sudo podman secret create config.env config.env
The following table details each environment variable set in ``config.env``:
.. list-table::
:widths: 40 60
:width: 100%
* - :envvar:`MINIO_ROOT_USER`
- The access key for the :ref:`root <minio-users-root>` user.
Replace this value with a unique, random, and long string.
* - :envvar:`MINIO_ROOT_PASSWORD`
- The corresponding secret key to use for the
:ref:`root <minio-users-root>` user.
Replace this value with a unique, random, and long string.
* - :envvar:`MINIO_SERVER_URL`
- The URL hostname the MinIO Console uses for connecting to the MinIO
server. This variable is *required* if specifying TLS certificates
which **do not** contain the IP address of the MinIO Server host
as a :rfc:`Subject Alternative Name <5280#section-4.2.1.6>`.
Specify a hostname covered by one of the TLS certificate SAN entries.
You may specify other :ref:`environment variables
<minio-server-environment-variables>` as required by your deployment.
2) Add TLS Certificates
~~~~~~~~~~~~~~~~~~~~~~~
MinIO supports enabling :ref:`Transport Layer Security (TLS) <minio-TLS>` 1.2+
automatically upon detecting a x.509 private key (``private.key``) and public
certificate (``public.crt``) in the MinIO ``certs`` directory:
Create a Podman secret pointing to the x.509
``private.key`` and ``public.crt`` to use for the container.
.. code-block:: shell
:class: copyable
sudo podman secret create private.key /path/to/private.key
sudo podman secret create public.crt /path/to/public.crt
You can optionally skip this step to deploy without TLS enabled. MinIO
strongly recommends *against* non-TLS deployments outside of early development.
3) Run the MinIO Container
~~~~~~~~~~~~~~~~~~~~~~~~~~
Issue the following command to start the MinIO server in a container:
.. code-block:: shell
:class: copyable
sudo podman run -p 9000:9000 -p 9090:9090 \
-v /data:/data \
--secret private.key \
--secret public.crt \
--secret config.env \
minio/minio server /data \
--console-address ":9090" \
--certs-dir "/run/secrets/"
The example command breaks down as follows:
.. list-table::
:widths: 40 60
:width: 100%
* - ``-p 9000:9000, -p 9090:9090``
- Exposes the container internal port ``9000`` and ``9090`` through
the node port ``9000`` and ``9090`` respectively.
Port ``9000`` is the default MinIO server listen port.
Port ``9090`` is the :ref:`MinIO Console <minio-console>` listen port
specified by the ``--console-address`` argument.
* - ``-v /data:/data``
- Mounts a local volume to the container at the specified path.
* - ``--secret ...``
- Mounts a secret to the container. The specified secrets correspond to
the following:
- The x.509 private and public key the MinIO server process uses for
enabling TLS.
- The ``config.env`` file from which MinIO looks for configuration
environment variables.
* - ``/data``
- The path to the container volume in which the ``minio`` server stores
all information related to the deployment.
See :mc-cmd:`minio server DIRECTORIES` for more information on
configuring the backing storage for the :mc:`minio server` process.
* - ``--console-address ":9090"``
- The static port on which the embedded MinIO Console listens for incoming
connections.
Omit to allow MinIO to select a dynamic port for the MinIO Console.
With dynamic port selection, browsers opening the root node hostname
``https://minio1.example.com:9000`` are automatically redirected to the
Console.
* - ``--cert /run/secrets/``
- Directs the MinIO server to use the ``/run/secrets/`` folder for
retrieving x.509 certificates to use for enabling TLS.
4) Open the MinIO Console
~~~~~~~~~~~~~~~~~~~~~~~~~
Open your browser to the DNS name or IP address corresponding to the
container and the :ref:`MinIO Console <minio-console>` port. For example,
``https://127.0.0.1:9090``.
Log in with the :guilabel:`MINIO_ROOT_USER` and :guilabel:`MINIO_ROOT_PASSWORD`
from the previous step.
.. image:: /images//minio-console/minio-console.png
:width: 600px
:alt: MinIO Console Dashboard displaying Monitoring Data
:align: center
You can use the MinIO Console for general administration tasks like
Identity and Access Management, Metrics and Log Monitoring, or
Server Configuration. Each MinIO server includes its own embedded MinIO
Console.
Applications should use the ``https://HOST-ADDRESS:9000`` to perform S3
operations against the MinIO server.
.. include:: /includes/container/steps-deploy-minio-single-node-single-drive.rst

4
source/operations/installation.rst
View File

@ -2,6 +2,10 @@
.. include:: /includes/common/installation.rst
.. cond:: container
.. include:: /includes/container/installation.rst
.. cond:: k8s
.. include:: /includes/k8s/deploy-operator.rst

15
source/reference/minio-server/minio-server.rst
View File

@ -193,6 +193,21 @@ Environment Variables
The :mc:`minio server` processes uses the following
environment variables during startup to set configuration settings.
Core Configuration
~~~~~~~~~~~~~~~~~~
.. envvar:: MINIO_VOLUMES
The directories or drives the :mc:`minio server` process uses as the
storage backend.
Functionally equivalent to setting :mc-cmd:`minio server DIRECTORIES`.
Use this value when configuring MinIO to run using an environment file.
.. envvar:: MINIO_CONFIG_ENV_FILE
Specifies the full path to the file the MinIO server process uses for loading environment variables.
Root Credentials
~~~~~~~~~~~~~~~~