cb2aa233a0
This PR simplifies the management of KMS integrations by removing the detailed documentation and linking out to the KES docs site instead. There should be no mention of any specific KMS target. Each OS/platform should have references to the correct paths, OS, and the like. This completes work started on the KES docs side in https://github.com/minio/kes-docs/pull/48. Staged: - [Linux](http://192.241.195.202:9000/staging/ssekms/linux/operations/server-side-encryption/configure-minio-kes.html) - [Windows](http://192.241.195.202:9000/staging/ssekms/windows/operations/server-side-encryption/configure-minio-kes.html) - [Kubernetes](http://192.241.195.202:9000/staging/ssekms/k8s/operations/server-side-encryption/configure-minio-kes.html) - [Containers](http://192.241.195.202:9000/staging/ssekms/container/operations/server-side-encryption/configure-minio-kes.html) - [MacOS](http://192.241.195.202:9000/staging/ssekms/macos/operations/server-side-encryption/configure-minio-kes.html)
2.0 KiB
Deploy MinIO and KES with Server-Side Encryption
Prior to starting these steps, create the following folders:
mkdir -P |kescertpath|
mkdir -P |kesconfigpath|
mkdir -P |miniodatapath|Prerequisite
Depending on your chosen supported KMS target <#supported-kms-targets>
configuration, you may need to pass the kes-server.cert as
a trusted Certificate Authority (CA). Defer to the client documentation
for instructions on trusting a third-party CA.
1) Create the MinIO Configurations
Create the MinIO Environment File
Create the environment file using your preferred text editor. The
following example uses nano:
nano |minioconfigpath|/minio3) Start the MinIO Server
Note
You must start KES before starting MinIO. The MinIO deployment requires access to KES as part of its startup.
Foreground processes depend on the shell or terminal in which they run. Exiting or terminating the shell/terminal instance also kills the attached process. Defer to your operating system best practices for running processes in the background.