High Vailability Minio Deploy Tutorial

Minio Introduction

Minio is an object storage server released under Apache License v2.0.

It is compatible with Amazon S3 cloud storage service.

It is best suited for storing unstructured data such as photos, videos, log files, backups and container / VM images.

Size of an object can range from a few KBs to a maximum of 5TB.

Minio server is light enough to be bundled with the application stack, similar to NodeJS, Redis and MySQL.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
cd /tmp
#https://dl.minio.io/server/minio/release/中选择合适的版本
curl -O https://dl.minio.io/server/minio/release/linux-amd64/minio
sudo chmod +x minio
#directory where Minio's systemd startup script expects to find it
sudo mv minio /usr/local/bin

sudo useradd -r minio-user -s /sbin/nologin
sudo chown minio-user:minio-user /usr/local/bin/minio

#创建数据存储目录
sudo mkdir -p /work/minio/data1 /work/minio/data2
sudo chown minio-user:minio-user /work/minio

#创建配置文件目录
sudo mkdir /etc/minio
sudo chown minio-user:minio-user /etc/minio

#default config, modify your own MINIO_VOLUMES/MINIO_OPTS/MINIO_ACCESS_KEY/MINIO_SECRET_KEY
cat <<EOF > /etc/default/minio
# Remote node configuration.
MINIO_VOLUMES="http://192.168.3.21/work/minio/data1 http://192.168.3.21/work/minio/data2 http://192.168.3.23/work/minio/data1 http://192.168.3.23/work/minio/data2"

# Use if you want to run Minio on a custom port.
MINIO_OPTS="-C /etc/minio --address :9001"

# Access Key of the server.
MINIO_ACCESS_KEY=YOUR-ACCESS-KEY-HERE

# Secret key of the server.
MINIO_SECRET_KEY=YOUR-SECRET-KEY-HERE
EOF


cd /etc/systemd/system/
curl -O https://raw.githubusercontent.com/minio/minio-service/master/linux-systemd/distributed/minio.service
sudo chmod 755 minio.service
sudo systemctl daemon-reload
sudo systemctl enable minio
sudo systemctl start minio
sudo systemctl status minio

Nginx Configuration

Multiple Minio servers load balance

1
2
3
4
5
6
7
8
9
10
11
12
13
14
upstream minio_servers {
server minio-server-1:9000;
server minio-server-2:9000;
}

server {
listen 80;
server_name www.example.com;

location / {
proxy_set_header Host $http_host;
proxy_pass http://minio_servers;
}
}

SSL/TLS Termination

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
server {
listen 80;
server_name www.example.com;
return 301 https://www.example.com$request_uri;
}

server {
listen 443 ssl;
server_name www.example.com;

ssl_certificate www.example.com.crt;
ssl_certificate_key www.example.com.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;

location / {
proxy_set_header Host $http_host;
proxy_pass http://localhost:9000;
}
}

Nginx caching

1
2
3
4
5
6
7
8
9
limit_req_zone $binary_remote_addr zone=my_req_limit:10m rate=10r/s;

server {
# ...
location /images/ {
limit_req zone=my_req_limit burst=20;
# ...
}
}

Reference