centos7部署minio单机版

一、目标

在centos7上部署minio单机版

二、centos7部署minio

1、下载minio

mkdir /usr/local/minio
cd /usr/local/minio
wget https://dl.minio.io/server/minio/release/linux-amd64/minio
chmod +x minio

2、新建minio存储数据的目录

mkdir -p /data/minio/data

3、新建minio的systemd启动脚本

cat << EOF > /etc/systemd/system/minio.service
[Unit]
Description=MinIO
Documentation=https://docs.min.io
Wants=network-online.target
After=network-online.target
AssertFileIsExecutable=/usr/local/minio/minio

[Service]
# User and group
User=minio-user
Group=minio-user
EnvironmentFile=/usr/local/minio/minio.conf
ExecStart=/usr/local/minio/minio server $MINIO_OPTS $MINIO_VOLUMES
# Let systemd restart this service always
Restart=always

# Specifies the maximum file descriptor number that can be opened by this process
LimitNOFILE=65536
# Disable timeout logic and wait until process is stopped
TimeoutStopSec=infinity
SendSIGKILL=no

[Install]
WantedBy=multi-user.target
EOF

4、新建minio配置文件

cat << EOF > /usr/local/minio/minio.conf
MINIO_ROOT_USER="minio-user"
MINIO_ROOT_PASSWORD="mypwd123"

MINIO_VOLUMES="/data/minio/data/"
MINIO_OPTS="-C /usr/local/minio/ --address 192.168.10.79:9910 --console-address '0.0.0.0:9966'"
EOF

注：

● MINIO_ROOT_USER 是访问控制的账号

●?MINIO_ROOT_PASSWORD 是访问控制的密码

●?MINIO_VOLUMES="/data/minio/data/" 是minio存储数据的目录，必须实现新建好
● MINIO_OPTS="-C /usr/local/minio/ 是配置文件minio.conf的存放位置

? ? ? ? ? ? ? ? ? ? ? ? ? ? --address 192.168.10.79:9910 是minio的api接口地址和端口

? ? ? ? ? ? ? ? ? ? ? ? ? ? --console-address '0.0.0.0:9966'" 是minio控制台web页面的访问地址

5、添加启动minio的用户和组及修改目录权限

groupadd minio-user
useradd -M -g minio-user -s /sbin/nologin minio-user
chown -R minio-user:minio-user /usr/local/minio
chown -R minio-user:minio-user /data/minio

6、启动minio服务

systemctl daemon-reload
systemctl enable minio.service  --now

7、测试访问minio

http://192.168.10.79:9966/login

登录minio控制web页面的用户名和密码就是配置文件中的MINIO_ROOT_USER="minio-user"，MINIO_ROOT_PASSWORD="mypwd123"。

三、测试minio是否可用

1、创建桶

点击左侧菜单栏的Administrator--Buckets---create Bucket

?

2、上传文件

?

四、(扩展)用nginx反代minio

nginx配置

[root@localhost minio]# cat /usr/local/nginx/conf/nginx.conf

#user  nobody;
worker_processes  1;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       mime.types;
    default_type  application/octet-stream;

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    #gzip  on;

    server {
        listen       6443 ssl;
        server_name  www.hiibm.com;
        ssl_certificate  ../ssl-cert/nginx.crt;
        ssl_certificate_key  ../ssl-cert/nginx.key;

        #charset koi8-r;

        #access_log  logs/host.access.log  main;

        location / {
            proxy_pass http://localhost:9966/;
            proxy_redirect default;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header Host $host;
            proxy_set_header Upgrade-Insecure-Requests 1;
            proxy_set_header X-Forwarded-Proto http;
        }



       location /minio/ {
            proxy_pass http://localhost:9966/;
            proxy_redirect default;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header Host $host;
            proxy_set_header Upgrade-Insecure-Requests 1;
            proxy_set_header X-Forwarded-Proto http;
        }


        #error_page  404              /404.html;

        # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }

        # proxy the PHP scripts to Apache listening on 127.0.0.1:80
        #
        #location ~ \.php$ {
        #    proxy_pass   http://127.0.0.1;
        #}

        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        #location ~ \.php$ {
        #    root           html;
        #    fastcgi_pass   127.0.0.1:9000;
        #    fastcgi_index  index.php;
        #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
        #    include        fastcgi_params;
        #}

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        #    deny  all;
        #}
    }


    # another virtual host using mix of IP-, name-, and port-based configuration
    #
    #server {
    #    listen       8000;
    #    listen       somename:8080;
    #    server_name  somename  alias  another.alias;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}


    # HTTPS server
    #
    #server {
    #    listen       443 ssl;
    #    server_name  localhost;

    #    ssl_certificate      cert.pem;
    #    ssl_certificate_key  cert.key;

    #    ssl_session_cache    shared:SSL:1m;
    #    ssl_session_timeout  5m;

    #    ssl_ciphers  HIGH:!aNULL:!MD5;
    #    ssl_prefer_server_ciphers  on;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}

}

注意：反代minio的时候，路径location 只能写/ ，即写根，否则访问异常。也可以是http，同样道理只能写根路径。另外nginx如果监听端口是1024以下的则必须用root启动nginx否则会报错大概意思是比如：不能绑定0.0.0.0:80，权限拒绝。