Shulou(Shulou.com)06/01 Report--

This article mainly shows you "how to build a privatized object storage service through Minio". The content is simple and clear. I hope it can help you solve your doubts. Let me lead you to study and learn this article "how to build a privatized object storage service through Minio".

Overview

Minio is built on the basis of cloud native; it has distributed and shared storage functions; and it aims to extend object storage services in a sustainable manner in a multi-tenant environment. It is most suitable for storing unstructured data, such as photos, videos, log files, containers / virtual machines / images, etc., and the maximum size of a single storage object is 5TB.

Implement the architecture of a single node

Depending on whether the storage is remote, you can directly use FS or NFS to directly manipulate the Object in the storage.

Call S3 interface and use FS or NFS to operate Object through Minio

Multi-node

Multi-node Minio will distinguish different tenants according to different Access_key and Secret_Key, and each tenant can operate the corresponding Server to obtain Object. Minio Server can be isolated from each other through different process models, containers, or virtual machines.

Distributed system

Distributed Minio extends to as many servers as needed in a shared architecture, and all nodes need to log in using the same Access_key and Secret_key. Distributed Minio uses Web load balancer or DNS round robin (DNS round-robin) to achieve load balancing among servers.

Functional characteristics

Amazon S3 compatibility

Minio uses Amazon S3 v2 / v4 API. You can access the Minio server using Minio SDK,Minio Client,AWS SDK and AWS CLI.

Data protection

Minio uses Minio Erasure Code to prevent hardware failures. It may damage more than half of the driver, but you can still recover from it.

Highly available

The Minio server can tolerate up to (N / 2)-1 node failures in distributed settings. Also, you can configure the Minio server to store data between Minio and any Amazon S3-compliant server.

Lambda calculation

The Minio server triggers the Lambda feature through its AWS SNS / SQS compliant event notification service. The supported targets are message queues, such as Kafka,NATS,AMQP,MQTT,Webhooks and databases such as Elasticsearch,Redis,Postgres and MySQL.

Encryption and tamper proof

Minio provides confidentiality, integrity and authenticity for encrypted data with minimal performance overhead. Server-side and client-side encryption is supported using AES-256-GCM,ChaCha20-Poly1305 and AES-CBC. Encrypted objects use AEAD server-side encryption to prevent tampering.

Docking back-end storage

In addition to Minio's own file system, it also supports DAS, JBODs, NAS, Google cloud storage, and Azure Blob storage.

Sdk support

Based on the lightweight feature of Minio, it is supported by sdk in languages such as Java, Python or Go.

For example: when the Java class uses Maven to manage Jar, specify Minio in pom.xml:

Io.minio minio 3.0.12 use

Minio provides: the Server side containing the graphical interface; the client side using command line operations. The following introduces you to the use of Minio Server and Minio Client.

Minio Server

Log in to Minio using Access Key and Secret Key. After a successful login, enter the following interface

Access Key and Secret Key can be randomly generated by Minio Server or customized by variables. The following self-service deployment describes how to define and obtain Access Key and Secret Key.

Click the corresponding section of the module 1bucket to create a new bucket, and you can see the created bucket in module 2.

Select a bucket in module 2. Click the corresponding part of the module 1upload to upload the file to the selected bucket. You can see the files uploaded in the corresponding bucket in the white part of the page.

Move the mouse to module 2 any bucket, corresponding to the right side of bucket can click to operate policy, delete operation. Policy can set the request permission of Prefix.

Click module 3 to view and set the basic information of the Object:

View the shared address Shareable Link

Set the expiration time. The maximum saving time is 7 days.

The remaining expiration time of the Object pops up at the top of the dialog box.

Minio Client

Download binary

Wget https://dl.minio.io/client/mc/release/linux-amd64/mcchmod + x mc./mc-- help

Basic operation command

Minio Server already exists for configuration

. / mc config host add S3v4

Example:

. / mc config host add test http://9000.gr8be71d.grapps.ali-hz.goodrain.net access_key secret_key S3v4

Create bucket

. / mc mb / [bucket_name] / [object_name]

Example:

. / mc mb test/data

Check the bucket and object of Minio Server

. / mc ls / [bucket_name] / [object_name]

Example:

. / mc ls test/data

Upload / download Object

# cp to Minio Server (upload). / mc cp / [bucket_name] # cp to local (download). / mc cp / [bucket_name] / [object_name]

Example:

. / mc cp README.md test/data

Delete Object or bucket

. / mc rm / [bucket_name] / [object_name]

Example:

# delete bucket, because there is an object named README.md under data, so you need to append-- force parameter to force the deletion of bucket./mc rm test/data-- force

* shared access

Mc provides a share method that allows you to temporarily upload or download object by authorizing the generated URL.

Download

Specify the Object in the Minio Server to generate the URL temporarily downloaded by the Object.

. / mc share download [- expire [h | m | s]] / [bucket_name] / [object_name]

Example:

#-- expire 168h represents the generated URL valid time is only 168h. / mc share download-- expire 168h test/data/README.md

Upload

Specify the path after uploading a file to Minio Server, and generate commands that are temporarily available for upload.

. / mc share upload [- expire [h | m | s]] / [bucket_name] / [object_name]

Example:

. / mc share upload test/data/README.md

Generate commands similar to the following:

Curl http://9000.gr17b6e1.grapps.ali-hz.goodrain.net/data/\-F x-amz-credential=access_key/20180425/us-east-1/s3/aws4_request\-F x-amz-date=20180425T031310Z\-F x-amz-signature=68ac9f102afd6a87526ecb9ce6025dee4f85b25cf054f5a7668a73ae0ef9f4dc\-F bucket=data\-F policy=eyJleHBpcmF0aW9uIjoiMjAxOC0wNS0wMlQwMzoxMzowOS45MTlaIiwiY29uZGl0aW9ucyI6W1siZXEiLCIkYnVja2V0IiwiZGF0YSJdLFsiZXEiLCIka2V5IiwiaW5zdGFsbC5zaCJdLFsiZXEiLCIkeC1hbXotZGF0ZSIsIjIwMTgwNDI1VDAzMTMxMFoiXSxbImVxIiwiJHgtYW16LWFsZ29yaXRobSIsIkFXUzQtSE1BQy1TSEEyNTYiXSxbImVxIiwiJHgtYW16LWNyZWRlbnRpYWwiLCJhY2Nlc3Nfa2V5LzIwMTgwNDI1L3VzLWVhc3QtMS9zMy9hd3M0X3JlcXVlc3QiXV19\-F x-amz-algorithm=AWS4-HMAC-SHA256\-F key=README.md\ # is the Object-F file=@ to be uploaded

List

View all RUL created, downloaded or uploaded

. / mc share list [download/upload] deployed from Cloud City

You can deploy Minio applications with one click from Yunshi (click to get).

From the cloud gang

You can also use the docker run command to deploy in the cloud help:

Enter the cloud panel-create an application interface and select to create an application from Docker image

Edit docker run command

Docker run-p 9000 mnt/data:/data 9000\-e MINIO_ACCESS_KEY=\-e MINIO_SECRET_KEY=\-v / mnt/data:/data\-v / mnt/config:/root/.minio\ minio/minio:RELEASE.2018-04-19T22-54-58Z\ server / data

When accessing the Minio object store, the Access Key and Secret Key required for verification can be customized based on the passed variable MINIO_ACCESS_KEY and variable MINIO_SECRET_KEY.

We have initialized the variable MINIO_ACCESS_KEY and variable MINIO_SECRET_KEY of the Minio application in Yunshi. You can obtain the corresponding values of variables in the application console-Application dependent information, which can be used to log in to the Minio application.

Distributed Minio

Using distributed Minio allows you to merge multiple drivers, even on different computers, into a single object storage server. Because drivers can be distributed on multiple nodes, distributed Minio can withstand multi-point failures and ensure the security of data.

These are all the contents of the article "how to build a privatized object Storage Service through Minio". Thank you for reading! I believe we all have a certain understanding, hope to share the content to help you, if you want to learn more knowledge, welcome to follow the industry information channel!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.