Last updated: 5/10/2024
MiniIO is a S3 High performance Object Storage server released under GNU. It is capable of replication and load balancing to provide a high degree of performance and reliability.
In this section we will discuss 3 things.
The Minio S3 Server.
The Minio S3 Client
The AWS Client
CLIENTS:
Cyberduck – A long standing file exchange client.
Filezilla Pro – As of 2021 there may very well be a problem with Filezilla Pro. It appears to be focused on connecting to AWS Regions. I do not know if this problem persists.
HOW to use SSL
There are a number of ways to create a SSL. In this instance we are going to explore the use of a utility called certgen which is provided for from a minio GIT repository. We could have just as easily have used OpenSSL. We could have used or created a certificate using “Let’s Encrypt” or using Python and the Cryptography module.
BUILDING CERTGEN:
git clone https://github.com/minio/certgen.git
Now GO is not my language of choice. I have only used it to explore the language. So it might be the case that you will need to install parts of the GO development library in order to create a workable version of “certgen”. I will take a slight pause at the fact that the MinIO binary was provided for us.
To install “go” in ubuntu you can do the following:
snap install go --classic
So it should be installed. We can see what version we are using by inquiring about the version/release.
root@node:/home/user/certgen# go version
go version go1.16.7 linux/amd64
Now it’s time to build it.
export GOPATH=/home/user/certgen
go build certgen.go
Now that we have built the command we can use it to create a self signed cert with an IP Address.
root@node:/home/user/certgen# ./certgen --host 192.168.150.110
2021/09/26 14:10:47 wrote public.crt
2021/09/26 14:10:47 wrote private.key
The cert will be of the form:
Version V3
Signature hash algorithm: SHA256
Public Key: RSA (2048 Bits)
Subject: Acme Co
Subject Alternative Name: IP Address = 192.168.150.110
Basic Contstraings:
Subject Type=End Entity
Path Length Contraint=None
Now we can copy these over more useful location:
I choose /root/minio/certs because this is listed as the default directory.
cp private.key /root/.minio/certs
cp public.crt /root/.minio/certs
NOTE: If Minio learns it can use uses certs it will launch the portal to use HTTPS instead of HTTPS.
Now we can:
./minio server /mnt/storage
This assumes that in the /mnt directory you have create a folder named storage
Perhaps you have mounted another disk or storage system to this.
MINIO CLIENT – MC:
We might want to use the Minio CLI. To get this we simply
$ wget https://dl.minio.io/client/mc/release/linux-amd64/mc
<no discussion of the mc client is listed here.>
AWS CLI:
Alternatively we might can use the AWS CLI.
C:\Users\User>aws --endpoint-url https://192.168.150.110:9000 s3 ls test
2021-09-26 08:37:09 13073 Untitled.png
2021-09-26 09:26:09 3 test.txt
In this cheesy example we will pretended that I created an access_key and secret_key of ec2-user.
aws configure set access_key ec2-user
aws configure set secret_key ec2-user
To list the AWS configuration information:
C:\Users\User.aws>aws configure list
Name Value Type Location
---- ----- ---- --------
profile None None
access_key user shared-credentials-file
secret_key user shared-credentials-file
region None None
If you want to use SSL and not have to specify the –no-verify-ssl option, then you need to set the AWS_CA_BUNDLE environment variable. I will come back and visit this as I was not able to snap my fingers and get this to work.
aws --no-verify-ssl --endpoint-url https://192.168.150.110:9000 s3 ls
aws --no-verify-ssl --endpoint-url https://192.168.150.110:9000 s3 ls s3://test
Let’s Build a Service File:
It may be the case that you will want to install this as a service. For a linux based system the easiest way to do this might be to simply create an entry for the service.
cat <<EOF | sudo tee /etc/systemd/system/minio.service
[Unit]
Description=minio
[Service]
WorkingDirectory=/Home/user
ExecStart=/home/user/minio server /mnt storage
[install]
WantedBy=multi-user.target
EOF
Time to reload the daemon; start the service and then inquire as to its status.
sudo systemctl daemon-reload
sudo systemctl start minio.service
sudo service minio status
URLS:
https://linuxhint.com/installing_minio_ubuntu/