minio-1.搭建
关于原生运行还是容器运行的问题,豆包建议使用原生安装,理由是原生的更快、而且原生安装并不复杂(minio是单文件)。
由于采取集群方式,使用了双主机+nginx的方式,至于nginx如何做到高可靠,是另外的话题了。
一、集群部署minio:
1、下载minio执行文件及工具(可选):两台服务器上都要执行。
wget https://dl.min.io/server/minio/release/linux-arm64/minio -O /usr/local/bin/minio && chmod +x /usr/local/bin/minio wget https://dl.min.io/client/mc/release/linux-arm64/mc -O /usr/local/bin/mc && chmod a+x /usr/local/bin/mc
2、把minio配置为服务:新建/etc/systemd/system/minio.service,两台服务器上都操作
[Unit] Description=MinIO Object Storage Documentation=https://docs.min.io Wants=network-online.target After=network-online.target [Service] EnvironmentFile=/etc/minio/minio.env ExecStart=/usr/local/bin/minio server $MINIO_VOLUMES \ --console-address $MINIO_CONSOLE_ADDRESS \ Restart=always User=root Group=root LimitNOFILE=65536 TimeoutStopSec=300 [Install] WantedBy=multi-user.target
3、配置minio:新建/etc/minio/minio.env(两台服务器上都操作)。主节点为node1(192.168.68.29),从节点为node2(192.168.68.30)。需配置两台服务器的hosts文件。存储目录两台服务器都制定为/data/minio/storage。此时可以启动minio了。
MINIO_ROOT_USER=admin MINIO_ROOT_PASSWORD=admin_password MINIO_VOLUMES="http://node1:9000/data/minio/storage http://node2:9000/data/minio/storage" MINIO_SERVER_URL=http://192.168.68.29:9000 MINIO_CONSOLE_ADDRESS=:9001 MINIO_LOG_LEVEL=info MINIO_LOG_DIR=/var/log/minio
4、配置nginx:使用openresty容器方式部署,配置文件nginx.conf如下:
#user app; worker_processes auto; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; server_tokens off; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; sendfile on; keepalive_timeout 65; # MinIO API 集群(双节点负载均衡) upstream minio_servers { server 192.168.68.29:9000; server 192.168.68.30:9000; #会话保持,避免跨节点操作异常 ip_hash; } # MinIO 控制台 upstream minio_console { server 192.168.68.30:9001; } # MinIO API 代理 server { listen 8000; server_name 192.168.68.29; # 支持大文件上传(核心) client_max_body_size 0; proxy_buffering off; proxy_request_buffering off; location / { proxy_pass http://minio_servers; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Host $http_host; proxy_set_header X-Forwarded-Port $server_port; # 超时配置(适配大文件) proxy_connect_timeout 300s; proxy_send_timeout 300s; proxy_read_timeout 300s; } } # MinIO 控制台代理 server { listen 8001; server_name 192.168.68.29; location / { proxy_pass http://minio_console; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Host $http_host; proxy_set_header X-Forwarded-Port $server_port; # 新增:超时配置,避免控制台操作超时 proxy_connect_timeout 300s; proxy_send_timeout 300s; proxy_read_timeout 300s; # WebSocket 支持(控制台实时监控必备) proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } } }
5、配置用户:
- 为每种权限新建一个.json文件,配置相关信息
#rw-aimodels.json,对aimodels目录有读写权限的用户 { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "s3:ListBucket", "s3:GetObject", "s3:PutObject", "s3:DeleteObject" ], "Resource": [ "arn:aws:s3:::aimodels", "arn:aws:s3:::aimodels/*" ] } ] } #ro-aimodels.json,对aimodels目录仅有读权限的用户 { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "s3:ListBucket", "s3:GetObject" ], "Resource": [ "arn:aws:s3:::aimodels", "arn:aws:s3:::aimodels/*" ] } ] }
- 新建用户
# 新建只读用户 mc admin user add myminio ro-aimodels 'ro-password' # 新建读写用户 mc admin user add myminio rw-aimodels 'rw-password' - 新建策略
# 新建只读策略 mc admin policy add myminio ro-aimodels /etc/minio/ro-aimodels.json # 新建读写策略 mc admin policy create myminio rw-aimodels /etc/minio/rw-aimodels.json - 为用户配置策略
# 指定ro-aimodels为只读 mc admin policy attach myminio ro-aimodels --user ro-aimodels # 指定rw-aimodels为读写 mc admin policy attach myminio rw-aimodels --user rw-aimodels
6、新建bucket:通过控制台,使用admin登录:http://192.168.68.29:9001
二、验证:
1、设置用户:mc alias set myminio http://node1:9000 admin 'adminpassword'
2、复制文件:mc cp /tmp/test-aimodels.txt myminio/aimodels/
3、复制目录:mc cp --recursive /sourcedir/* myminio/aimodels/sourcedir/
4、列目录:mc ls myminio/aimodels/
ps: 上传和下载命令一样。
mc alias set myminio http://node1:9000 zzkf_admin 'peJ!FY$78yGz5Rtg'
浙公网安备 33010602011771号