MinIO 分布式高可用部署
1. 概述
MinIO 是一个高性能、Kubernetes 原生的对象存储系统,兼容 Amazon S3 API。分布式部署模式下,MinIO 利用纠删码(Erasure Coding)技术将数据分片存储于多个节点、多块磁盘上,实现数据的高可用和自愈能力。即使丢失半数磁盘(N/2),数据仍可读取;写入需要至少 N/2+1 个磁盘在线。
2. 部署环境规划
2.1 硬件与节点要求
-
节点数量:至少 4 个节点(建议 4-16 节点,偶数个节点利于纠删码配置)。
-
磁盘数量:每个节点至少 2 块独立数据盘(生产环境建议 SSD/NVMe),所有节点的磁盘总数应为偶数(便于数据块与校验块对等分布)。
-
网络:节点间 10GbE 以上网络,低延迟。
-
操作系统:Linux(CentOS 7+/Ubuntu 18.04+),内核 4.x+。
2.2 软件版本
-
MinIO Server:RELEASE.2025-09-07T16-13-09Z(示例版本)
-
MinIO Client (
mc):最新版 -
Nginx:1.20+
-
Keepalived:2.0+(用于负载均衡器高可用)
2.3 网络与主机名规划
假设 4 个存储节点:
| 节点名 | IP 地址 | 数据盘挂载点 |
|---|---|---|
| ubuntu02 | 192.168.0.62 | /mnt/miniodata01, /mnt/miniodata02 |
| ubuntu03 | 192.168.0.63 | /mnt/miniodata01, /mnt/miniodata02 |
| ubuntu04 | 192.168.0.64 | /mnt/miniodata01, /mnt/miniodata02 |
| ubuntu05 | 192.168.0.65 | /mnt/miniodata01, /mnt/miniodata02 |
负载均衡器节点(2 台):
| 节点名 | IP 地址 | 角色 |
|---|---|---|
| ubuntu06 | 192.168.0.66 | Nginx + Keepalived (MASTER) |
| ubuntu07 | 192.168.0.67 | Nginx + Keepalived (BACKUP) |
VIP(虚拟 IP):192.168.0.60
3. 基础环境配置(所有存储节点执行)
3.1 设置主机名与 hosts 解析
# 每台分别设置主机名,例如 ubuntu02 hostnamectl set-hostname ubuntu02 # 编辑 /etc/hosts,添加所有存储节点和负载均衡器的映射 cat >> /etc/hosts <<EOF 192.168.0.62 ubuntu02 192.168.0.63 ubuntu03 192.168.0.64 ubuntu04 192.168.0.65 ubuntu05 192.168.0.66 ubuntu06 192.168.0.67 ubuntu07 EOF
3.2 时间同步(NTP)
# Ubuntu apt install -y chrony systemctl enable --now chronyd timedatectl status # CentOS yum install -y chrony systemctl enable --now chronyd chronyc sources -v
3.3 磁盘准备
若使用 LVM 管理磁盘:
pvcreate /dev/sdb vgextend ubuntu-vg /dev/sdb lvcreate -n miniodata1 -L 5G ubuntu-vg lvcreate -n miniodata2 -L 5G ubuntu-vg mkfs.ext4 /dev/ubuntu-vg/miniodata1 mkfs.ext4 /dev/ubuntu-vg/miniodata2 mkdir /mnt/miniodata01 /mnt/miniodata02
vi /etc/fstab /dev/ubuntu-vg/miniodata1 /mnt/miniodata01 ext4 defaults 0 1 /dev/ubuntu-vg/miniodata2 /mnt/miniodata02 ext4 defaults 0 1 systemctl daemon-reload mount -a
4. MinIO 软件安装与配置(所有存储节点执行)
4.1 下载 MinIO 二进制
wget https://dl.min.io/server/minio/release/linux-amd64/minio chmod +x minio mv minio /usr/local/bin/
4.2 创建专用用户
groupadd -r minio-user useradd -M -r -g minio-user -s /sbin/nologin minio-user
4.3 创建数据目录并授权
chown -R minio-user:minio-user /mnt/miniodata01 /mnt/miniodata02
4.4 配置环境变量文件 /etc/default/minio
cat > /etc/default/minio <<EOF MINIO_ROOT_USER=admin MINIO_ROOT_PASSWORD=you_passwd MINIO_VOLUMES="http://ubuntu02/mnt/miniodata01 http://ubuntu02/mnt/miniodata02 http://ubuntu03/mnt/miniodata01 http://ubuntu03/mnt/miniodata02 http://ubuntu04/mnt/miniodata01 http://ubuntu04/mnt/miniodata02 http://ubuntu05/mnt/miniodata01 http://ubuntu05/mnt/miniodata02" MINIO_OPTS="--address :9000 --console-address :9001" EOF
注意:
MINIO_VOLUMES中的主机名必须与/etc/hosts解析一致,所有节点配置需完全相同。也可以将主机名换成IP
4.5 创建 systemd 服务文件 /etc/systemd/system/minio.service
[Unit]
Description=MinIO
Documentation=https://docs.min.io
Wants=network-online.target
After=network-online.target
AssertFileIsExecutable=/usr/local/bin/minio
[Service]
WorkingDirectory=/usr/local
User=minio-user
Group=minio-user
ProtectProc=invisible
EnvironmentFile=/etc/default/minio
ExecStartPre=/bin/bash -c 'if [ -z "${MINIO_VOLUMES}" ]; then echo "ERROR: MINIO_VOLUMES is not set" >&2; exit 1; fi'
ExecStart=/usr/local/bin/minio server $MINIO_VOLUMES $MINIO_OPTS
Restart=always
RestartSec=5
LimitNOFILE=65536
LimitNPROC=65536
TimeoutStopSec=infinity
SendSIGKILL=no
[Install]
WantedBy=multi-user.target
4.6 启动 MinIO 服务
systemctl daemon-reload systemctl enable minio --now systemctl status minio journalctl -u minio -f
5. 验证集群状态
5.1 使用 mc 客户端
在任意节点安装 mc:
wget https://dl.min.io/client/mc/release/linux-amd64/mc chmod +x mc mv mc /usr/local/bin/ # 配置别名,如在ubuntu02操作 mc alias set myminio http://ubuntu02:9000 admin feiTTYDV6YY # 查看集群信息 mc admin info myminio
5.2 Web 控制台访问
浏览器打开任一节点 http://<node-ip>:9001,使用 admin/you_passwd登录。
6. 与 Kubernetes 集成(外部服务接入)
若 Kubernetes 集群需要使用外部 MinIO,通过 Service + Endpoints 方式接入。
6.1 创建 YAML 文件 external-minio.yaml
apiVersion: v1
kind: Service
metadata:
name: external-minio
namespace: default
spec:
ports:
- protocol: TCP
port: 9000
targetPort: 9000
---
apiVersion: v1
kind: Endpoints
metadata:
name: external-minio
namespace: default
subsets:
- addresses:
- ip: 192.168.0.62
- ip: 192.168.0.63
- ip: 192.168.0.64
- ip: 192.168.0.65
ports:
- port: 9000
---
apiVersion: v1
kind: Secret
metadata:
name: minio-secret
type: Opaque
data:
access-key: YWRtaW4= # base64 of 'admin'
secret-key: ZmApVFGZRFY2WVc= # base64 of 'you_passwd'
6.2 应用配置
kubectl apply -f external-minio.yaml
K8s 内部应用可通过 external-minio.default.svc.cluster.local:9000 访问 MinIO。
7. 配置 Nginx 负载均衡与高可用
7.1 Nginx 安装(两台负载均衡器)
# Ubuntu apt install -y nginx # CentOS yum install -y nginx
7.2 Nginx 配置
创建 /etc/nginx/conf.d/minio-proxy.conf,内容如下:
upstream minio_api {
least_conn;
server ubuntu02:9000 max_fails=3 fail_timeout=30s;
server ubuntu03:9000 max_fails=3 fail_timeout=30s;
server ubuntu04:9000 max_fails=3 fail_timeout=30s;
server ubuntu05:9000 max_fails=3 fail_timeout=30s;
}
upstream minio_console {
ip_hash;
server ubuntu02:9001 max_fails=3 fail_timeout=30s;
server ubuntu03:9001 max_fails=3 fail_timeout=30s;
server ubuntu04:9001 max_fails=3 fail_timeout=30s;
server ubuntu05:9001 max_fails=3 fail_timeout=30s;
}
server {
listen 9000;
server_name _;
client_max_body_size 0;
proxy_buffering off;
proxy_request_buffering off;
location / {
proxy_pass http://minio_api;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_connect_timeout 300;
proxy_send_timeout 300;
proxy_read_timeout 300;
}
}
server {
listen 9001;
server_name _;
client_max_body_size 0;
proxy_buffering off;
proxy_request_buffering off;
location / {
proxy_pass http://minio_console;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_connect_timeout 300;
proxy_send_timeout 300;
proxy_read_timeout 300;
}
}
7.3 检查并重载 Nginx
nginx -t systemctl reload nginx # 或 systemctl restart nginx
7.4 Keepalived 安装与配置(实现 VIP 高可用)
两台负载均衡器安装 keepalived:
# Ubuntu apt install -y keepalived # CentOS yum install -y keepalived
主节点(ubuntu06)配置 /etc/keepalived/keepalived.conf
vrrp_instance VI_1 {
state MASTER
interface eth0 # 根据实际网卡修改
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1234
}
virtual_ipaddress {
192.168.0.60/24 dev eth0
}
}
备节点(ubuntu07)配置
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1234
}
virtual_ipaddress {
192.168.0.60/24 dev eth0
}
}
启动 keepalived:
systemctl enable keepalived --now
验证 VIP 是否已绑定:
ip addr show eth0
7.5 最终访问入口
S3 API:http://192.168.0.60:9000 Web 控制台:http://192.168.0.60:9001
8. 日常管理与监控
8.1 常用 mc 命令
# 查看集群信息 mc admin info myminio # 创建 bucket mc mb myminio/mybucket # 设置 bucket 公开读 mc anonymous set download myminio/mybucket # 列出所有 bucket mc ls myminio # 上传文件 mc cp localfile myminio/mybucket/ # 生成临时下载链接(有效期7天) mc share download myminio/mybucket/object # 添加用户 mc admin user add myminio newuser newpassword # 为用户添加读写策略 mc admin policy attach myminio readwrite --user=newuser
8.2 日志查看
journalctl -u minio -f
8.4 定期健康检查
建议编写脚本定时执行 mc admin info,发现离线节点及时告警。
浙公网安备 33010602011771号