Skip to content

minio_feature

Jump to bottom
Aletibazo edited this page Oct 22, 2024 · 6 revisions

Features and usage

This appliance comes with a preinstalled MinIO service, including the following features:

  • Based on MinIO release on Ubuntu 22.04 LTS
  • TLS configuration with self generated certificates. Enabled by default
  • Single-Drive and Multi-Drive deployment
  • Multi-Node deployment, optional as a OneFlow service template.

Contextualization

The contextualization parameters (Context Section) in the VM template controls the configuration of the service, see the table below:

Parameter Default Description
ONEAPP_MINIO_ROOT_USER myminioadmin MinIO server root account.
ONEAPP_MINIO_ROOT_PASSWORD minio-secret-key-change-me MinIO server root account password.
ONEAPP_MINIO_OPTS --console-address :9001 MinIO server additional commandline options. If --console-addresss is omitted, MinIO will generate a dynamic port at server startup. The MinIO server outputs the port to the system log.
ONEAPP_MINIO_HOSTNAME localhost,minio-*.example.net Hostname for auto-generated certificates if no certificate or key are provided
ONEAPP_MINIO_TLS_ENABLED YES Enable TLS configuration
ONEAPP_MINIO_TLS_CERT TLS Certificate. If ONEAPP_MINIO_TLS_CERT or ONEAPP_MINIO_TLS_KEY is empty, the certificates will be autogenerated with MinIO certgen.
ONEAPP_MINIO_TLS_KEY TLS Key. If ONEAPP_MINIO_TLS_CERT or ONEAPP_MINIO_TLS_KEY is empty, the certificates will be autogenerated with MinIO certgen.
ONEAPP_MINIO_MULTI NO MinIO Multi-Node configuration. To be used with the OneFlow service template, see MinIO Multi-Node

Note

Do not add the option --certs-dir on the ONEAPP_MINIO_OPTS, since it is hardcoded in the scripts. The configuration scripts will append the configuration --certs-dir /opt/minio/certs to the ONEAPP_MINIO_OPTS parameter, so on the MinIO configuration file (/etc/default/minio) the MINIO_OPTS environment variable will look like this: MINIO_OPTS="${ONEAPP_MINIO_OPTS} --certs-dir /opt/minio/certs".

TLS Configuration

When the parameter ONEAPP_MINIO_TLS_ENABLED="YES" is set, the appliance will configure the MinIO deployment to use TLS by appending --certs-dir /opt/minio/certs to the MINIO_OPTS in the configuration file /etc/default/minio.

The appliance will create the folder /opt/minio/certs and two files in that location: public.crt with the contents of ONEAPP_MINIO_TLS_CERT and private.key with the contents of ONEAPP_MINIO_TLS_KEY. If either of those variables is empty, the scripts will autogenerate new certificates using the MinIO certgen tool.

Note

On recontextualization the scripts will skip the certificate creation if public.crt or private.key are present in /opt/minio/certs. In order to update the certificates it would be necessary to first manually delete the existing ones and then recontext the VM.

Storage volumes

The contextualization scripts will detect how many additional disks are attached to the VM on instantiation and create a partition on each of those disks, formatting it with XFS.

Important

Do NOT attach additional disks to the VM once instantiated. The contextualization scripts is not prepared to handle disks reconfiguration. If you would like to resize the disks of the VM you have to do it manually under your own resposibility.

Note

There could be performance and / or availability constraints when deploying Multi-Drive instances, for instance if all virtual disks are created on the same phisical disk.

Persistent storage

It is possible to configure persistent images to preserve storage after MinIO instance is terminated. To achieve this it would be necessary to create a persistent image for each disk on the MinIO deployment and add them to the template.

For example, to configure a Single-Node Single-Drive deployment with persistent storage first create a persistent Datablock using the following CLI command:

$ oneimage create -d default --name MinIO-disk-1 --prefix vd --size 5G --type Datablock --persistent

Then update the template to use the persistent image:

    CONTEXT=[
        NETWORK="YES",
        ONEAPP_MINIO_HOSTNAME="$ONEAPP_MINIO_HOSTNAME",
        ONEAPP_MINIO_OPTS="$ONEAPP_MINIO_OPTS",
        ONEAPP_MINIO_ROOT_PASSWORD="$ONEAPP_MINIO_ROOT_PASSWORD",
        ONEAPP_MINIO_ROOT_USER="$ONEAPP_MINIO_ROOT_USER",
        ONEAPP_MINIO_TLS_ENABLED = "$ONEAPP_MINIO_TLS_ENABLED",
        ONEAPP_MINIO_TLS_CERT="$ONEAPP_MINIO_TLS_CERT",
        ONEAPP_MINIO_TLS_KEY="$ONEAPP_MINIO_TLS_KEY",
        SSH_PUBLIC_KEY="$USER[SSH_PUBLIC_KEY]" ]
    CPU="1"
    DISK=[
        DEV_PREFIX="vd",
        IMAGE="service-MinIO",
    IMAGE_UNAME="oneadmin" ]
    DISK=[
        IMAGE="MinIO-disk-1",
        IMAGE_UNAME="oneadmin" ]
    GRAPHICS=[
        LISTEN="0.0.0.0",
        TYPE="VNC" ]
    HOT_RESIZE=[
    CPU_HOT_ADD_ENABLED="NO",
    MEMORY_HOT_ADD_ENABLED="NO" ]
    HYPERVISOR="kvm"
    LOGO="images/logos/ubuntu.png"
    MEMORY="2048"
    MEMORY_UNIT_COST="MB"
    USER_INPUTS=[
        ONEAPP_MINIO_HOSTNAME="O|text|MinIO hostname for TLS certificate| |localhost,minio-*.example.net",
        ONEAPP_MINIO_OPTS="O|text|Additional commandline options for MinIO server| |--console-address :9001",
        ONEAPP_MINIO_ROOT_PASSWORD="O|password|MinIO root user password for MinIO server",
        ONEAPP_MINIO_ROOT_USER="O|text|MinIO root user for MinIO server| |myminioadmin",
        ONEAPP_MINIO_TLS_ENABLED = "M|boolean|Enable TLS configuration| |YES",
        ONEAPP_MINIO_TLS_CERT="O|text64|MinIO TLS certificate (.crt)| |",
        ONEAPP_MINIO_TLS_KEY="O|text64|MinIO TLS key (.key)| |" ]

To configure a Single-Node Multi-Drive instance with persistent storage, create a persistent image for each disk on the deployment and add them to the VM template. For example, a Single-Node Multi-Drive deployment using persistent disks could be like this:

    CONTEXT=[
        NETWORK="YES",
        ONEAPP_MINIO_HOSTNAME="$ONEAPP_MINIO_HOSTNAME",
        ONEAPP_MINIO_OPTS="$ONEAPP_MINIO_OPTS",
        ONEAPP_MINIO_ROOT_PASSWORD="$ONEAPP_MINIO_ROOT_PASSWORD",
        ONEAPP_MINIO_ROOT_USER="$ONEAPP_MINIO_ROOT_USER",
        ONEAPP_MINIO_TLS_ENABLED = "$ONEAPP_MINIO_TLS_ENABLED",
        ONEAPP_MINIO_TLS_CERT="$ONEAPP_MINIO_TLS_CERT",
        ONEAPP_MINIO_TLS_KEY="$ONEAPP_MINIO_TLS_KEY",
        SSH_PUBLIC_KEY="$USER[SSH_PUBLIC_KEY]" ]
    CPU="1"
    DISK=[
        DEV_PREFIX="vd",
        IMAGE="service-MinIO",
    IMAGE_UNAME="oneadmin" ]
    DISK=[
        IMAGE="MinIO-disk-1",
        IMAGE_UNAME="oneadmin" ]
    DISK=[
        IMAGE="MinIO-disk-2",
        IMAGE_UNAME="oneadmin" ]
    DISK=[
        IMAGE="MinIO-disk-3",
        IMAGE_UNAME="oneadmin" ]
    DISK=[
        IMAGE="MinIO-disk-4",
        IMAGE_UNAME="oneadmin" ]
    GRAPHICS=[
        LISTEN="0.0.0.0",
        TYPE="VNC" ]
    HOT_RESIZE=[
    CPU_HOT_ADD_ENABLED="NO",
    MEMORY_HOT_ADD_ENABLED="NO" ]
    HYPERVISOR="kvm"
    LOGO="images/logos/ubuntu.png"
    MEMORY="2048"
    MEMORY_UNIT_COST="MB"
    USER_INPUTS=[
        ONEAPP_MINIO_HOSTNAME="O|text|MinIO hostname for TLS certificate| |localhost,minio-*.example.net",
        ONEAPP_MINIO_OPTS="O|text|Additional commandline options for MinIO server| |--console-address :9001",
        ONEAPP_MINIO_ROOT_PASSWORD="O|password|MinIO root user password for MinIO server",
        ONEAPP_MINIO_ROOT_USER="O|text|MinIO root user for MinIO server| |myminioadmin",
        ONEAPP_MINIO_TLS_ENABLED = "M|boolean|Enable TLS configuration| |YES",
        ONEAPP_MINIO_TLS_CERT="O|text64|MinIO TLS certificate (.crt)| |",
        ONEAPP_MINIO_TLS_KEY="O|text64|MinIO TLS key (.key)| |" ]

Next: Multi-Node

Home

Clone this wiki locally