Minio多节点多驱动官网文档翻译

原文链接：

Deploy MinIO: Multi-Node Multi-Drive — MinIO Object Storage for Linux

The procedures on this page cover deploying MinIO in a Multi-Node Multi-Drive (MNMD) or “Distributed” configuration. MNMD deployments provide enterprise-grade performance, availability, and scalability and are the recommended topology for all production workloads.

MNMD deployments support erasure coding configurations which tolerate the loss of up to half the nodes or drives in the deployment while continuing to serve read operations. Use the MinIO Erasure Code Calculator when planning and designing your MinIO deployment to explore the effect of erasure code settings on your intended topology.

本页中的步骤介绍了在多节点多驱动器（MNMD）或“分布式”配置中部署MinIO。MNMD部署提供了企业级的性能、可用性和可扩展性，是所有生产工作负载的推荐拓扑。

MNMD部署支持擦除编码配置，该配置允许部署中多达一半的节点或驱动器丢失，同时继续为读取操作提供服务。在规划和设计MinIO部署时，请使用MinIO擦除代码计算器来探索擦除代码设置对预期拓扑的影响。

1.Prerequisites 环境准备

Networking and Firewalls

Each node should have full bidirectional network access to every other node in the deployment. For containerized or orchestrated infrastructures, this may require specific configuration of networking and routing components such as ingress or load balancers. Certain operating systems may also require setting firewall rules. For example, the following command explicitly opens the default MinIO server API port 9000 for servers running firewalld : :

先决条件

网络和防火墙

每个节点都应该具有对部署中其他每个节点的完全双向网络访问权限。对于容器化或编排的基础设施，这可能需要网络和路由组件的特定配置，如入口或负载平衡器。某些操作系统可能还需要设置防火墙规则。例如，以下命令为运行firewalld的服务器显式打开默认的MinIO服务器API端口9000：

firewall-cmd --permanent --zone=public --add-port=9000/tcp
firewall-cmd --reload

All MinIO servers in the deployment must use the same listen port.

If you set a static MinIO Console port (e.g. :9001) you must also grant access to that port to ensure connectivity from external clients.

MinIO strongly recomends using a load balancer to manage connectivity to the cluster. The Load Balancer should use a “Least Connections” algorithm for routing requests to the MinIO deployment, since any MinIO node in the deployment can receive, route, or process client requests.

The following load balancers are known to work well with MinIO:

NGINX
HAProxy

Configuring firewalls or load balancers to support MinIO is out of scope for this procedure. The Configure NGINX Proxy for MinIO Server reference provides a baseline configuration for using NGINX as a reverse proxy with basic load balancing configured.

部署中的所有MinIO服务器都必须使用相同的侦听端口。

如果设置了静态MinIO控制台端口（例如：9001），则还必须授予对该端口的访问权限，以确保与外部客户端的连接。

MinIO强烈建议使用负载均衡器来管理到集群的连接。负载均衡器应使用“最少连接”算法将请求路由到MinIO部署，因为部署中的任何MinIO节点都可以接收、路由或处理客户端请求。

众所周知，以下负载均衡器可以与MinIO配合使用：

NGINX

HAProxy

配置防火墙或负载平衡器以支持MinIO超出了此教程的范围。“为MinIO Server配置NGINX代理”参考提供了使用NGINX作为反向代理的基线配置，并配置了基本负载平衡。

NGINX配置官网翻译：CSDN

2.Sequential Hostnames 顺序主机名

MinIO requires using expansion notation {x...y} to denote a sequential series of MinIO hosts when creating a server pool. MinIO supports using either a sequential series of hostnames or IP addresses to represent each minio server process in the deployment.

This procedure assumes use of sequential hostnames due to the lower overhead of management, especially in larger distributed clusters.

Create the necessary DNS hostname mappings prior to starting this procedure. For example, the following hostnames would support a 4-node distributed deployment:

创建服务器池时，MinIO需要使用扩展符号｛x…y｝来表示一系列连续的MinIO主机。MinIO支持使用一系列主机名或IP地址来表示部署中的每个MinIO服务器进程。

由于管理开销较低，特别是在较大的分布式集群中，此过程假定使用顺序主机名。

在开始此过程之前，请创建必要的DNS主机名映射。例如，以下主机名将支持4节点分布式部署：

minio-01.example.com
minio-02.example.com
minio-03.example.com
minio-04.example.com

You can specify the entire range of hostnames using the expansion notation minio-0{1...4}.example.com.

您可以使用扩展表示法minio-0｛1…4｝.example.com指定整个主机名范围。

3.non-sequential hostnames or IP addresses 非顺序主机名或IP地址

MinIO does not support non-sequential hostnames or IP addresses for distributed deployments. You can instead use /etc/hosts on each node to set a simple DNS scheme that supports expansion notation. For example:

# /etc/hosts198.0.2.10    minio-01.example.net
198.51.100.3  minio-02.example.net
198.0.2.43    minio-03.example.net
198.51.100.12 minio-04.example.net

MinIO不支持分布式部署的非顺序主机名或IP地址。相反，您可以在每个节点上使用/etc/hosts来设置一个支持扩展符号的简单DNS方案。例如：

4.Local JBOD Storage with Sequential Mounts 具有顺序安装的本地JBOD存储

MinIO strongly recommends direct-attached JBOD arrays with XFS-formatted disks for best performance.

Direct-Attached Storage (DAS) has significant performance and consistency advantages over networked storage (NAS, SAN, NFS).

Deployments using non-XFS filesystems (ext4, btrfs, zfs) tend to have lower performance while exhibiting unexpected or undesired behavior.

RAID or similar technologies do not provide additional resilience or availability benefits when used with distributed MinIO deployments, and typically reduce system performance.

Ensure all nodes in the deployment use the same type (NVMe, SSD, or HDD) of drive with identical capacity (e.g. N TB) . MinIO does not distinguish drive types and does not benefit from mixed storage types. Additionally. MinIO limits the size used per drive to the smallest drive in the deployment. For example, if the deployment has 15 10TB drives and 1 1TB drive, MinIO limits the per-drive capacity to 1TB.

MinIO requires using expansion notation {x...y} to denote a sequential series of drives when creating the new deployment, where all nodes in the deployment have an identical set of mounted drives. MinIO also requires that the ordering of physical drives remain constant across restarts, such that a given mount point always points to the same formatted drive. MinIO therefore strongly recommends using /etc/fstab or a similar file-based mount configuration to ensure that drive ordering cannot change after a reboot. For example:

MinIO强烈建议使用XFS格式磁盘的直连JBOD阵列以获得最佳性能。

与网络存储（NAS、SAN、NFS）相比，直连存储（DAS）具有显著的性能和一致性优势。

使用非XFS文件系统（ext4、btrfs、zfs）的部署往往具有较低的性能，同时表现出意外或不期望的行为。

当与分布式MinIO部署一起使用时，RAID或类似技术不能提供额外的弹性或可用性优势，并且通常会降低系统性能。

确保部署中的所有节点使用相同类型（NVMe、SSD或HDD）、具有相同容量（例如N TB）的驱动器。MinIO不区分驱动器类型，也不会从混合存储类型中获益。此外。MinIO将每个驱动器使用的大小限制为部署中的最小驱动器。例如，如果部署有15个10TB驱动器和1个1TB驱动器，则MinIO将每个驱动器的容量限制为1TB。（ps：木桶的短板效应）

MinIO要求在创建新部署时使用扩展符号｛x…y｝来表示一系列连续的驱动器，其中部署中的所有节点都有一组相同的已安装驱动器。MinIO还要求物理驱动器的顺序在重新启动时保持不变，以便给定的装载点始终指向同一个格式化的驱动器。因此，MinIO强烈建议使用/etc/fstab或类似的基于文件的装载配置，以确保驱动器顺序在重新启动后不会更改。例如：

$ mkfs.xfs /dev/sdb -L DISK1
$ mkfs.xfs /dev/sdc -L DISK2
$ mkfs.xfs /dev/sdd -L DISK3
$ mkfs.xfs /dev/sde -L DISK4$ nano /etc/fstab# <file system>  <mount point>  <type>  <options>         <dump>  <pass>LABEL=DISK1      /mnt/disk1     xfs     defaults,noatime  0       2LABEL=DISK2      /mnt/disk2     xfs     defaults,noatime  0       2LABEL=DISK3      /mnt/disk3     xfs     defaults,noatime  0       2LABEL=DISK4      /mnt/disk4     xfs     defaults,noatime  0       2

什么是JBOD： JBOD技术详解 – 成都千喜数据恢复中心简言之将多个磁盘虚拟为一个磁盘。

You can then specify the entire range of drives using the expansion notation /mnt/disk{1...4}. If you want to use a specific subfolder on each drive, specify it as /mnt/disk{1...4}/minio.

MinIO does not support arbitrary migration of a drive with existing MinIO data to a new mount position, whether intentional or as the result of OS-level behavior.

然后，您可以使用扩展符号/mnt/disk｛1…4｝指定整个驱动器范围。如果要在每个驱动器上使用特定的子文件夹，请将其指定为/mnt/disk{1…4}/minio。

MinIO不支持将具有现有MinIO数据的驱动器任意迁移到新的装载位置，无论是有意的还是操作系统级行为的结果。

Note

Cloud environment instances which depend on mounted external storage may encounter boot failure if one or more of the remote file mounts return errors or failure. For example, an AWS ECS instances with mounted persistent EBS volumes may fail to boot with the standard /etc/fstab configuration if one or more EBS volumes fail to mount.

You can set the nofail option to silence error reporting at boot and allow the instance to boot with one or more mount issues.

You should not use this option on systems which have locally attached disks, as silencing drive errors prevents both MinIO and the OS from responding to those errors in a normal fashion.

注意：

如果一个或多个远程文件装载返回错误或失败，那么依赖于装载的外部存储的云环境实例可能会遇到引导失败。例如，如果一个或多个EBS卷无法装载，则具有已装载的持久EBS卷的AWS ECS实例可能无法使用标准/etc/fstab配置进行引导。

您可以将nofail选项设置为在启动时使错误报告静默，并允许实例在启动时出现一个或多个装载问题。

您不应该在具有本地连接磁盘的系统上使用此选项，因为静默驱动器错误会阻止MinIO和操作系统以正常方式对这些错误做出响应。

Network File System Volumes Break Consistency Guarantees

MinIO’s strict read-after-write and list-after-write consistency model requires local drive filesystems.

MinIO cannot provide consistency guarantees if the underlying storage volumes are NFS or a similar network-attached storage volume.

For deployments that require using network-attached storage, use NFSv4 for best results.

网络文件系统卷破坏一致性保证

MinIO严格的写后读取和写后列表一致性模型需要本地驱动器文件系统。

如果底层存储卷是NFS或类似的网络连接存储卷，则MinIO无法提供一致性保证。

对于需要使用网络连接存储的部署，请使用NFSv4以获得最佳效果。

5.Time Synchronization

Multi-node systems must maintain synchronized time and date to maintain stable internode operations and interactions. Make sure all nodes sync to the same time server regularly. Operating systems vary for methods used to synchronize time and date, such as with ntp, timedatectl, or timesyncd.

Check the documentation for your operating system for how to set up and maintain accurate and identical system clock times across nodes

多节点系统必须保持同步的时间和日期，以保持稳定的节点间操作和交互。确保所有节点定期同步到同一时间服务器。操作系统用于同步时间和日期的方法各不相同，例如使用ntp、timedatectl或timesyncd。

查看操作系统的文档，了解如何在节点之间设置和维护准确、相同的系统时钟时间。

ntp：服务器列表 - 全球可用的NTP服务器列表与解析服务 - ntp.org.cn & ntpdate.net

6.Considerations 最佳实践

6.1 Homogeneous Node Configurations 同质节点配置

MinIO strongly recommends selecting substantially similar hardware configurations for all nodes in the deployment. Ensure the hardware (CPU, memory, motherboard, storage adapters) and software (operating system, kernel settings, system services) is consistent across all nodes.

Deployment may exhibit unpredictable performance if nodes have heterogeneous hardware or software configurations. Workloads that benefit from storing aged data on lower-cost hardware should instead deploy a dedicated “warm” or “cold” MinIO deployment and transition data to that tier.

MinIO强烈建议为部署中的所有节点选择基本相似的硬件配置。确保硬件（CPU、内存、主板、存储适配器）和软件（操作系统、内核设置、系统服务）在所有节点上保持一致。

如果节点具有异构硬件或软件配置，则部署可能表现出不可预测的性能。受益于在低成本硬件上存储老化数据的工作负载应该部署专用的“热”或“冷”MinIO部署(热备冷备)，并将数据转换到该层。

6.2 Erasure Coding Parity 擦除编码奇偶校验

MinIO erasure coding is a data redundancy and availability feature that allows MinIO deployments to automatically reconstruct objects on-the-fly despite the loss of multiple drives or nodes in the cluster. Erasure Coding provides object-level healing with less overhead than adjacent technologies such as RAID or replication. Distributed deployments implicitly enable and rely on erasure coding for core functionality.

Erasure Coding splits objects into data and parity blocks, where parity blocks support reconstruction of missing or corrupted data blocks. The number of parity blocks in a deployment controls the deployment’s relative data redundancy. Higher levels of parity allow for higher tolerance of drive loss at the cost of total available storage.

MinIO defaults to EC:4 , or 4 parity blocks per erasure set. You can set a custom parity level by setting the appropriate MinIO Storage Class environment variable. Consider using the MinIO Erasure Code Calculator for guidance in selecting the appropriate erasure code parity level for your cluster.

MinIO纠删码是一种数据冗余和可用性功能，允许MinIO部署在集群中丢失多个驱动器或节点的情况下自动动态重建对象。与RAID或复制等相邻技术相比，擦除编码以更少的开销提供对象级修复。分布式部署隐含地支持并依赖纠删码实现核心功能。

纠删码将对象划分为数据块和奇偶校验块，其中奇偶校验块支持重建丢失或损坏的数据块。部署中奇偶校验块的数量控制着部署的相对数据冗余。更高级别的奇偶校验允许以总可用存储为代价对驱动器丢失进行更高的容忍。

MinIO默认为EC:4，或每个纠删码4个奇偶校验块。您可以通过设置适当的MinIO存储类环境变量来设置自定义奇偶校验级别。考虑使用MinIO纠删码计算器来指导您为集群选择适当的纠删码奇偶校验级别。

6.3 Capacity-Based Planning 基于容量的规划

MinIO generally recommends planning capacity such that server pool expansion is only required after 2+ years of deployment uptime.

For example, consider an application suite that is estimated to produce 10TB of data per year. The MinIO deployment should provide at minimum:

10TB + 10TB + 10TB = 30TB

MinIO recommends adding buffer storage to account for potential growth in stored data (e.g. 40TB of total usable storage). As a rule-of-thumb, more capacity initially is preferred over frequent just-in-time expansion to meet capacity requirements.

Since MinIO erasure coding requires some storage for parity, the total raw storage must exceed the planned usable capacity. Consider using the MinIO Erasure Code Calculator for guidance in planning capacity around specific erasure code settings.

MinIO通常建议规划容量，以便在部署正常运行2年以上后才需要扩展服务器池。

例如，假设一个应用程序套件估计每年产生10TB的数据。MinIO部署应至少提供：

10TB+10TB+10TB=30TB

MinIO建议添加缓冲存储，以考虑存储数据的潜在增长（例如，总可用存储容量为40TB）。根据经验，为了满足容量需求，最初更倾向于增加容量，而不是频繁的即时扩展。

由于MinIO纠删码需要一些奇偶校验存储空间，因此总的原始存储空间必须超过计划的可用容量。考虑使用MinIO纠删码计算器来指导特定纠删码设置的规划能力。基于容量的规划

MinIO纠删码计算器：MinIO | Erasure Code Calculator

6.4 Recommended Operating Systems 推荐的操作系统

This tutorial assumes all hosts running MinIO use a recommended Linux operating system such as RHEL8+ or Ubuntu 18.04+.

本教程假设所有运行MinIO的主机都使用推荐的Linux操作系统，如RHEL8+或Ubuntu 18.04+。

6.5 Pre-Existing Data. 数据迁移

When starting a new MinIO server in a distributed environment, the storage devices must not have existing data.

Once you start the MinIO server, all interactions with the data must be done through the S3 API. Use the MinIO Client, the MinIO Console, or one of the MinIO Software Development Kits to work with the buckets and objects.

在分布式环境中启动新的MinIO服务器时，存储设备不得具有现有数据，需要格式化后的盘。

一旦启动了MinIO服务器，所有与数据的交互都必须通过S3 API完成。使用MinIO客户端、MinIO控制台或其中一个MinIO软件开发工具包来处理存储桶和对象。

Warning

Modifying files on the backend drives can result in data corruption or data loss.

手动修改后端驱动器上的文件可能会导致数据损坏或数据丢失。

7.Deploy Distributed MinIO 部署分布式MinIO

The following procedure creates a new distributed MinIO deployment consisting of a single Server Pool.

All commands provided below use example values. Replace these values with those appropriate for your deployment.

Review the Prerequisites before starting this procedure.

以下过程创建由单个服务器池组成的新分布式MinIO部署。

下面提供的所有命令都使用示例值。将这些值替换为适合您的部署的值。

在开始此过程之前，请查看第一节->环境准备

7.1 Install the MinIO Binary on Each Node 在每个节点上安装MinIO二进制文件

The following tabs provide examples of installing MinIO onto 64-bit Linux operating systems using RPM, DEB, or binary. The RPM and DEB packages automatically install MinIO to the necessary system paths and create a minio service for systemctl. MinIO strongly recommends using the RPM or DEB installation routes. To update deployments managed using systemctl, see Update systemctl-Managed MinIO Deployments.

以下选项卡提供了使用RPM、DEB或二进制在64位Linux操作系统上安装MinIO的示例。RPM和DEB包自动将MinIO安装到必要的系统路径，并为systemctl创建一个MinIO服务。MinIO强烈建议使用RPM或DEB安装路线。要使用systemctl来管理和部署，请参阅更新systemctl托管的MinIO部署:

官网原文：

Upgrade a MinIO Deployment — MinIO Object Storage for Linux。

中文翻译：

7.1.1 amd64 (Intel or AMD 64-bit processors)

Use one of the following options to download the MinIO server installation file for a machine running Linux on an Intel or AMD 64-bit processor.

使用以下选项之一，为在英特尔或AMD 64位处理器上运行Linux的计算机下载MinIO服务器安装文件。

RPM(RHEL):

使用以下命令下载并安装最新稳定的MinIO RPM。

wget https://dl.min.io/server/minio/release/linux-amd64/archive/minio-20231025063325.0.0.x86_64.rpm -O minio.rpm
sudo dnf install minio.rpm

DEB(Debian/Ubuntu)

使用以下命令下载并安装最新稳定的MinIO DEB：

wget https://dl.min.io/server/minio/release/linux-amd64/archive/minio_20231025063325.0.0_amd64.deb -O minio.deb
sudo dpkg -i minio.deb

Binary

使用以下命令下载最新稳定的MinIO二进制文件并将其安装到系统$PATH：

wget https://dl.min.io/server/minio/release/linux-amd64/minio
chmod +x minio
sudo mv minio /usr/local/bin/

7.1.2 arm64 (Apple M1/M2 or other ARM 64-bit processors)

RPM(RHEL):

使用以下命令下载并安装最新稳定的MinIO RPM。

wget https://dl.min.io/server/minio/release/linux-arm64/archive/minio-20231025063325.0.0.aarch64.rpm -O minio.rpm
sudo dnf install minio.rpm

DEB(Debian/Ubuntu)

使用以下命令下载并安装最新稳定的MinIO DEB：

wget https://dl.min.io/server/minio/release/linux-arm64/archive/minio_20231025063325.0.0_arm64.deb -O minio.deb
sudo dpkg -i minio.deb

Binary

使用以下命令下载最新稳定的MinIO二进制文件并将其安装到系统$PATH：

wget https://dl.min.io/server/minio/release/linux-arm64/minio
chmod +x minio
MINIO_ROOT_USER=admin MINIO_ROOT_PASSWORD=password ./minio server /mnt/data --console-address ":9001"

7.1.3 Other Architectures 其他芯片架构

MinIO also supports additional architectures:

ppc64le
s390x

For instructions to download the binary, RPM, or DEB files for those architectures, see the MinIO download page.

MinIO还支持其他体系结构：

ppc64le

s390x

有关下载这些体系结构的二进制、RPM或DEB文件的说明，请参阅MinIO下载页面：

MinIO download page.

7.2 Create the `systemd` Service File 创建systemd服务文件

The .deb or .rpm packages install the following systemd service file to /usr/lib/systemd/system/minio.service. For binary installations, create this file manually on all MinIO hosts.

.deb或.rpm包将以下systemd服务文件安装到/usr/lib/systemd/minio.service。对于二进制安装，请在所有minio主机上手动创建此文件。

Note 提示

systemd checks the /etc/systemd/... path before checking the /usr/lib/systemd/... path and uses the first file it finds. To avoid conflicting or unexpected configuration options, check that the file only exists at the /usr/lib/systemd/system/minio.service path.

Refer to the man page for systemd.unit for details on the file path search order.

systemd检查/etc/systemd/...路径，然后检查/usr/lib/systemd/...路径，并使用它找到的第一个文件。为了避免冲突或意外的配置选项，请检查该文件是否仅存在于/usr/lib/systemd/minio.service路径中。

有关文件路径搜索顺序的详细信息，请参阅systemd.unit的手册页：

systemd.unit(5) - Linux manual page

配置注释已翻译：

[Unit]
Description=MinIO
Documentation=https://min.io/docs/minio/linux/index.html
Wants=network-online.target
After=network-online.target
AssertFileIsExecutable=/usr/local/bin/minio[Service]
WorkingDirectory=/usr/localUser=minio-user
Group=minio-user
ProtectProc=invisibleEnvironmentFile=-/etc/default/minio
ExecStartPre=/bin/bash -c "if [ -z \"${MINIO_VOLUMES}\" ]; then echo \"Variable MINIO_VOLUMES not set in /etc/default/minio\"; exit 1; fi"
ExecStart=/usr/local/bin/minio server $MINIO_OPTS $MINIO_VOLUMES# MinIO RELEASE.2023-05-04T21-44-30Z adds support for Type=notify (https://www.freedesktop.org/software/systemd/man/systemd.service.html#Type=)
#MinIO发布.2023-05-04T21-44-30Z增加了对Type=notify的支持(https://www.freedesktop.org/software/systemd/man/systemd.service.html#Type=)
# This may improve systemctl setups where other services use `After=minio.server`
# 这可能会改进其他服务使用`After=minio.server的systemctl设置`
# Uncomment the line to enable the functionality
# 取消注释行以启用功能# Type=notify# Let systemd restart this service always
# 让systemd始终重新启动此服务
Restart=always# Specifies the maximum file descriptor number that can be opened by this process
# 指定此进程可以打开的最大文件描述符编号
LimitNOFILE=65536# Specifies the maximum number of threads this process can create
# 指定此进程可以创建的最大线程数
TasksMax=infinity# Disable timeout logic and wait until process is stopped
# 禁用超时逻辑并等待进程停止
TimeoutStopSec=infinity
SendSIGKILL=no[Install]
WantedBy=multi-user.target# Built for ${project.name}-${project.version} (${project.name})

The minio.service file runs as the minio-user User and Group by default. You can create the user and group using the groupadd and useradd commands. The following example creates the user, group, and sets permissions to access the folder paths intended for use by MinIO. These commands typically require root (sudo) permissions.

默认情况下，minio.service文件以minio用户user和Group的身份运行。您可以使用groupadd和useradd命令创建用户和组。以下示例创建用户、组并设置访问MinIO使用的文件夹路径的权限。这些命令通常需要root（sudo）权限。

groupadd -r minio-user
useradd -M -r -g minio-user minio-user
chown minio-user:minio-user /mnt/disk1 /mnt/disk2 /mnt/disk3 /mnt/disk4

The specified drive paths are provided as an example. Change them to match the path to those drives intended for use by MinIO.

Alternatively, change the User and Group values to another user and group on the system host with the necessary access and permissions.

MinIO publishes additional startup script examples on GitHub - minio/minio-service: Collection of MinIO server scripts for upstart, systemd, sysvinit, launchd.

To update deployments managed using systemctl, see Update systemctl-Managed MinIO Deployments.

Upgrade a MinIO Deployment — MinIO Object Storage for Linux

提供了指定的驱动器路径作为示例。将它们更改为与MinIO使用的驱动器的路径相匹配。

或者，将“用户”和“组”值更改为系统主机上具有必要访问权限和权限的另一个用户和组。

MinIO在github.com/MinIO/MinIO-service：GitHub - minio/minio-service: Collection of MinIO server scripts for upstart, systemd, sysvinit, launchd.上发布了其他启动脚本示例。

要更新使用systemctl管理的部署，请参阅更新systemctl托管的MinIO部署。

Upgrade a MinIO Deployment — MinIO Object Storage for Linux

7.3 Create the Service Environment File 创建服务环境文件

Create an environment file at /etc/default/minio. The MinIO service uses this file as the source of all environment variables used by MinIO and the minio.service file.

在/etc/default/minio创建一个环境文件。MinIO服务使用此文件作为MinIO和MinIO.service文件使用的所有环境变量的源。

The following examples assumes that: 以下示例假设：

The deployment has a single server pool consisting of four MinIO server hosts with sequential hostnames.

部署一个服务器池，由四个具有顺序主机名的MinIO服务器主机组成。

minio1.example.com   minio3.example.com
minio2.example.com   minio4.example.com

All hosts have four locally-attached drives with sequential mount-points:

所有主机都有四个带有顺序装载点的本地连接驱动器：

/mnt/disk1/minio   /mnt/disk3/minio
/mnt/disk2/minio   /mnt/disk4/minio

The deployment has a load balancer running at https://minio.example.net that manages connections across all four MinIO hosts.

部署的负载平衡器(一般Nginx代理实现)正在运行https://minio.example.net管理所有四个MinIO主机之间的连接。

Modify the example to reflect your deployment topology:

修改示例以适用于您的部署拓扑：

配置文件已翻译

# Set the hosts and volumes MinIO uses at startup
# The command uses MinIO expansion notation {x...y} to denote a
# sequential series.
#
# The following example covers four MinIO hosts
# with 4 drives each at the specified hostname and drive locations.
# The command includes the port that each MinIO server listens on
# (default 9000)
# 设置MinIO在启动时使用的主机和卷，该命令使用MinIO扩展符号｛x…y｝来表示顺序序列。
# 以下示例介绍了四个MinIO主机，每个主机都指定了主机名和4个驱动器位置。该命令包括每个MinIO
# 服务器侦听的端口（默认值为9000MINIO_VOLUMES="https://minio{1...4}.example.net:9000/mnt/disk{1...4}/minio"# Set all MinIO server options
#
# The following explicitly sets the MinIO Console listen address to
# port 9001 on all network interfaces. The default behavior is dynamic
# port selection.
# 以下内容明确地将MinIO控制台监听地址设置9001。默认行为是动态端口MINIO_OPTS="--console-address :9001"# Set the root username. This user has unrestricted permissions to
# perform S3 and administrative API operations on any resource in the
# deployment.
# 设置root用户名。此用户具有对部署中的任何资源执行S3和管理API操作的不受限制的权限。
# Defer to your organizations requirements for superadmin user name.
# 根据您的组织对超级管理员用户名的要求设置。MINIO_ROOT_USER=minioadmin# Set the root password
#
# Use a long, random, unique string that meets your organizations
# requirements for passwords.
# 使用符合组织密码要求的长、随机、唯一字符串
MINIO_ROOT_PASSWORD=minio-secret-key-CHANGE-ME# Set to the URL of the load balancer for the MinIO deployment
# This value *must* match across all MinIO servers. If you do
# not have a load balancer, set this value to to any *one* of the
# MinIO hosts in the deployment as a temporary measure.
# 设置为MinIO部署的负载平衡器的URL
# 此值*必须*在所有MinIO服务器中匹配。如果您没有负载均衡器，请将此值设置为部署中的任何一个MinIO主
# 机，作为临时措施。。。。。。。。
MINIO_SERVER_URL="https://minio.example.net:9000"

You may specify other environment variables or server commandline options as required by your deployment. All MinIO nodes in the deployment should include the same environment variables with the same values for each variable.

您可以根据部署的需要指定其他环境变量或服务器命令行选项。部署中的所有MinIO节点都应包括相同的环境变量，每个变量的值都相同

7.4 Add TLS/SSL Certificates 添加TLS/SSL证书

MinIO enables Transport Layer Security (TLS) 1.2+ automatically upon detecting a valid x.509 certificate (.crt) and private key (.key) in the MinIO ${HOME}/.minio/certs directory.

For systemd-managed deployments, use the $HOME directory for the user which runs the MinIO server process. The provided minio.service file runs the process as minio-user. The previous step includes instructions for creating this user with a home directory /home/minio-user.

当在MinIO$｛HOME｝/.mino/certs目录中检测到有效的x.509证书（.crt）和私钥（.key）时，MinIO会自动启用传输层安全性（TLS）1.2+。

对于systemd管理的部署，请为运行MinIO服务器进程的用户使用$HOME目录。提供的minio.service文件以minio用户的身份运行进程。上一步包括使用主目录/home/minio用户创建此用户的说明。

Place TLS certificates into /home/minio-user/.minio/certs on each host.
If any MinIO server or client uses certificates signed by an unknown Certificate Authority (self-signed or internal CA), you must place the CA certs in the /home/minio-user/.minio/certs/CAs on all MinIO hosts in the deployment. MinIO rejects invalid certificates (untrusted, expired, or malformed).

将TLS证书放入每个主机上的/home/minio-user/.mino/certs中。
如果任何MinIO服务器或客户端使用了由未知证书颁发机构（自签名或内部CA）签名的证书，则必须将CA证书放置在部署中所有MinIO主机上的/home/MinIO user/.mino/certs/CA中。MinIO拒绝无效证书（不受信任、过期或格式错误）。

If the minio.service file specifies a different user account, use the $HOME directory for that account. Alternatively, specify a custom certificate directory using the minio server --certs-dir commandline argument. Modify the MINIO_OPTS variable in /etc/defaults/minio to set this option. The systemd user which runs the MinIO server process must have read and listing permissions for the specified directory.

For more specific guidance on configuring MinIO for TLS, including multi-domain support via Server Name Indication (SNI), see Network Encryption (TLS). You can optionally skip this step to deploy without TLS enabled. MinIO strongly recommends against non-TLS deployments outside of early development.

如果minio.service文件指定了不同的用户帐户，请使用该帐户的$HOME目录。或者，使用minio-server--certs-dir命令行参数指定一个自定义证书目录。修改/etc/defaults/MINIO中的MINIO_OPS变量以设置此选项。运行MinIO服务器进程的systemd用户必须具有指定目录的读取和列出权限。

有关为TLS配置MinIO的更具体指导，包括通过服务器名称指示（SNI）支持多域，请参阅网络加密（TLS）。您可以选择跳过此步骤以在未启用TLS的情况下进行部署。MinIO强烈建议不要在早期开发之外进行非TLS部署。

7.5 Run the MinIO Server Process 运行MinIO服务器进程

Issue the following commands on each node in the deployment to start the MinIO service:

在部署中的每个节点上发出以下命令以启动MinIO服务

sudo systemctl start minio.service

Use the following commands to confirm the service is online and functional:

使用以下命令确认服务处于联机状态并正常工作：

sudo systemctl status minio.service
journalctl -f -u minio.service

MinIO may log an increased number of non-critical warnings while the server processes connect and synchronize. These warnings are typically transient and should resolve as the deployment comes online.

Changed in version RELEASE.2023-02-09T05-16-53Z: MinIO starts if it detects enough drives to meet the write quorum for the deployment.

If any drives remain offline after starting MinIO, check and cure any issues blocking their functionality before starting production workloads.

The MinIO service does not automatically start on host reboot. You must use systemctl enable minio.service to start the process as part of the host boot.

当服务器进程连接和同步时，MinIO可能会记录越来越多的非关键警告。这些警告通常是暂时的，应该在部署联机时解决。

在版本RELEASE2023-02-09T05-16-53Z中更改：如果检测到足够的驱动器以满足部署的写入定额，则启动MinIO。

如果任何驱动器在启动MinIO后仍处于脱机状态，请在启动生产工作负载之前检查并解决阻止其功能的任何问题。

MinIO服务不会在主机重新启动时自动启动。作为主机引导的一部分，您必须使用systemctl-enable minio.service来启动该进程。

sudo systemctl enable minio.service

7.6 Open the MinIO Console 打开MinIO后台

Open your browser and access any of the MinIO hostnames at port :9001 to open the MinIO Console login page. For example, https://minio1.example.com:9001.

打开浏览器，访问端口：9001的任何MinIO主机名，打开MinIO控制台登录页面。例如https://minio1.example.com:9001.

使用上一步中的MINIO_ROOT_USER和MINIO_ROT_PASSWORD登录。

You can use the MinIO Console for general administration tasks like Identity and Access Management, Metrics and Log Monitoring, or Server Configuration. Each MinIO server includes its own embedded MinIO Console.