MinIO is an object storage solution that provides an Amazon Web Services S3-compatible API and supports all core S3 features.
Prerequisites #
I use two Ubuntu 22.04 servers in this tutorial:
# MinIO Server
192.168.30.90
# MinIO Client
192.168.30.91
MinIO with TLS #
Folder Structure #
# Create folder structure
sudo mkdir -p /opt/minio/certs && cd /opt/minio/
# Set permissions
sudo chmod 755 /opt/minio/certs
TLS Certificates for API Connection #
Note: In this tutorial I use a Let’s Encrypt (Certbot) wildcard certificate
# Copy certificate and key into MinIO directory
sudo cp fullchain.pem /opt/minio/certs/public.crt &&
sudo cp privkey.pem /opt/minio/certs/private.key
# Set permissions
sudo chmod 0400 /opt/minio/certs/public.crt &&
sudo chmod 0400 /opt/minio/certs/private.key
Environment File #
# Create environment file
sudo vi .env
#.env
MINIO_ROOT_USER=admin
MINIO_ROOT_PASSWORD=myadminpw
Docker Compose File #
# Create Docker Compose file
sudo vi docker-compose.yml
# docker-compose.yml
version: '3.8'
services:
minio:
image: minio/minio
ports:
- "9000:9000"
- "443:9001"
volumes:
- ./minio_data:/data
- ./certs:/root/.minio/certs
command: server /data --console-address ":9001"
env_file:
- .env
Start Container #
# Create / start Docker stack
sudo docker compose up -d
MinIO Interfaces #
API #
# MinIO S3-API
https://minio.jklug.work:9000
Webinterface #
# MinIO Console: Open in browser
https://minio.jklug.work/login
If no custom user & password are defined with the environment variables the default values are as follows:
# User:
minioadmin
# PW:
minioadmin
Create Bucket #
- Create a new bucket
Access Keys #
- Create Access Keys
# Access Key
UBJAgkFX5Rn71s01yb3k
# Secret Key
pCTjVwgpxF081ifRqPSy0sEfnN4L45BnhjJVoRD1
Policies #
- Add the policy that access the bucket to the Access Keys
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:*"
],
"Resource": [
"arn:aws:s3:::jkw-bucket", # Define bucket name
"arn:aws:s3:::jkw-bucket/*" # Define bucket name
]
}
]
}
MinIO Client #
DNS / Hosts Entry #
# Open hosts file
sudo vi /etc/hosts
# Add entry for MinIO server
192.168.30.90 minio.jklug.work
# Test connection to MinIO server
ping minio.jklug.work
Setup #
# Download MinIO Client and save as "mc" in "minio-binaries" folder in the home directory of the current user
curl https://dl.min.io/client/mc/release/linux-amd64/mc \
--create-dirs \
-o $HOME/minio-binaries/mc
# Make file executable
chmod +x $HOME/minio-binaries/mc
# Add "minio-binaries" folder to system PATH & make the mc command available from anywhere in the terminal
export PATH=$PATH:$HOME/minio-binaries/
# List MinIO Client commands
mc --help
# Quit MinIO help
q
Create Alias for MinIO Server #
- Syntax
# Optional: Temporarily turn off the recording of commands in the bash history
bash +o history
# Add connection to MinIO server: Syntax
mc alias set ALIAS HOSTNAME ACCESS_KEY SECRET_KEY
# Turn the recording of commands in the bash history back on
bash -o history
- Add MinIO server: With TLS
# Add MinIO server: With TLS encryption
mc alias set jkw-minio https://minio.jklug.work:9000 UBJAgkFX5Rn71s01yb3k pCTjVwgpxF081ifRqPSy0sEfnN4L45BnhjJVoRD1
# Shell output
mc: Configuration written to `/home/ubuntu/.mc/config.json`. Please update your access credentials.
mc: Successfully created `/home/ubuntu/.mc/share`.
mc: Initialized share uploads `/home/ubuntu/.mc/share/uploads.json` file.
mc: Initialized share downloads `/home/ubuntu/.mc/share/downloads.json` file.
Added `jkw-minio` successfully.
# Test the connection to the MinIO server
mc ls jkw-minio
# Shell output:
[2024-01-06 15:02:35 UTC] 0B jkw-bucket/
Copy & download files #
# Copy file into bucket
mc cp file1.txt jkw-minio/jkw-bucket
# Copy / download file from bucket
mc cp jkw-minio/jkw-bucketmy/file1.txt .
Check the Bucket #
You should be absile to see the files in the bucket from the webinterface:
MinIO without TLS #
For non production systems.
Folder Structure #
# Create folder structure
sudo mkdir -p /opt/minio && cd /opt/minio/
Environment File #
# Create environment file
sudo vi .env
#.env
MINIO_ROOT_USER=admin
MINIO_ROOT_PASSWORD=myadminpw
Docker Compose File #
# Create Docker Compose file
sudo vi docker-compose.yml
# docker-compose.yml
version: '3.8'
services:
minio:
image: minio/minio
ports:
- "9000:9000"
- "9001:9001"
volumes:
- ./minio_data:/data
command: server /data --console-address ":9001"
env_file:
- .env
Start Container #
# Create / start Docker stack
sudo docker compose up -d
MinIO Interfaces #
API #
# MinIO S3-API
192.168.30.90:9000
Webinterface #
# MinIO Console: Open in browser
192.168.30.90:9001
If no custom user & password are defined with the environment variables the default values are as follows:
# User:
minioadmin
# PW:
minioadmin
Create Bucket #
- Create a new bucket
Access Keys #
- Create Access Keys
# Access Key
UBJAgkFX5Rn71s01yb3k
# Secret Key
pCTjVwgpxF081ifRqPSy0sEfnN4L45BnhjJVoRD1
Policies #
- Add the policy that access the bucket to the Access Keys
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:*"
],
"Resource": [
"arn:aws:s3:::jkw-bucket", # Define bucket name
"arn:aws:s3:::jkw-bucket/*" # Define bucket name
]
}
]
}
MinIO Client #
Setup #
# Download MinIO Client and save as "mc" in "minio-binaries" folder in the home directory of the current user
curl https://dl.min.io/client/mc/release/linux-amd64/mc \
--create-dirs \
-o $HOME/minio-binaries/mc
# Make file executable
chmod +x $HOME/minio-binaries/mc
# Add "minio-binaries" folder to system PATH & make the mc command available from anywhere in the terminal
export PATH=$PATH:$HOME/minio-binaries/
# List MinIO Client commands
mc --help
# Quit MinIO help
q
Create Alias for MinIO Server #
- Syntax
# Optional: Temporarily turn off the recording of commands in the bash history
bash +o history
# Add connection to MinIO server: Syntax
mc alias set ALIAS HOSTNAME ACCESS_KEY SECRET_KEY
# Turn the recording of commands in the bash history back on
bash -o history
- Add MinIO server: Without TLS
# Add MinIO server: Without TLS encryption
mc alias set jkw-minio http://192.168.30.90:9000 UBJAgkFX5Rn71s01yb3k pCTjVwgpxF081ifRqPSy0sEfnN4L45BnhjJVoRD1
# Test the connection to the MinIO server
mc ls jkw-minio
# Shell output:
[2024-01-06 11:33:34 UTC] 0B jkw-bucket/
Copy & download files #
# Copy file into bucket
mc cp file1.txt jkw-minio/jkw-bucket
# Copy / download file from bucket
mc cp jkw-minio/jkw-bucketmy/file1.txt .
Check the Bucket #
You should be absile to see the files in the bucket from the webinterface:
Links #
# MinIO Official Download Page
https://min.io/download#/docker
# MinIO Client
https://min.io/docs/minio/linux/reference/minio-mc.html
# MinIO TLS Configuration
https://min.io/docs/minio/linux/operations/network-encryption.html?ref=docs-redirect#generate-private-key-with-rsa