提醒本地 s3 在内网中提供 grafana 截图保存

单机

用于测试

docker-compose.yml

  1. version: '3.7'
  2. # starts 4 docker containers running minio server instances.
  3. # using nginx reverse proxy, load balancing, you can access
  4. # it through port 9000.
  5. services:
  6. minio1:
  7. image: minio/minio
  8. volumes:
  9. - data1-1:/data1
  10. - data1-2:/data2
  11. expose:
  12. - "9000"
  13. environment:
  14. MINIO_ROOT_USER: minio
  15. MINIO_ROOT_PASSWORD: minio123
  16. command: server http://minio{1...4}/data{1...2}
  17. healthcheck:
  18. test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
  19. interval: 30s
  20. timeout: 20s
  21. retries: 3
  22. minio2:
  23. image: minio/minio
  24. volumes:
  25. - data2-1:/data1
  26. - data2-2:/data2
  27. expose:
  28. - "9000"
  29. environment:
  30. MINIO_ROOT_USER: minio
  31. MINIO_ROOT_PASSWORD: minio123
  32. command: server http://minio{1...4}/data{1...2}
  33. healthcheck:
  34. test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
  35. interval: 30s
  36. timeout: 20s
  37. retries: 3
  38. minio3:
  39. image: minio/minio
  40. volumes:
  41. - data3-1:/data1
  42. - data3-2:/data2
  43. expose:
  44. - "9000"
  45. environment:
  46. MINIO_ROOT_USER: minio
  47. MINIO_ROOT_PASSWORD: minio123
  48. command: server http://minio{1...4}/data{1...2}
  49. healthcheck:
  50. test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
  51. interval: 30s
  52. timeout: 20s
  53. retries: 3
  54. minio4:
  55. image: minio/minio
  56. volumes:
  57. - data4-1:/data1
  58. - data4-2:/data2
  59. expose:
  60. - "9000"
  61. environment:
  62. MINIO_ROOT_USER: minio
  63. MINIO_ROOT_PASSWORD: minio123
  64. command: server http://minio{1...4}/data{1...2}
  65. healthcheck:
  66. test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
  67. interval: 30s
  68. timeout: 20s
  69. retries: 3
  70. nginx:
  71. image: nginx:1.19.2-alpine
  72. volumes:
  73. - ./nginx.conf:/etc/nginx/nginx.conf:ro
  74. ports:
  75. - "9000:9000"
  76. depends_on:
  77. - minio1
  78. - minio2
  79. - minio3
  80. - minio4
  81. ## By default this config uses default local driver,
  82. ## For custom volumes replace with volume driver configuration.
  83. volumes:
  84. data1-1:
  85. data1-2:
  86. data2-1:
  87. data2-2:
  88. data3-1:
  89. data3-2:
  90. data4-1:
  91. data4-2:

nginx.conf

  1. user nginx;
  2. worker_processes auto;
  3. error_log /var/log/nginx/error.log warn;
  4. pid /var/run/nginx.pid;
  5. events {
  6. worker_connections 1024;
  7. }
  8. http {
  9. include /etc/nginx/mime.types;
  10. default_type application/octet-stream;
  11. log_format main '$remote_addr - $remote_user [$time_local] "$request" '
  12. '$status $body_bytes_sent "$http_referer" '
  13. '"$http_user_agent" "$http_x_forwarded_for"';
  14. access_log /var/log/nginx/access.log main;
  15. sendfile on;
  16. #tcp_nopush on;
  17. keepalive_timeout 65;
  18. #gzip on;
  19. # include /etc/nginx/conf.d/*.conf;
  20. upstream minio {
  21. server minio1:9000;
  22. server minio2:9000;
  23. server minio3:9000;
  24. server minio4:9000;
  25. }
  26. server {
  27. listen 9000;
  28. listen [::]:9000;
  29. server_name localhost;
  30. # To allow special characters in headers
  31. ignore_invalid_headers off;
  32. # Allow any size file to be uploaded.
  33. # Set to a value such as 1000m; to restrict file size to a specific value
  34. client_max_body_size 0;
  35. # To disable buffering
  36. proxy_buffering off;
  37. location / {
  38. proxy_set_header Host $http_host;
  39. proxy_set_header X-Real-IP $remote_addr;
  40. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  41. proxy_set_header X-Forwarded-Proto $scheme;
  42. proxy_connect_timeout 300;
  43. # Default is HTTP/1, keepalive is only enabled in HTTP/1.1
  44. proxy_http_version 1.1;
  45. proxy_set_header Connection "";
  46. chunked_transfer_encoding off;
  47. proxy_pass http://minio;
  48. }
  49. }
  50. }

别名

  1. alias ls='mc ls'
  2. alias cp='mc cp'
  3. alias cat='mc cat'
  4. alias mkdir='mc mb'
  5. alias pipe='mc pipe'
  6. alias find='mc find'

运维问题

The difference between the request time and the server’s time is too large?

  • 原因:linux服务器时区的问题
  • 解决方案:调整系统时间和硬件时间
  1. # 查看系统时间
  2. date
  3. # 查看硬件时间
  4. hwclock
  5. # 安装ntpdate时间同步工具
  6. yum -y install ntp ntpdate
  7. # 设置系统时间与网络时间同步
  8. ntpdate cn.pool.ntp.org
  9. # 将系统时间写入硬件时间
  10. hwclock --systohc

HA

minio

命令行

  1. MINIO_ROOT_USER=minio MINIO_ROOT_PASSWORD=minio123 minio server --address :8888 http://server{1...3}/home/minio/data{1...4}

开机启动

  1. chmod a+x /etc/rc.d/rc.local
  2. # minio要用绝对路径
  3. echo "MINIO_ROOT_USER=minio MINIO_ROOT_PASSWORD=minio123 /usr/bin/minio server --address :8888 http://server{1...3}/home/minio/data{1...4} >/dev/null 2>&1 &" >> /etc/rc.d/rc.local

docker swarm

较为繁琐

docker-compose

仅用于单机多节点测试

nginx::minio.conf

  1. upstream minio_http {
  2. least_conn;
  3. server 172.19.129.62:8888 max_fails=3 fail_timeout=5s;
  4. server 172.19.129.68:8888 max_fails=3 fail_timeout=5s;
  5. server 172.19.129.69:8888 max_fails=3 fail_timeout=5s;
  6. }
  7. server {
  8. listen 443 ssl;
  9. server_name abc.do.io;
  10. ssl_certificate /certs/do.io.cert;
  11. ssl_certificate_key /certs/do.io.key;
  12. client_max_body_size 5000m; # 上传大文件
  13. ssl_session_timeout 600m;
  14. ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  15. location / {
  16. proxy_pass http://minio_http;
  17. proxy_set_header Host $host;
  18. proxy_set_header X-Real-IP $remote_addr;
  19. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  20. proxy_set_header X-Forwarded-Proto $scheme;
  21. proxy_set_header Upgrade $http_upgrade;
  22. proxy_set_header Connection "Upgrade";
  23. }
  24. }

管理

  1. version: '3.7'
  2. services:
  3. mc:
  4. image: minio/mc
  5. container_name: mc
  6. entrypoint: start.sh
  7. restart: always
  8. environment:
  9. # bucket name
  10. BUK: haifeng
  11. volumes:
  12. # 数据目录
  13. - ./data:/data
  14. # 启动脚本
  15. - ./start.sh:/start.sh:ro
  16. entrypoint: ["/start.sh"]

start.sh

  1. #!/bin/sh
  2. # 修改http后的IP为nginx代理的ip,修改后面minio的登录帐号密码
  3. mc alias set minio http://$(ping op -c 1 | sed '1{s/[^(]*(//;s/).*//;q}'):9000 minio minio123 --api s3v4
  4. mc policy set public minio/$BUK
  5. # 需创建目录,mc cp没有创建目录功能
  6. mkdir -p /data/$BUK
  7. mc cp -r minio/$BUK /data
  8. mc mirror -w /data/$BUK minio/$BUK

mc指令

  1. # 拉取mc客户端镜像
  2. docker pull minio/mc
  3. # 运行,映射配置目录和数据目录
  4. docker run -itd --name mc -e "BUK=minio/haifeng" -v $PWD/mc_config:/root/.mc/ -v $PWD/data/data --entrypoint=/bin/sh minio/mc
  5. # 添加一个云存储服务
  6. # mc alias set <ALIAS> <YOUR-S3-ENDPOINT> <YOUR-ACCESS-KEY> <YOUR-SECRET-KEY> [--api API-SIGNATURE]
  7. docker exec -it mc bash
  8. ]$ mc alias set minio https://abc.do.io minio minio123 --api s3v4
  9. # 设置访问权限
  10. ]$ mc policy set public $BUK
  11. # 映射路径 # 先复制文件再同步
  12. ]$ mc cp -r $BUK /data
  13. # 必要时可加参数 --force --overwrite
  14. # mc mirror [FLAGS] SOURCE TARGET
  15. ]$ nohup mc mirror -w /data $BUK &
  • 权限4种:none, download, upload, public
  • mc命令方式和Minio浏览器上设置策略二选一

问题

在用minio存储作为rancher的存储时异常,首次运行后无法再次up。

  1. version: '3.7'
  2. services:
  3. rancher:
  4. image: rancher/rancher:v2.5.5
  5. container_name: rancher
  6. restart: unless-stopped
  7. privileged: true
  8. environment:
  9. - TZ=Asia/Shanghai
  10. - AUDIT_LEVEL=3
  11. ports:
  12. - "8443:443"
  13. volumes:
  14. # minio ha store
  15. - ../minio_mc/data/haifeng/rancher:/var/lib/rancher
  16. - ../minio_mc/data/haifeng/auditlog:/var/log/auditlog

S3 兼容 aws

  • 创建 s3 数据目录

    1. mkdir s3
  • 运行minio 兼容aws s3模式,后台模式,无视对话退出,输出log到/s3

    1. nohup ./minio --compat server $PWD/s3 >$PWD/s3/minio.log 2>&1 &
    2. compatminio兼容aws s3的参数,其他参数是linux执行程序的参数,有疑问请自行查阅
  • 实际采用指令

    1. mkdir ./s3
    2. MINIO_ROOT_USER=minio MINIO_ROOT_PASSWORD=minio123 ./minio --compat server $PWD/s3 --address :1001 >$PWD/s3/minio.log 2>&1 &
  • 开机启动

    1. chmod a+x /etc/rc.d/rc.local
    2. # minio要用绝对路径
    3. echo "MINIO_ROOT_USER=minio MINIO_ROOT_PASSWORD=minio123 minio --compat server /s3 --address :8888 >/S3/minio.log 2>&1 &" >> /etc/rc.d/rc.local

    [

](https://blog.csdn.net/wangbinaaa/article/details/100132778/)