最近在负责 minio 分布式文件系统,所以在本地搭建一个 demo 练练手
一. 基础环境
操作系统: Centos 7.x
二. 准备工作
官网友情提示(非常重要!!!):
- 分布式Minio里所有的节点需要有同样的access秘钥和secret秘钥,这样这些节点才能建立联接。为了实现这个,你需要在执行minio server命令之前,先将access秘钥和secret秘钥export成环境变量。
- 分布式Minio使用的磁盘里必须是干净的,里面没有数据。
- 下面示例里的IP仅供示例参考,你需要改成你真实用到的IP和文件夹路径。
- 分布式Minio里的节点时间差不能超过3秒,你可以使用NTP 来保证时间一致。
- 在Windows下运行分布式Minio处于实验阶段,请悠着点使用。
2.1 机器资源
192.168.133.122
192.168.133.123
192.168.133.124
192.168.133.125本集群由 4 台服务器构成(官方推荐集群最小 4 台服务器),每个服务器上挂载两个磁盘目录,最小数据挂载点为 4 个。
硬盘资源必须准备至少 4 块,否则启动报错:
>> 可以在同一台服务器上挂载 4 块硬盘,也可以在不同服务器上。只要硬盘数 >= 4
2.2 创建相关目录(所有节点)
数据存储目录
mkdir -p /home/tools/minio/data启动脚本目录
mkdir -p /home/tools/minio/上传启动脚本到该目录下
chmod +x minio三. 编写集群启动脚本(所有节点配置文件相同)
#集群启动脚本
vi /home/tools/minio/run.sh#!/bin/bash
export MINIO_ACCESS_KEY=minioadmin
export MINIO_SECRET_KEY=minioadmin
nohup /home/ybs/minio/minio server --config-dir /home/ybs/minio/config \
http://192.168.133.122/home/ybs/minio/data \
http://192.168.133.123/home/ybs/minio/data \
http://192.168.133.124/home/ybs/minio/data \
http://192.168.133.125/home/ybs/minio/data >> minio-start.log 2>&1 &其中,“MINIO_ACCESS_KEY”为用户名,“MINIO_SECRET_KEY”为密码,密码不能设置过于简单,不然minio会启动失败,“-config-dir”指定集群配置文件目录
MinIO 启动日志会输出到当前目录下的 minio-start.log
chmod +x /home/tools/minio/run.sh四. 编写服务脚本(所有节点)
vim /usr/lib/systemd/system/minio.service[Unit]
Description=Minio service
Documentation=https://docs.minio.io/
[Service]
WorkingDirectory=/home/tools/minio/
ExecStart=/home/tools/minio/run.sh
Restart=on-failure
RestartSec=5
[Install]
WantedBy=multi-user.target其中,“WorkingDirectory”为启动脚本目录,“ExecStart”为指定集群启动脚本
五. 启动测试 (所有节点)
网上推荐的启动方式
systemctl daemon-reload
systemctl start minio
systemctl enable minio我自己测试发现好像不行。可能是自己菜的缘故!!
>> 我是直接执行脚本 sh run.sh
测试
浏览器输入集群任意节点地址+9000端口,即可访问minio,用户名密码为前面设置的“MINIO_ACCESS_KEY”和“MINIO_SECRET_KEY”,可创建“bucket”并上传文件测试
发现其实 minio 集群之间可以同步数据
六.单机启动
export MINIO_ACCESS_KEY=minio
export MINIO_SECRET_KEY=minio
nohup ./minio server /minio/data > /minio/logs/minio.log 2>&1 &七.桶通知
MinIO Server config.json (v18) 指南 桶通知最好是基于绑定的 IP 不会经常动态变化的情况下操作,否则集群的节点会因为访问不到绑定的旧 IP 导致节点一个一个的减少。会提示以下错误
API: SYSTEM()
Time: 16:20:21 CST 12/08/2020
DeploymentID: b858dcdd-d921-489a-aa24-056a821db0e9
Error: Unable to initialize notification target(s): one or more targets are offline. Please use `mc admin info --json` to check the offline targets
7: github.com/minio/minio@/cmd/config-current.go:487:cmd.lookupConfigs()
6: github.com/minio/minio@/cmd/config-current.go:604:cmd.loadConfig()
5: github.com/minio/minio@/cmd/config.go:233:cmd.initConfig()
4: github.com/minio/minio@/cmd/config.go:193:cmd.(*ConfigSys).Init()
3: github.com/minio/minio@/cmd/server-main.go:323:cmd.initAllSubsystems()
2: github.com/minio/minio@/cmd/server-main.go:248:cmd.initSafeMode()
1: github.com/minio/minio@/cmd/server-main.go:523:cmd.serverMain()
All MinIO sub-systems initialized successfully
Waiting for all MinIO IAM sub-system to be initialized.. lock acquired
Use `mc admin info` to look for latest server/disk info
Status: 3 Online, 1 Offline.
Endpoint: http://10.9.129.15:90037.1 使用 Redis 发布 MinIO 发布事件
这种通知目标支持两种格式: namespace 和 access。
如果用的是_namespacee_格式,MinIO将存储桶里的对象同步成Redis hash中的条目。对于每一个条目,对应一个存储桶里的对象,其key都被设为"存储桶名称/对象名称",value都是一个有关这个MinIO对象的JSON格式的事件数据。如果对象更新或者删除,hash中对象的条目也会相应的更新或者删除。
如果使用的是access,MinIO使用RPUSH将事件添加到list中。这个list中每一个元素都是一个JSON格式的list,这个list中又有两个元素,第一个元素是时间戳的字符串,第二个元素是一个含有在这个存储桶上进行操作的事件数据的JSON对象。在这种格式下,list中的元素不会更新或者删除。
7.1.1 集成 Redis 到 MinIO
MinIO server 在默认情况下会将所有配置信息存到 ${HOME}/.minio/config.json 文件中。
默认的配置目录是 ${HOME}/.minio,你可以使用--config-dir命令行选项重写之。
./minio server --config-dir ./config/miniotest ./test官网说 MinIO Server的配置文件默认路径是 ~/.minio/config.json。我找了一万遍,好像并没有这个文件。。。,所以只能通过强大的命令 find 查找了。
find / -name config.jsonfind 结果:
[root@localhost config]# find / -name config.json
/root/.mc/config.json (mc 相关的配置信息)
/home/tools/minio/data/.minio.sys/config/config.json (config.json 是目录)
/home/tools/minio/test/.minio.sys/config/config.json (答案所在)cat /home/tools/minio/test/.minio.sys/config/config.json
{
"api": {
"_": [
{
"key": "requests_max",
"value": "0"
},
{
"key": "requests_deadline",
"value": "10s"
},
{
"key": "ready_deadline",
"value": "10s"
},
{
"key": "cors_allow_origin",
"value": "*"
}
]
},
"audit_webhook": {
"_": [
{
"key": "enable",
"value": "off"
},
{
"key": "endpoint",
"value": ""
},
{
"key": "auth_token",
"value": ""
}
]
},
"cache": {
"_": [
{
"key": "drives",
"value": ""
},
{
"key": "exclude",
"value": ""
},
{
"key": "expiry",
"value": "90"
},
{
"key": "quota",
"value": "80"
},
{
"key": "after",
"value": "0"
},
{
"key": "watermark_low",
"value": "70"
},
{
"key": "watermark_high",
"value": "80"
},
{
"key": "range",
"value": "on"
}
]
},
"compression": {
"_": [
{
"key": "enable",
"value": "off"
},
{
"key": "extensions",
"value": ".txt,.log,.csv,.json,.tar,.xml,.bin"
},
{
"key": "mime_types",
"value": "text/*,application/json,application/xml"
}
]
},
"credentials": {
"_": [
{
"key": "access_key",
"value": "minioadmin"
},
{
"key": "secret_key",
"value": "minioadmin"
}
]
},
"etcd": {
"_": [
{
"key": "endpoints",
"value": ""
},
{
"key": "path_prefix",
"value": ""
},
{
"key": "coredns_path",
"value": "/skydns"
},
{
"key": "client_cert",
"value": ""
},
{
"key": "client_cert_key",
"value": ""
}
]
},
"identity_ldap": {
"_": [
{
"key": "server_addr",
"value": ""
},
{
"key": "username_format",
"value": ""
},
{
"key": "username_search_filter",
"value": ""
},
{
"key": "username_search_base_dn",
"value": ""
},
{
"key": "group_search_filter",
"value": ""
},
{
"key": "group_name_attribute",
"value": ""
},
{
"key": "group_search_base_dn",
"value": ""
},
{
"key": "sts_expiry",
"value": "1h"
},
{
"key": "tls_skip_verify",
"value": "off"
},
{
"key": "server_insecure",
"value": "off"
},
{
"key": "server_starttls",
"value": "off"
}
]
},
"identity_openid": {
"_": [
{
"key": "config_url",
"value": ""
},
{
"key": "client_id",
"value": ""
},
{
"key": "claim_name",
"value": "policy"
},
{
"key": "claim_prefix",
"value": ""
},
{
"key": "scopes",
"value": ""
},
{
"key": "jwks_url",
"value": ""
}
]
},
"kms_kes": {
"_": [
{
"key": "endpoint",
"value": ""
},
{
"key": "key_name",
"value": ""
},
{
"key": "cert_file",
"value": ""
},
{
"key": "key_file",
"value": ""
},
{
"key": "capath",
"value": ""
}
]
},
"kms_vault": {
"_": [
{
"key": "endpoint",
"value": ""
},
{
"key": "key_name",
"value": ""
},
{
"key": "auth_type",
"value": "approle"
},
{
"key": "auth_approle_id",
"value": ""
},
{
"key": "auth_approle_secret",
"value": ""
},
{
"key": "capath",
"value": ""
},
{
"key": "key_version",
"value": ""
},
{
"key": "namespace",
"value": ""
}
]
},
"logger_webhook": {
"_": [
{
"key": "enable",
"value": "off"
},
{
"key": "endpoint",
"value": ""
},
{
"key": "auth_token",
"value": ""
}
]
},
"notify_amqp": {
"_": [
{
"key": "enable",
"value": "off"
},
{
"key": "url",
"value": ""
},
{
"key": "exchange",
"value": ""
},
{
"key": "exchange_type",
"value": ""
},
{
"key": "routing_key",
"value": ""
},
{
"key": "mandatory",
"value": "off"
},
{
"key": "durable",
"value": "off"
},
{
"key": "no_wait",
"value": "off"
},
{
"key": "internal",
"value": "off"
},
{
"key": "auto_deleted",
"value": "off"
},
{
"key": "delivery_mode",
"value": "0"
},
{
"key": "queue_limit",
"value": "0"
},
{
"key": "queue_dir",
"value": ""
}
]
},
"notify_elasticsearch": {
"_": [
{
"key": "enable",
"value": "off"
},
{
"key": "url",
"value": ""
},
{
"key": "format",
"value": "namespace"
},
{
"key": "index",
"value": ""
},
{
"key": "queue_dir",
"value": ""
},
{
"key": "queue_limit",
"value": "0"
}
]
},
"notify_kafka": {
"_": [
{
"key": "enable",
"value": "off"
},
{
"key": "topic",
"value": ""
},
{
"key": "brokers",
"value": ""
},
{
"key": "sasl_username",
"value": ""
},
{
"key": "sasl_password",
"value": ""
},
{
"key": "sasl_mechanism",
"value": "plain"
},
{
"key": "client_tls_cert",
"value": ""
},
{
"key": "client_tls_key",
"value": ""
},
{
"key": "tls_client_auth",
"value": "0"
},
{
"key": "sasl",
"value": "off"
},
{
"key": "tls",
"value": "off"
},
{
"key": "tls_skip_verify",
"value": "off"
},
{
"key": "queue_limit",
"value": "0"
},
{
"key": "queue_dir",
"value": ""
},
{
"key": "version",
"value": ""
}
]
},
"notify_mqtt": {
"_": [
{
"key": "enable",
"value": "off"
},
{
"key": "broker",
"value": ""
},
{
"key": "topic",
"value": ""
},
{
"key": "password",
"value": ""
},
{
"key": "username",
"value": ""
},
{
"key": "qos",
"value": "0"
},
{
"key": "keep_alive_interval",
"value": "0s"
},
{
"key": "reconnect_interval",
"value": "0s"
},
{
"key": "queue_dir",
"value": ""
},
{
"key": "queue_limit",
"value": "0"
}
]
},
"notify_mysql": {
"_": [
{
"key": "enable",
"value": "off"
},
{
"key": "format",
"value": "namespace"
},
{
"key": "dsn_string",
"value": ""
},
{
"key": "table",
"value": ""
},
{
"key": "queue_dir",
"value": ""
},
{
"key": "queue_limit",
"value": "0"
}
]
},
"notify_nats": {
"_": [
{
"key": "enable",
"value": "off"
},
{
"key": "address",
"value": ""
},
{
"key": "subject",
"value": ""
},
{
"key": "username",
"value": ""
},
{
"key": "password",
"value": ""
},
{
"key": "token",
"value": ""
},
{
"key": "tls",
"value": "off"
},
{
"key": "tls_skip_verify",
"value": "off"
},
{
"key": "cert_authority",
"value": ""
},
{
"key": "client_cert",
"value": ""
},
{
"key": "client_key",
"value": ""
},
{
"key": "ping_interval",
"value": "0"
},
{
"key": "streaming",
"value": "off"
},
{
"key": "streaming_async",
"value": "off"
},
{
"key": "streaming_max_pub_acks_in_flight",
"value": "0"
},
{
"key": "streaming_cluster_id",
"value": ""
},
{
"key": "queue_dir",
"value": ""
},
{
"key": "queue_limit",
"value": "0"
}
]
},
"notify_nsq": {
"_": [
{
"key": "enable",
"value": "off"
},
{
"key": "nsqd_address",
"value": ""
},
{
"key": "topic",
"value": ""
},
{
"key": "tls",
"value": "off"
},
{
"key": "tls_skip_verify",
"value": "off"
},
{
"key": "queue_dir",
"value": ""
},
{
"key": "queue_limit",
"value": "0"
}
]
},
"notify_postgres": {
"_": [
{
"key": "enable",
"value": "off"
},
{
"key": "format",
"value": "namespace"
},
{
"key": "connection_string",
"value": ""
},
{
"key": "table",
"value": ""
},
{
"key": "queue_dir",
"value": ""
},
{
"key": "queue_limit",
"value": "0"
}
]
},
#redis 的配置放在这个节点中
"notify_redis": {
"_": [
{
"key": "enable",
"value": "true"
},
{
"key": "format",
"value": "namespace"
},
{
"key": "address",
"value": "127.0.0.1:6379"
},
{
"key": "key",
"value": "bucketevents"
},
{
"key": "password",
"value": ""
},
{
"key": "queue_dir",
"value": ""
},
{
"key": "queue_limit",
"value": "0"
}
]
},
"notify_webhook": {
"_": [
{
"key": "enable",
"value": "off"
},
{
"key": "endpoint",
"value": ""
},
{
"key": "auth_token",
"value": ""
},
{
"key": "queue_limit",
"value": "0"
},
{
"key": "queue_dir",
"value": ""
},
{
"key": "client_cert",
"value": ""
},
{
"key": "client_key",
"value": ""
}
]
},
"policy_opa": {
"_": [
{
"key": "url",
"value": ""
},
{
"key": "auth_token",
"value": ""
}
]
},
"region": {
"_": [
{
"key": "name",
"value": ""
}
]
},
"storage_class": {
"_": null
}
}官网展示的示例好像又和实际的不符。。。
#官网
"redis": {
"1": {
"enable": true,
"address": "127.0.0.1:6379",
"password": "yoursecret",
"key": "bucketevents"
}
}更新完配置文件后,重启 MinIO Server 让配置生效。如果一切顺利,MinIO Server会在启动时输出一行信息,类似 SQS ARNs: arn:minio:sqs:us-east-1:1:redis。
注: 想配几个Redis服务就配几个,只要每个Redis服务实例有不同的ID (比如前面示例中的"1") 和配置信息。
[root@localhost minio]# ./minio server --config-dir ./config/miniotest ./test
┏━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓
┃ You are running an older version of MinIO released 1 month ago ┃
┃ Update: Run `mc admin update` ┃
┗━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┛
Endpoint: http://192.168.133.122:9000 http://10.0.2.15:9000 http://127.0.0.1:9000
AccessKey: minioadmin
SecretKey: minioadmin
#重点关注这里-->
SQS ARNs: arn:minio:sqs::_:redis
Browser Access:
http://192.168.133.122:9000 http://10.0.2.15:9000 http://127.0.0.1:9000
Command-line Access: https://docs.min.io/docs/minio-client-quickstart-guide
$ mc config host add myminio http://192.168.133.122:9000 minioadmin minioadmin
Object API (Amazon S3 compatible):
Go: https://docs.min.io/docs/golang-client-quickstart-guide
Java: https://docs.min.io/docs/java-client-quickstart-guide
Python: https://docs.min.io/docs/python-client-quickstart-guide
JavaScript: https://docs.min.io/docs/javascript-client-quickstart-guide
.NET: https://docs.min.io/docs/dotnet-client-quickstart-guide
Detected default credentials 'minioadmin:minioadmin', please change the credentials immediately using 'MINIO_ACCESS_KEY' and 'MINIO_SECRET_KEY'7.1.2 使用 MinIO 客户端启用 bucket 通知
现在可以在一个叫 images 的存储桶上开启事件通知。
一旦有文件被创建或者覆盖,一个新的key会被创建,或者一个已经存在的key就会被更新到之前配置好的redis hash里。如果一个已经存在的对象被删除,这个对应的key也会从hash中删除。因此,这个Redis hash里的行,就映射着images存储桶里的.jpg对象。
要配置这种存储桶通知,我们需要用到前面步骤MinIO输出的ARN信息。更多有关ARN的资料,请参考 这里。
在此之前,我们已经装好了 mc 和一个 miniotest
执行以下命令:
[root@localhost config]# mc mb miniotest/images
Bucket created successfully `miniotest/images`.
[root@localhost config]# mc event add miniotest/images arn:minio:sqs::_:redis --suffix .jpg
Successfully added arn:minio:sqs::_:redis
[root@localhost config]# mc event list miniotest/images
arn:minio:sqs::_:redis s3:ObjectCreated:*,s3:ObjectRemoved:*,s3:ObjectAccessed:* Filter: suffix=".jpg"
7.1.3 验证 Redis
value
{
"Records":[
{
"eventVersion":"2.0",
"eventSource":"minio:s3",
"awsRegion":"",
"eventTime":"2020-09-15T11:44:48.124Z",
"eventName":"s3:ObjectCreated:Put",
"userIdentity":{
"principalId":"minioadmin"
},
"requestParameters":{
"accessKey":"minioadmin",
"region":"",
"sourceIPAddress":"192.168.133.1"
},
"responseElements":{
"x-amz-request-id":"1634F2661F453384",
"x-minio-deployment-id":"073da1f1-6e35-4f8a-a6b1-48556d0b2fb9",
"x-minio-origin-endpoint":"http://192.168.133.122:9000"
},
"s3":{
"s3SchemaVersion":"1.0",
"configurationId":"Config",
"bucket":{
"name":"images",
"ownerIdentity":{
"principalId":"minioadmin"
},
"arn":"arn:aws:s3:::images"
},
"object":{
"key":"%E5%BE%AE%E4%BF%A1%E5%9B%BE%E7%89%87_20200814102816.jpg",
"size":4266223,
"eTag":"a82e6adfd9d69b8a80db6ba4ad584166",
"contentType":"image/jpeg",
"userMetadata":{
"content-type":"image/jpeg"
},
"sequencer":"1634F26623CE917B"
}
},
"source":{
"host":"192.168.133.1",
"port":"",
"userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.102 Safari/537.36 Edg/85.0.564.51"
}
}
]
}7.1.4 附 ARN
以下是 ALUN 的常规格式。特定格式取决于资源。若要使用 ARN,请将文本替换为特定于资源的信息。请注意,某些资源的 ADN 会省略区域、帐户 ID 或区域 ID 和帐户 ID。italicized
arn:partition:service:region:account-id:resource-id
arn:partition:service:region:account-id:resource-type/resource-id
arn:partition:service:region:account-id:resource-type:resource-id
partition
资源位于的分区。分区是一组 AWS 区域。每个 AWS 账户的范围都位于一个分区。
以下是支持的分区:
aws- AWS 区域
aws-cn- AWS 中国区域
aws-us-gov- AWS GovCloud(美国)区域
service
标识 AWS 产品的服务命名空间。例如,对于 Amazon S3 资源。s3
region
区域。例如,对于美国东部(俄亥俄州)。us-east-2
account-id
拥有资源的 AWS 账户的 ID,没有连字符。例如 , 。123456789012
resource-id
资源标识符。ARN 的这一部分可以是资源的名称或 ID 或资源路径。例如,对于 IAM 用户或 EC2 实例。某些资源标识符包括父资源(子资源类型/父资源/子资源)或限定符(如版本(资源类型:资源名称:限定符)。user/Bobinstance/i-1234567890abcdef0
ARN 中的路径
资源 ALUN 可以包括路径。例如,在 Amazon S3 中,资源标识符是一个对象名称,可以包含斜杠 () 以形成路径。同样,IAM 用户名和组名可以包含路径。/
路径可以包括通配符,即星号 ()。例如,如果要编写 IAM 策略,可以使用通配符指定具有该路径的所有 IAM 用户,如下所示:*product_1234
arn:aws:iam::123456789012:user/Development/product_1234/*
同样,您可以指定表示所有用户或表示所有组,如以下示例所示:user/*group/*
"Resource":"arn:aws:iam::123456789012:user/*"
"Resource":"arn:aws:iam::123456789012:group/*"
不能使用通配符在基于资源策略或角色信任策略中指定元素中的所有用户。在任何策略中,组不支持作为主体。Principal
下面的示例显示资源名称包含路径的 Amazon S3 存储桶的 AN:
arn:aws:s3:::my_corporate_bucket/*
arn:aws:s3:::my_corporate_bucket/Development/*
不能在 ARN 中指定资源类型的部分使用通配符,例如 IAM ARN 中的术语。user
不允许执行以下操作:
arn:aws:iam::123456789012:u*
资源 ALUN
AWS 标识和访问管理 (IAM) 的文档列出了每个服务支持的 ALUN,用于资源级权限。有关详细信息,请参阅 IAM 用户指南 中 AWS服务的操作、资源和条件密钥。
7.2 使用 Elasticsearch 发布 Minio 事件
这个通知目标支持两种格式:namespace 和 access
如果使用的是 namespace 格式,MinIO 将桶中对象与索引中的文档进行同步。对于 MinIO 的每个事件,ES 都会创建一个 document,这个 document 的 ID 就是存储桶以及存储对象的名称。事件的其他的细节存储在 document 的正文中。因此,如果一个已经存在的对象在 MinIO 被覆盖,在 ES 中的相对应的 document 也会被更新。如果一个对象被删除,相对应的 document 也会从 index 中删除。
如果使用的是 access 格式,MinIO将事件作为document加到ES的index中。对于每一个事件,ES 同样会创建一个 document,这个document 包含事件的所有细节,document 的时间戳设置为事件的事件戳,并将该document加到ES的index中。这个document的ID是由ES随机生成的。在_access_格式下,没有文档会被删除或者修改,对于一个对象的操作,都会生成新的document附加到index中。
下面的步骤以 namespace 的格式,另一种格式类似就不累赘了。
7.2.1 安装 es,熟悉 mc admin操作
7.2.2 把 ES 集成到 MinIO 中
通过 MinIO 客户端 mc ,获取可配置的参数
[root@tools-112 minio]# mc admin config get minio112
KEYS:
region label the location of the server
storage_class define object level redundancy
cache add caching storage tier
compression enable server side compression of objects
etcd federate multiple clusters for IAM and Bucket DNS
identity_openid enable OpenID SSO support
identity_ldap enable LDAP SSO support
policy_opa enable external OPA for policy enforcement
kms_vault enable external HashiCorp Vault key management service
kms_kes enable external MinIO key encryption service
api manage global HTTP API call specific features, such as throttling, authentication types, etc.
logger_webhook send server logs to webhook endpoints
audit_webhook send audit logs to webhook endpoints
notify_webhook publish bucket notifications to webhook endpoints
notify_amqp publish bucket notifications to AMQP endpoints
notify_kafka publish bucket notifications to Kafka endpoints
notify_mqtt publish bucket notifications to MQTT endpoints
notify_nats publish bucket notifications to NATS endpoints
notify_nsq publish bucket notifications to NSQ endpoints
notify_mysql publish bucket notifications to MySQL databases
notify_postgres publish bucket notifications to Postgres databases
notify_elasticsearch publish bucket notifications to Elasticsearch endpoints
notify_redis publish bucket notifications to Redis datastores由于我们使用的是 es 桶通知事件,所以使用 key 为 notify_elasticsearch,查看这个 key 需配置哪些参数
[root@tools-112 minio]# mc admin config set minio112 notify_elasticsearch
KEY:
notify_elasticsearch[:name] publish bucket notifications to Elasticsearch endpoints
ARGS:
url* (url) Elasticsearch server's address, with optional authentication info
index* (string) Elasticsearch index to store/update events, index is auto-created
format* (namespace*|access) 'namespace' reflects current bucket/object list and 'access' reflects a journal of object operations, defaults to 'namespace'
queue_dir (path) staging dir for undelivered messages e.g. '/home/events'
queue_limit (number) maximum limit for undelivered messages, defaults to '100000'
comment (sentence) optionally add a comment to this setting注意:
- ‘*’ 结尾的参数是必填的.
- ‘*’ 结尾的值,是参数的的默认值.
- 当通过环境变量配置的时候,
:name可以通过这样MINIO_NOTIFY_WEBHOOK_ENABLE_<name>的格式指定.s
所以 url,index,format 这三个参数是需要配置的
[root@tools-112 minio]# mc admin config set minio112 notify_elasticsearch url=http://192.168.133.112:9200 index=minio_events
Setting new key has been successful.
Please restart your server with `mc admin service restart minio112`.
查看是否设置成功
[root@tools-112 minio]# mc admin config get minio112 notify_elasticsearch
notify_elasticsearch url=http://192.168.133.112:9200 format=namespace index=minio_events queue_dir= queue_limit=0设置成功后会提示你重启 MinIO,重启后查看打印的日志
[root@tools-112 minio]# cat minio-start.log
┏━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓
┃ You are running an older version of MinIO released 4 months ago ┃
┃ Update: Run `mc admin update` ┃
┗━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┛
Waiting for all MinIO sub-systems to be initialized.. lock acquired
All MinIO sub-systems initialized successfully
Status: 4 Online, 0 Offline.
Endpoint: http://192.168.133.112:9000 http://10.0.2.15:9000 http://127.0.0.1:9000
Waiting for all MinIO IAM sub-system to be initialized.. lock acquired
SQS ARNs: arn:minio:sqs::_:elasticsearch
Browser Access:
http://192.168.133.112:9000 http://10.0.2.15:9000 http://127.0.0.1:9000
Object API (Amazon S3 compatible):
Go: https://docs.min.io/docs/golang-client-quickstart-guide
Java: https://docs.min.io/docs/java-client-quickstart-guide
Python: https://docs.min.io/docs/python-client-quickstart-guide
JavaScript: https://docs.min.io/docs/javascript-client-quickstart-guide
.NET: https://docs.min.io/docs/dotnet-client-quickstart-guide
Detected default credentials 'minioadmin:minioadmin', please change the credentials immediately using 'MINIO_ACCESS_KEY' and 'MINIO_SECRET_KEY'获取到 arns
arn:minio:sqs::_:elasticsearch7.2.3 使用 MinIO 客户端启用 bucket 通知
我们现在可以在一个叫images的存储桶上开启事件通知。一旦有文件被创建或者覆盖,一个新的ES的document会被创建或者更新到之前咱配的index里。如果一个已经存在的对象被删除,这个对应的document也会从index中删除。因此,这个ES index里的行,就映射着images存储桶里的对象。
要配置这种存储桶通知,我们需要用到前面步骤MinIO输出的ARN信息。更多有关ARN的资料,请参考这里。
有了mc这个工具,这些配置信息很容易就能添加上。假设咱们的MinIO服务别名叫myminio,可执行下列脚本:
[root@tools-112 minio]# mc mb minio112/image
mc: <ERROR> Unable to make bucket `minio112/image`. Your previous request to create the named bucket succeeded and you already own it.
[root@tools-112 minio]#
[root@tools-112 minio]# mc event add minio112/image arn:minio:sqs::_:elasticsearch --suffix .jpg
Successfully added arn:minio:sqs::_:elasticsearch
[root@tools-112 minio]# mc event list minio112/image
arn:minio:sqs::_:elasticsearch s3:ObjectCreated:*,s3:ObjectRemoved:*,s3:ObjectAccessed:* Filter: suffix=".jpg"7.2.4 验证 ES
上传一张图片到 image 存储
mc cp myphoto.jpg minio112/image使用curl查到minio_events index中的内容。
{
"took" : 1,
"timed_out" : false,
"_shards" : {
"total" : 5,
"successful" : 5,
"skipped" : 0,
"failed" : 0
},
"hits" : {
"total" : 1,
"max_score" : 1.0,
"hits" : [
{
"_index" : "minio_events",
"_type" : "event",
"_id" : "image/dog.jpg",
"_score" : 1.0,
"_source" : {
"Records" : [
{
"eventVersion" : "2.0",
"eventSource" : "minio:s3",
"awsRegion" : "",
"eventTime" : "2020-11-23T08:00:29.909Z",
"eventName" : "s3:ObjectCreated:Put",
"userIdentity" : {
"principalId" : "minioadmin"
},
"requestParameters" : {
"accessKey" : "minioadmin",
"region" : "",
"sourceIPAddress" : "192.168.133.1"
},
"responseElements" : {
"x-amz-request-id" : "164A1433CF1D7B4A",
"x-minio-deployment-id" : "390664ef-8fd1-450d-949e-fc87a12e2919",
"x-minio-origin-endpoint" : "http://192.168.133.112:9000"
},
"s3" : {
"s3SchemaVersion" : "1.0",
"configurationId" : "Config",
"bucket" : {
"name" : "image",
"ownerIdentity" : {
"principalId" : "minioadmin"
},
"arn" : "arn:aws:s3:::image"
},
"object" : {
"key" : "dog.jpg",
"size" : 54813,
"eTag" : "b3d5bfeefb127c9e51d9fb9ad4e554b8",
"contentType" : "image/jpeg",
"userMetadata" : {
"content-type" : "image/jpeg"
},
"sequencer" : "164A1433D1F0E3A2"
}
},
"source" : {
"host" : "192.168.133.1",
"port" : "",
"userAgent" : "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36"
}
}
]
}
}
]
}
}这个输出显示在ES中为这个事件创建了一个document。
这里我们可以看到这个document ID就是存储桶和对象的名称。如果用的是access格式,这个document ID就是由ES随机生成的。
八.异常
- Server not initialized, please try again
直接查看 MinIO 的启动日志,一般会有详细的出错原因。
本文章为转载内容,我们尊重原作者对文章享有的著作权。如有内容错误或侵权问题,欢迎原作者联系我们进行内容更正或删除文章。
