MinIO
      Back to home
      1. Support
      2. IT
      3. MinIO

      Deploying MinIO Server for S3 Connectivity to Myota.

      MinIO is a high-performance, software-defined object storage platform that brings scalable, cloud-like storage to on-premises environments.

      If your on-premises storage solution does not support an S3-compatible interface, MinIO is recommended to provide S3 support. MinIO is a high-performance, software-defined object storage server designed for robust scalability and reliability. It can run on both consumer and enterprise-grade hardware across a wide range of operating systems and platforms.

      Considerations Checklist

      Refer to the Linux deployment checklist below when configuring your production, distributed MinIO environment.

      https://min.io/docs/minio/linux/operations/checklists/software.html

      Prerequisites

      Mount your storage to a specific path, such as /mnt/store1, or use a local directory like /data for storing your data. Ensure read and write permissions are granted to the mount point, open firewall port 9000 for S3 APIs, and, if needed, open port 9001 for the Web Console. Always secure your data with a TLS certificate.

      Install MinIO

      For production deployments, MinIO should be installed on a Linux system to ensure compatibility and optimal performance. Windows environments are not recommended because their file system restrictions prevent support for certain S3 object naming conventions, such as question marks ('?') in object names—a feature required for S3 and Linux-based MinIO environments to ensure full compatibility and application support. This design choice provides organizations with the flexibility to accommodate diverse data types and ensures seamless operation across industry-standard storage workflows.

      Recommended Hardware and Storage Requirements

      Refer to the official MinIO Storage Requirements for detailed guidance on storage architecture, recommended file systems, drive types, optimal layouts for scalability, redundancy, and fault tolerance, as well as best practices for deploying MinIO in enterprise and high-availability environments.

      For optimal performance and compatibility, format the Myota sharded data storage volume with the XFS file system.

      To download the MinIO server, visit the official MinIO documentation and select the appropriate package for your operating system and architecture.

      Use the resources below for step-by-step instructions on installing MinIO in a standalone server environment.

      For comprehensive guidance on deploying MinIO in a production environment, see the link below.

      Download the MinIO server package.

      1 wget https://dl.min.io/server/minio/release/linuxamd64/
      archive/minio_20230309231613.0.0_amd64.deb -O minio.deb
      2 sudo dpkg -i minio.deb

      Create the MinIO user and group.

      1 groupadd -r minio-user
      2 useradd -M -r -g minio-user minio-user

      Set up a directory to store MinIO data based on your deployment type (such as local storage, NFS mount, or another configuration).

      1 mkdir /data
      2 chown minio-user:minio-user /data

      Create the `minio.service` file (for example, in `/usr/lib/systemd/system/minio.service` on Ubuntu). Ensure the `User` and `Group` settings match your designated MinIO user (e.g., `minio-user`), and confirm the `EnvironmentFile` path points to `/etc/default/minio`.

      1 vi /usr/lib/systemd/system/minio.service
      1 [Unit]
      2 Description=MinIO
      3 Documentation=https://min.io/docs/minio/linux/index.html
      4 Wants=network-online.target
      5 After=network-online.target
      6 AssertFileIsExecutable=/usr/local/bin/minio
      7
      8 [Service]
      9 WorkingDirectory=/usr/local
      10
      11 User=minio-user
      12 Group=minio-user
      13 ProtectProc=invisible
      14
      15 EnvironmentFile=-/etc/default/minio
      16 ExecStartPre=/bin/bash -c "if [ -z \"${MINIO_VOLUMES}\" ]; then echo \"Variable
      MINIO_VOLUMES not set in /etc/default/minio\"; exit 1; fi"
      17 ExecStart=/usr/local/bin/minio server $MINIO_OPTS $MINIO_VOLUMES
      18
      19 # MinIO RELEASE.2023-05-04T21-44-30Z adds support for Type=notify
      (https://www.freedesktop.org/software/systemd/man/systemd.service.html#Type=)
      20 # This may improve systemctl setups where other services use `After=minio.server`
      21 # Uncomment the line to enable the functionality
      22 # Type=notify
      23
      24 # Let systemd restart this service always
      25 Restart=always
      26
      27 # Specifies the maximum file descriptor number that can be opened by this process
      28 LimitNOFILE=65536
      29
      30 # Specifies the maximum number of threads this process can create
      31 TasksMax=infinity
      32
      33 # Disable timeout logic and wait until process is stopped
      34 TimeoutStopSec=infinity
      35 SendSIGKILL=no
      36
      37 [Install]
      38 WantedBy=multi-user.target
      39
      40 # Built for ${project.name}-${project.version} (${project.name})

      Edit the environment file (/etc/default/minio) to set values for MINIO_ROOT_USER, MINIO_ROOT_PASSWORD, and MINIO_VOLUMES. By default, the Web Console uses port 9001 and the API uses port 9000. To allow MinIO to accept requests from all interfaces, comment out the MINIO_SERVER_URL line.

      1 vi /etc/default/minio
      1 # MINIO_ROOT_USER and MINIO_ROOT_PASSWORD sets the root account for the MinIO server.
      2 # This user has unrestricted permissions to perform S3 and administrative API operations
      on any resource in the deployment.
      3 # Omit to use the default values 'minioadmin:minioadmin'.
      4 # MinIO recommends setting non-default values as a best practice, regardless of
      environment
      5
      6 MINIO_ROOT_USER=your_admin_user
      7 MINIO_ROOT_PASSWORD=your_admin_password
      8
      9 # MINIO_VOLUMES sets the storage volume or path to use for the MinIO server.
      10
      11 MINIO_VOLUMES="/data"
      12
      13 # MINIO_OPTS sets any additional commandline options to pass to the MinIO server.
      14 # For example, `--console-address :9001` sets the MinIO Console listen port
      15 MINIO_OPTS="--console-address :9001"
      16
      17 # MINIO_SERVER_URL sets the hostname of the local machine for use with the MinIO Server
      18 # MinIO assumes your network control plane can correctly resolve this hostname to the
      local machine
      19
      20 # Uncomment the following line and replace the value with the correct hostname for the
      local machine and port for the MinIO server (9000 by default).
      21
      22 # MINIO_SERVER_URL="https://YOUR_DOMAIN:9000"

      Start the MinIO service.

      1 systemctl start minio.service

      Verify the status of the MinIO service.

      1 systemctl status minio.service
      1 minio.service - MinIO
      2 Loaded: loaded (/lib/systemd/system/minio.service; disabled; vendor preset: enabled)
      Here in the status, look at addresses at S3-API and Console. It should have IP addresses of
      all network interfaces. In this example, there are private IP address, public IP address, and
      localhost.
      Note that protocol is ‘http’ or ‘https’.
      Visit Minio Web console at port 9001 and test S3 APIs at port 9000.
      TLS configuration
      There are two options to setup TSL.
      Option 1: Setup certificate directly at Minio server
      Put your certificate and private key like this structure.
      3 Active: active (running) since Mon 2024-02-26 19:43:58 UTC; 2 days ago
      4 Docs: https://docs.min.io
      5 Process: 890 ExecStartPre=/bin/bash -c if [ -z "${MINIO_VOLUMES}" ]; then echo
      "Variable MINIO_VOLUMES not set in /etc/default/minio"; exit 1; fi (code=exi>
      6 Main PID: 891 (minio)
      7 Tasks: 10
      8 CPU: 2min 7.399s
      9 CGroup: /system.slice/minio.service
      10 └─891 /usr/local/bin/minio server --console-address :9001 /data
      11
      12 Feb 26 19:43:58 localhost minio[891]: Copyright: 2015-2024 MinIO, Inc.
      13 Feb 26 19:43:58 localhost minio[891]: License: GNU AGPLv3
      <https://www.gnu.org/licenses/agpl-3.0.html>
      14 Feb 26 19:43:58 localhost minio[891]: Version: RELEASE.2024-02-17T01-15-57Z (go1.21.7
      linux/amd64)
      15 Feb 26 19:43:58 localhost minio[891]: Status: 1 Online, 0 Offline.
      16 Feb 26 19:43:58 localhost minio[891]: S3-API: http://192.168.136.67:9000
      http://139.144.215.26:9000 http://127.0.0.1:9000
      17 Feb 26 19:43:58 localhost minio[891]: Console: http://192.168.136.67:9001
      http://139.144.215.26:9001 http://127.0.0.1:9001
      18 Feb 26 19:43:58 localhost minio[891]: Documentation:
      https://min.io/docs/minio/linux/index.html
      19 Feb 26 19:43:58 localhost minio[891]: Warning: The standard parity is set to 0. This can
      lead to data loss.
      20 Feb 26 19:43:58 localhost minio[891]: You are running an older version of MinIO released
      1 week before the latest release
      21 Feb 26 19:43:58 localhost minio[891]: Update: Run `mc admin update ALIAS`

      In the service status output, verify that the S3-API and Console addresses reflect all active network interfaces, including private, public, and localhost IP addresses. Confirm that the protocol (http or https) displays correctly. You can access the MinIO Web Console on port 9001 and validate S3 API access on port 9000.

      TLS configuration

      You have two methods to configure TLS.

      Option 1: Setup certificate directly at Minio server
      Place your certificate and private key in the following directory structure.

      1 /home/minio-user/.minio/
      2 └── certs
      3 ├── YOUR_DOMAIN
      4 │ ├── private.key
      5 │ └── public.crt
      6 ├── private.key
      7 └── public.crt

      Update the MINIO_SERVER_URL value in the environment file (e.g., /etc/default/minio) and remove the comment marker from the line.

      1 # MINIO_ROOT_USER and MINIO_ROOT_PASSWORD sets the root account for the MinIO server.
      2 # This user has unrestricted permissions to perform S3 and administrative API operations
      on any resource in the deployment.
      3 # Omit to use the default values 'minioadmin:minioadmin'.
      4 # MinIO recommends setting non-default values as a best practice, regardless of
      environment
      5
      6 MINIO_ROOT_USER=your_admin_user
      7 MINIO_ROOT_PASSWORD=your_admin_password
      8
      9 # MINIO_VOLUMES sets the storage volume or path to use for the MinIO server.
      10
      11 MINIO_VOLUMES="/data"
      12
      13 # MINIO_OPTS sets any additional commandline options to pass to the MinIO server.
      14 # For example, `--console-address :9001` sets the MinIO Console listen port
      15 MINIO_OPTS="--console-address :9001"
      16
      17 # MINIO_SERVER_URL sets the hostname of the local machine for use with the MinIO Server
      18 # MinIO assumes your network control plane can correctly resolve this hostname to the
      local machine
      19
      20 # Uncomment the following line and replace the value with the correct hostname for the
      local machine and port for the MinIO server (9000 by default).
      21
      22 MINIO_SERVER_URL="https://YOUR_DOMAIN:9000"

      Restart the MinIO service.

      1 systemctl restart minio.service
      1 minio.service - MinIO
      2 Loaded: loaded (/lib/systemd/system/minio.service; disabled; vendor preset: enabled)
      3 Active: active (running) since Mon 2024-02-26 19:43:58 UTC; 2 days ago
      4 Docs: https://docs.min.io
      5 Process: 890 ExecStartPre=/bin/bash -c if [ -z "${MINIO_VOLUMES}" ]; then echo
      "Variable MINIO_VOLUMES not set in /etc/default/minio"; exit 1; fi (code=exi>
      6 Main PID: 891 (minio)
      7 Tasks: 10
      8 CPU: 2min 7.399s
      9 CGroup: /system.slice/minio.service
      10 └─891 /usr/local/bin/minio server --console-address :9001 /data
      11
      12 Feb 26 19:43:58 localhost minio[891]: Copyright: 2015-2024 MinIO, Inc.
      13 Feb 26 19:43:58 localhost minio[891]: License: GNU AGPLv3
      <https://www.gnu.org/licenses/agpl-3.0.html>
      Now, S3-API (or Console) will show you “https” and your domain name is specified.
      Update DNS record with Minio server IP address
      Option 2: Setup certificate at Load Balancer or Proxy
      Keep /home/minio-user/.minio/certs folder empty. (maybe CAs folder is created automatically.
      You can leave CAs folder)
      Comment out MINIO_SERVER_URL in environment file. It makes Minio server receives
      requests from all interfaces.
      Setup Proxy or Load Balancer.
      Add Minio server(s)
      Add certificate and key at Proxy or Load Balancer
      Update DNS record with Proxy or Load Balancer IP address
      14 Feb 26 19:43:58 localhost minio[891]: Version: RELEASE.2024-02-17T01-15-57Z (go1.21.7
      linux/amd64)
      15 Feb 26 19:43:58 localhost minio[891]: Status: 1 Online, 0 Offline.
      16 Feb 26 19:43:58 localhost minio[891]: S3-API: https://192.168.136.67:9000
      https://139.144.215.26:9000 https://127.0.0.1:9000
      17 Feb 26 19:43:58 localhost minio[891]: Console: https://192.168.136.67:9001
      https://139.144.215.26:9001 https://127.0.0.1:9001
      18 Feb 26 19:43:58 localhost minio[891]: Documentation:
      https://min.io/docs/minio/linux/index.html
      19 Feb 26 19:43:58 localhost minio[891]: Warning: The standard parity is set to 0. This can
      lead to data loss.
      20 Feb 26 19:43:58 localhost minio[891]: You are running an older version of MinIO released
      1 week before the latest release
      21 Feb 26 19:43:58 localhost minio[891]: Update: Run `mc admin update ALIAS`

      Option 2: Setup certificate at Load Balancer or Proxy

      Leave the /home/minio-user/.minio/certs directory empty. If a CAS folder is present, you can retain it.

      1 /home/minio-user/.minio/
      2 └── certs

      Comment out the MINIO_SERVER_URL entry in the environment file to allow the MinIO server to accept requests from all network interfaces.

      Register your MinIO server nodes, apply your SSL certificate and key to the proxy or load balancer, and update the DNS record to route traffic through the proxy or load balancer IP address.

      Resources

      Install and Deploy MinIO - https://min.io/docs/minio/linux/operations/install-deploy-manage/deploy-minio-single-node-single-drive.html