draft Create a minio server using local storage

###### tags: `documentation` # draft Create a minio server using local storage * Reference: * https://cloud.redhat.com/blog/how-to-backup-and-restore-acm-with-oadp-and-minio ## requirements ``` dnf -y install @container-tools gparted tuned.noarch tuned-utils.noarch tuned-utils-systemtap.noarch ``` * create a new partition on your laptop * The new partition in my case is named `/dev/nvme0n1p4` Steps: * Create the physical volume, volume group, logical volumes and filesystem ``` vgcreate vg_minio-data /dev/nvme0n1p4 lvcreate -n lv_minio-data -l 100%FREE vg_minio-data lvdisplay lv_minio-data mkfs.xfs /dev/mapper/vg_minio--data-lv_minio--data mkdir -pv /minio/data restorecon -RFvv /minio tuned-adm profile throughput-performance ``` * Update your /etc/fstab and mount ``` # add the following line /dev/mapper/vg_minio--data-lv_minio--data /minio/data xfs defaults,noatime,nodiratime 1 2 mount -v /minio/data/ ``` * create the minio user ``` useradd -s /sbin/nologin -d /minio minio chown -R minio:minio /minio ``` * start the minio container ``` podman run \ --detach \ -p 9000:9000 \ <---- MinIO API Port -p 9001:9001 \ <---- MinIO Console Port --user $(id -u minio):$(id -g minio) \ --name minio-server \ -e "MINIO_ROOT_USER=minio" \ <---- MinIO User API & Console -e "MINIO_ROOT_PASSWORD=minio123" \ <---- MinIO Pass API & Console -v /minio/data:/data:z \ <---- Data Volume Mount quay.io/minio/minio server /data --console-address ":9001" ``` Formatted to execute: ``` podman run --detach -p 9000:9000 -p 9001:9001 --user $(id -u minio):$(id -g minio) --name minio-server -e "MINIO_ROOT_USER=miniouseradmin" -e "MINIO_ROOT_PASSWORD=miniouserpass" -v /minio/data:/data:z quay.io/minio/minio server /data --console-address ":9001" ``` * start minio container w/ tls * https://github.com/minio/certgen.git * setup ``` mkdir /data/certs pushd /data/certs/ certgen -host "127.0.0.1,localhost" chown -R minio:minio /data/certs popd ``` * add a cert to the trust list in fedora/rhel * https://www.redhat.com/sysadmin/configure-ca-trust-list ``` cp $cert /etc/pki/ca-trust/source/anchors update-ca-trust trust list --filter=ca-anchors | grep -i $example ``` * run w/ ssl cert ``` podman run --detach -p 9000:9000 -p 9001:9001 --user $(id -u root):$(id -g root) --name minio-server -e "MINIO_ROOT_USER=miniouseradmin" -e "MINIO_ROOT_PASSWORD=miniouserpass" -v ./minio-config:/root/.minio:z -v /minio/data:/data:z quay.io/minio/minio server /data --console-address ":9001" 981973f50376f72571caeaaa4f28b368b4f5c5c79186af9ba3a2c8a03ba6872c [root@thinkdoe MINIO]# ls minio-config/certs/ private.key public.crt ``` ``` sudo podman run --detach -p 9000:9000 -p 9001:9001 --user $(id -u minio):$(id -g minio) --name minio-server -e "MINIO_ROOT_USER=minio" -e "MINIO_ROOT_PASSWORD=minio123" -v /minio/certs/:/.minio/certs:z -v /minio/data:/data:z quay.io/minio/minio server /data --console-address ":9001" ``` * Update your firewall ``` firewall-cmd --state firewall-cmd --get-default-zone # depending on your OS version firewall-cmd --zone=public --add-port=9000-9001/tcp --permanent OR firewall-cmd --zone=FedoraWorkstation --add-port=9000-9001/tcp --permanent ``` * If running velero, and you want to run locally ``` kubectl scale --replicas=0 deployment velero -n velero ``` * delete and recreate your backuplocation ``` velero backup-location create default --provider aws --bucket velero --cacert public.crt --config region=local,s3ForcePathStyle="true",s3Url=https://localhost:9000 --credential=local-cloud-credentials=bsl ``` * SUCCESS Now open your browser to localhost:9001 and login ## On Kube https://min.io/docs/minio/kubernetes/upstream/operations/installation.html#minio-k8s-deploy-operator-tls