Summary
MinIO is one of object storage suites compatible with AWS S3. It is written in Go (Golang) and offers high performance. It is also open source, and available as backend object storage service on private cloud and so on.
This post shows how to install it on OpenBSD and publish it as service. It’s easy, because MinIO is offered via Ports :)
Environment
- OS: OpenBSD 7.2
- Object Storage: MinIO 0.20220826
Tutorial
Install via package manager
Just run:
$ doas pkg_add minio
The output was:
quirks-6.42 signed on 2023-01-08T01:39:04Z
useradd: Warning: home directory `/var/minio' doesn't exist, and -m was not specified
minio-0.20220826: ok
The following new rcscripts were installed: /etc/rc.d/minio
See rcctl(8) for details.
New and changed readme(s):
/usr/local/share/doc/pkg-readmes/minio
Daemon is ready
You will see /etc/rc.d/minio
was created. The daemon control script starts with:
#!/bin/ksh
daemon="/usr/local/bin/minio server"
daemon_flags="/var/minio/export"
daemon_user="_minio"
(...)
Look at daemon_flags
.
/var/minio/export
is created at minio installation.
It means minio data will be stored there.
Well, the minio directory is here:
$ doas ls -aR /var/minio
The output was:
doas ls -aR /var/minio
/var/minio:
. .. export
/var/minio/export:
. ..
Has been unused yet.
Be careful the daemon listens to egress by default
Let’s see /usr/local/share/doc/pkg-readmes/minio
.
According to it:
Its API/web interface is accessible by default on port 9000, listening on all network interfaces.
It means the minio daemon by default listens to egress
and is open to all packets on the external interface.
Extend file limits (Optional)
The readme also says:
Bumping file limits
===================Per https://github.com/minio/minio-service it is advised to run minio with more file descriptors than what is allowed by the default daemon login class.
Add this to the login.conf(5) file if you want to bump those limits:
minio:\ :openfiles-cur=4096:\ :openfiles-max=8192:\ :tc=daemon:
Refer to https://docs.minio.io/ for more details on how to run minio.
In order to extend the limit, edit /etc/login.conf
to append the lines below:
+ minio:\
+ :openfiles-cur=4096:\
+ :openfiles-max=8192:\
+ :tc=daemon:
Then run to update the database:
$ doas cap_mkdb /etc/login.conf
It updates /etc/login.conf.db
which is effective for performance improvement especially on very large /etc/login.conf
.
Activate daemon
Let’s activate the daemon:
$ doas rcctl enable minio
minio(ok)
The run it:
$ doas rcctl start minio
minio(ok)
Besides, alternatively, you may use -f
option to run the server on trial with keeping the daemon deactivated:
$ doas rcctl -f start minio
minio(ok)
Is minio started ?
Let’s see the minio directory again:
$ doas ls -a /var/minio
The output was:
. .. .minio export
.minio
is created !!
In addition, with ls -aR /var/minio
, you will see many files were created ;)
Conclusion
How is networking on the daemon ? Run to check:
$ curl 127.0.0.1:9000
The output was:
<?xml version="1.0" encoding="UTF-8"?>
<Error><Code>AccessDenied</Code><Message>Access Denied.</Message><Resource>/</Resource><RequestId>(...)</RequestId><HostId>(...)</HostId></Error>
Actually, it was “Bad Request”. It should be confirmed with this:
$ curl -I 127.0.0.1:9000
It returned:
HTTP/1.1 400 Bad Request
Accept-Ranges: bytes
Content-Length: 261
Content-Type: application/xml
Server: MinIO
Vary: Origin
Date: Wed, 11 Jan 2023 14:40:57 GMT
It’s OK, because our minio server is just installed. Congratulations for now !!! Configuration should be followed at the next step. What is important here is it gave response !!!
Let’s see it also works to an external request:
$ curl <minio-ip>:9000
Response gotten ? :)