中间件——：部署篇

---

---

前言

在部署MinIO集群时，定制设计踩了许多坑，定制设计故在此做下记录

---

一、部署MinIO定制设计的限制条件

单机Minio定制设计服务存在单点故障，定制设计如果是一个有N定制设计块硬盘的分布式Minio,只要有N/2硬盘在线，定制设计数据就是安全的、可读的。定制设计不过需要至少有N/2+1个硬盘在线，才能创建新的对象。

二、部署步骤

1.前置环境

1.1 同步系统时间

timedatectl status  # 查看时间timedatectl set-ntp yes # 设置NTP时间同步
1
2

1.2 修改本地主机记录

sudo vim /etc/hosts## 添加三台主机IP,后面部署MinIO指令时有用节点1的IP		node1节点2的IP		node2节点3的IP		node-nginx
1
2
3
4
5
6

2.下载MinIO

在 ~ 目录下操作

# 创建目录mkdir /home/用户名/minio/{app, config,data1,data2,data3,data4 logs } -pcd /home/用户名/minio# 获取文件wget https://dl.min.io/server/minio/release/linux-amd64/minio# 修改文件权限chmod a+x ./app/minio
1
2
3
4
5
6
7
8
9

3. 挂载数据盘

在 ~/minio 目录下操作

## 创建格式化磁盘并挂载的脚本vim fdisk-minio.sh## ---------------脚本内容如下---------------#!/bin/bashcnt=1;for i in b c d e   ## 注意这个名称列表，根据挂载的磁盘名称而决定do	      sudo echo "current operating disk "$i"...........";         sudo fdisk "/dev/sd$i";      sudo mkfs -t ext4 "/dev/sd"$i"1";      sudo mount -t ext4 "/dev/sd"$i"1"  "/home/用户名/minio/data"$cnt"";      cnt=`expr $cnt + 1`;      sudo echo "after plus, cnt = $cnt";donesudo echo "finished operating..... see result ";sudo df -h;## 修改脚本的权限sudo chmod a+x ./fdisk-minio.sh## 同时查看下data{1...4}是否归属于普通用户组，切记不能属于ROOT组否则将会出问题## 执行脚本,输四遍 n->p->1->回车->回车->w， 即可./fdisk-minio.sh## 查看挂载是否成功
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27

4. 运行MinIO

在 ~/minio 目录下操作

## 创建脚本vim run-minio.sh## -------脚本内容--------#!/bin/bash## 配置MinIO登录界面的账号密码export MINIO_ROOT_USER=adminexport MINIO_ROOT_PASSWORD=admin@minio123## 启动脚本，挂载两个节点下的四个数据盘，设置配置文件的目录，登录窗口的端口,已经重定向日志到minio.logs文件./app/minio server --config-dir /home/用户名/minio/config  --console-address ":9001" \ http://node{1...2}/home/用户名/minio/data{1...4} \ /home/用户名/minio/logs/minio.logs 2>&1 &## 修改脚本的权限chmod a+x ./run-minio.sh## 执行脚本./run-minio.sh## 查看日志cat ./logs/minio.log
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23

5. 测试MinIO集群

登录Dashboard页面，点击Support–》Performance

6. 配置访问权限用户

1. 创建三个用户——下载用户、上传用户、管理员用户
2. 每个用户分别创建一个ServiceAccount,用于API访问，记得要记录下Access_Key和Secret_Key（仅显示一次）
   

7. 配置基于Nginx的负载均衡

7.1 下载Nginx

## 安装前置环境sudo apt install curl gnupg2 ca-certificates lsb-release debian-archive-keyring## 导入签名curl https://nginx.org/keys/nginx_signing.key | gpg --dearmor \    | sudo tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/null## 检验签名gpg --dry-run --quiet --import --import-options import-show /usr/share/keyrings/nginx-archive-keyring.gpg## 添加Nginx源echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] \http://nginx.org/packages/debian `lsb_release -cs` nginx" \    | sudo tee /etc/apt/sources.list.d/nginx.list    echo -e "Package: *Pin: origin nginx.orgPin: release o=nginxPin-Priority: 900" \    | sudo tee /etc/apt/preferences.d/99nginx      ## 安装sudo apt updatesudo apt install nginx
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18

7.2 配置负载均衡

## 修改配置文件# client_max_body_size 用来修改允许客户端上传文件的大小。# 默认为1m，如果设置为0，表示上传文件大小不受限制。# 可以在以下模块设置: http, server, location client_max_body_size 10m;## 在http模块下设置    upstream minio {        # 默认所有节点等权重负载均衡，可自行设置        server node1:9000 weight=1;        server node2:9000 weight=1;    }    upstream console {        ip_hash;        server node1:9001;        server node2:9001;    }    server {        listen       9000;        listen  [::]:9000;        server_name  localhost;        # To allow special characters in headers        ignore_invalid_headers off;        # Allow any size file to be uploaded.        # Set to a value such as 1000m; to restrict file size to a specific value        client_max_body_size 0;        # To disable buffering        proxy_buffering off;        proxy_request_buffering off;        location / {            proxy_set_header Host $http_host;            proxy_set_header X-Real-IP $remote_addr;            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;            proxy_set_header X-Forwarded-Proto $scheme;            proxy_connect_timeout 300;            # Default is HTTP/1, keepalive is only enabled in HTTP/1.1            proxy_http_version 1.1;            proxy_set_header Connection "";            chunked_transfer_encoding off;            proxy_pass http://minio;        }    }    server {        listen       9001;        listen  [::]:9001;        server_name  localhost;        # To allow special characters in headers        ignore_invalid_headers off;        # Allow any size file to be uploaded.        # Set to a value such as 1000m; to restrict file size to a specific value        client_max_body_size 0;        # To disable buffering        proxy_buffering off;        proxy_request_buffering off;        location / {            proxy_set_header Host $http_host;            proxy_set_header X-Real-IP $remote_addr;            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;            proxy_set_header X-Forwarded-Proto $scheme;            proxy_set_header X-NginX-Proxy true;            # This is necessary to pass the correct IP to be hashed            real_ip_header X-Real-IP;            proxy_connect_timeout 300;                        # To support websocket            proxy_http_version 1.1;            proxy_set_header Upgrade $http_upgrade;            proxy_set_header Connection "upgrade";                        chunked_transfer_encoding off;            proxy_pass http://console;        }    }
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86

7.3 运行Nginx

## 运行nginxnginx -c /etc/nginx/nginx.conf
1
2

通过浏览器访问 http://Nginx服务IP:9000，如果能够进入console控制台，说明配置成功。