Open in app

Sign in

Write

Sign in

MinIO on premise

Art Krisada
3 min readJul 21, 2020

MinIO is an OpenSource Object Storage. This is a note on how I install with user privilege for user’s bucket.

MinIO Quickstart Guide

MinIO is a High Performance Object Storage released under Apache License v2.0. It is API compatible with Amazon S3…

docs.min.io

First, You need docker in stall in your machine. Then run docker comand. Expose port 9000 or other port you want. Map volume with -v to the path you want to store minio data.

docker run -d -p 9000:9000 \
  --name minio1 \
  -v /Users/me/Documents/data/minio:/data \
  -e "MINIO_ACCESS_KEY=AKIAIOSFODNN7EXAMPLE" \
  -e "MINIO_SECRET_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY" \
  minio/minio server /data

If your minio server is not started, check minio’s log by “docker logs minio1”

If you find this error…

ERROR Unable to initialize server switching into safe-mode: Unable to initialize sub-systems: Unable to initialize config system: Invalid credentials

You might used to run minio docker in this volume before. Check your folder, If you have .minio.sys folder, delete it! Then run docker run…. again.

Open Browser http://localhost:9000

Login with Access Key / Secret Key

After logged in, create folder and upload some files. We will use to check our user permission later.

MinIO Client Quickstart Guide

MinIO Client (mc) provides a modern alternative to UNIX commands like ls, cat, cp, mirror, diff, find etc. It supports…

docs.min.io

Next, run minio client (mc). You will see the prompt(/ #) after docker run.

docker run -it —-entrypoint=/bin/sh minio/mc

Add your minio storage with this command.

mc config host add <ALIAS> <YOUR-S3-ENDPOINT> <YOUR-ACCESS-KEY> <YOUR-SECRET-KEY> — api <API-SIGNATURE>

mc config host add minio1 http://10.38.240.253:9000 AKIAIOSFODNN7EXAMPLE wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY --api S3v4
mc ls minio1

Check minio host, we just added. then create new bucket for new user.

mc mb minio1/newuserbucket

Add new user.

mc admin user add minio1 newuser newuser123

Next, we create policy in json files to allow only bucket. You can use vi in mc client.

vi newuser_rw.json

Add policy to minio.

mc admin policy add minio1 newuserrw newuser_rw.json

Apply policy to newuser.

mc admin policy set minio1 newuserrw user=newuser

Check User’s policy.

mc admin user info minio1 newuser

Open your browser http://localhost:9000 and login with newuser / newuser123

Our newuser can see only newuserbucket.

If you login as your secret key, you will see both bucket.

Minio
Docker
Object Storage
S3 Bucket

--

--

Art Krisada

Written by Art Krisada

38 Followers

Never stop learning, because life never stop teaching.

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams