知识仓库

RAG 问答

MinIO

3分钟阅读

MinIO

MinIO 是兼容 AWS S3 协议的高性能开源对象存储,适合私有化部署。单节点适合开发/测试,分布式部署可用于生产。

Docker 部署

单节点(开发/测试)

docker run -d \
  --name minio \
  -p 9000:9000 \
  -p 9001:9001 \
  -v /data/minio:/data \
  -e MINIO_ROOT_USER=admin \
  -e MINIO_ROOT_PASSWORD=admin123456 \
  quay.io/minio/minio server /data --console-address ":9001"
  • 9000 — S3 API 端口
  • 9001 — Web Console 端口
  • /data/minio — 数据持久化目录

Docker Compose

services:
  minio:
    image: quay.io/minio/minio
    container_name: minio
    ports:
      - "9000:9000"
      - "9001:9001"
    volumes:
      - minio_data:/data
    environment:
      MINIO_ROOT_USER: admin
      MINIO_ROOT_PASSWORD: admin123456
    command: server /data --console-address ":9001"
    healthcheck:
      test: ["CMD", "mc", "ready", "local"]
      interval: 30s
      timeout: 10s
      retries: 3
 
volumes:
  minio_data:

Web Console 基本操作

访问 http://localhost:9001,使用 ROOT 账号登录。

创建 Bucket

  1. 左侧菜单 → BucketsCreate Bucket
  2. 填写 Bucket 名称(只能小写字母、数字、连字符)
  3. 选择访问策略:
    • Private — 需认证才能访问(默认)
    • Public — 所有人可读

设置 Bucket 公开可读

Buckets → 选择目标 Bucket → Access Policy → 选择 public,或手动填写:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": {"AWS": ["*"]},
      "Action": ["s3:GetObject"],
      "Resource": ["arn:aws:s3:::your-bucket/*"]
    }
  ]
}

mc 命令行工具

安装

# Linux
curl https://dl.min.io/client/mc/release/linux-amd64/mc -o mc
chmod +x mc && mv mc /usr/local/bin/
 
# macOS
brew install minio/stable/mc

配置连接

mc alias set local http://localhost:9000 admin admin123456

常用命令

# Bucket 操作
mc mb local/my-bucket               # 创建 bucket
mc ls local/                        # 列出所有 bucket
mc rb local/my-bucket --force       # 删除 bucket(含内容)
 
# 文件操作
mc cp ./file.txt local/my-bucket/   # 上传文件
mc cp local/my-bucket/file.txt ./   # 下载文件
mc ls local/my-bucket/              # 列出 bucket 内容
mc rm local/my-bucket/file.txt      # 删除文件
 
# 目录同步
mc mirror ./local-dir local/my-bucket/dir/   # 本地 → MinIO
mc mirror local/my-bucket/ ./local-dir/      # MinIO → 本地
 
# 批量删除
mc rm --recursive --force local/my-bucket/logs/
 
# 生成预签名 URL(7天有效)
mc share download --expire 168h local/my-bucket/file.txt

用户和权限管理

创建用户

mc admin user add local appuser apppassword123

创建策略并绑定

新建 rw-policy.json

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": ["s3:GetObject", "s3:PutObject", "s3:DeleteObject", "s3:ListBucket"],
      "Resource": ["arn:aws:s3:::uploads/*", "arn:aws:s3:::uploads"]
    }
  ]
}
mc admin policy create local rw-uploads rw-policy.json
mc admin policy attach local rw-uploads --user appuser

生命周期管理(自动清理)

自动删除 30 天前的临时文件:

mc ilm rule add local/my-bucket \
  --prefix "tmp/" \
  --expiry-days 30

监控

MinIO 原生暴露 Prometheus 指标:

http://localhost:9000/minio/health/live          # 存活探针
http://localhost:9000/minio/health/ready         # 就绪探针
http://localhost:9000/minio/v2/metrics/cluster   # Prometheus 指标

Prometheus 配置:

- job_name: 'minio'
  metrics_path: /minio/v2/metrics/cluster
  static_configs:
    - targets: ['minio:9000']

相关链接

关系图谱

反向链接