• MinIO Server配置NGINX代理官网文档翻译


    英文文档原文:

    Configure NGINX Proxy for MinIO Server — MinIO Object Storage for Linux

    原文开始:

    The following documentation provides a baseline for configuring NGINX to proxy requests to MinIO in a Linux environment. It is not intended as a comprehensive approach to NGINX, proxying, or reverse proxying in general. Modify the configuration as necessary for your infrastructure.

    This documentation assumes the following:

    • An existing NGINX deployment

    • An existing MinIO deployment

    • A DNS hostname which uniquely identifies the MinIO deployment

    There are two models for proxying requests to the MinIO Server API and the MinIO Console:

    以下文档提供了在Linux环境中将NGINX配置为代理MinIO请求的基线。它不是NGINX、代理或反向代理的综合方法。根据需要修改基础结构的配置

    本文档假定以下内容:

    现有NGINX部署

    现有的MinIO部署

    唯一标识MinIO部署的DNS主机名

    向MinIO服务器API和MinIO控制台代理请求有两种模型:

     第一种模型:Dedicated DNS (专用DNS)


    Create or configure a dedicated DNS name for the MinIO service.

    For the MinIO Server S3 API, proxy requests to the root of that domain. For the MinIO Console Web GUI, proxy requests to the /minio subpath.

    For example, given the hostname minio.example.net:

    • Proxy requests to the root https://minio.example.net to the MinIO Server listening on https://minio.local:9000.

    • Proxy requests to the subpath https://minio.example.net/minio/ui to the MinIO Console listening on https://minio.local:9090.

    The following location blocks provide a template for further customization in your unique environment:

    为MinIO服务创建或配置专用DNS名称。

    对于MinIO服务器S3 API,代理请求到该域的根。对于MinIO控制台Web GUI,代理请求到/MinIO子路径。

    例如,给定主机名minio.example.net:

    对根的代理请求https://minio.example.net到正在侦听的MinIO服务器https://minio.local:9000.

    对子路径的代理请求https://minio.example.net/minio/ui到正在侦听的MinIO控制台https://minio.local:9090.

    以下位置块为在您的独特环境中进行进一步自定义提供了模板:

    1. upstream minio_s3 {
    2. least_conn;
    3. server minio-01.internal-domain.com:9000;
    4. server minio-02.internal-domain.com:9000;
    5. server minio-03.internal-domain.com:9000;
    6. server minio-04.internal-domain.com:9000;
    7. }
    8. upstream minio_console {
    9. least_conn;
    10. server minio-01.internal-domain.com:9090;
    11. server minio-02.internal-domain.com:9090;
    12. server minio-03.internal-domain.com:9090;
    13. server minio-04.internal-domain.com:9090;
    14. }
    15. server {
    16. listen 80;
    17. listen [::]:80;
    18. server_name minio.example.net;
    19. # Allow special characters in headers
    20. ignore_invalid_headers off;
    21. # Allow any size file to be uploaded.
    22. # Set to a value such as 1000m; to restrict file size to a specific value
    23. client_max_body_size 0;
    24. # Disable buffering
    25. proxy_buffering off;
    26. proxy_request_buffering off;
    27. location / {
    28. proxy_set_header Host $http_host;
    29. proxy_set_header X-Real-IP $remote_addr;
    30. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    31. proxy_set_header X-Forwarded-Proto $scheme;
    32. proxy_connect_timeout 300;
    33. # Default is HTTP/1, keepalive is only enabled in HTTP/1.1
    34. proxy_http_version 1.1;
    35. proxy_set_header Connection "";
    36. chunked_transfer_encoding off;
    37. proxy_pass https://minio_s3; # This uses the upstream directive definition to load balance
    38. }
    39. location /minio/ui/ {
    40. rewrite ^/minio/ui/(.*) /$1 break;
    41. proxy_set_header Host $http_host;
    42. proxy_set_header X-Real-IP $remote_addr;
    43. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    44. proxy_set_header X-Forwarded-Proto $scheme;
    45. proxy_set_header X-NginX-Proxy true;
    46. # This is necessary to pass the correct IP to be hashed
    47. real_ip_header X-Real-IP;
    48. proxy_connect_timeout 300;
    49. # To support websockets in MinIO versions released after January 2023
    50. proxy_http_version 1.1;
    51. proxy_set_header Upgrade $http_upgrade;
    52. proxy_set_header Connection "upgrade";
    53. # Some environments may encounter CORS errors (Kubernetes + Nginx Ingress)
    54. # Uncomment the following line to set the Origin request to an empty string
    55. # proxy_set_header Origin '';
    56. chunked_transfer_encoding off;
    57. proxy_pass https://minio_console; # This uses the upstream directive definition to load balance
    58. }
    59. }

    The S3 API signature calculation algorithm does not support proxy schemes where you host the MinIO Server API such as example.net/s3/.

    You must also set the following environment variables for the MinIO deployment:

    S3 API签名计算算法不支持托管MinIO Server API的代理方案,例如.net/S3/。

    您还必须为MinIO部署设置以下环境变量:

    MINIO_SERVER_URL设置为MINIO服务器的代理主机FQDN(完整域名),

    例如:(https://minio.example.net)

    MINIO_BROWSER_REDIRECT_URL设置为MINIO控制台的代理主机FQDN(完整域名)li(https://example.net/minio/ui)

  • 相关阅读:
    Python实战:使用requests通过post方式提交json数据
    注意力机制原理
    Swagger(2):Springfox简介
    AB试验(四)基于规范流程的一个案例分析
    从字节码层面解析Java语言--i与i--的区别
    人事部门OKR案例:为同事创造最佳办公环境
    【Android Gradle 插件】Android 依赖管理 ① ( 依赖库匹配 | 依赖库查找顺序及路径 | Gradle 资源库 )
    Linux内核中__u16、__u32、__u64和size_t的理解
    c语言练习41:深入理解字符串函数strlen strcpy strcat
    扫描转换椭圆与圆的绘制
  • 原文地址:https://blog.csdn.net/qq_29519041/article/details/134182559