MinIO Quickstart - Object Management

It is like AWS S3 Object storage

Important note User Management: Create non previleged user and its policies.

Versioning

• mc version enable local/sample-bucket
• each version creates version ID which is UUID
• when versioning is not enabled or suspended then the version ID is always null
• On delete the DELETE Marker is created with value 0.

Replication

• Physical: Sync sites (whole setup) sync all the buckets
  • remote must be newly created and empty
  • version is enabled by default on new buckets created
  • to add third+ node check the command is about considering previous all nodes to replicate on new one.
• Logical: Sync buckets
• Active-Passive: only one node is pushing/pulling
• Active-Active: Both nodes are pushing/pulling
• Synchronous: Tighly coupled. Only available for Logical
• Asynchronous: Loosely coupled.

Object Locking/Retention

• Enable Locking at bucket creation mc mb --with-lock local/sample-bucket also enables versioning does nothing else unless modes are set.
• WORM: Wwrite Once Read Many.
• Write Once: Can't update the object at all but can be overwritten or new version can be created.
• Read Many: Read unless locking modes block/delete it.
• Locking Modes: DELETE Markers are not locked. Modes are effective for future files by default.
  1. Duration Based: Expiry can be 90d or 1y etc. mc retention set governance ... 90d ...
     • Governance Mode: Root user can do anything. Protect from unauthorised users from delete/update/durationChange. mc rm --bypass unprev-user/sample-bucket -vid uuid-of-locked will throw an error as WORM protected unless done by prevlgd-user with --bypass.
       • DELETE Marker can be deleted.
       • Bypass: Can delete Marker is possible it applies on the versions.
     • Compliance Mode: Root user also can't do anything. Can't be bypassed.
  2. Legal Holds:
     • Block for everyone from deleting until legal hold is lifted.
     • Need to set for needed object/version not set by default. tip: --recursive tag
  3. Combined Duration Based + Legal Holds
     • Overrides Governance Mode.
     • mc legalhold clear user/bucket can then allow mc rm --bypass --vid

Lifecycle Management

Zero days means immediately

• Expiration Rules:
  • Deletes permenently, delete marker is not added by this.
  • Rules to set expiration time
  • Rules to set expiration time for non-current versions and to keep how many
  • delete marker doesnt expire use --expire-delete-marker to set it
• Transition Rules:
  • after a certain time move the objects on other remote minio storage.
  • Stll and only accessible at origin server not at remote
  • can be restored
  • use --noncurrent-transition-days or --noncurrent-transition-tier to move or put older versions
• Common:
  • Newer flag: to expire or move latest number of versions by default last version only
  • Expiry will override transition and delete remote tier objects too. Use --prefix to avoid/set it.

References