对接-组合:如何使用minio在docker网络内外

6fe3ivhb  于 2023-01-16  发布在  Docker
关注(0)|答案(7)|浏览(157)

我使用以下docker-compose.yml为我的Laravel应用程序运行本地环境。

version: '3'
services:
  app:
    build:
      context: .
      dockerfile: .docker/php/Dockerfile
    ports:
      - 80:80
      - 443:443
    volumes:
      - .:/var/www:delegated
    environment:
      AWS_ACCESS_KEY_ID: minio_access_key
      AWS_SECRET_ACCESS_KEY: minio_secret_key
      AWS_BUCKET: Bucket
      AWS_ENDPOINT: http://s3:9000
    links:
      - database
      - s3
  database:
    image: mariadb:10.3
    ports:
      - 63306:3306
    environment:
      MYSQL_ROOT_PASSWORD: secret
  s3:
    image: minio/minio
    ports:
      - "9000:9000"
    volumes:
      - ./storage/minio:/data
    environment:
      MINIO_ACCESS_KEY: minio_access_key
      MINIO_SECRET_KEY: minio_secret_key
    command: server /data

如你所见,我使用minio作为AWS S3兼容的存储。这工作得很好,但当我为一个文件(Storage::disk('s3')->url('some-file.txt'))生成一个url时,显然我得到了一个像这样的url http://s3:9000/Bucket/some-file.txt,它在Docker网络之外不起作用。
我已经尝试将AWS_ENDPOINT设置为http://127.0.0.1:9000,但Laravel无法连接到Minio服务器...
有没有办法配置Docker / Laravel / Minio来生成可以在Docker网络内外访问的URL?

5ssjco0h

5ssjco0h1#

如何绑定地址?(未测试)

...
  s3:
    image: minio/minio
    ports:
      - "9000:9000"
    volumes:
      - ./storage/minio:/data
    environment:
      MINIO_ACCESS_KEY: minio_access_key
      MINIO_SECRET_KEY: minio_secret_key
    command: server --address 0.0.0.0:9000 /data
oug3syen

oug3syen2#

我扩展了这个问题中的解决方案,创建了一个既适用于本地主机又适用于具有可访问dns的服务器的解决方案。
localhost解决方案本质上就是上面描述的解决方案。

创建localhost主机Map

sudo echo "127.0.0.1       my-minio-localhost-alias" >> /etc/hosts

设置主机名,对本地主机使用“my-minio-localhost-alias”

export HOSTNAME=my-minio-localhost-alias

创建hello.txt文件

Hello from Minio!

创建停靠合成.yml

此合成文件包含以下容器:

  • 迷你:迷你服务
  • minio-mc:用于初始化内容的命令行工具
  • s3-client:命令行工具,用于生成预先签名的url
version: '3.7'
networks:
  mynet:
services:
  minio:
    container_name: minio
    image: minio/minio
    ports:
    - published: 9000
      target: 9000
    command: server /data
    networks:
      mynet:
        aliases:
        # For localhost access, add the following to your /etc/hosts
        # 127.0.0.1       my-minio-localhost-alias
        # When accessing the minio container on a server with an accessible dns, use the following
        - ${HOSTNAME}
  # When initializing the minio container for the first time, you will need to create an initial bucket named my-bucket.
  minio-mc:
    container_name: minio-mc
    image: minio/mc
    depends_on:
    - minio
    volumes:
    - "./hello.txt:/tmp/hello.txt"
    networks:
      mynet:
  s3-client:
    container_name: s3-client
    image: amazon/aws-cli
    environment:
      AWS_ACCESS_KEY_ID: minioadmin
      AWS_SECRET_ACCESS_KEY: minioadmin
    depends_on:
    - minio
    networks:
      mynet:

启动迷你容器

docker-compose up -d minio

在minio中创建存储桶并加载文件

docker-compose run minio-mc mc config host add docker http://minio:9000 minioadmin minioadmin
docker-compose run minio-mc mb docker/my-bucket
docker-compose run minio-mc mc cp /tmp/hello.txt docker/my-bucket/foo.txt

创建可在Docker网络内外访问的预签名URL

docker-compose run s3-client --endpoint-url http://${HOSTNAME}:9000 s3 presign s3://my-bucket/hello.txt
jobtbby3

jobtbby33#

由于您要将主机上的9000端口Map到该服务,因此如果您只是将s3添加到hosts文件(Mac/Linux上的/etc/hosts)中,您应该能够通过s3:9000访问它
将此127.0.0.1 s3添加到hosts文件中,您应该能够使用https://s3:9000/path/to/file从主机访问s3容器
这意味着您可以从Docker网络内部和外部使用s3主机名

nwwlzxa7

nwwlzxa74#

我没有找到一个完整的minio设置使用码头组成.这里是:

version: '2.4'

services:
  s3:
    image: minio/minio:latest
    ports:
      - "9000:9000"
      - "9099:9099"
    environment:
      MINIO_ROOT_USER: minioadmin
      MINIO_ROOT_PASSWORD: minioadmin
    volumes:
      - storage-minio:/data
    command: server --address ":9099" --console-address ":9000" /data
    restart: always # necessary since it's failing to start sometimes

volumes:
  storage-minio:
    external: true

在命令部分中,我们有address,这是API地址,我们有console-address,您可以在其中连接到控制台,请参见下图。使用MINIO_ROOT_USERMINIO_ROOT_PASSWORD值登录。

42fyovps

42fyovps5#

将别名“s3”添加到我的本地主机文件中并没有达到这个目的,但是显式地将端口绑定到127.0.0.1就像一个魔咒:

s3:
    image: minio/minio:RELEASE.2022-02-05T04-40-59Z
    restart: "unless-stopped"
    volumes:
        - s3data:/data
    environment:
        MINIO_ROOT_USER: minio
        MINIO_ROOT_PASSWORD: minio123
    # Allow all incoming hosts to access the server by using 0.0.0.0
    command: server --address 0.0.0.0:9000 --console-address ":9001" /data
    ports:
        # Bind explicitly to 127.0.0.1
        - "127.0.0.1:9000:9000"
        - "9001:9001"
    healthcheck:
        test: ["CMD", "curl", "-f", "http://127.0.0.1:9000/minio/health/live"]
        interval: 30s
        timeout: 20s
        retries: 3
lrl1mhuk

lrl1mhuk6#

您可以使用另一个地址进行签名(例如,localhost:9000从您的计算机网络访问它),然后,您可以将代理应用到Minio客户端,以便它可以向Docker网络中的容器发出实际请求。
我已经设法与下面的代码(在dotnet的例子):

MinioClient client = new MinioClient()
    .WithEndpoint("localhost:9000")
    .WithCredentials('----', '-----')
    .WithProxy(new WebProxy('s3', 9000)) // configuring proxy here
    .WithSSL(false)
    .Build();
qij5mzcb

qij5mzcb7#

对于那些正在寻找s3与minio对象服务器集成测试的人。特别是JAVA实现。
驳接合成文件:

version: '3.7'
services:
  minio-service:
    image: quay.io/minio/minio
    command: minio server /data
    ports:
      - "9000:9000"
    environment:
      MINIO_ROOT_USER: minio
      MINIO_ROOT_PASSWORD: minio123

实际的集成测试类:

import com.amazonaws.auth.AWSStaticCredentialsProvider;
import com.amazonaws.auth.BasicAWSCredentials;
import com.amazonaws.client.builder.AwsClientBuilder;
import com.amazonaws.regions.Regions;
import com.amazonaws.services.s3.AmazonS3;
import com.amazonaws.services.s3.AmazonS3ClientBuilder;
import com.amazonaws.services.s3.model.S3Object;
import org.junit.jupiter.api.*;
import org.testcontainers.containers.DockerComposeContainer;

import java.io.File;

@TestInstance(TestInstance.Lifecycle.PER_CLASS)
class MinioIntegrationTest {

    private static final DockerComposeContainer minioContainer = new DockerComposeContainer<>(new File("src/test/resources/docker-compose.yml"))
            .withExposedService("minio-service", 9000);
    private static final String MINIO_ENDPOINT = "http://localhost:9000";
    private static final String ACCESS_KEY = "minio";
    private static final String SECRET_KEY = "minio123";
    private AmazonS3 s3Client;

    @BeforeAll
    void setupMinio() {
        minioContainer.start();
        initializeS3Client();
    }

    @AfterAll
    void closeMinio() {
        minioContainer.close();
    }

    private void initializeS3Client() {
        String name = Regions.US_EAST_1.getName();
        AwsClientBuilder.EndpointConfiguration endpoint = new AwsClientBuilder.EndpointConfiguration(MINIO_ENDPOINT, name);
         s3Client = AmazonS3ClientBuilder.standard()
                .withCredentials(new AWSStaticCredentialsProvider(new BasicAWSCredentials(ACCESS_KEY, SECRET_KEY)))
                .withEndpointConfiguration(endpoint)
                .withPathStyleAccessEnabled(true)
                .build();
    }

    @Test
    void shouldReturnActualContentBasedOnBucketName() throws Exception{
        String bucketName = "test-bucket";
        String key = "s3-test";
        String content = "Minio Integration test";
        s3Client.createBucket(bucketName);
        s3Client.putObject(bucketName, key, content);
        S3Object object = s3Client.getObject(bucketName, key);
        byte[] actualContent = new byte[22];
        object.getObjectContent().read(actualContent);
        Assertions.assertEquals(content, new String(actualContent));
    }
}

相关问题