It is like AWS S3 Object storage
Important note User Management: Create non previleged user and its policies.
Versioning
mc version enable local/sample-bucket
- each version creates version ID which is UUID
- when versioning is not enabled or suspended then the version ID is always
null
- On delete the DELETE Marker is created with value 0.
Replication
- Physical: Sync sites (whole setup) sync all the buckets
- remote must be newly created and empty
- version is enabled by default on new buckets created
- to add third+ node check the command is about considering previous all nodes to replicate on new one.
- Logical: Sync buckets
- Active-Passive: only one node is pushing/pulling
- Active-Active: Both nodes are pushing/pulling
- Synchronous: Tighly coupled. Only available for Logical
- Asynchronous: Loosely coupled.
Object Locking/Retention
- Enable Locking at bucket creation
mc mb --with-lock local/sample-bucket
also enables versioning does nothing else unless modes are set. - WORM: Wwrite Once Read Many.
- Write Once: Can't update the object at all but can be overwritten or new version can be created.
- Read Many: Read unless locking modes block/delete it.
- Locking Modes: DELETE Markers are not locked.
Modes are effective for future files by default.
- Duration Based: Expiry can be 90d or 1y etc.
mc retention set governance ... 90d ...
- Governance Mode: Root user can do anything. Protect from unauthorised users from delete/update/durationChange.
mc rm --bypass unprev-user/sample-bucket -vid uuid-of-locked
will throw an error as WORM protected unless done byprevlgd-user
with--bypass
.- DELETE Marker can be deleted.
- Bypass: Can delete Marker is possible it applies on the versions.
- Compliance Mode: Root user also can't do anything. Can't be bypassed.
- Governance Mode: Root user can do anything. Protect from unauthorised users from delete/update/durationChange.
- Legal Holds:
- Block for everyone from deleting until legal hold is lifted.
- Need to set for needed object/version not set by default. tip:
--recursive
tag
- Combined Duration Based + Legal Holds
- Overrides Governance Mode.
-
mc legalhold clear user/bucket
can then allowmc rm --bypass --vid
- Duration Based: Expiry can be 90d or 1y etc.
Lifecycle Management
Zero days means immediately
- Expiration Rules:
- Deletes permenently, delete marker is not added by this.
- Rules to set expiration time
- Rules to set expiration time for non-current versions and to keep how many
- delete marker doesnt expire use
--expire-delete-marker
to set it
- Transition Rules:
- after a certain time move the objects on other remote minio storage.
- Stll and only accessible at origin server not at remote
- can be restored
- use
--noncurrent-transition-days
or--noncurrent-transition-tier
to move or put older versions
- Common:
- Newer flag: to expire or move latest number of versions by default last version only
- Expiry will override transition and delete remote tier objects too. Use
--prefix
to avoid/set it.
References
Top comments (0)