S3 for MinIO
3 minute read.Last Modified 2023-11-17 11:50 EST
Due to security vulnerabilities and maintainability issues, the S3 service is deprecated in TrueNAS CORE 13.0 and removed in CORE 13.1. Beginning in CORE 13.0-U6, the CORE web interface generates an alert when the deprecated service is either actively running or is enabled to start on boot.TrueNAS EnterpriseBeginning in CORE 13.0-U6, Enterprise customers with the S3 service running or enabled are prevented from upgrading to the next major version.
Users should plan to migrate to a separately maintained MinIO plugin or otherwise move any production data away from the S3 service storage location. Migrating from the built-in S3 service to the plugin could result in an extended data migration window and potential disruption to S3 data access.
See the CORE 13.0 MinIO Plugin tutorial for detailed migration instructions.
MinIO connections and service is configured using the Services S3 screen.
MinIO deprecated Access key and Secret key. MinIO now utilizes MINIO_ROOT USER and MINIO_ROOT_PASSWORD arguments and their values. For the ROOT_USER value, use a name up to 20 characters. For the ROOT_PASSWORD, use a string of 8 to 40 randomized characters. MinIO recommends using a long password string of unique random characters.
To test access to the MinIO Browser, select Enable Browser. Open a web browser and type the TrueNAS IP address with the TCP port. Example: https://192.168.0.3:9000. Allow the port specified in Port through the network firewall. This permits bucket creation and file uploads.
Different methods are used for connecting to and using MinIO:
s3cmd --configurecommand is available for Ubuntu or other Linux distributions. Using this command you can configure important settings step by step.
Enter the specified access key and the secret key. Under the S3 Endpoint, enter the TrueNAS IP address followed by TCP port, and reply N to the DNS-style bucket+hostname.
Save the file.
On Linux, the default is in the home directory
If the connection has any issues, open
nano .s3cfg or
vi .s3cfg or
gedit .s3cfg depending on the preferred text editor.
For other operating systems, .s3cfg file location and editing tools may vary.
Scroll down to the host_bucket area. Make sure the %(bucket)s. portion is removed. The IP address should point to the IP_address:TCP_port for the system.
host_base = `192.168.123.207:9000` host_bucket = `192.168.123.207:9000`
host_base = `192.168.123.207` host_bucket = `%(bucket)s.192.168.123.207`
Poll the buckets using command
s3cmd ls to see the buckets created with the MinIO Browser.
On Windows PCs, the S3 Browser is another convenient way to connect to the MinIO S3 on a TrueNAS system.
To set it up, first install the S3 Browser.
After installation completes, add a new account.
In the S3 Browser settings, select S3 Compatible Storage as the Account Type. Enter the MinIO access point. Example: (TrueNAS_IP_address:9000 or other port). Select the SSL settings appropriate for the particular setup. The default assumes SSL in S3 Browser, but for a LAN attached session, this may or may not already be set.
It is possible to access, create new buckets, or upload files to created buckets.