TrueNAS AppsTrueNAS Apps: Tutorials
Application maintenance is independent from TrueNAS version release cycles.
App versions, features, options, and installation behavior at time of access might vary from documented tutorials and UI reference.

Installing MinIO Enterprise MNMD

The instructions in this article apply to the TrueNAS MinIO Enterprise application installed in a Multi-Node Multi-Disk (MNMD) multi-mode configuration.

For more information on MinIO multi-mode configurations see MinIO Single-Node Multi-Drive (SNMD) or Multi-Node Multi-Drive (MNMD). MinIO recommends using MNMD (distributed) for enterprise-grade performance and scalability.

This article applies to the TrueNAS MinIO application in the enterprise train. This smaller version of MinIO is tested and polished for a safe and supportable experience for TrueNAS Enterprise customers. The enterprise MinIO application is tested and verified as an immutable target for Veeam Backup and Replication.

Adding MinIO Enterprise App

Community members can add and use the MinIO Enterprise app or the default community version.

Before You Begin

To install the MinIO enterprise train app, do the following:

  • Create a self-signed certificate for the app. The Certificates setting is not required for a basic configuration but is required when setting up multi-mode configurations and when using MinIO as an immutable target for Veeam Backup and Replication.

  • Set a pool for applications to use if not already assigned.

  • (Optional) Create a new TrueNAS user to serve as the administrator for the app. You can use the default user or add a new user. When you create a new user select Create New Primary Group, and select the appropriate group in the Auxiliary Group for the type of user you want to create. Make note of the UID for the new user to add in the installation wizard.

  • Create the required dataset(s).

If your system has active sharing configurations (SMB, NFS, iSCSI), disable them in System > Services before adding and configuring the MinIO application. Start any sharing services after MinIO completes the installation and starts.

Installing MinIO Enterprise

This basic procedure covers the required MinIO enterprise app settings. For optional settings, see Understanding MinIO Wizard Settings.

You can have multiple deployments of the same app (for example, two or more from the stable or enterprise trains, or a combination of the stable and enterprise trains).

Naming Multiple App Deployments

Each deployment of the same app requires a unique name. App names can include numbers, dashes, or underscores (for example, syncthing2, syncthing-test, syncthing_1, minio2, etc.).

Use a consistent file-naming convention to avoid conflict situations where data does not or cannot synchronize because of file name conflicts. Path and file names in apps are case-sensitive. For example, a file named MyData.txt is not the same as the mydata.txt file in Syncthing.

To install the Minio Enterprise app, go to Apps, click on Discover Apps and then either scroll down to locate the enterprise train version of the Minio widget, or search for it by typing MinIO in the search field to show the app widget.

Click on the MinIO Official Enterprise widget to open the MinIO information screen.

Click Install to open the Install MinIO configuration screen.

Accept the defaults in Application Name or enter a name for your MinIO application deployment.

Accept the default in Version, which populates with the current MinIO version. TrueNAS displays update information on the Installed application screen when an update becomes available.

Enter credentials to use as the MinIO administration user. If you have existing MinIO credentials, enter these or create new login credentials for the first time you log into MinIO. Enter a name for the MinIO administrator user in MinIO Root User, which is the equivalent of the MinIO access key. A username for the root user (MinIO access key), entered in MinIO Root User, is limited to five to 20 characters long. For example admin or admin1.

Enter the administration user password in MinIO Root Password, which is the login password for that user or the MinIO secret key. The root user password (MinIO secret key), entered in MinIO Root Password, is limited to eight to 40 random characters. For example, MySecr3tPa$$w0d4Min10.

Select Anonymous to hide sensitive information from logging, or Quiet to disable startup information.

To configure a multi-mode deployment, select Enabled. MinIO recommends using MNMD for enterprise-grade performance and scalability.

Enter https://10.123.12.100{0…3}:30000/data{1…4} in the field if configuring MNMD. The last number in the final octet of the IP address number is the first number in the {0…3} string. Separate the numbers in the curly brackets with three dots. If your sequential IP addresses are not using 100 - 103, for example 10.123.123.125 through 128, then enter them as https://10.123.123.12{5…8}:30000/data{1…4}.

If the IP addresses assigned to the four systems are not sequentially numbered, assign sequentially numbered host names. For example, minio1.mycompany.com through minio4.mycompany.com. Enter https://minio{1…4}.mycompany.com:30000/data{1…4} in the Multi Mode (SNMD or MNMD) field.

Enter the same string in the Multi Mode (SNMD or MNMD) field in all four systems in the cluster!

Multi Mode MDN Command
Figure 7: Multi Mode MNDN Command

Scroll down to or click on Storage Configuration on the list of wizard sections.

To create the storage volume, set Type to Host Path (Path that already exists on the system) which is the recommended option for MinIO. Mount Path populates with the default /data1. Enter the path or browse to and click on the data1 dataset location to populate Host Path.

Click Add to the right of Data Directories to show the storage fields to add the other datasets representing drives in for multi-mode configurations. Click Add for each additional dataset (data2, data3, and data4). If you change the configuration of a basic installation or SNMD, you can use the data1 dataset in the configuration and add the three additional datasets.

Change the Mount Path to match each dataset path in Host Path. For example, for data2 enter /data2 in the Mount Point field.

Repeat these storage instructions to add all four storage volumes and mount points. When finsihed you should have four storage volumes and mount points configured.

Scroll down to or click on Storage Configuration on the list of wizard sections.

Select the storage type you want to use. To use an existing dataset, select Host Path (Path that already exists on the system) which is the recommended option for MinIO. Mount Path populates with the default /data1. Select Enable ACL to show the mount path and host path fields. Enter the path or browse to and click on the data1 dataset location to populate Host Path.

Click Add to the right of ACE Entries.

MinIO Enterprise ACL and ACE Settings
Figure 9: MinIO Enterprise ACL and ACE Settings

Set the ACE Entry user to the default user 568 or enter the UID for the user created in TrueNAS to serve as the MinIO app administrator, and set the permissions to FULL_CONTROL.

Select Force to allow TrueNAS to update the application to the next version. This allows updates and writing to the storage volume if it has data in it.

Click Add to the right of Data Directories three times to add storage volume settings for the other three datasets, data2, data3, and data4. Repeat the storage settings for each of these datasets. Repeat all storage settings on each system in the cluster.

Accept the default values in Resources Configuration or to customize the CPU and memory allocated to the container (pod) the Minio app uses, enter new values in the CPU and Memory (in MB) fields. Tune these limits as needed to prevent the application from overconsuming system resources and introducing performance issues.

By default, this application is limited to use no more than 2 CPU cores and 4096 megabytes available memory. The application might use considerably less system resources.

Click Install to complete the installation.

The Installed applications screen opens showing the MinIO application in the Deploying state, then changes to Running when the application is ready to use.

Click Web Portal to open the MinIO sign-in screen.

Completing the MinIO Configuration

After installing and getting the MinIO Enterprise application running in TrueNAS, log into the MinIO web portal and complete the MinIO setup.

Go to Monitoring > Metrics to verify the servers match the total number of systems (nodes) you configured. Verify the number of drives matches the number you configured on each system, four systems each with four drives (4 systems x 4 drives each = 16 drives).

Refer to MinIO documentation for more information.

Understanding MinIO Wizard Settings

The following section provides more detailed explanations of the settings in each section of the Install MinIO configuration wizard.

Application Name Settings

Accept the default value or enter a name in Application Name field. In most cases use the default name, but if adding a second deployment of the application you must change this name.

Accept the default version number in Version. When a new version becomes available, the application shows an update badge and the Application Info widget on the Installed applications screen shows the Update button.

MinIO Configuration Settings

MinIO credentials establish the login credentials for the MinIO web portal and the MinIO administration user.

Enter existing MinIO credentials if you already have a MinIO account, or create new login credentials for the first time you log into MinIO. The Root User is the equivalent of the MinIO access key. The Root Password is the login password for that user or the MinIO secret key.

A username for the root user (MinIO access key), entered in Root User, is limited to five to 20 characters long. For example admin or admin1.

The root user password (MinIO secret key), entered in Root Password, is limited to eight to 40 random characters. For example, MySecr3tPa$$w0d4Min10.

To configure a multi-mode deployment, select Enabled. MinIO recommends using MNMD for enterprise-grade performance and scalability. See the related MinIO articles listed below for SNMD and MNMD configuration tutorials.

Select Quiet to disable startup information and not show it in the logs.

Select Anonymous to hide sensitive information and not show it in the logs.

(Optional) Click Add to the right of Additional Environment Variables to show the fields to enter the variable. The installation wizard configures all required environment variables, so only use this option to further customize your MinIO deployment. Refer to MinIO documentation for more information on environment variables they allow and use.

MultiMode Configuration

Multi-mode installs the app in either a MinIO Single-Node Multi-Drive (SNMD) or Multi-Node Multi-Drive (MNMD) cluster. MinIO recommends using MNMD for enterprise-grade performance and scalability.

Click Enabled under Multi Mode (SNMD or MNMD) Configuration to enable multi-mode and show the Multi Mode (SNMD or MNMD) and Add option.

User and Group Configuration

Some TrueNAS apps have predefined run-as user and group IDs. These assignments vary based on the app train and other variables such as installing but not running as the root user.

Default user and group IDs are:

  • 473 for the MinIO stable train app.
  • 568 (apps user), used in some community apps and all apps in the enterprise train
  • 999 (netdata user), used for all postgres storage volumes
  • 0 (root user).

Accept the default user and group ID in the User and Group Configuration section or enter the user ID for a new TrueNAS user created to serve as the administrator for this app.

Create any app administrator user before installing the application, and take note of the UID. Enter this user ID when configuring the user for the app and as the user when setting up storage volume permissions.

Network Configuration

Accept the default port numbers in API Port and Console Port (Web UI), which are the port numbers MinIO uses to communicate with the app and web portal.

Enter the system IP address in URL format followed by the port number for the API separated by a colon in Server URL. For example, https://10.123.12.123:30000.

Enter the system IP address in URL format followed by the port number for the web portal separated by a colon in Console URL. For example, https://10.123.12.123:30001.

MNMD MinIO installations require HTTPS for both Server URL and Console URL to verify the integrity of each node. Standard or SNMD MinIO installations do not require HTTPS.

Do not select Host Network.

MinIO does not require a certificate for a basic configuration and installation of MinIO Enterprise, but if installing and configuring multi-mode SNMD or MNMD, you must create a self-signed certificate.

A SNMD configuration can use the same self-signed certificate created for MNMD, but a MNMD configuration cannot use the certificate created for a SNMD configuration because that certificate only includes the IP address for one system. Create this same self-signed certificate for the MNMD cluster on each system (node) in the cluster!

Storage Configuration

MinIO storage settings include the option to add storage volumes to use inside the container (pod). To allow TrueNAS to create a storage volume, leave Type set to the default ixVolume *(Dataset created automatically by the system). This adds a storage volume for the application that can be found nested under the hidden ix-apps dataset. To see this, create a recursive snapshot of the ix-apps dataset.

To use the data existing dataset, select Host Path (Path that already exists on the system) from the Type dropdown list. The Mount Path field populates with /data1 as the first storage volume for a basic installation. Enter the path or browse to select the data1 dataset and populate the Host Path field.

Click Add to the right of Data Directories to add the datasets created and representing drives in for multi-mode configurations. Click Add for each dataset (data1, data2, data3, and data4).

If configuring either MNMD or SNMD, you must all all four datasets to each system in the cluster. These datasets represent the disk in the multi-disk configurations.

Change the Mount Path to correspond to the dataset path entered or selected in Host Path. Additional mount points are /data2, /data3, or /data4.

You can select Enable ACL to modify dataset permissions and add ACL entries.

ACL Configuration Settings

To deploy the MinIO app, you must configure the ACL and ACE settings for both the /data host path storage volume(s) or the application does not deploy.

If the storage volume is an ixVolume, permissions apply on every application start but only if the directory is empty (has no data), and if ACLs are not configured. Configured ACLs take precedence and are applied.

Specify the default user UID 568 or the UID for the new user created in TrueNAS to serve as the MinIO app admin user.

MinIO Enterprise ACL and ACE Settings
Figure 16: MinIO Enterprise ACL and ACE Setting

Select Enable ACL to show the ACL and ACE Entries options.

Configuring ACE Entries

Enter or browse to select the dataset and populate Host Path.

Next, click Add to the right of ACL Entries to show the permissions settings. Set ID Type to Entry is for a USER or Entry is for a GROUP. If you configured a group in TrueNAS that you want to give access to instead of a single user, set the ID to the group option and enter the GID for that group.

Enter the UID as one of the following:

  • The default app user:
    • 568 for apps in all trains if the app can run as any non-root user.
    • 999 for all postgres storage volumes.
    • 0 if running as root.
    • 473 for MinIO app in the stable train.
  • The run-as-user UID set as a default for the app. The run-as user shows on the app details screen in the Run As Content widget, and on the Installed application screen after the app deploys. You can refer to the tutorial for the app, or look in the questions.yaml file found in the GitHub repository for the application to find this UID/GID.
  • The user ID for the new or existing TrueNAS user added to serve as the administrator for the app.

If the app shows User and Group Configuration settings, the default UID shows on the screen. If not, choose the run-as user ID found in the Run As Content widget.

Use the default user ID 999 for all postgres storage volumes, not the run-as user.

If you created a new TrueNAS user to serve as the app administration user, add an entry record and enter the UID for this user in addition to the run-as user ID.

When adding the ACL entry for the run-as user, default user, and/or optional TrueNAS app administrator user, and postgres user ID, set the Access permissions level to FULL CONTROL.

Select Force Flag to apply the ACL even if the path has existing data. This allows you to update the app when an update is available.

Set ACL permissions for each dataset in the configuration, and on each system in the cluster.

Resource Configuration

MinIO Enterprise Resource Limits
Figure 18: MinIO Enterprise Resource Limits