MinIO S3 Object Storage: AWS S3-compatible di VPS Sendiri

MinIO adalah high-performance, S3-compatible object storage yang bisa dijalankan di VPS sendiri. Dengan API yang identik dengan AWS S3, aplikasi yang sudah menggunakan S3 SDK bisa langsung pointing ke MinIO tanpa kode perubahan. ## Mengapa MinIO? **S3 Compatible.** API identik dengan AWS S3. Semua SDK (AWS SDK, boto3, minio-js) bisa langsung connect. **Performance.** MinIO bisa mencapai throughput >32 Gbps di hardware yang tepat. Untuk VPS standar, ribuan concurrent connections bukan masalah. **Erasure Coding.** Data di-strip dan diredundansi sehingga toleran terhadap disk failure. **Encryption.** Server-side encryption (SSE-S3, SSE-KMS, SSE-C) dan client-side encryption built-in. **Web Console.** Web UI yang cantik untuk manage buckets, objects, users, dan policies. ## Install MinIO ### Docker (Recommended) ```bash docker run -d --name minio \ -p 9000:9000 \ -p 9001:9001 \ -v minio-data:/data \ -e MINIO_ROOT_USER=admin \ -e MINIO_ROOT_PASSWORD=your-strong-password \ --restart unless-stopped \ minio/minio server /data --console-address ":9001" ``` ### Docker Compose ```yaml version: "3.8" services: minio: image: minio/minio:latest container_name: minio restart: unless-stopped ports: - "9000:9000" - "9001:9001" volumes: - minio-data:/data environment: MINIO_ROOT_USER: admin MINIO_ROOT_PASSWORD: your-strong-password command: server /data --console-address ":9001" volumes: minio-data: ``` ### Systemd Service (Tanpa Docker) ```bash wget https://dl.min.io/server/minio/release/linux-amd64/minio chmod +x minio mv minio /usr/local/bin/ # Buat user dedicated useradd -r minio-home -d /data/minio -s /sbin/nologin mkdir -p /data/minio chown minio-home:minio-home /data/minio ``` Buat `/etc/systemd/system/minio.service`: ```ini [Unit] Description=MinIO After=network.target [Service] User=minio-home Group=minio-home Environment=MINIO_ROOT_USER=admin Environment=MINIO_ROOT_PASSWORD=your-strong-password ExecStart=/usr/local/bin/minio server /data --console-address ":9001" Restart=always [Install] WantedBy=multi-user.target ``` ```bash systemctl enable --now minio ``` ## Web Console Akses `http://localhost:9001` (atau IP VPS). Login dengan root credentials yang sudah diset. Console features: - **Buckets:** Create, delete, configure buckets - **Objects:** Upload, download, browse files - **IAM:** Users, groups, policies - **Monitoring:** Metrics, audit logs - **Configuration:** Tiers, identity, encryption ## S3 API Usage ### MinIO Client (mc) ```bash # Install mc wget https://dl.min.io/client/mc/release/linux-amd64/mc chmod +x mc && mv mc /usr/local/bin/ # Configure alias mc alias set myminio http://localhost:9000 admin your-strong-password # Operations mc ls myminio/ # List buckets mc mb myminio/my-bucket # Create bucket mc cp file.txt myminio/my-bucket/ # Upload mc cp myminio/my-bucket/file.txt . # Download mc rm myminio/my-bucket/file.txt # Delete mc cat myminio/my-bucket/file.txt # Read ``` ### Python (boto3) ```python import boto3 s3 = boto3.client( 's3', endpoint_url='http://localhost:9000', aws_access_key_id='admin', aws_secret_access_key='your-strong-password', ) # Upload s3.upload_file('backup.tar.gz', 'backups', 'backup-20260628.tar.gz') # List objects response = s3.list_objects_v2(Bucket='backups') for obj in response.get('Contents', []): print(f"{obj['Key']} — {obj['Size']} bytes") # Download s3.download_file('backups', 'backup-20260628.tar.gz', './restore.tar.gz') # Generate presigned URL (untuk share file) url = s3.generate_presigned_url( 'get_object', Params={'Bucket': 'backups', 'Key': 'backup-20260628.tar.gz'}, ExpiresIn=3600 # 1 jam ) print(f"Download URL: {url}") ``` ### Node.js ```javascript const { S3Client, PutObjectCommand, GetObjectCommand } = require('@aws-sdk/client-s3'); const s3 = new S3Client({ endpoint: 'http://localhost:9000', credentials: { accessKeyId: 'admin', secretAccessKey: 'your-strong-password', }, forcePathStyle: true, // penting untuk MinIO }); // Upload await s3.send(new PutObjectCommand({ Bucket: 'mybucket', Key: 'document.pdf', Body: fs.createReadStream('./document.pdf'), })); // Download const response = await s3.send(new GetObjectCommand({ Bucket: 'mybucket', Key: 'document.pdf', })); ``` ## Use Cases ### 1. Backup Storage ```bash # Backup database ke MinIO pg_dump mydb | gzip | mc pipe myminio/backups/db-$(date +%Y%m%d).sql.gz # Restore mc cat myminio/backups/db-20260628.sql.gz | gunzip | psql mydb ``` ### 2. Static Assets CDN ```bash # Upload static assets mc cp --recursive ./public/ myminio/assets/ # Configure nginx untuk serve dari MinIO # nginx.conf location /assets/ { proxy_pass http://minio:9000/assets/; proxy_cache_valid 200 7d; } ``` ### 3. Log Aggregation ```python # Upload logs ke MinIO import boto3 from datetime import datetime s3 = boto3.client('s3', endpoint_url='http://localhost:9000', ...) def upload_log(log_content): key = f"logs/{datetime.now().strftime('%Y/%m/%d')}/{datetime.now().strftime('%H%M%S')}.log" s3.put_object(Bucket='logs', Key=key, Body=log_content) ``` ### 4. Application Upload Storage ```python # Web app file upload from flask import Flask, request import boto3 @app.route('/upload', methods=['POST']) def upload(): file = request.files['file'] s3.upload_fileobj( file, 'uploads', f"{uuid.uuid4()}-{file.filename}", ExtraArgs={'ContentType': file.content_type} ) return {'status': 'ok'} ``` ## Bucket Policies ### Public Read (untuk assets) ```json { "Version": "2012-10-17", "Statement": [{ "Effect": "Allow", "Principal": {"AWS": ["*"]}, "Action": ["s3:GetObject"], "Resource": ["arn:aws:s3:::assets/*"] }] } ``` ### Private (default) ```bash mc anonymous set none myminio/private-bucket ``` ## Lifecycle Management Atur otomatis hapus atau archive objects lama: ```python import boto3 s3 = boto3.client('s3', endpoint_url='http://localhost:9000', ...) s3.put_bucket_lifecycle_configuration( Bucket='backups', LifecycleConfiguration={ 'Rules': [{ 'ID': 'DeleteOldBackups', 'Status': 'Enabled', 'Filter': {'Prefix': ''}, 'Expiration': {'Days': 90}, 'Transitions': [{ 'Days': 30, 'StorageClass': 'STANDARD_IA' }] }] } ) ``` ## Monitoring ### Prometheus Metrics MinIO exposed metrics di `/minio/v2/metrics/cluster`: ```yaml # prometheus.yml scrape_configs: - job_name: minio metrics_path: /minio/v2/metrics/cluster static_configs: - targets: ['localhost:9000'] ``` ### mc admin ```bash # Server info mc admin info myminio # Health check mc admin scanner status myminio # Disk usage mc du myminio/ ``` MinIO memberikan semua keunggulan AWS S3 tanpa biaya cloud dan tanpa data leaving your server. Untuk aplikasi yang sudah pakai S3, migrasi ke MinIO sesederhana mengganti endpoint URL.