From 9136734c023f201d6c6e6c475f2943ed9fc5656b Mon Sep 17 00:00:00 2001 From: morph027 Date: Mon, 22 May 2017 20:30:30 +0200 Subject: [PATCH] added secrets to distributed swarm minio (#4374) --- docs/orchestration/docker-swarm/README.md | 14 ++- .../docker-swarm/docker-compose-secrets.yaml | 93 +++++++++++++++++++ 2 files changed, 104 insertions(+), 3 deletions(-) create mode 100644 docs/orchestration/docker-swarm/docker-compose-secrets.yaml diff --git a/docs/orchestration/docker-swarm/README.md b/docs/orchestration/docker-swarm/README.md index 21da1c3f5..142a3bdef 100644 --- a/docs/orchestration/docker-swarm/README.md +++ b/docs/orchestration/docker-swarm/README.md @@ -24,13 +24,21 @@ docker swarm init --advertise-addr After the manager is up, [add worker nodes](https://docs.docker.com/engine/swarm/swarm-tutorial/add-nodes/) to the Swarm. Find detailed steps to create the Swarm on [Docker documentation site](https://docs.docker.com/engine/swarm/swarm-tutorial/create-swarm/). -## 3. Deploy distributed Minio services +## 3. Create Docker secrets for Minio -Download the [Docker Compose file](https://github.com/minio/minio/blob/master/docs/orchestration/docker-swarm/docker-compose.yaml?raw=true) on your Swarm master. Then execute the command +```shell +echo "AKIAIOSFODNN7EXAMPLE" | docker secret create access_key - +echo "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY" | docker secret create secret_key - +``` + +## 4. Deploy distributed Minio services + +Download the [Docker Compose file](https://github.com/minio/minio/blob/master/docs/orchestration/docker-swarm/docker-compose-secrets.yaml?raw=true) on your Swarm master. Then execute the command ```shell -docker stack deploy --compose-file=docker-compose.yaml minio_stack +docker stack deploy --compose-file=docker-compose-secrets.yaml minio_stack ``` + This deploys services described in the Compose file as Docker stack `minio_stack`. Look up the `docker stack` [command reference](https://docs.docker.com/engine/reference/commandline/stack/) for more info. After the stack is successfully deployed, you should be able to access Minio server via [Minio Client](https://docs.minio.io/docs/minio-client-complete-guide) `mc` or your browser at http://[Node_Public_IP_Address]:[Expose_Port_on_Host] diff --git a/docs/orchestration/docker-swarm/docker-compose-secrets.yaml b/docs/orchestration/docker-swarm/docker-compose-secrets.yaml new file mode 100644 index 000000000..bccca3a4d --- /dev/null +++ b/docs/orchestration/docker-swarm/docker-compose-secrets.yaml @@ -0,0 +1,93 @@ +version: '3.1' + +services: + minio1: + image: minio/minio:RELEASE.2017-05-05T01-14-51Z + volumes: + - minio1-data:/export + ports: + - "9001:9000" + networks: + - minio_distributed + deploy: + restart_policy: + delay: 10s + max_attempts: 10 + window: 60s + command: server http://minio1/export http://minio2/export http://minio3/export http://minio4/export + secrets: + - secret_key + - access_key + + minio2: + image: minio/minio:RELEASE.2017-05-05T01-14-51Z + volumes: + - minio2-data:/export + ports: + - "9002:9000" + networks: + - minio_distributed + deploy: + restart_policy: + delay: 10s + max_attempts: 10 + window: 60s + command: server http://minio1/export http://minio2/export http://minio3/export http://minio4/export + secrets: + - secret_key + - access_key + + minio3: + image: minio/minio:RELEASE.2017-05-05T01-14-51Z + volumes: + - minio3-data:/export + ports: + - "9003:9000" + networks: + - minio_distributed + deploy: + restart_policy: + delay: 10s + max_attempts: 10 + window: 60s + command: server http://minio1/export http://minio2/export http://minio3/export http://minio4/export + secrets: + - secret_key + - access_key + + minio4: + image: minio/minio:RELEASE.2017-05-05T01-14-51Z + volumes: + - minio4-data:/export + ports: + - "9004:9000" + networks: + - minio_distributed + deploy: + restart_policy: + delay: 10s + max_attempts: 10 + window: 60s + command: server http://minio1/export http://minio2/export http://minio3/export http://minio4/export + secrets: + - secret_key + - access_key + +volumes: + minio1-data: + + minio2-data: + + minio3-data: + + minio4-data: + +networks: + minio_distributed: + driver: overlay + +secrets: + secret_key: + external: true + access_key: + external: true