Installing MinIO in Proxmox LXC with Hetzner Storage Box

Servers
, ,
1

Installing MinIO in Proxmox LXC with Hetzner Storage Box

This guide will walk you through the process of setting up MinIO in a Proxmox LXC container and configuring it to use Hetzner Storage Box as the backend storage.

Prerequisites

  • Proxmox VE server
  • Hetzner Storage Box
  • Root access to Proxmox
  • Basic understanding of Linux commands

1. Create LXC Container

First, we’ll create a new LXC container in Proxmox:

  1. Log into your Proxmox web interface
  2. Click “Create CT” (Container)
  3. Configure the following settings:
    • General: Choose Ubuntu 22.04 template
    • Disk: At least 8GB
    • CPU: 2 cores minimum
    • Memory: 2GB minimum
    • Network: Configure with a static IP

2. Configure Container Features

Enable necessary features for the container:

# On Proxmox host
pct set <container-id> -features mount=1,nesting=1

3. Mount Hetzner Storage Box

  1. Install necessary packages in the container:
apt update
apt install davfs2
  1. Create mount directory:
mkdir -p /mnt/storage-box
  1. Configure WebDAV credentials:
echo "/mnt/storage-box <username> <password>" >> /etc/davfs2/secrets
chmod 600 /etc/davfs2/secrets
  1. Add to /etc/fstab:
https://<username>.your-storagebox.de /mnt/storage-box davfs _netdev,user,rw,uid=1000 0 0
  1. Mount the storage:
mount /mnt/storage-box

4. Install MinIO

  1. Download MinIO binary:
wget https://dl.min.io/server/minio/release/linux-amd64/minio
chmod +x minio
mv minio /usr/local/bin/
  1. Create MinIO user:
useradd -r minio-user -s /sbin/nologin
  1. Create necessary directories:
mkdir -p /mnt/storage-box/minio-data
chown -R minio-user:minio-user /mnt/storage-box/minio-data

5. Configure MinIO Service

  1. Create systemd service file:
cat > /etc/systemd/system/minio.service << EOF
[Unit]
Description=MinIO
Documentation=https://min.io/docs
Wants=network-online.target
After=network-online.target
AssertFileIsExecutable=/usr/local/bin/minio

[Service]
WorkingDirectory=/usr/local/
User=minio-user
Group=minio-user
EnvironmentFile=/etc/default/minio
ExecStart=/usr/local/bin/minio server /mnt/storage-box/minio-data --console-address ":9001"
Restart=always
LimitNOFILE=65536

[Install]
WantedBy=multi-user.target
EOF
  1. Create environment file:
cat > /etc/default/minio << EOF
# MinIO access key and secret key
MINIO_ROOT_USER=admin
MINIO_ROOT_PASSWORD=your-strong-password
EOF
  1. Start and enable MinIO service:
systemctl daemon-reload
systemctl enable minio
systemctl start minio

6. Configure Firewall

Allow access to MinIO ports:

# If using UFW
ufw allow 9000/tcp  # API port
ufw allow 9001/tcp  # Console port

7. Access MinIO

  • API Endpoint: http://<container-ip>:9000
  • Console: http://<container-ip>:9001

Log in using:

  • Username: admin
  • Password: (the one you set in /etc/default/minio)

Performance Considerations

  1. Enable compression in davfs2:
echo 'use_compression 1' >> /etc/davfs2/davfs2.conf
  1. Adjust cache settings:
echo 'cache_size 256' >> /etc/davfs2/davfs2.conf

Troubleshooting

Common Issues

  1. Mount failures:

    • Check WebDAV credentials
    • Verify network connectivity
    • Check storage box quota

  2. Permission issues:

    • Verify ownership of directories
    • Check SELinux/AppArmor settings

  3. Performance issues:

    • Adjust davfs2 cache settings
    • Check network latency
    • Monitor I/O operations

Logs

Check MinIO logs:

journalctl -u minio -f

Security Recommendations

  1. Enable TLS:

    • Generate certificates
    • Configure MinIO to use HTTPS
    • Update service file accordingly

  2. Configure access policies:

    • Create separate users
    • Set up bucket policies
    • Use IAM policies for fine-grained control

Backup Considerations

  1. Regular configuration backup:

    tar -czf minio-config-backup.tar.gz /etc/default/minio /etc/systemd/system/minio.service

  2. Consider setting up MinIO replication to another instance for data redundancy

Monitoring

  1. Enable Prometheus metrics:

    echo "MINIO_PROMETHEUS_AUTH_TYPE=public" >> /etc/default/minio

  2. Monitor key metrics:

    • Storage usage
    • Network bandwidth
    • Request latency
    • Error rates

Maintenance

  1. Regular updates:

    systemctl stop minio
wget https://dl.min.io/server/minio/release/linux-amd64/minio -O /usr/local/bin/minio
chmod +x /usr/local/bin/minio
systemctl start minio

  2. Regular health checks:

    • Check storage box mount status
    • Verify backup integrity
    • Monitor system resources