MinIo通过Kes-Vault管理密码
source link: https://syxdevcode.github.io/2022/09/26/MinIo%E9%80%9A%E8%BF%87Kes-Vault%E7%AE%A1%E7%90%86%E5%AF%86%E7%A0%81/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
自签名证书
Kes配置文件
address: 0.0.0.0:7373 # Listen on all network interfaces on port 7373
admin:
identity: disabled # We disable the admin identity since we don't need it in this guide
tls:
#key: /opt/certs/agent/key/cakey.pem # The KES server TLS private key
#cert: /opt/certs/agent/key/cacert.crt # The KES server TLS certificate
key: /opt/certs/25519/server.key # The KES server TLS private key
cert: /opt/certs/25519/server.crt # The KES server TLS certificate
policy:
my-app:
allow:
- /v1/key/create/my-key*
- /v1/key/generate/my-key*
- /v1/key/decrypt/my-key*
identities:
- 0a3b5c174894c5b782889775a6a586c1dc8c9e03f8cf1b41be099a017ec25ec4 # Use the identity of your client.crt
keystore:
vault:
endpoint: https://127.0.0.1:8200
version: v1 # The K/V engine version - either "v1" or "v2".
approle:
id: "a54e9ae2-a4e7-87bf-3fda-1fa30f65c3c5" # Your AppRole ID
secret: "47ef5ebb-ebef-0ae1-001a-80dc74c8c638" # Your AppRole Secret
retry: 15s
status:
ping: 10s
tls:
ca: /opt/certs/vault/vault.crt # Manually trust the vault certificate since we use self-signed certificates
-k 跳过证书校验。
kes key dek my-key-1 -k
Recommend
-
47
MinIO 搭建 MinIO 是一个基于 Apache License v2.0 开源协议的对象存储服务。它兼容亚马逊 S3 云存储服务接口,非常适合于存储大容量非结构化的数据,例如图片、视频、日志文件、备份数据和容器/虚拟机镜像等,而一个对象文件可...
-
19
README.md MinIO Go Client SDK for Amazon S3 Compatible Cloud Storage
-
72
sidekick is a high-performance sidecar load-balancer. By attaching a tiny load balancer as a sidecar to each of the client a...
-
31
有了MinIO,你还会用FastDFS么? 原创...
-
7
Laravel Fake S3 with MinioOctober 16, 2020Most of the time when I’m writing test code in Laravel I take advantage of the great Storage::fake() provided by Laravel Test Suite. However, I usually like to have at lea...
-
9
MinIO Docker 快速入门 您的机器已经安装docker. 从 这里下载相关软件。 在Docker中运行MinIO单点模式。 MinIO 需要一个持久卷来存储配置和应用数据。不过...
-
16
Minio纠删码快速入门 Minio使用纠删码erasure code和checksum来保护数据免受硬件故障和无声数据损坏。 即便您丢失一半数量(N/2)的硬盘,您仍然可以恢复数据。 什么是纠删码erasure code?
-
9
分布式MinIO快速入门 分布式Minio可以让你将多块硬盘(甚至在不同的机器上)组成一个对象存储服务。由于硬盘分布在不同的节点上,分布式Minio避免了单点故障。 分布式Minio有什么好处? 在大数据领域,通常的设计理念都是无中...
-
10
使用TLS安全的访问Minio服务 本文,我们讲介绍如何在Linux和Windows上配置Minio服务使用TLS。 1. 前提条件 下载Minio server 这里 2. 配置已存...
-
3
12 December 2021 / Apisix ApiSix + Minio灵活管理ads.txt/app-ads.txt等静态文件的解析...
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK