์ ๋ ๋ถ์ฐ ๋ชจ๋์ ์ ์ฉ ๋จธ์ ์์ 3๊ฐ์ ๋ฏธ๋์ค ์๋ฒ(Debian 9, ๋ฐ์ด๋๋ฆฌ ํฌํจ)๋ฅผ ์คํํ๊ณ ์์ต๋๋ค. ๊ณต์ ๋ฌธ์์ ์ค๋ช
๋ ๋๋ก ๋ณ๋์ ์ปดํจํฐ์์ nginx( nginx version: nginx/1.15.5
)๋ฅผ ํ๋ก์๋ก ์คํํ๊ณ ์์ต๋๋ค.
MC๋ nginx๋ฅผ ์คํํ๋ ์์คํ ์์ ๋ก์ปฌ๋ก ์๋ํ์ง๋ง ์๊ฒฉ ์์คํ ์์ ์คํํ๋ ์ฆ์ ์๋ํ์ง ์์ต๋๋ค. ๋๋ ๋ณต์ฌํ๊ฑฐ๋ ์น์ ํ๊ฑฐ๋ ๋ค๋ฅธ ๊ฒ์ ํ ์ ์์ต๋๋ค. s3cmd, Minio Web Browser, Transmit๊ณผ ๊ฐ์ ๋ค๋ฅธ ํด๋ผ์ด์ธํธ๋ ๋งค๋ ฅ์ฒ๋ผ ์๋ํฉ๋๋ค. MC ํด๋ผ์ด์ธํธ๋ง ํ์ผ ๋ฑ์ ์ ์กํ ์ ์์ต๋๋ค.
๋ฒ์ : 2018-09-26T00:42:43Z
๋ฆด๋ฆฌ์ค ํ๊ทธ: RELEASE.2018-09-26T00-42-43Z
์ปค๋ฐ ID: 87f7e65c4c837c8886bf2dd8800c445983b36187
๋ค์์ mc admin info์ ์ถ๋ ฅ์ ๋๋ค.
โ mc admin info minio --debug
mc: <DEBUG> GET /minio/admin/v1/info HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) madmin-go/0.0.1 mc/2018-09-26T00:42:43Z
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013//s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=**REDACTED**
X-Amz-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
X-Amz-Date: 20181013T103300Z
Accept-Encoding: gzip
mc: <DEBUG> HTTP/1.1 200 OK
Transfer-Encoding: chunked
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
Content-Type: application/json
Date: Sat, 13 Oct 2018 10:33:00 GMT
Server: nginx
Strict-Transport-Security: max-age=15768000
Vary: Origin
X-Amz-Request-Id: 155D248043802835
X-Xss-Protection: 1; mode=block
mc: <DEBUG> Response Time: 647.517578ms
โ 192.168.100.11:9000
Uptime : online since 1 day ago
Version : 2018-10-06T00:15:16Z
Region :
SQS ARNs : <none>
Stats : Incoming 2.6MiB, Outgoing 47KiB
Storage : Used 496MiB
Disks : 6, 0
โ 192.168.100.10:9000
Uptime : online since 1 day ago
Version : 2018-10-06T00:15:16Z
Region :
SQS ARNs : <none>
Stats : Incoming 5.3MiB, Outgoing 102KiB
Storage : Used 496MiB
Disks : 6, 0
โ 192.168.100.12:9000
Uptime : online since 1 day ago
Version : 2018-10-06T00:15:16Z
Region :
SQS ARNs : <none>
Stats : Incoming 60KiB, Outgoing 42KiB
Storage : Used 496MiB
Disks : 6, 0
๋ค์์ mc cp ๋ช ๋ น์ ๋ํ nginx ์ก์ธ์ค ๋ก๊ทธ์ ๋๋ค.
**redacted-ip** - - [13/Oct/2018:12:43:34 +0200] "GET /tests/?location= HTTP/1.1" 200 139 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:43:34 +0200] "HEAD /tests/ HTTP/1.1" 200 0 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:43:34 +0200] "GET / HTTP/1.1" 200 661 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:43:34 +0200] "HEAD /tests/ HTTP/1.1" 200 0 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:43:34 +0200] "GET / HTTP/1.1" 200 661 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:43:34 +0200] "HEAD /tests/ HTTP/1.1" 200 0 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:43:35 +0200] "GET / HTTP/1.1" 200 661 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:43:35 +0200] "PUT /tests/Scannable-Dokument.jpg HTTP/1.1" 400 279 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:43:36 +0200] "PUT /tests/Scannable-Dokument.jpg HTTP/1.1" 400 279 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:43:37 +0200] "PUT /tests/Scannable-Dokument.jpg HTTP/1.1" 400 279 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:43:38 +0200] "PUT /tests/Scannable-Dokument.jpg HTTP/1.1" 400 279 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:43:45 +0200] "PUT /tests/Scannable-Dokument.jpg HTTP/1.1" 400 279 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:43:48 +0200] "PUT /tests/Scannable-Dokument.jpg HTTP/1.1" 400 279 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:43:50 +0200] "PUT /tests/Scannable-Dokument.jpg HTTP/1.1" 400 279 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:44:04 +0200] "PUT /tests/Scannable-Dokument.jpg HTTP/1.1" 400 279 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:44:13 +0200] "PUT /tests/Scannable-Dokument.jpg HTTP/1.1" 400 279 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
**redacted-ip** - - [13/Oct/2018:12:44:18 +0200] "PUT /tests/Scannable-Dokument.jpg HTTP/1.1" 400 279 "-" "Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z" "-"
๋ค์์ ํด๋น ๋ช ๋ น์ ๋ํ nginx ์ค๋ฅ ๋ก๊ทธ์ ๋๋ค.
2018/10/13 12:43:48 [error] 16018#16018: *409 recv() failed (104: Connection reset by peer) while sending to client, client: **redacted-ip**, server: **redacted-domain**, request: "PUT /tests/Scannable-Dokument.jpg HTTP/1.1", upstream: "http://192.168.100.11:9000/tests/Scannable-Dokument.jpg", host: "**redacted-domain**"
2018/10/13 12:43:50 [error] 16018#16018: *411 recv() failed (104: Connection reset by peer) while sending to client, client: **redacted-ip**, server: **redacted-domain**, request: "PUT /tests/Scannable-Dokument.jpg HTTP/1.1", upstream: "http://192.168.100.11:9000/tests/Scannable-Dokument.jpg", host: "**redacted-domain**"
2018/10/13 12:44:04 [error] 16018#16018: *413 recv() failed (104: Connection reset by peer) while sending to client, client: **redacted-ip**, server: **redacted-domain**, request: "PUT /tests/Scannable-Dokument.jpg HTTP/1.1", upstream: "http://192.168.100.11:9000/tests/Scannable-Dokument.jpg", host: "**redacted-domain**"
2018/10/13 12:44:13 [error] 16018#16018: *415 recv() failed (104: Connection reset by peer) while reading upstream, client: **redacted-ip**, server: **redacted-domain**, request: "PUT /tests/Scannable-Dokument.jpg HTTP/1.1", upstream: "http://192.168.100.11:9000/tests/Scannable-Dokument.jpg", host: "**redacted-domain**"
2018/10/13 12:44:18 [error] 16018#16018: *417 recv() failed (104: Connection reset by peer) while sending to client, client: **redacted-ip**, server: **redacted-domain**, request: "PUT /tests/Scannable-Dokument.jpg HTTP/1.1", upstream: "http://192.168.100.11:9000/tests/Scannable-Dokument.jpg", host: "**redacted-domain**"
๋ค์์ /etc/nginx/nginx.conf ํ์ผ์ ๋๋ค.
user nginx;
worker_processes 8;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
keepalive_timeout 65;
server_tokens off;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA!aNULL:!eNULL:!MEDIUM:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4:!SEED:!DES';
ssl_session_cache shared:SSL:50m;
ssl_session_timeout 1d;
ssl_session_tickets off;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
gzip on;
gzip_disable "msie6";
gzip_comp_level 9;
gzip_types text/plain text/css application/javascript text/csv application/xml application/json application/vnd.ms-excel;
include /etc/nginx/sites-enabled/*.conf;
}
๋ค์์ ์ฌ์ดํธ ๊ตฌ์ฑ์ ๋๋ค.
upstream minio_servers {
server 192.168.100.10:9000;
server 192.168.100.11:9000;
server 192.168.100.12:9000;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name **redacted-domain**;
ssl_certificate /etc/letsencrypt/live/**redacted-domain**/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/**redacted-domain**/privkey.pem;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;
ssl_protocols TLSv1.2;
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384';
ssl_prefer_server_ciphers on;
add_header Strict-Transport-Security max-age=15768000;
ssl_stapling on;
ssl_stapling_verify on;
resolver 1.1.1.1;
client_max_body_size 1000m;
client_body_buffer_size 1000M;
location / {
proxy_set_header Host $http_host;
proxy_pass http://minio_servers;
proxy_buffering off;
}
}
๋ค์์ mc cp์ ๋ก๊ทธ์ ๋๋ค.
โ mc cp Scannable-Dokument.jpg minio/tests --debug > minio.log
mc: <DEBUG> GET /tests/?location= HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=**REDACTED**
X-Amz-Content-Sha256: UNSIGNED-PAYLOAD
X-Amz-Date: 20181013T104333Z
Accept-Encoding: gzip
mc: <DEBUG> HTTP/1.1 200 OK
Transfer-Encoding: chunked
Accept-Ranges: bytes
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
Content-Type: application/xml
Date: Sat, 13 Oct 2018 10:43:34 GMT
Server: nginx
Strict-Transport-Security: max-age=15768000
Vary: Origin
X-Amz-Request-Id: 155D2513B9130E6B
X-Xss-Protection: 1; mode=block
mc: <DEBUG> Response Time: 703.140014ms
mc: <DEBUG> HEAD /tests/ HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=**REDACTED**
X-Amz-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
X-Amz-Date: 20181013T104334Z
mc: <DEBUG> HTTP/1.1 200 OK
Connection: close
Accept-Ranges: bytes
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
Date: Sat, 13 Oct 2018 10:43:34 GMT
Server: nginx
Strict-Transport-Security: max-age=15768000
Vary: Origin
X-Amz-Request-Id: 155D2513C091F556
X-Xss-Protection: 1; mode=block
mc: <DEBUG> Response Time: 123.206481ms
mc: <DEBUG> GET / HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=**REDACTED**
X-Amz-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
X-Amz-Date: 20181013T104334Z
Accept-Encoding: gzip
mc: <DEBUG> HTTP/1.1 200 OK
Transfer-Encoding: chunked
Accept-Ranges: bytes
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
Content-Type: application/xml
Date: Sat, 13 Oct 2018 10:43:34 GMT
Server: nginx
Strict-Transport-Security: max-age=15768000
Vary: Origin
X-Amz-Request-Id: 155D2513C7E90B6B
X-Xss-Protection: 1; mode=block
mc: <DEBUG> Response Time: 117.662247ms
mc: <DEBUG> HEAD /tests/ HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=**REDACTED**
X-Amz-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
X-Amz-Date: 20181013T104334Z
mc: <DEBUG> HTTP/1.1 200 OK
Connection: close
Accept-Ranges: bytes
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
Date: Sat, 13 Oct 2018 10:43:34 GMT
Server: nginx
Strict-Transport-Security: max-age=15768000
Vary: Origin
X-Amz-Request-Id: 155D2513CEFB2FD8
X-Xss-Protection: 1; mode=block
mc: <DEBUG> Response Time: 122.064239ms
mc: <DEBUG> GET / HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=**REDACTED**
X-Amz-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
X-Amz-Date: 20181013T104334Z
Accept-Encoding: gzip
mc: <DEBUG> HTTP/1.1 200 OK
Transfer-Encoding: chunked
Accept-Ranges: bytes
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
Content-Type: application/xml
Date: Sat, 13 Oct 2018 10:43:34 GMT
Server: nginx
Strict-Transport-Security: max-age=15768000
Vary: Origin
X-Amz-Request-Id: 155D2513D646E2A5
X-Xss-Protection: 1; mode=block
mc: <DEBUG> Response Time: 117.517384ms
mc: <DEBUG> HEAD /tests/ HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=**REDACTED**
X-Amz-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
X-Amz-Date: 20181013T104334Z
mc: <DEBUG> HTTP/1.1 200 OK
Connection: close
Accept-Ranges: bytes
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
Date: Sat, 13 Oct 2018 10:43:34 GMT
Server: nginx
Strict-Transport-Security: max-age=15768000
Vary: Origin
X-Amz-Request-Id: 155D2513DD5815F9
X-Xss-Protection: 1; mode=block
mc: <DEBUG> Response Time: 120.675639ms
mc: <DEBUG> GET / HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=**REDACTED**
X-Amz-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
X-Amz-Date: 20181013T104334Z
Accept-Encoding: gzip
mc: <DEBUG> HTTP/1.1 200 OK
Transfer-Encoding: chunked
Accept-Ranges: bytes
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
Content-Type: application/xml
Date: Sat, 13 Oct 2018 10:43:35 GMT
Server: nginx
Strict-Transport-Security: max-age=15768000
Vary: Origin
X-Amz-Request-Id: 155D2513E48F76D8
X-Xss-Protection: 1; mode=block
mc: <DEBUG> Response Time: 118.697509ms
mc: <DEBUG> PUT /tests/Scannable-Dokument.jpg HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Content-Length: 429688
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-meta-com.apple.quarantine, Signature=**REDACTED**
Content-Type: image/jpeg
X-Amz-Content-Sha256: UNSIGNED-PAYLOAD
X-Amz-Date: 20181013T104335Z
X-Amz-Meta-Com.apple.quarantine: 0083;57e15bf0;Safari;DB1870C5-FB08-4A00-A022-E8C216CFDD86
Accept-Encoding: gzip
mc: <DEBUG> PUT /tests/Scannable-Dokument.jpg HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Content-Length: 429688
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-meta-com.apple.quarantine, Signature=**REDACTED**
Content-Type: image/jpeg
X-Amz-Content-Sha256: UNSIGNED-PAYLOAD
X-Amz-Date: 20181013T104335Z
X-Amz-Meta-Com.apple.quarantine: 0083;57e15bf0;Safari;DB1870C5-FB08-4A00-A022-E8C216CFDD86
Accept-Encoding: gzip
mc: <DEBUG> PUT /tests/Scannable-Dokument.jpg HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Content-Length: 429688
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-meta-com.apple.quarantine, Signature=**REDACTED**
Content-Type: image/jpeg
X-Amz-Content-Sha256: UNSIGNED-PAYLOAD
X-Amz-Date: 20181013T104336Z
X-Amz-Meta-Com.apple.quarantine: 0083;57e15bf0;Safari;DB1870C5-FB08-4A00-A022-E8C216CFDD86
Accept-Encoding: gzip
mc: <DEBUG> PUT /tests/Scannable-Dokument.jpg HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Content-Length: 429688
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-meta-com.apple.quarantine, Signature=**REDACTED**
Content-Type: image/jpeg
X-Amz-Content-Sha256: UNSIGNED-PAYLOAD
X-Amz-Date: 20181013T104337Z
X-Amz-Meta-Com.apple.quarantine: 0083;57e15bf0;Safari;DB1870C5-FB08-4A00-A022-E8C216CFDD86
Accept-Encoding: gzip
mc: <DEBUG> PUT /tests/Scannable-Dokument.jpg HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Content-Length: 429688
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-meta-com.apple.quarantine, Signature=**REDACTED**
Content-Type: image/jpeg
X-Amz-Content-Sha256: UNSIGNED-PAYLOAD
X-Amz-Date: 20181013T104344Z
X-Amz-Meta-Com.apple.quarantine: 0083;57e15bf0;Safari;DB1870C5-FB08-4A00-A022-E8C216CFDD86
Accept-Encoding: gzip
mc: <DEBUG> PUT /tests/Scannable-Dokument.jpg HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Content-Length: 429688
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-meta-com.apple.quarantine, Signature=**REDACTED**
Content-Type: image/jpeg
X-Amz-Content-Sha256: UNSIGNED-PAYLOAD
X-Amz-Date: 20181013T104347Z
X-Amz-Meta-Com.apple.quarantine: 0083;57e15bf0;Safari;DB1870C5-FB08-4A00-A022-E8C216CFDD86
Accept-Encoding: gzip
mc: <DEBUG> PUT /tests/Scannable-Dokument.jpg HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Content-Length: 429688
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-meta-com.apple.quarantine, Signature=**REDACTED**
Content-Type: image/jpeg
X-Amz-Content-Sha256: UNSIGNED-PAYLOAD
X-Amz-Date: 20181013T104349Z
X-Amz-Meta-Com.apple.quarantine: 0083;57e15bf0;Safari;DB1870C5-FB08-4A00-A022-E8C216CFDD86
Accept-Encoding: gzip
mc: <DEBUG> PUT /tests/Scannable-Dokument.jpg HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Content-Length: 429688
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-meta-com.apple.quarantine, Signature=**REDACTED**
Content-Type: image/jpeg
X-Amz-Content-Sha256: UNSIGNED-PAYLOAD
X-Amz-Date: 20181013T104403Z
X-Amz-Meta-Com.apple.quarantine: 0083;57e15bf0;Safari;DB1870C5-FB08-4A00-A022-E8C216CFDD86
Accept-Encoding: gzip
mc: <DEBUG> PUT /tests/Scannable-Dokument.jpg HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Content-Length: 429688
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-meta-com.apple.quarantine, Signature=**REDACTED**
Content-Type: image/jpeg
X-Amz-Content-Sha256: UNSIGNED-PAYLOAD
X-Amz-Date: 20181013T104412Z
X-Amz-Meta-Com.apple.quarantine: 0083;57e15bf0;Safari;DB1870C5-FB08-4A00-A022-E8C216CFDD86
Accept-Encoding: gzip
mc: <DEBUG> PUT /tests/Scannable-Dokument.jpg HTTP/1.1
Host: **redacted-domain**
User-Agent: Minio (darwin; amd64) minio-go/v6.0.6 mc/2018-09-26T00:42:43Z
Content-Length: 429688
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20181013/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-meta-com.apple.quarantine, Signature=**REDACTED**
Content-Type: image/jpeg
X-Amz-Content-Sha256: UNSIGNED-PAYLOAD
X-Amz-Date: 20181013T104417Z
X-Amz-Meta-Com.apple.quarantine: 0083;57e15bf0;Safari;DB1870C5-FB08-4A00-A022-E8C216CFDD86
Accept-Encoding: gzip
mc: <ERROR> Failed to copy `Scannable-Dokument.jpg`. Put https://**redacted-domain**/tests/Scannable-Dokument.jpg: Connection closed by foreign host https://**redacted-domain**/tests/Scannable-Dokument.jpg. Retry again.
(3) cp-main.go:414 cmd.doCopySession(..) Tags: [Scannable-Dokument.jpg]
(2) common-methods.go:196 cmd.uploadSourceToTargetURL(..) Tags: [https://**redacted-domain**/tests/Scannable-Dokument.jpg]
(1) common-methods.go:130 cmd.putTargetStream(..) Tags: [minio, https://**redacted-domain**/tests/Scannable-Dokument.jpg]
(0) client-s3.go:684 cmd.(*s3Client).Put(..)
Release-Tag:RELEASE.2018-09-26T00-42-43Z | Commit:87f7e65c4c83 | Host:Philips-MacBook-Pro.local | OS:darwin | Arch:amd64 | Lang:go1.10.2 | Mem:5.1MB/14MB | Heap:5.1MB/9.6MB
mc: <ERROR> Session safely terminated. To resume session `mc session resume rDXVeuhO`
๊ฐ์ฌ ํด์!
ํ์ผ์์ xattr -d com.apple.quarantine
์ ์ ๊ฑฐํ๊ณ ๋ค์ ์๋ํ ์ ์์ต๋๊น?
์ข์ ์บ์น, ๊ทธ๊ฒ ๋ค์ผ - ๊ณ ๋ง์! ๋ด๊ฐ ํ ์คํธํ ๋ชจ๋ ํ์ผ/ํด๋์๋ ์ด๋ป๊ฒ๋ ๊ทธ ์์ฑ์ด ์๋ ๊ฒ ๊ฐ์ต๋๋ค. Mojave์ ๋ณ๊ฒฝ ์ฌํญ์ด ๊ทธ ์์ธ์ด๋ ๋ถ์ด์ ์ด๋ฐํ ์ ์์์ต๋๊น? ํ์ผ์ ํด๋น ์์ฑ์ด ์์ ๋ ์ ๋ก๋ ์ค๋ฅ๊ฐ ๋ฐ์ํ์ง ์๊ณ ์ ๋ก๋๊ฐ ์๋ฃ๋๋ฉด ์ข์ ๊ฒ ๊ฐ์์. ์ด๋ป๊ฒ ์๊ฐํด?
์ข์ ์บ์น, ๊ทธ๊ฒ ๋ค์ผ - ๊ณ ๋ง์! ๋ด๊ฐ ํ ์คํธํ ๋ชจ๋ ํ์ผ/ํด๋์๋ ์ด๋ป๊ฒ๋ ๊ทธ ์์ฑ์ด ์๋ ๊ฒ ๊ฐ์ต๋๋ค. Mojave์ ๋ณ๊ฒฝ ์ฌํญ์ด ๊ทธ ์์ธ์ด๋ ๋ถ์ด์ ์ด๋ฐํ ์ ์์์ต๋๊น? ํ์ผ์ ํด๋น ์์ฑ์ด ์์ ๋ ์ ๋ก๋ ์ค๋ฅ๊ฐ ๋ฐ์ํ์ง ์๊ณ ์ ๋ก๋๊ฐ ์๋ฃ๋๋ฉด ์ข์ ๊ฒ ๊ฐ์์. ์ด๋ป๊ฒ ์๊ฐํด?
์ด๋ฌํ HTTP ํค๋๋ฅผ ํํฐ๋งํ๋ ๊ฒ์ nginx์ด๋ฉฐ, nginx๊ฐ ์ด ํค๋๋ฅผ ์ ๊ฑฐํ๋ ์ด์ ๋ฅผ ํ์ ํด์ผ ํฉ๋๋ค.
๊ฒ์ญ ์์ฑ์ ์ถ๊ฐํ๋ Apple์ ์ธ์ ๊ฐ ๋ค์ ์ถ๊ฐ๋์์ต๋๋ค(2007'์ ๋ฐ๋ผ - https://developer.apple.com/library/archive/releasenotes/Carbon/RN-LaunchServices/index.html). ๋ค์ด๋ก๋ํ ๋ชจ๋ ํ์ผ์ ์ด ์์
์ ์ํํ๋ ค๋ ๊ฒ ๊ฐ์ต๋๋ค. ๊ธฐ๋ณธ ๋ค์ด๋ก๋ ํด๋๋ฅผ ํ์ธํ๋ฉด ํด๋น ์์ฑ์ด ๊ฝค ๋ง์ ํ์ผ์ ์ค์ ๋์ด ์๋ ๊ฒ์ ๋ณผ ์ ์์ต๋๋ค. ๊ธฐ๋ณธ์ ์ผ๋ก nginx๋ ์ ํจํ์ง ์์ ๋ฌธ์("." ํฌํจ)๋ก ๊ฐ์ฃผ๋๋ ๊ฒ์ ์ ๊ฑฐํฉ๋๋ค. ๋ฐ๋ผ์ com.apple.quarantine ์์ฑ์ด ํค๋๋ก ์ ์ก๋๋ฉด ๊ธฐ๋ณธ์ ์ผ๋ก nginx๊ฐ ์ด๋ฅผ ์ ๊ฑฐํฉ๋๋ค( https://trac.nginx.org/nginx/ticket/629). ๋ฐ๋ผ์ ๋ค์๊ณผ ๊ฐ์ด ignore_invalid_headers off;
๋ฅผ ์ถ๊ฐํ ์ ์์ต๋๋ค.
server {
listen 80;
server_name ebox;
ignore_invalid_headers off;
location / {
proxy_set_header Host $http_host;
proxy_pass http://hbox:9000;
client_max_body_size 1000m;
}
}
์ ์ณ๋๊ณ , ์ด๊ฒ์ setfattr
๋ฅผ ํตํด ์๋์ผ๋ก ์ค์ ๋ ๋ชจ๋ ์์ฑ์๋ ์ํฅ์ ๋ฏธ์นฉ๋๋ค(์์ฑ ์์ user.
๋ฅผ ์ถ๊ฐํด์ผ ํ๊ธฐ ๋๋ฌธ์).
์ด ๊ตฌ์ฑ์ ๋ฌธ์์ ์ถ๊ฐํด์ผ ํฉ๋๋ค.
์ด๊ฒ์ ์์ฒญ์ ํ๋ก์ํ ๋ ์ด ์๋๋ฆฌ์ค์์ RFC๋ฅผ ์์ ํ ์ค์ํ์ง ์๊ธฐ ๋๋ฌธ์ Nginx ๋ฌธ์ ์ ๋๋ค. @eco-minio๊ฐ ์ ์ํ ๋๋ก ์์ ์ต์ ์ ๋๋ฉด ์ด์ Nginx๋ฅผ ์ ๋๋ก ์ฌ์ฉํ ์ ์์ต๋๋ค.
๋ฌธ์์์๋ ์ด๋ฅผ ์ ๋ฐ์ดํธํ ๊ฒ์ ๋๋ค.
์ฐธ๊ณ ๋ก Kubernetes nginx ์์ ์ปจํธ๋กค๋ฌ๋ฅผ ์ฌ์ฉํ๋ ๊ฒฝ์ฐ ignore-invalid-headers
๋ฅผ false
๋ก ์ค์ ํฉ๋๋ค(๋ฌธ์์๋ ์ถ๊ฐํ ์ ์์).
@eco-minio ์๋ nginx ํฐ์ผ์ ์๋ตํ ์ฌ๋์ด ์ซ์ต๋๋ค. "์ด ํค๋๊ฐ ํน์ RFC์ ๋ฌธ๋ฒ๊ณผ ์ผ์นํ๋์ง ์ฌ๋ถ๋ ๋๋ถ๋ถ ๊ด๋ จ์ด ์์ต๋๋ค." ๊ธ์, ์ฐ๋ฆฌ๋ RFC ๋ฌธ๋ฒ์ ์ข์ํ์ง ์์ผ๋ฏ๋ก ์ฐ๋ฆฌ ๋ฐฉ์๋๋ก ํ ๊ฒ์ ๋๋ค. ๊ทธ๋ ๋ค๋ฉด ํ์ค ๋ฐ/๋๋ RFC๊ฐ ์๋ ์ด์ ๋ ๋ฌด์์ ๋๊น?
Caddy๋ Traefik๋ ๊ฐ์ ๋ฌธ์ ๋ฅผ ๊ฒช๊ณ ์์ต๋๊น?
Caddy๋ Traefik๋ ๊ฐ์ ๋ฌธ์ ๋ฅผ ๊ฒช๊ณ ์์ต๋๊น?
@zllovesuki
์ด ์ค๋ ๋๋ ๋ซํ ํ ์ต๊ทผ ํ๋์ด ์์๊ธฐ ๋๋ฌธ์ ์๋์ผ๋ก ์ ๊ฒผ์ต๋๋ค. ๊ด๋ จ ๋ฒ๊ทธ์ ๋ํ ์ ๋ฌธ์ ๋ฅผ ์ฌ์ญ์์ค.
๊ฐ์ฅ ์ ์ฉํ ๋๊ธ
๊ฒ์ญ ์์ฑ์ ์ถ๊ฐํ๋ Apple์ ์ธ์ ๊ฐ ๋ค์ ์ถ๊ฐ๋์์ต๋๋ค(2007'์ ๋ฐ๋ผ - https://developer.apple.com/library/archive/releasenotes/Carbon/RN-LaunchServices/index.html). ๋ค์ด๋ก๋ํ ๋ชจ๋ ํ์ผ์ ์ด ์์ ์ ์ํํ๋ ค๋ ๊ฒ ๊ฐ์ต๋๋ค. ๊ธฐ๋ณธ ๋ค์ด๋ก๋ ํด๋๋ฅผ ํ์ธํ๋ฉด ํด๋น ์์ฑ์ด ๊ฝค ๋ง์ ํ์ผ์ ์ค์ ๋์ด ์๋ ๊ฒ์ ๋ณผ ์ ์์ต๋๋ค. ๊ธฐ๋ณธ์ ์ผ๋ก nginx๋ ์ ํจํ์ง ์์ ๋ฌธ์("." ํฌํจ)๋ก ๊ฐ์ฃผ๋๋ ๊ฒ์ ์ ๊ฑฐํฉ๋๋ค. ๋ฐ๋ผ์ com.apple.quarantine ์์ฑ์ด ํค๋๋ก ์ ์ก๋๋ฉด ๊ธฐ๋ณธ์ ์ผ๋ก nginx๊ฐ ์ด๋ฅผ ์ ๊ฑฐํฉ๋๋ค( https://trac.nginx.org/nginx/ticket/629). ๋ฐ๋ผ์ ๋ค์๊ณผ ๊ฐ์ด
ignore_invalid_headers off;
๋ฅผ ์ถ๊ฐํ ์ ์์ต๋๋ค.์ ์ณ๋๊ณ , ์ด๊ฒ์
setfattr
๋ฅผ ํตํด ์๋์ผ๋ก ์ค์ ๋ ๋ชจ๋ ์์ฑ์๋ ์ํฅ์ ๋ฏธ์นฉ๋๋ค(์์ฑ ์์user.
๋ฅผ ์ถ๊ฐํด์ผ ํ๊ธฐ ๋๋ฌธ์).์ด ๊ตฌ์ฑ์ ๋ฌธ์์ ์ถ๊ฐํด์ผ ํฉ๋๋ค.