Product
Overview
What is AIStor?
Features
Replication Replication Console Console Cache Cache Encryption Encryption Versioning Versioning Observability Observability Object Immutability Object Immutability Key Management Server Key Management Server S3 Compatibility S3 Compatibility Identity + Access Mgt Identity + Access Mgt Catalog Catalog Object Prompt Object Prompt Lifecycle Lifecycle Firewall Firewall AIHub AIHub
Tools
Erasure Code Calculator Erasure Code Calculator Determine your raw and usable capacity across a range of erasure coding settings. Reference Hardware Reference Hardware MinIO’s recommended Configuration and reference hardware for building large scale data infrastructure.
Solutions
AI Storage Learn how MinIO is leading the AI storage market from its exclusive features to performance at scale. HDFS Migration Modernize and simplify your big data storage infrastructure with cloud native storage with AIStor. Snowflake Learn how to leverage Snowflake external tables to query data without having to move it.
Integrations Integrations with MinIO Browse our expansive list of
integrations with links to the relevant
documentation.
Veeam Learn how MinIO and Veeam have partnered deliver superior RTO and RPO. Modern Datalakes Learn how modern, multi-engine data lakeshouses depend on MinIO's AIStor. Equinix Repatriate your data onto the cloud you control with MinIO and Equinix. SQL Server Learn how to leverage SQL Server 2022 with MinIO to run queries on your data without having to move it. Commvault Learn how Commvault and MinIO are partnered to deliver performance at scale for mission critical backup and restore workloads. Hybrid Cloud Learn how enterprises use MinIO to build AI data infrastructure that runs on any cloud - public, private or colo. Splunk Find out how MinIO is delivering performance at scale for Splunk SmartStores. VMware Discover how MinIO integrates with VMware across the portfolio from the Persistent Data platform to TKG and how we support their Kubernetes ambitions.
Open Source
Github Community Explore, experiment, ask questions and contribute. Docs Development guides. Slack Channel Open Forum for discussing topics related to MinIO.
Download MinIO Object Store Get MinIO's open source server, client, and SDK.
Resources
Resources Home Browse our library of white papers, solution briefs, benchmarks and videos. Blog Product updates, company news, and educational content. Training Learn the MinIO Way and Become a Data Infrastructure Expert.
Events Join us to take advantage to meet with MinIO partners, employees, and subject-matter experts.
Partner Pricing Login Download

Documentation

MinIO Object Storage for Linux

mc admin tier

Changed in version RELEASE.2022-12-24T15-21-38Z: mc admin tier replaced by mc ilm tier.

Description

The mc admin tier command configures a remote supported S3-compatible service for supporting MinIO Lifecycle Management: Object Transition (“Tiering”).

Use mc admin on MinIO Deployments Only

MinIO does not support using mc admin commands with other S3-compatible services, regardless of their claimed compatibility with MinIO deployments.

Supported S3 Services

mc admin tier supports only the following S3-compatible services as a remote target for object tiering:

  • Amazon S3

  • Google Cloud Storage

  • Azure Blob Storage

Required Permissions

MinIO requires the following permissions scoped to to the bucket or buckets for which you are creating lifecycle management rules.

MinIO also requires the following administrative permissions on the cluster in which you are creating remote tiers for object transition lifecycle management rules:

For example, the following policy provides permission for configuring object transition lifecycle management rules on any bucket in the cluster:.

{
   "Version": "2012-10-17",
   "Statement": [
      {
            "Action": [
               "admin:SetTier",
               "admin:ListTier"
            ],
            "Effect": "Allow",
            "Sid": "EnableRemoteTierManagement"
      },
      {
            "Action": [
               "s3:PutLifecycleConfiguration",
               "s3:GetLifecycleConfiguration"
            ],
            "Resource": [
                        "arn:aws:s3:::*"
            ],
            "Effect": "Allow",
            "Sid": "EnableLifecycleManagementRules"
      }
   ]
}

Transition Permissions

Object transition lifecycle management rules require additional permissions on the remote storage tier. Specifically, MinIO requires the remote tier credentials provide read, write, list, and delete permissions.

For example, if the remote storage tier implements AWS IAM policy-based access control, the following policy provides the necessary permission for transitioning objects into and out of the remote tier:

{
   "Version": "2012-10-17",
   "Statement": [
      {
            "Action": [
               "s3:ListBucket"
            ],
            "Effect": "Allow",
            "Resource": [
               "arn:aws:s3:::MyDestinationBucket"
            ],
            "Sid": ""
      },
      {
            "Action": [
               "s3:GetObject",
               "s3:PutObject",
               "s3:DeleteObject"
            ],
            "Effect": "Allow",
            "Resource": [
               "arn:aws:s3:::MyDestinationBucket/*"
            ],
            "Sid": ""
      }
   ]
}

Modify the Resource for the bucket into which MinIO tiers objects.

Defer to the documentation for the supported tiering targets for more complete information on configuring users and permissions to support MinIO tiering:

Syntax

mc admin tier add

Creates a new remote storage tier for transitioning objects using MinIO lifecycle management rules.

Important

MinIO does not support removing remote storage tiers. Ensure the storage backend supports the intended workload prior to adding it as a remote tier target.

The command has the following syntax:

mc admin tier add TIER_TYPE TARGET TIER_NAME [FLAGS]

The command accepts the following arguments:

TIER_TYPE

Required

The Cloud Service Provider storage backend (“Tier”) to which MinIO transitions objects. Specify one of the following supported values:

s3

Use AWS S3 or a remote MinIO deployment as the storage backend for the new Tier.

Requires specifying the following additional options:

azure

Use Azure Blob Storage as the storage backend for the new Tier.

Requires specifying the following additional options:

gcs

Use GCP Cloud Storage as the storage backend for the new Tier.

Requires specifying the following additional option:
TARGET

Required

The alias of a configured MinIO deployment on which the command creates the new remote tier.

TIER_NAME

Required

The name to associate with the new remote tier. The name must be unique across all configured tiers on the MinIO cluster.

You must specify the tier in all-caps, e.g. WARM_TIER.

--endpoint

Required

The URL endpoint for the cloud service provider. The URL endpoint must resolve to the provider specified to TIER_TYPE.

--access-key

Required

The access key for a user on the remote S3 tier. The user must have permission to perform read/write/list/delete operations on the remote bucket or bucket prefix.

Required if TIER_TYPE is s3. This option has no effect for any other value of TIER_TYPE.

--secret-key

Required

The secret key for a user on the remote S3 tier.

Required if TIER_TYPE is s3. This option has no effect for any other value of TIER_TYPE.

--account-name

Required

The account name for a user on the remote Azure tier. The user must have permission to perform read/write/list/delete operations on the remote bucket or bucket prefix.

Required if TIER_TYPE is azure. This option has no effect for any other value of TIER_TYPE.

MinIO does not support changing the account name associated to an Azure remote tier. Azure storage backends are tied to the account, such that changing the account would change the storage backend and prevent access to any objects transitioned to the original account/backend.

--account-key

Required

The account key for the --account-name associated to the remote Azure tier.

Required if TIER_TYPE is azure. This option has no effect for any other value of TIER_TYPE.

--credentials-file

Required

The credential file for a user on the remote GCS tier. The user must have permission to perform read/write/list/delete operations on the remote bucket or bucket prefix.

Required if TIER_TYPE is gcs. This option has no effect for any other value of TIER_TYPE.

--bucket

Required

The bucket on the remote tier to which MinIO transitions objects.

--prefix

Optional

The prefix path for the specified --bucket to which MinIO transitions objects.

Omit this field to transition objects into the bucket root.

--storage-class

Optional

The AWS storage class to use for objects transitioned by MinIO. MinIO supports only the following storage classes:

  • STANDARD

  • REDUCED_REDUNDANCY

Defaults to S3_STANDARD if omitted.

This option only applies if TIER_TYPE is s3. This option has no effect for any other value of TIER_TYPE.

--region

Optional

The S3 backend region for the specified TIER_TYPE, such as us-west-1.

This option only applies if TIER_TYPE is s3. This option has no effect for any other value of TIER_TYPE.

mc admin tier edit

Modify or remove a remote storage tier from a MinIO cluster. Remote storage tiers support transitioning objects using MinIO lifecycle management rules.

The command has the following syntax:

mc admin tier edit TARGET TIER_NAME [FLAGS]

The command accepts the following arguments:

TARGET

Required

The alias of a configured MinIO deployment.

TIER_NAME

Required

The name of the remote tier the command modifies. The value corresponds to the mc admin tier add TIER_NAME specified when creating the remote tier.

--access-key

Optional

The access key for a user on the remote S3 tier. The user must have permission to perform read/write/list/delete operations on the remote bucket or bucket prefix.

This option only applies to remote storage tiers with TIER_TYPE is s3. This option has no effect for any other TIER_TYPE.

--secret-key

Optional

The secret key for a user on the remote S3 tier.

This option only applies to remote storage tiers with TIER_TYPE is s3. This option has no effect for any other TIER_TYPE.

--account-key

Required

The account key for a user on the remote Azure tier. Use this option to rotate the credentials for the --account-name associated to the remote tier.

This option only applies to remote storage tiers with TIER_TYPE is azure. This option has no effect for any other TIER_TYPE.

--credentials-file

Required

The credential file for a user on the remote GCS tier. The user must have permission to perform read/write/list/delete operations on the remote bucket or bucket prefix.

This option only applies to remote storage tiers with TIER_TYPE is gcs. This option has no effect for any other TIER_TYPE.

mc admin tier ls

List all remote storage tiers on a MinIO cluster. Remote storage tiers support transitioning objects using MinIO lifecycle management rules.

The command has the following syntax:

mc admin tier ls TARGET [FLAGS]

The command accepts the following arguments:

TARGET

Required

The alias of a configured MinIO deployment.

This work is licensed under a Creative Commons Attribution 4.0 International License. 2020-Present, MinIO, Inc. Creative Commons License