github.com/minio/minio@v0.0.0-20240328213742-3f72439b8a27/docs/distributed/decom-encrypted-sse-s3.sh (about) 1 #!/bin/bash 2 3 if [ -n "$TEST_DEBUG" ]; then 4 set -x 5 fi 6 7 pkill minio 8 rm -rf /tmp/xl 9 10 if [ ! -f ./mc ]; then 11 wget --quiet -O mc https://dl.minio.io/client/mc/release/linux-amd64/mc && 12 chmod +x mc 13 fi 14 15 export CI=true 16 export MINIO_KMS_SECRET_KEY=my-minio-key:OSMM+vkKUTCvQs9YL/CVMIMt43HFhkUpqJxTmGl6rYw= 17 export MC_HOST_myminio="http://minioadmin:minioadmin@localhost:9000/" 18 19 (minio server http://localhost:9000/tmp/xl/{1...10}/disk{0...1} 2>&1 >/dev/null) & 20 pid=$! 21 22 sleep 30 23 24 ./mc admin user add myminio/ minio123 minio123 25 ./mc admin user add myminio/ minio12345 minio12345 26 27 ./mc admin policy create myminio/ rw ./docs/distributed/rw.json 28 ./mc admin policy create myminio/ lake ./docs/distributed/rw.json 29 30 ./mc admin policy attach myminio/ rw --user=minio123 31 ./mc admin policy attach myminio/ lake --user=minio12345 32 33 ./mc mb -l myminio/versioned 34 35 ./mc encrypt set sse-s3 myminio/versioned 36 37 ./mc mirror internal myminio/versioned/ --quiet >/dev/null 38 39 ## Soft delete (creates delete markers) 40 ./mc rm -r --force myminio/versioned >/dev/null 41 42 ## mirror again to create another set of version on top 43 ./mc mirror internal myminio/versioned/ --quiet >/dev/null 44 45 expected_checksum=$(./mc cat internal/dsync/drwmutex.go | md5sum) 46 47 user_count=$(./mc admin user list myminio/ | wc -l) 48 policy_count=$(./mc admin policy list myminio/ | wc -l) 49 50 kill $pid 51 52 (minio server http://localhost:9000/tmp/xl/{1...10}/disk{0...1} http://localhost:9001/tmp/xl/{11...30}/disk{0...3} 2>&1 >/tmp/expanded_1.log) & 53 pid_1=$! 54 55 (minio server --address ":9001" http://localhost:9000/tmp/xl/{1...10}/disk{0...1} http://localhost:9001/tmp/xl/{11...30}/disk{0...3} 2>&1 >/tmp/expanded_2.log) & 56 pid_2=$! 57 58 sleep 30 59 60 expanded_user_count=$(./mc admin user list myminio/ | wc -l) 61 expanded_policy_count=$(./mc admin policy list myminio/ | wc -l) 62 63 if [ $user_count -ne $expanded_user_count ]; then 64 echo "BUG: original user count differs from expanded setup" 65 exit 1 66 fi 67 68 if [ $policy_count -ne $expanded_policy_count ]; then 69 echo "BUG: original policy count differs from expanded setup" 70 exit 1 71 fi 72 73 ./mc version info myminio/versioned | grep -q "versioning is enabled" 74 ret=$? 75 if [ $ret -ne 0 ]; then 76 echo "expected versioning enabled after expansion" 77 exit 1 78 fi 79 80 ./mc encrypt info myminio/versioned | grep -q "Auto encryption 'sse-s3' is enabled" 81 ret=$? 82 if [ $ret -ne 0 ]; then 83 echo "expected encryption enabled after expansion" 84 exit 1 85 fi 86 87 ./mc mirror cmd myminio/versioned/ --quiet >/dev/null 88 89 ./mc ls -r myminio/versioned/ >expanded_ns.txt 90 ./mc ls -r --versions myminio/versioned/ >expanded_ns_versions.txt 91 92 ./mc admin decom start myminio/ http://localhost:9000/tmp/xl/{1...10}/disk{0...1} 93 94 until $(./mc admin decom status myminio/ | grep -q Complete); do 95 echo "waiting for decom to finish..." 96 sleep 1 97 done 98 99 kill $pid_1 100 kill $pid_2 101 102 sleep 5 103 104 (minio server --address ":9001" http://localhost:9001/tmp/xl/{11...30}/disk{0...3} 2>&1 >/tmp/removed.log) & 105 pid=$! 106 107 sleep 30 108 109 export MC_HOST_myminio="http://minioadmin:minioadmin@localhost:9001/" 110 111 decom_user_count=$(./mc admin user list myminio/ | wc -l) 112 decom_policy_count=$(./mc admin policy list myminio/ | wc -l) 113 114 if [ $user_count -ne $decom_user_count ]; then 115 echo "BUG: original user count differs after decommission" 116 exit 1 117 fi 118 119 if [ $policy_count -ne $decom_policy_count ]; then 120 echo "BUG: original policy count differs after decommission" 121 exit 1 122 fi 123 124 ./mc version info myminio/versioned | grep -q "versioning is enabled" 125 ret=$? 126 if [ $ret -ne 0 ]; then 127 echo "BUG: expected versioning enabled after decommission" 128 exit 1 129 fi 130 131 ./mc encrypt info myminio/versioned | grep -q "Auto encryption 'sse-s3' is enabled" 132 ret=$? 133 if [ $ret -ne 0 ]; then 134 echo "BUG: expected encryption enabled after expansion" 135 exit 1 136 fi 137 138 got_checksum=$(./mc cat myminio/versioned/dsync/drwmutex.go | md5sum) 139 if [ "${expected_checksum}" != "${got_checksum}" ]; then 140 echo "BUG: decommission failed on encrypted objects: expected ${expected_checksum} got ${got_checksum}" 141 exit 1 142 fi 143 144 ./mc ls -r myminio/versioned >decommissioned_ns.txt 145 ./mc ls -r --versions myminio/versioned >decommissioned_ns_versions.txt 146 147 out=$(diff -qpruN expanded_ns.txt decommissioned_ns.txt) 148 ret=$? 149 if [ $ret -ne 0 ]; then 150 echo "BUG: expected no missing entries after decommission: $out" 151 exit 1 152 fi 153 154 out=$(diff -qpruN expanded_ns_versions.txt decommissioned_ns_versions.txt) 155 ret=$? 156 if [ $ret -ne 0 ]; then 157 echo "BUG: expected no missing entries after decommission: $out" 158 exit 1 159 fi 160 161 ( 162 cd ./docs/debugging/s3-check-md5 163 go install -v 164 ) 165 166 s3-check-md5 -versions -access-key minioadmin -secret-key minioadmin -endpoint http://127.0.0.1:9001/ -bucket versioned 167 168 kill $pid