github.com/minio/minio@v0.0.0-20240328213742-3f72439b8a27/docs/site-replication/run-ssec-object-replication-with-compression.sh (about) 1 #!/usr/bin/env bash 2 3 # shellcheck disable=SC2120 4 exit_1() { 5 cleanup 6 7 echo "minio1 ============" 8 cat /tmp/minio1_1.log 9 echo "minio2 ============" 10 cat /tmp/minio2_1.log 11 12 exit 1 13 } 14 15 cleanup() { 16 echo -n "Cleaning up instances of MinIO ..." 17 pkill minio || sudo pkill minio 18 pkill -9 minio || sudo pkill -9 minio 19 rm -rf /tmp/minio{1,2} 20 echo "done" 21 } 22 23 cleanup 24 25 export MINIO_CI_CD=1 26 export MINIO_BROWSER=off 27 export MINIO_ROOT_USER="minio" 28 export MINIO_ROOT_PASSWORD="minio123" 29 30 # Create certificates for TLS enabled MinIO 31 echo -n "Setup certs for MinIO instances ..." 32 wget -O certgen https://github.com/minio/certgen/releases/latest/download/certgen-linux-amd64 && chmod +x certgen 33 ./certgen --host localhost 34 mkdir -p ~/.minio/certs 35 mv public.crt ~/.minio/certs || sudo mv public.crt ~/.minio/certs 36 mv private.key ~/.minio/certs || sudo mv private.key ~/.minio/certs 37 echo "done" 38 39 # Start MinIO instances 40 echo -n "Starting MinIO instances ..." 41 minio server --address ":9001" --console-address ":10000" /tmp/minio1/{1...4}/disk{1...4} /tmp/minio1/{5...8}/disk{1...4} >/tmp/minio1_1.log 2>&1 & 42 minio server --address ":9002" --console-address ":11000" /tmp/minio2/{1...4}/disk{1...4} /tmp/minio2/{5...8}/disk{1...4} >/tmp/minio2_1.log 2>&1 & 43 echo "done" 44 45 if [ ! -f ./mc ]; then 46 echo -n "Downloading MinIO client ..." 47 wget -O mc https://dl.min.io/client/mc/release/linux-amd64/mc && 48 chmod +x mc 49 echo "done" 50 fi 51 52 sleep 10 53 54 export MC_HOST_minio1=https://minio:minio123@localhost:9001 55 export MC_HOST_minio2=https://minio:minio123@localhost:9002 56 57 # Prepare data for tests 58 echo -n "Preparing test data ..." 59 mkdir -p /tmp/data 60 echo "Hello world" >/tmp/data/plainfile 61 echo "Hello from encrypted world" >/tmp/data/encrypted 62 touch /tmp/data/defpartsize 63 shred -s 500M /tmp/data/defpartsize 64 touch /tmp/data/mpartobj.txt 65 shred -s 500M /tmp/data/mpartobj.txt 66 echo "done" 67 68 # Enable compression for site minio1 69 ./mc admin config set minio1 compression enable=on extensions=".txt" --insecure 70 ./mc admin config set minio1 compression allow_encryption=on --insecure 71 72 # Create bucket in source cluster 73 echo "Create bucket in source MinIO instance" 74 ./mc mb minio1/test-bucket --insecure 75 76 # Load objects to source site 77 echo "Loading objects to source MinIO instance" 78 ./mc cp /tmp/data/plainfile minio1/test-bucket --insecure 79 ./mc cp /tmp/data/encrypted minio1/test-bucket --encrypt-key "minio1/test-bucket/encrypted=iliketobecrazybutnotsomuchreally" --insecure 80 ./mc cp /tmp/data/defpartsize minio1/test-bucket --encrypt-key "minio1/test-bucket/defpartsize=iliketobecrazybutnotsomuchreally" --insecure 81 82 # Below should fail as compression and SSEC used at the same time 83 RESULT=$({ ./mc put /tmp/data/mpartobj.txt minio1/test-bucket --encrypt-key "minio1/test-bucket/mpartobj.txt=iliketobecrazybutnotsomuchreally" --insecure; } 2>&1) 84 if [[ ${RESULT} != *"Server side encryption specified with SSE-C with compression not allowed"* ]]; then 85 echo "BUG: Loading an SSE-C object to site with compression should fail. Succeeded though." 86 exit_1 87 fi 88 89 # Add replication site 90 ./mc admin replicate add minio1 minio2 --insecure 91 # sleep for replication to complete 92 sleep 30 93 94 # List the objects from source site 95 echo "Objects from source instance" 96 ./mc ls minio1/test-bucket --insecure 97 count1=$(./mc ls minio1/test-bucket/plainfile --insecure | wc -l) 98 if [ "${count1}" -ne 1 ]; then 99 echo "BUG: object minio1/test-bucket/plainfile not found" 100 exit_1 101 fi 102 count2=$(./mc ls minio1/test-bucket/encrypted --insecure | wc -l) 103 if [ "${count2}" -ne 1 ]; then 104 echo "BUG: object minio1/test-bucket/encrypted not found" 105 exit_1 106 fi 107 count3=$(./mc ls minio1/test-bucket/defpartsize --insecure | wc -l) 108 if [ "${count3}" -ne 1 ]; then 109 echo "BUG: object minio1/test-bucket/defpartsize not found" 110 exit_1 111 fi 112 sleep 120 113 114 # List the objects from replicated site 115 echo "Objects from replicated instance" 116 ./mc ls minio2/test-bucket --insecure 117 repcount1=$(./mc ls minio2/test-bucket/plainfile --insecure | wc -l) 118 if [ "${repcount1}" -ne 1 ]; then 119 echo "BUG: object test-bucket/plainfile not replicated" 120 exit_1 121 fi 122 repcount2=$(./mc ls minio2/test-bucket/encrypted --insecure | wc -l) 123 if [ "${repcount2}" -ne 1 ]; then 124 echo "BUG: object test-bucket/encrypted not replicated" 125 exit_1 126 fi 127 repcount3=$(./mc ls minio2/test-bucket/defpartsize --insecure | wc -l) 128 if [ "${repcount3}" -ne 1 ]; then 129 echo "BUG: object test-bucket/defpartsize not replicated" 130 exit_1 131 fi 132 133 # Stat the SSEC objects from source site 134 echo "Stat minio1/test-bucket/encrypted" 135 ./mc stat minio1/test-bucket/encrypted --encrypt-key "minio1/test-bucket/encrypted=iliketobecrazybutnotsomuchreally" --insecure --json 136 stat_out1=$(./mc stat minio1/test-bucket/encrypted --encrypt-key "minio1/test-bucket/encrypted=iliketobecrazybutnotsomuchreally" --insecure --json) 137 src_obj1_etag=$(echo "${stat_out1}" | jq '.etag') 138 src_obj1_size=$(echo "${stat_out1}" | jq '.size') 139 src_obj1_md5=$(echo "${stat_out1}" | jq '.metadata."X-Amz-Server-Side-Encryption-Customer-Key-Md5"') 140 echo "Stat minio1/test-bucket/defpartsize" 141 ./mc stat minio1/test-bucket/defpartsize --encrypt-key "minio1/test-bucket/defpartsize=iliketobecrazybutnotsomuchreally" --insecure --json 142 stat_out2=$(./mc stat minio1/test-bucket/defpartsize --encrypt-key "minio1/test-bucket/defpartsize=iliketobecrazybutnotsomuchreally" --insecure --json) 143 src_obj2_etag=$(echo "${stat_out2}" | jq '.etag') 144 src_obj2_size=$(echo "${stat_out2}" | jq '.size') 145 src_obj2_md5=$(echo "${stat_out2}" | jq '.metadata."X-Amz-Server-Side-Encryption-Customer-Key-Md5"') 146 147 # Stat the SSEC objects from replicated site 148 echo "Stat minio2/test-bucket/encrypted" 149 ./mc stat minio2/test-bucket/encrypted --encrypt-key "minio2/test-bucket/encrypted=iliketobecrazybutnotsomuchreally" --insecure --json 150 stat_out1_rep=$(./mc stat minio2/test-bucket/encrypted --encrypt-key "minio2/test-bucket/encrypted=iliketobecrazybutnotsomuchreally" --insecure --json) 151 rep_obj1_etag=$(echo "${stat_out1_rep}" | jq '.etag') 152 rep_obj1_size=$(echo "${stat_out1_rep}" | jq '.size') 153 rep_obj1_md5=$(echo "${stat_out1_rep}" | jq '.metadata."X-Amz-Server-Side-Encryption-Customer-Key-Md5"') 154 echo "Stat minio2/test-bucket/defpartsize" 155 ./mc stat minio2/test-bucket/defpartsize --encrypt-key "minio2/test-bucket/defpartsize=iliketobecrazybutnotsomuchreally" --insecure --json 156 stat_out2_rep=$(./mc stat minio2/test-bucket/defpartsize --encrypt-key "minio2/test-bucket/defpartsize=iliketobecrazybutnotsomuchreally" --insecure --json) 157 rep_obj2_etag=$(echo "${stat_out2_rep}" | jq '.etag') 158 rep_obj2_size=$(echo "${stat_out2_rep}" | jq '.size') 159 rep_obj2_md5=$(echo "${stat_out2_rep}" | jq '.metadata."X-Amz-Server-Side-Encryption-Customer-Key-Md5"') 160 161 # Check the etag and size of replicated SSEC objects 162 if [ "${rep_obj1_etag}" != "${src_obj1_etag}" ]; then 163 echo "BUG: Etag: '${rep_obj1_etag}' of replicated object: 'minio2/test-bucket/encrypted' doesn't match with source value: '${src_obj1_etag}'" 164 exit_1 165 fi 166 if [ "${rep_obj1_size}" != "${src_obj1_size}" ]; then 167 echo "BUG: Size: '${rep_obj1_size}' of replicated object: 'minio2/test-bucket/encrypted' doesn't match with source value: '${src_obj1_size}'" 168 exit_1 169 fi 170 if [ "${rep_obj2_etag}" != "${src_obj2_etag}" ]; then 171 echo "BUG: Etag: '${rep_obj2_etag}' of replicated object: 'minio2/test-bucket/defpartsize' doesn't match with source value: '${src_obj2_etag}'" 172 exit_1 173 fi 174 if [ "${rep_obj2_size}" != "${src_obj2_size}" ]; then 175 echo "BUG: Size: '${rep_obj2_size}' of replicated object: 'minio2/test-bucket/defpartsize' doesn't match with source value: '${src_obj2_size}'" 176 exit_1 177 fi 178 179 # Check content of replicated SSEC objects 180 ./mc cat minio2/test-bucket/encrypted --encrypt-key "minio2/test-bucket/encrypted=iliketobecrazybutnotsomuchreally" --insecure 181 ./mc cat minio2/test-bucket/defpartsize --encrypt-key "minio2/test-bucket/defpartsize=iliketobecrazybutnotsomuchreally" --insecure >/dev/null || exit_1 182 183 # Check the MD5 checksums of encrypted objects from source and target 184 if [ "${src_obj1_md5}" != "${rep_obj1_md5}" ]; then 185 echo "BUG: MD5 checksum of object 'minio2/test-bucket/encrypted' doesn't match with source. Expected: '${src_obj1_md5}', Found: '${rep_obj1_md5}'" 186 exit_1 187 fi 188 if [ "${src_obj2_md5}" != "${rep_obj2_md5}" ]; then 189 echo "BUG: MD5 checksum of object 'minio2/test-bucket/defpartsize' doesn't match with source. Expected: '${src_obj2_md5}', Found: '${rep_obj2_md5}'" 190 exit_1 191 fi 192 193 cleanup