openstack/cinder
Code Issues Proposed changes

LIO iSCSI initiator ACL auto-config

Browse Source 
Currently, IQNs of remote nova compute nodes must be specified in
cinder.conf for them to be added to LIO's ACLs for LUNs.

This change will handle this at volume-attach time instead.

Change-Id: I278ce737042b15bd4d100d331564c1377bac0c55
This commit is contained in:
Eric Harney
2013-02-28 18:14:11 -05:00
parent af5d4b3235
commit 67dd248bcb
4 changed files with 71 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
bin/cinder-rtstool
View File

@@ -78,7 +78,7 @@ def create(backing_device, name, userid, password, initiator_iqns=None):
acl_new.chap_userid = userid acl_new.chap_userid = userid
acl_new.chap_password = password acl_new.chap_password = password
m = rtslib.MappedLUN(acl_new, lun_new.lun, lun_new.lun) rtslib.MappedLUN(acl_new, lun_new.lun, lun_new.lun)
if initiator_iqns: if initiator_iqns:
initiator_iqns = initiator_iqns.strip(' ') initiator_iqns = initiator_iqns.strip(' ')
@@ -87,7 +87,7 @@ def create(backing_device, name, userid, password, initiator_iqns=None):
acl_new.chap_userid = userid acl_new.chap_userid = userid
acl_new.chap_password = password acl_new.chap_password = password
m = rtslib.MappedLUN(acl_new, lun_new.lun, lun_new.lun) rtslib.MappedLUN(acl_new, lun_new.lun, lun_new.lun)
tpg_new.enable = 1 tpg_new.enable = 1
@@ -105,6 +105,36 @@ def create(backing_device, name, userid, password, initiator_iqns=None):
pass pass
def add_initiator(target_iqn, initiator_iqn, userid, password):
try:
rtsroot = rtslib.root.RTSRoot()
except rtslib.utils.RTSLibError:
print _('Ensure that configfs is mounted at /sys/kernel/config.')
raise
# Look for the target
target = None
for t in rtsroot.targets:
if t.dump()['wwn'] == target_iqn:
target = t
break
if target == None:
raise RtstoolError(_('Could not find target %s') % target_iqn)
tpg = target.tpgs.next() # get the first one
for acl in tpg.dump()['node_acls']:
# See if this ACL configuration already exists
if acl['node_wwn'] == initiator_iqn:
# No further action required
return
acl_new = rtslib.NodeACL(tpg, initiator_iqn, mode='create')
acl_new.chap_userid = userid
acl_new.chap_password = password
rtslib.MappedLUN(acl_new, 0, tpg_lun=0)
def get_targets(): def get_targets():
rtsroot = rtslib.root.RTSRoot() rtsroot = rtslib.root.RTSRoot()
for x in rtsroot.targets: for x in rtsroot.targets:
@@ -139,6 +169,8 @@ def usage():
print sys.argv[0], \ print sys.argv[0], \
"create [device] [name] [userid] [password]", \ "create [device] [name] [userid] [password]", \
"<initiator_iqn,iqn2,iqn3,...>" "<initiator_iqn,iqn2,iqn3,...>"
print sys.argv[0], \
"add-initiator [target_iqn] [userid] [password] [initiator_iqn]"
print sys.argv[0], "get-targets" print sys.argv[0], "get-targets"
print sys.argv[0], "delete [iqn]" print sys.argv[0], "delete [iqn]"
print sys.argv[0], "verify" print sys.argv[0], "verify"
@@ -170,6 +202,17 @@ def main(argv=None):
create(backing_device, name, userid, password, initiator_iqns) create(backing_device, name, userid, password, initiator_iqns)
elif argv[1] == 'add-initiator':
if len(argv) < 6:
usage()
target_iqn = argv[2]
userid = argv[3]
password = argv[4]
initiator_iqn = argv[5]
add_initiator(target_iqn, initiator_iqn, userid, password)
elif argv[1] == 'get-targets': elif argv[1] == 'get-targets':
get_targets() get_targets()

4
cinder/exception.py
View File

@@ -307,6 +307,10 @@ class ISCSITargetCreateFailed(CinderException):
message = _("Failed to create iscsi target for volume %(volume_id)s.") message = _("Failed to create iscsi target for volume %(volume_id)s.")
class ISCSITargetAttachFailed(CinderException):
message = _("Failed to attach iSCSI target for volume %(volume_id)s.")
class ISCSITargetRemoveFailed(CinderException): class ISCSITargetRemoveFailed(CinderException):
message = _("Failed to remove iscsi target for volume %(volume_id)s.") message = _("Failed to remove iscsi target for volume %(volume_id)s.")

3
cinder/volume/driver.py
View File

@@ -333,6 +333,9 @@ class ISCSIDriver(VolumeDriver):
""" """
if self.configuration.iscsi_helper == 'lioadm':
self.tgtadm.initialize_connection(volume, connector)
iscsi_properties = self._get_iscsi_properties(volume) iscsi_properties = self._get_iscsi_properties(volume)
return { return {
'driver_volume_type': 'iscsi', 'driver_volume_type': 'iscsi',

19
cinder/volume/iscsi.py
View File

@@ -416,6 +416,25 @@ class LioAdm(TargetAdmin):
if tid is None: if tid is None:
raise exception.NotFound() raise exception.NotFound()
def initialize_connection(self, volume, connector):
volume_iqn = volume['provider_location'].split(' ')[1]
(auth_method, auth_user, auth_pass) = \
volume['provider_auth'].split(' ', 3)
# Add initiator iqns to target ACL
try:
self._execute('cinder-rtstool', 'add-initiator',
volume_iqn,
auth_user,
auth_pass,
connector['initiator'],
run_as_root=True)
except exception.ProcessExecutionError as e:
LOG.error(_("Failed to add initiator iqn %s to target") %
connector['initiator'])
raise exception.ISCSITargetAttachFailed(volume_id=volume['id'])
def get_target_admin(): def get_target_admin():
if FLAGS.iscsi_helper == 'tgtadm': if FLAGS.iscsi_helper == 'tgtadm':