[PATCH 0/9] Introduce access group support.
by Gris Ge
* To test this patch set:
1. Install rtslib-fb at commit 27e9a1df9c004862fedea4786838a4e4acb8ef94
cp <git_folder>/rtslib /usr/lib/python2.7/site-packages/rtslib_fb
2. Apply this patch set.
3. Restart targetd.
4. Apply this patch set to libstoragemgmt developer tree[1]:
[PATCH 0/6] Targetd Plugin: Introduce full access group support
5. Test these commands:
lsmcli ac --name gris_ag_03 --init iqn.2000-04.com.redhat:gris.03 \
--sys targetd
lsmcli aa --ag gris_ag_03 --init iqn.2000-04.com.redhat:gris.13
lsmcli ar --ag gris_ag_03 --init iqn.2000-04.com.redhat:gris.13
lsmcli vm --vol gQTwyb-PoV5-NxWw-gMn1-0u7X-2tGp-8iaV0A --ag gris_ag_03
lsmcli vu --vol gQTwyb-PoV5-NxWw-gMn1-0u7X-2tGp-8iaV0A --ag gris_ag_03
lsmcli ad --ag gris_ag_03
* Tested against libstoragemgmt targetd plugin patch.
* Let me know if your prefer I submit this via github pull request.
[1] b933bccad3ee29538f6200ae1b26e3644e9358fe
Gris Ge (9):
New method: initiator_list(standalone_only=False)
New method: access_group_list()
New method: access_group_create()
New method: access_group_destroy(ag_name)
New method: access_group_init_add(ag_name, init_id, init_type)
New method: access_group_init_del(ag_name, init_id, init_type)
New method: access_group_map_list()
New method: access_group_map_create(pool_name, vol_name, ag_name,
h_lun_id=None)
New method: access_group_map_destroy(pool_name, vol_name, ag_name)
API.md | 148 +++++++++++++++++++++++++-
targetd/block.py | 315 ++++++++++++++++++++++++++++++++++++++++++++++++++-----
targetd/main.py | 6 +-
targetd/utils.py | 18 ++++
4 files changed, 455 insertions(+), 32 deletions(-)
--
1.8.3.1
9 years, 2 months
Re: Fwd: initiator group support in rtslib
by Andy Grover
On 11/26/2014 01:17 AM, Gris Ge wrote:
> On Tue, Nov 25, 2014 at 07:54:50AM -0800, Andy Grover wrote:
>> Hi Gris, saw your irc msg.
>>
>> Fwding an email I sent to targetcli-fb and targetd lists, not sure
>> if you're on those. But yes, I was not going to merge the rtslib
>> changes until we knew that they were what we needed for targetd. It
>> sounds like you're signed up for the targetd work, so please let me
>> know of any bugs you find or API changes to rtslib that would make
>> your work easier.
>>
>> And then once we're happy with both, we can commit to both repos.
>>
>> Thanks! -- Andy
>>
> Hi Andy,
Hi Gris. I'm CCing the lists on my response, just for the sake of having
good technical discussions like this in public.
> These might make targetd life easier:
>
> 1. Change NodeACLGroup._node_acls as a public property.
> # It is require to get a list of group member NodeACL
I did agree, but then changed my mind, based on the below.
> 2. How about let NodeACLGroup.remove_acl() remove mapping status
> also?
> # If not, targetd have to do the mapping removal when remove a
> # initiator(ACL) from a initiator group(NodeACLGroup).
nodeacl.delete() deletes the nodeacl as well as any mappedluns within it.
> # It means targetd will use both initiator mapping and group
> # mapping.
> #
> # I thought the intention of adding NodeACLGroup and MappedLUNGroup is
> # to hide/replace the NodeACL and MappedLUN. Is it?
I wasn't sure, to be honest. How would this work? No methods in
NodeACLGroup or MappedLUNGroup would take or return NodeACLs or
MappedLUNs. This would mean #1 suggestion above should not be done.
NodeACL and MappedLUN are still used internally, but the API can be
*Group classes and wwn strings entirely I think. It could be good.
> #
> # My understanding of initiator group is:
> # * Volume mapping status is maintained at group level.
> # * Initiator in this group just inherit that mapping status.
> # * Initiator add or remove means grant or revoke that inheritance.
>
> 3. It seems we have no quick way to query masked NodeACLGroup for
> given LUN.
> # We have the revert one:
> # nag = NodeACLGroup(tpg, nag_name)
> # nag.mapped_luns()
> #
> # I am expecting something like this:
> # lun = LUN(tpg, lun=<target_lun_id>, storage_object=<st_obj>)
> # lun.mapped_node_acl_groups()
That's not the reverse, nag.mapped_luns gives MappedLUNGroups. The
reverse is MappedLUNGroup.parent_nodeaclgroup. (Should we change
nag.mapped_luns property name to nag.mapped_lun_groups perhaps?)
> 4. NodeACLGroup.add_acl() didn't override old iSCSI CHAP setting.
It doesn't? That's what the "if model.has_feature("auth")" section was
supposed to do. Is that not working right? Or are you referring to
something else that was missed?
OK I'm going to update the dev-groups branch to change the usage model
to be more that users just use Group'd class versions exclusively. I
think just add_acl and remove_acl have to change.
Not tested, sorry. BTW USA workers have Thursday and Friday off so I
won't be around, but if this change is an improvement then we can sync
up on Monday, and if it's not, then we can also sync up on Monday :)
Thanks! -- Regards -- Andy
9 years, 3 months