|
|
楼主 |
发表于 2021-7-15 17:45:01
|
显示全部楼层
% Y2 F' X, O3 h" c# E+ Z5 i( j
$ M0 s: h" l0 r1 t u
* o; r; m: G0 N' T6 ^0 d% R, y/ g) C
Installing: If you are using the upstream ceph-iscsi package follow the [url=https://docs.ceph.com/en/latest/rbd/iscsi-target-cli-manual-install]manual install instructions. 8 u0 H; [! P% o: O; V
For rpm based instructions execute the following commands: As root, on all iSCSI gateway nodes, install the ceph-iscsi package: yum install ceph-iscsiAs root, on all iSCSI gateway nodes, install the tcmu-runner package: yum install tcmu-runner0 Y8 J8 T7 }( X# |0 G6 a6 y
Setup: gwcli requires a pool with the name rbd, so it can store metadata like the iSCSI configuration. To check if this pool has been created run: ceph osd lspools
& i& C+ M8 R$ u4 q9 B& W( U6 E
7 `' P# k5 V7 j; l TIf it does not exist instructions for creating pools can be found on the RADOS pool operations page. As root, on a iSCSI gateway node, create a file named iscsi-gateway.cfg in the /etc/ceph/ directory: touch /etc/ceph/iscsi-gateway.cfg8 ^& W6 P: ~7 ?1 [ a
Edit the iscsi-gateway.cfg file and add the following lines: [config]# Name of the Ceph storage cluster. A suitable Ceph configuration file allowing# access to the Ceph storage cluster from the gateway node is required, if not# colocated on an OSD node.cluster_name = ceph# Place a copy of the ceph cluster's admin keyring in the gateway's /etc/ceph# drectory and reference the filename heregateway_keyring = ceph.client.admin.keyring# API settings.# The API supports a number of options that allow you to tailor it to your# local environment. If you want to run the API under https, you will need to# create cert/key files that are compatible for each iSCSI gateway node, that is# not locked to a specific node. SSL cert and key files *must* be called# 'iscsi-gateway.crt' and 'iscsi-gateway.key' and placed in the '/etc/ceph/' directory# on *each* gateway node. With the SSL files in place, you can use 'api_secure = true'# to switch to https mode.# To support the API, the bare minimum settings are:api_secure = false# Additional API configuration options are as follows, defaults shown.# api_user = admin# api_password = admin# api_port = 5001# trusted_ip_list = 192.168.0.10,192.168.0.11
' \2 \' M) @# ]' A8 O+ X$ o; n1 D' \
Note trusted_ip_list is a list of IP addresses on each iSCSI gateway that will be used for management operations like target creation, LUN exporting, etc. The IP can be the same that will be used for iSCSI data, like READ/WRITE commands to/from the RBD image, but using separate IPs is recommended. , M9 {5 I6 H7 Q6 ~8 \9 d
Important The iscsi-gateway.cfg file must be identical on all iSCSI gateway nodes. As root, copy the iscsi-gateway.cfg file to all iSCSI gateway nodes.
6 h& c) {% \2 `
As root, on all iSCSI gateway nodes, enable and start the API service: systemctl daemon-reloadsystemctl enable rbd-target-gwsystemctl start rbd-target-gwsystemctl enable rbd-target-apisystemctl start rbd-target-api
6 A1 ^+ Y- {8 b! e$ P: ~
Configuring: gwcli will create and configure the iSCSI target and RBD images and copy the configuration across the gateways setup in the last section. Lower level tools including targetcli and rbd can be used to query the local configuration, but should not be used to modify it. This next section will demonstrate how to create a iSCSI target and export a RBD image as LUN 0. As root, on a iSCSI gateway node, start the iSCSI gateway command-line interface: gwcliGo to iscsi-targets and create a target with the name iqn.2003-01.com.redhat.iscsi-gw:iscsi-igw: > /> cd /iscsi-target> /iscsi-target> create iqn.2003-01.com.redhat.iscsi-gw:iscsi-igwCreate the iSCSI gateways. The IPs used below are the ones that will be used for iSCSI data like READ and WRITE commands. They can be the same IPs used for management operations listed in trusted_ip_list, but it is recommended that different IPs are used. > /iscsi-target> cd iqn.2003-01.com.redhat.iscsi-gw:iscsi-igw/gateways> /iscsi-target...-igw/gateways> create ceph-gw-1 10.172.19.21> /iscsi-target...-igw/gateways> create ceph-gw-2 10.172.19.22" Z+ d5 i1 {( i- _' Y8 ~
* A' p) I, [4 Q! m' K# `& ^
If not using RHEL/CentOS or using an upstream or ceph-iscsi-test kernel, the skipchecks=true argument must be used. This will avoid the Red Hat kernel and rpm checks: > /iscsi-target> cd iqn.2003-01.com.redhat.iscsi-gw:iscsi-igw/gateways> /iscsi-target...-igw/gateways> create ceph-gw-1 10.172.19.21 skipchecks=true> /iscsi-target...-igw/gateways> create ceph-gw-2 10.172.19.22 skipchecks=trueAdd a RBD image with the name disk_1 in the pool rbd: > /iscsi-target...-igw/gateways> cd /disks> /disks> create pool=rbd image=disk_1 size=90GCreate a client with the initiator name iqn.1994-05.com.redhat:rh7-client: > /disks> cd /iscsi-target/iqn.2003-01.com.redhat.iscsi-gw:iscsi-igw/hosts> /iscsi-target...eph-igw/hosts> create iqn.1994-05.com.redhat:rh7-clientSet the client’s CHAP username to myiscsiusername and password to myiscsipassword: > /iscsi-target...at:rh7-client> auth username=myiscsiusername password=myiscsipassword
7 y: y$ U; V! i( J, T8 Q
6 n% m) Z7 w: k1 rWarning CHAP must always be configured. Without CHAP, the target will reject any login requests. Add the disk to the client: > /iscsi-target...at:rh7-client> disk add rbd/disk_1
0 S6 }( }! M" ~% q$ j
The next step is to configure the iSCSI initiators. 5 J' U/ a: H8 V3 C
, P9 W! D) _, H. C4 v& I" L( I8 c5 e) L j
& G8 I2 _1 `( e/ o: s1 @5 V u
; X+ z: m% }( c$ ^" z! p1 c# {, @2 x9 ~. v/ W7 B/ ]. m
5 ?7 Y" D1 d9 h( E& e |
|
发表于 2021-7-15 17:31:43