|
|
楼主 |
发表于 2021-7-10 21:37:05
|
显示全部楼层
直接yum install试试可以发现,只有targetcli和python-rtslib能装上,而且版本都比官网说的要低,好吧,麻烦来了。
4 C/ {4 J$ a0 x$ i
: m: e. ?% c8 z经过一段几个小时*的搜索……从下面链接中找到了rpm包:
% e( K3 ?- X- \0 D& x9 l) J' r
Build new RPM for 3.0
; `% Q7 k" Y, ^, R* X% u3 O" ?Missing ceph-iscsi-cli package
3 D5 h9 J( ^; N新建repo文件:& Z% R6 R6 x4 g5 D) P% U7 F& b
0 u Q( _. d7 a# ] m: M sudo vim /etc/yum.repo.d/iscsi.repo% D2 P( i3 C, v
cat /etc/yum.repo.d/iscsi.repo
/ `8 v) x4 {6 |7 F8 |' c2 ]3 Q: n6 K1 Q, ~7 F& K
[ceph-iscsi]3 L, Q( T9 V; v3 J: {/ Z6 m/ x
name=Ceph-iscsi
; R0 t$ x+ n( i" M I! Fbaseurl=https://4.chacra.ceph.com/r/ceph-iscsi/master/88f3f67981c7da15448f140f711a1a8413d450b0/centos/7/flavors/default/noarch/
3 i! R; R. U( dpriority=1
& `% j3 e( u+ z) i* N, P& K& P6 vgpgcheck=0; q+ [0 `2 a( T& i. w; y: N5 m' ?
/ O- a/ s& Q' y3 B5 s( ~4 c
[tcmu-runner]( A h& z3 D. p$ I" X' e" w: k0 F
name=tcmu-runner
C" N5 I g% X" A% J [9 l2 T% qbaseurl=https://3.chacra.ceph.com/r/tcmu-runner/master/eef511565078fb4e2ed52caaff16e6c7e75ed6c3/centos/7/flavors/default/x86_64/( {2 p2 K0 i: l; e% |- w9 [
priority=19 l+ D! H" q) a: c
gpgcheck=0% B* D, k) [" l7 T1 I* Z
7 U0 ^. j- _/ O9 G: R0 P- l$ s [[python-rtslib]
7 T$ x7 k& x" G$ p z+ X- Z K" @name=python-rtslib) V3 ?" l* z& M
baseurl=https://2.chacra.ceph.com/r/python-rtslib/master/67eb1605c697b6307d8083b2962f5170db13d306/centos/7/flavors/default/noarch/4 z, l% C" |7 u" ^
priority=1
5 l6 n$ g x- I: J0 tgpgcheck=0, [0 J2 u" w- O2 _7 @
这里我使用的是本地源,将上面的包下载到本地源:
: F. h2 N- g( v4 o! |2 @! q% x% G0 x" ]3 G0 y
sudo yum install --downloadonly --downloaddir=yum/ceph-iscsi/ targetcli python-rtslib tcmu-runner ceph-iscsi
1 s: d) q+ C! Y. B9 U createrepo -p -d -o yum/ yum/
4 f7 Y# p# M& y$ ~9 B: J注意到这里没有包含targetcli的repo,因为没有找到,使用yum基础的Base源或者是Ceph源可以安装targetcli-2.1.fb46-7.el7.noarch.rpm, 虽然官网需要的是targetcli-2.1.fb47 or newer package,但在后续使用中发现没有影响,所以这里就不用管targetcli了。
7 T. ~& o& A B, a% Q" x; n7 H
9 e- S% @' a' c/ R那么这里下载下来的就是:9 J! D6 Y( t* \8 m8 B5 b
; v& A4 D7 g* D( S$ o) C, X7 w
targetcli-2.1.fb46-7.el7.noarch.rpm% h; L% G! H& h& b5 [7 n/ Y
python-rtslib-2.1.fb68-1.noarch.rpm
5 Q- J+ ]; V5 }tcmu-runner-1.4.0-0.1.51.geef5115.el7.x86_64.rpm
1 G) { q, y& n7 mceph-iscsi-3.2-8.g88f3f67.el7.noarch.rpm$ ^5 N2 l6 q4 d/ m4 {: g& g
ceph-iscsi网关初始配置
9 C9 y2 j5 m5 k& W如果使用的不是集群内的节点作为ceph-iscsi网关,那就需要进行一些初始的配置。
; }( |. D) ]" E% {+ Q1 X2 K( ~# L3 A2 u; b
安装ceph。- n3 h/ \7 h7 ^8 _
从集群中的一台机器上拷贝/etc/ceph/ceph.conf到本机的/etc/ceph/ceph.conf。: a1 w3 [7 r0 F
从集群中的一台机器上拷贝/etc/ceph/ceph.client.admin.keyring到本机的/etc/ceph/ceph.client.admin.keyring。
9 h0 C8 O! Y6 A' Q" W2 l当然第2和3步可以直接在deploy节点使用ceph-deploy admin {node-gateway},{node-gateway}就表示网关节点的名字。6 y5 V4 o3 m6 r6 l6 q/ ]& i
1 M+ H. d8 Z5 ?& M0 f( k: W$ \% |. M2 t可见这里就是为了将ceph-iscsi网关节点变成一个admin节点。. P. c0 w/ K1 F# e
/ Q' a4 r6 q( |5 Z% D, s这时在网关节点上应该可以执行相关命令操作ceph集群,例如sudo ceph -s查询当前集群的状态。
+ { y( \! a6 j4 W: `# E% I# M" v n1 O* z$ \2 E
安装配置iscsi7 f$ H- E5 x. ?! q. A
这里官网建议先切换到root用户,方便一点:5 ]- G, _8 q9 a' @; Y! N9 i1 t9 Y
0 p/ V) d+ D1 R9 n' h d su root6 p" U2 Y1 k1 X" B. N7 K- f5 w
在两个网关节点上都安装iscsi(注意到上面已经将相关包下载到了本地源,所以可以直接yum安装):
3 j$ Z# E. ?' s' {, Y
) N |; I( b+ T# c' Z' U7 C yum install -y ceph-iscsi! ~8 N( B3 g# I; j
服务启动:# G; I2 X" h8 e+ e
' w. ~) R# r! r. Z先创建rbd pool,如果没有的话。! l" g( S2 ?+ ?7 U& V& M
. ]( @. T6 e/ ?4 G7 |4 _
ceph osd lspools
- {: }+ T/ Q- g$ h
: \; m0 s" A/ H2 T1 cephfs_data
- r( p+ G/ f }3 ?- O' D: F2 cephfs_metadata2 Y' K2 J/ @$ V. c, A. l
5 i4 B) M9 J; I' u ceph osd pool create rbd 128+ S. [9 ~, ~$ Y7 Q7 Z0 f' O
# w9 N5 d! j' a% N1 ?* m
pool 'rbd' created
; o) q- i. H ~3 P- k3 ]# V创建并修改/etc/ceph/iscsi-gateway.cfg文件:
5 J5 y5 R3 Z2 t9 ?& \* { p+ L0 r3 H# k: g0 g; r
vim /etc/ceph/iscsi-gateway.cfg
% C+ E4 _- N1 o. L( p$ T: K cat /etc/ceph/iscsi-gateway.cfg: ]4 i. Y8 e/ H# F: {
# G# t z1 ~8 r3 Y8 ]
[config]
: C: F: ]( e |# j+ x7 S' N Name of the Ceph storage cluster. A suitable Ceph configuration file allowing
* R q0 w: C! z+ W# Z; |6 T8 l access to the Ceph storage cluster from the gateway node is required, if not7 r" q1 Q. z- x; t
colocated on an OSD node.
. Y* P' x) A4 l/ hcluster_name = ceph
5 c, Q- ] }0 w
4 x+ t1 ~( f% h3 h$ h7 e+ O Place a copy of the ceph cluster's admin keyring in the gateway's /etc/ceph
4 ~' |, z" x: Y j drectory and reference the filename here. Z6 b6 C/ y# c
gateway_keyring = ceph.client.admin.keyring1 o& m1 t, Z: d
- i, B5 M5 N* G) y5 f" h
/ G* g. H" B2 Q& ]4 l) h/ E* | API settings.( l; ~4 L$ X: N
The API supports a number of options that allow you to tailor it to your
& d1 n4 U2 Z+ d2 j! M! R) |$ ? local environment. If you want to run the API under https, you will need to3 n8 V2 `: r! ?' s1 [+ ~$ T
create cert/key files that are compatible for each iSCSI gateway node, that is
- E( N* Y1 n! p+ ~+ \ not locked to a specific node. SSL cert and key files *must* be called
" |, R9 u, C5 I% P1 B; S* ]/ e 'iscsi-gateway.crt' and 'iscsi-gateway.key' and placed in the '/etc/ceph/' directory0 c6 d0 s5 _ R9 @$ q& i
on *each* gateway node. With the SSL files in place, you can use 'api_secure = true'4 }7 w6 ~( E$ Q, B( H+ {1 Z( S+ ?
to switch to https mode.
/ j7 _. B1 V7 K" f
8 Y* E7 [: n5 a6 e" V0 [ To support the API, the bear minimum settings are:6 X# N! k, M/ K2 @) N
api_secure = false
9 @/ [/ I# k6 d- E7 F( p
3 ~2 h& s; S6 M1 O Additional API configuration options are as follows, defaults shown.. o5 z, z d2 o6 t! {! d
api_user = admin
7 s" d4 y& Y! v: r+ h+ T( A/ C api_password = admin
9 i- F9 P! |9 P& T: D( J& g9 o api_port = 5001) w. |( Q8 J* a
trusted_ip_list = 192.168.90.234,192.168.90.235, o) G' h: |! q: h3 d
上面trusted_ip_list填写的就是两台网关的ip(这里不讨论多网卡的情况)。5 `' b6 \0 w/ d/ J$ F1 s
+ o# J4 B, a* l, G8 a& d H; A在另外一台网关上复制这个文件:1 P) b$ x7 S; D2 I1 d, _; @
, b# [6 {1 `0 R
sudo scp cluster@node2:/etc/ceph/iscsi-gateway.cfg /etc/ceph/iscsi-gateway.cfg. l. n, P' w' s: N4 W- b! m4 x
在两台网关上都开启rbd-target-api服务:$ J9 a4 O% M0 N# N% h: L% {9 d9 p) R
9 M3 l1 ~4 c, @- w
systemctl daemon-reload; ~, o9 A; k0 B5 r9 j) |
systemctl enable rbd-target-api) b _, C3 Z: Y+ @, X3 Q# m4 H: I
systemctl start rbd-target-api$ Y# m% D" \4 V8 D+ a# n
配置:(在其中一台网关配置就行)
, @0 @1 m( f5 s
. w& A; ^0 ^4 F& Q gwcli; \3 E+ {: O" Y* H- Y1 w
cd /iscsi-targets$ C0 N5 P% L% Z; _
1 Y i' n; r2 q% S, Q0 t* e
create iqn.2003-01.com.redhat.iscsi-gw:iscsi-igw
% D, p9 I* p4 l; o% y! a, k4 X/ T" Rok1 O+ s- H# d2 b1 @3 }0 m
7 T! B" |9 c' b1 E
cd iqn.2003-01.com.redhat.iscsi-gw:iscsi-igw/gateways
% }9 z6 U6 u2 W, d- C: V7 A. ]' y1 k
/iscsi-target...-igw/gateways> create node2 192.168.90.234+ z g8 e. @2 h$ l
Adding gateway, sync'ing 0 disk(s) and 0 client(s)
9 B0 e- W% `4 Wok2 q/ d) \8 \& ^
% [0 e' E' ~. [0 a. V! u
/iscsi-target...-igw/gateways> create node3 192.168.90.235! n# r6 S8 O* }( [4 n. }
Adding gateway, sync'ing 0 disk(s) and 0 client(s), S) P4 T% q6 J. l" J
ok' U3 h, e1 ?5 i9 ~) C7 ~
8 b. b+ l) l: j% r: k$ q7 _
/iscsi-target...-igw/gateways> cd /disks
9 X/ F# F) C/ s/ X1 p
. F3 r1 |2 _) o! ]4 b0 c create pool=rbd image=disk_1 size=200G
0 P# t$ u1 N$ r, T$ T' eok" q* L6 x% L( G3 l+ t9 E
1 g' Y3 o9 a: ^" G' [- \ cd /iscsi-targets/iqn.2003-01.com.redhat.iscsi-gw:iscsi-igw/hosts+ W7 `; U! h/ r; P6 W1 s
, \4 k: e o: ^0 C+ q: \# z* `/iscsi-target...csi-igw/hosts> create iqn.1994-05.com.redhat:rh7-client6 n X9 i8 e' ^( p7 n4 u D1 [2 x
ok
; M) W9 A8 _, o8 ^5 e. }+ e1 G4 }9 |7 q* X
/iscsi-target...at:rh7-client> auth username=myiscsiusername password=myiscsipassword2 P$ e% \! q9 s+ g( D# {. n* B/ m& a
ok
( p; |4 K" p: s0 E. d
) o1 Y( J+ J& z6 O- O/iscsi-target...at:rh7-client> disk add rbd/disk_1
, A M' z' `" i8 u8 |' P( v8 yok3 H1 P8 Y+ s$ _% P
配置完成,可以看到我当前的目录结构:
; n6 m2 V, g. `# U- e$ @! ^2 V9 ?* f+ u J3 c8 x
ls" E1 ]5 R J9 m
o- / ......................................................................... [...]" H1 o- _5 j& K* L
o- cluster ......................................................... [Clusters: 1]
/ u3 n3 b! Y; c, L& Y3 { | o- ceph .......................................................... [HEALTH_WARN], T( g3 m* {9 O4 ^/ {+ e
| o- pools .......................................................... [Pools: 3]
' t8 V" ?% K% \; F7 h | | o- cephfs_data ... [(x3), Commit: 0.00Y/2028052096K (0%), Used: 2029431878b]8 P4 [8 \* w, ^. s8 b
| | o- cephfs_metadata .... [(x3), Commit: 0.00Y/2028052096K (0%), Used: 77834b]" z: l, u$ v/ r$ o! D
| | o- rbd ................ [(x3), Commit: 200G/2028052096K (10%), Used: 15352b]
( Z* f1 p1 F! n9 ?# C | o- topology ................................................ [OSDs: 6,MONs: 3]/ U. u: k5 w. W* s! c
o- disks ........................................................ [200G, Disks: 1]
" I" |% C6 Y* ?5 o& X | o- rbd ............................................................ [rbd (200G)]& n' p0 t9 k5 m, `% U* m5 U
| o- disk_1 ................................................ [rbd/disk_1 (200G)]
. Y/ S8 N: b$ e: \! N o- iscsi-targets ............................... [DiscoveryAuth: None, Targets: 1]' C2 x6 u$ L$ V6 J& Z$ ~" J5 I: [
o- iqn.2003-01.com.redhat.iscsi-gw:iscsi-igw ..................... [Gateways: 2]
; u; G* C$ y* t% d o- disks .......................................................... [Disks: 1]
5 R& S) S* {" A* X$ i; E6 ` | o- rbd/disk_1 ............................................... [Owner: node3]# O/ O8 _3 L) j3 T. _
o- gateways ............................................ [Up: 2/2, Portals: 2]$ p6 t) z' { p3 A
| o- node2 ............................................. [192.168.90.234 (UP)]1 Z& {3 v) F( d- d* j1 K) }; \4 [
| o- node3 ............................................. [192.168.90.235 (UP)]
7 x( t5 E! h5 D& Z0 U o- host-groups .................................................. [Groups : 0]. Q5 o$ c& d: Y5 {8 y
o- hosts .............................................. [Hosts: 1: Auth: CHAP]9 z& z7 }- i+ e* R* F; A; c& Q* ]
o- iqn.1994-05.com.redhat:rh7-client .......... [Auth: CHAP, Disks: 1(200G)]
% b2 [5 H& M; e: b+ z% t; x4 C o- lun 0 ................................ [rbd/disk_1(200G), Owner: node3]6 e2 E$ p; V) f+ k Z
linux客户端配置( I2 c" Y9 u" ~9 e
在作为客户端的linux主机上。, }. o$ Y- J* Y
! j: l% Q. ~& b
安装相关组件:
7 U, N; n7 h; p% n0 ^. i3 Q, O8 S5 a+ E0 n
sudo yum install -y iscsi-initiator-utils% b, Z+ q" G, t8 e0 A7 d( x
sudo yum install -y device-mapper-multipath
. Y! q2 ^0 J y% K" g$ Y开启multipathd服务并进行配置:+ x: x. q; r6 M# w, r
* W0 s. x6 S# \% |; p sudo mpathconf --enable --with_multipathd y
8 J B( {( s! i3 S! N: ^9 U
- e- j$ R! e8 r8 Q2 @ y& r sudo vim /etc/multipath.conf
. y2 Q& A z$ T2 O6 x sudo cat /etc/multipath.conf# @/ _5 a: O% g- y
; C8 c/ u) J& s) ^, }( k* wdevices {
/ [; U! p" e, J; N, A) ? device {
: x8 e. L3 P3 l0 i: j: ]- } vendor "LIO-ORG"
" D: R0 x" N' G O4 A hardware_handler "1 alua"
. Z4 e K2 H5 ]5 z path_grouping_policy "failover", R4 d1 }7 }2 M% S
path_selector "queue-length 0"
! s& J" b8 b9 h5 o3 Q- a failback 60! c7 s/ x/ J5 f+ j* ]$ ]
path_checker tur4 q% A/ i; j5 C6 J0 i) U
prio alua6 N! U; k7 n% a" }5 R
prio_args exclusive_pref_bit2 K: M2 Q+ E( O# l
fast_io_fail_tmo 25
1 }8 |. f0 z! {! I' P no_path_retry queue
' s. [4 `) x* ?! K0 w, m( Q* b1 r }
9 m! G1 L; i* V: ~}
6 h: G/ d9 P, J修改客户端名称:
0 n+ t% b" [+ n4 c& R* z" N5 L
+ ^ c$ e+ F; m x7 c" b9 c sudo vim /etc/iscsi/initiatorname.iscsi
! X# Y5 E$ a) k7 w; L sudo cat /etc/iscsi/initiatorname.iscsi8 J8 H. o0 Y/ f- v F
) v1 ` e8 }4 s) O$ q0 L Z& N/ _( w- I
InitiatorName=iqn.1994-05.com.redhat:rh7-client0 O) G; Y2 D' P( b) q
修改chap认证配置文件:
0 P: H( r' v; n, L
6 O- C# H- p2 `( E* T' r Q9 `2 E sudo vim /etc/iscsi/iscsid.conf
6 A" @& \5 E, k9 V% O+ x9 `5 X3 Y sudo cat /etc/iscsi/iscsid.conf0 N, C6 R; Z; V% c* D
" C, I! z# m2 A# e F1 [# |
...1 i5 W4 ?* Q6 {0 j* Y
*************
9 v# k% {. k- g& t/ M# f3 q CHAP Settings4 a9 h! o+ t7 i `) f7 k2 M
*************
7 y* d5 N* c6 {5 n6 q: a$ U) Y' d
To enable CHAP authentication set node.session.auth.authmethod
6 N$ Z+ E4 V3 a8 v7 S% ] to CHAP. The default is None.0 F$ s" b0 u1 S' m# z
node.session.auth.authmethod = CHAP7 K* I/ M# B2 U+ ]
. w' j; S. F5 T; f W, x& m
To set a CHAP username and password for initiator
8 h8 D: o1 t9 A% T+ X authentication by the target(s), uncomment the following lines: n, A5 R# x: E1 ?% ]
node.session.auth.username = myiscsiusername- \+ n6 ]3 }$ L3 Y& t- g7 I
node.session.auth.password = myiscsipassword: A4 F4 Q9 Q- q6 z, `; G
...
- q. c7 s3 t. k% m" B/ u
, s7 A' Q o) K t m" \1 w发现target:
/ Y1 {) H( g. b# H, w+ y+ O6 K; N/ [3 Q* k! V9 F7 Y) T4 v
sudo iscsiadm -m discovery -t st -p 192.168.90.234
; p- l: D% ]6 f8 s- S3 d) y# c- l8 N2 u
192.168.90.234:3260,1 iqn.2003-01.org.linux-iscsi.rheln19 A& p+ [, P" m3 M$ G7 C; ^4 G
192.168.90.235:3260,2 iqn.2003-01.org.linux-iscsi.rheln11 z9 R& d0 x8 h4 M' I) Z
登入target:6 o7 d- x) U1 {* n' s
. g0 M1 ~5 n# ~; E! m
sudo iscsiadm -m node -T iqn.2003-01.org.linux-iscsi.rheln1 -l
( c' j4 J4 X, S. d& P4 v7 S, u8 i2 f查看是否成功:
2 f6 e s( _% m1 |) j2 o( [" g8 r! v1 }1 G) N
sudo multipath -ll
+ B9 z- v- d) ?7 F0 X0 xmpatha (360014050fedd563975249adb2e84e978) dm-2 LIO-ORG ,TCMU device 5 ?3 g7 W3 b$ y" }
size=200G features='1 queue_if_no_path' hwhandler='1 alua' wp=rw
: A+ L0 {- N# K7 L& D' r6 ~|-+- policy='queue-length 0' prio=50 status=active
9 l9 b. l& G8 j1 F/ x5 o| `- 3:0:0:0 sdc 8:32 active ready running. y2 X& J& W4 L0 `3 ~! h6 U
`-+- policy='queue-length 0' prio=10 status=enabled( F* {) Z8 K* X6 x' `
`- 2:0:0:0 sdb 8:16 active ready running2 C0 }1 }3 D* f# ^) ^
在fdisk中就可以直接看到这个“硬盘”:) Z1 s8 Y$ i; R
7 B/ X0 W1 m9 ?' |) Y7 }9 e/ o sudo fdisk -l( l. ?3 y. ?: Q2 M& z/ l9 Y, F
, G5 g9 I+ c, t; S2 H
...
, N0 t4 v3 d |% \' U% kDisk /dev/mapper/mpatha: 10.7 GB, 10737418240 bytes, 20971520 sectors+ _' g* g8 a$ Z- P: w1 W% c
Units = sectors of 1 * 512 = 512 bytes
" v' @/ |, R6 f- C! ESector size (logical/physical): 512 bytes / 512 bytes5 N$ ]7 M0 p7 G- D& U, H3 K |' v0 W
I/O size (minimum/optimal): 512 bytes / 524288 bytes |
|
发表于 2021-7-10 17:41:02