search

microsoft / K8s-Storage-Plugins

Storage plugins for Kubernetes
MIT License
42 stars 20 forks source link

Failed to find IQN, how do I force iscsi traffic to specific interface? #19

Closed gbxahollis closed 4 years ago

gbxahollis commented 4 years ago

I have a node with 2 interfaces, one for "Server" traffic, and one for "Storage" traffic, in this case iscsi traffic. How do I force the iSCSI requests to use that interface? As it stands today, this config:

apiVersion: v1
kind: Pod
metadata:
  name: iscsi
  namespace: default
spec:
  restartPolicy: Never
  containers:
  - name: iscsi
    image: microsoft/nanoserver
    command: ["C:\\Windows\\System32\\cmd.exe"]
    args: ["/C", "echo", "0", ">", "c:\\d\\iscsi_test.txt"]
    volumeMounts:
    - name: iscsi-volume
      mountPath: /d
  nodeName: k8s-w19-c1b4
  volumes:
  - name: iscsi-volume
    flexVolume:
      driver: "microsoft.com/iscsi.cmd"
      fsType: "NTFS"
      secretRef:
        name: "iscsi-secret"
      readOnly: false
      options:
        chapAuthDiscovery:  "false"
        chapAuthSession:  "true"
        targetPortal:  "172.16.15.10"
        iqn:  "iqn.2010-01.com.solidfire:1q2x.k8s-windows-testvol.1109"
        lun:  "0"
        authType:  "ONEWAYCHAP"

Fails with the following error:

FailedMount     MountVolume.SetUp failed for volume "iscsi-volume" : mount command failed,

status: Failure, reason: Caught exception did not find target iqn.2010-01.com.solidfire:1q2x.k8s-windows-testvol.1109 with stack at GetFirst<End>, C:\var\lib\kubelet\volumeplugins\microsoft.com~iscsi.cmd\flexvolume.ps1: line 42 

at GetTargetForPortals, C:\var\lib\kubelet\volumeplugins\microsoft.com~iscsi.cmd\iscsi.ps1: line 126 

at ConnectIscsi, C:\var\lib\kubelet\volumeplugins\microsoft.com~iscsi.cmd\iscsi.ps1: line 179 

at mount_command_with_options, C:\var\lib\kubelet\volumeplugins\microsoft.com~iscsi.cmd\iscsi.ps1: line 466 

at mount_command, C:\var\lib\kubelet\volumeplugins\microsoft.com~iscsi.cmd\iscsi.ps1: line 427 

at RunFlexVolume, C:\var\lib\kubelet\volumeplugins\microsoft.com~iscsi.cmd\flexvolume.ps1: line 273 

at <ScriptBlock>, C:\var\lib\kubelet\volumeplugins\microsoft.com~iscsi.cmd\iscsi.ps1: line 648 

at <ScriptBlock>, <No file>: line 1

My gut says that it's related to the host not sending that request down the second interface. I could be wrong

gbxahollis commented 4 years ago

Turns out I didn't need to do this. What I did need to do (for a Solidfire SAN) however, was define:

discovery.sendtargets.auth.username: <SolidFire Account Name>
discovery.sendtargets.auth.password: <SolidFire Account Initiator Secret>

In my iscsi-secret.yaml

And set both:

chapAuthDiscovery:  "true"
chapAuthSession:  "true"

In my pod Yaml in order to get this to work.