search

open-iscsi / targetcli-fb

Command shell for managing Linux LIO kernel target
Apache License 2.0
103 stars 69 forks source link

Fibre Channel is not discoverable on demo mode #179

Open A2116 opened 3 years ago

A2116 commented 3 years ago

I compiled and installed the latest targetcli 2.1.53 and rtslib and configshell on centos 8.3 to activate qla2xxx target driver shell and rtslib also, I used a new 5.10 elrepo kernel that includes tcm_qla2xxx and other target drivers for targetcli when I configure qla2xxx on the target side it configures correctly and shows everything well but on the initiator side, I cannot discover targets unless I enter initiator ACL on targetcli so the gen-acl function does not work and I can not share globally without setting ACL's one by one by enabling generate_node_acls=1 like iSCSI on attributes? my target card is QLogic qle2672 and my initiator card is Emulex (Broadcom) lpe16002B and they connected back-to-back correctly and work fine if I set ACL's on targetcli

what should I do? is it a bug? or something else?

A2116 commented 3 years ago

ATTRIBUTE CONFIG GROUP

cache_dynamic_acls=1 demo_mode_login_only=0 demo_mode_write_protect=0 generate_node_acls=1 prod_mode_write_protect=0

maurizio-lombardi commented 3 years ago

Hello, I don't have the hardware to test it personally but I asked a colleague of mine to help, I will post an update as soon as I have some news

A2116 commented 3 years ago

thanks, one other thing that if I enter initiator wwn as ACL manually and it connects and then removes that ACL, it remains connected because of "cache_dynamic_acls=1" and disks are usable, so i think the problem is the discovery of target

loberman commented 3 years ago

Hello I work with Maurizio. What I can confirm is that I use this every day but I always add the specific initiator wwpn #'s to the acl for each of the naa.xxx acls in /qla2xxx. I have been doing it that way for many years.

I will look into this option, test it and get back to you.

Regards Laurence Oberman

loberman commented 3 years ago

I tested this on Fedora33

My target looks like this.

[root@jammerfed34 ~]# targetcli ls o- / ......................................................................................................................... [...] o- backstores .............................................................................................................. [...] | o- block .................................................................................................. [Storage Objects: 2] | | o- block-1 ................................................................ [/dev/data/block-1 (10.0GiB) write-thru activated] | | | o- alua ................................................................................................... [ALUA Groups: 1] | | | o- default_tg_pt_gp ....................................................................... [ALUA state: Active/optimized] | | o- sanboot ................................................................ [/dev/data/bootvol (60.0GiB) write-thru activated] | | o- alua ................................................................................................... [ALUA Groups: 1] | | o- default_tg_pt_gp ....................................................................... [ALUA state: Active/optimized] | o- fileio ................................................................................................. [Storage Objects: 0] | o- pscsi .................................................................................................. [Storage Objects: 0] | o- ramdisk ................................................................................................ [Storage Objects: 0] o- iscsi ............................................................................................................ [Targets: 0] o- loopback ......................................................................................................... [Targets: 0] o- qla2xxx .......................................................................................................... [Targets: 2] | o- naa.500143802428adf4 ............................................................................................. [gen-acls] | | o- acls ............................................................................................................ [ACLs: 2] | | | o- naa.21000024ff46ae7c ................................................................................... [Mapped LUNs: 2] | | | | o- mapped_lun0 ................................................................................. [lun0 block/sanboot (rw)] | | | | o- mapped_lun1 ................................................................................. [lun1 block/block-1 (rw)] | | | o- naa.21000024ff46ae7d ................................................................................... [Mapped LUNs: 2] | | | o- mapped_lun0 ................................................................................. [lun0 block/sanboot (rw)] | | | o- mapped_lun1 ................................................................................. [lun1 block/block-1 (rw)] | | o- luns ............................................................................................................ [LUNs: 2] | | o- lun0 ............................................................. [block/sanboot (/dev/data/bootvol) (default_tg_pt_gp)] | | o- lun1 ............................................................. [block/block-1 (/dev/data/block-1) (default_tg_pt_gp)] | o- naa.500143802428adf6 ............................................................................................. [gen-acls] | o- acls ............................................................................................................ [ACLs: 2] | | o- naa.21000024ff46ae7c ................................................................................... [Mapped LUNs: 2] | | | o- mapped_lun0 ................................................................................. [lun0 block/sanboot (rw)] | | | o- mapped_lun1 ................................................................................. [lun1 block/block-1 (rw)] | | o- naa.21000024ff46ae7d ................................................................................... [Mapped LUNs: 2] | | o- mapped_lun0 ................................................................................. [lun0 block/sanboot (rw)] | | o- mapped_lun1 ................................................................................. [lun1 block/block-1 (rw)] | o- luns ............................................................................................................ [LUNs: 2] | o- lun0 ............................................................. [block/sanboot (/dev/data/bootvol) (default_tg_pt_gp)] | o- lun1 ............................................................. [block/block-1 (/dev/data/block-1) (default_tg_pt_gp)] o- vhost ............................................................................................................ [Targets: 0]

Now take two new initiators

[root@ml150 ~]# cat /sys/class/fc_host/host*/port_name 0x10000000c9f3ab36 0x10000000c9f3ab37

Add the attribute to generate_node_acls=1 each of the naa.xxx for the target

Try connect from the new initiators and it does not work.

I will investigate but I suspect this has never been used for qla2xxx F/C tcm_qla2xxx, and really only has been used on ISCSI.

Regards Laurence Oberman

loberman commented 3 years ago

Hello

OK, I looked at the source here Seems while its listed as an option its only applied if its set in ISCSI While you can set it, it won't work.

Maurizio can comment further, we should probably fix the bug in the manpage then

[loberman@jammerfed34 targetcli-fb-2.1.53]$ grep generate_node_acls targetcli/ui_target.py 'generate_node_acls': ('number', 'If set to 1, allow all initiators to login (i.e. demo mode).'),

        if "generate_node_acls" in tpg.list_attributes() and \
                int(tpg.get_attribute("generate_node_acls")):
                if int(tpg.get_attribute("generate_node_acls")):
                if not int(tpg.get_attribute("generate_node_acls")):
        if int(tpg.get_attribute("generate_node_acls")):

Thanks Laurence Oberman

A2116 commented 3 years ago

so what should we do if we want to use FC in demo mode(share globally)? and everyone that connects to that port can see and use share?

maurizio-lombardi commented 3 years ago

OK, I looked at the source here Seems while its listed as an option its only applied if its set in ISCSI While you can set it, it won't work.

Maurizio can comment further, we should probably fix the bug in the manpage then

I think you are right, I looked at the kernel code and despite the fact that the qla2xxx target driver allows setting the "generate_node_acls" parameter, the latter seems to be used only by the iscsi_target driver code.

A2116 commented 3 years ago

@maurizio-lombardi @loberman

is this problem solved at 2.1.54 release? or not? if not are you have any program to cover it?