search

open-iscsi / targetd

Remote configuration of a LIO-based storage appliance
GNU General Public License v3.0
71 stars 28 forks source link

Add Configuration Option for Portal Addresses #31

Closed Queuecumber closed 5 years ago

Queuecumber commented 5 years ago

As discussed in #30 if targetd is running in a container environment or behind a proxy then it could report an incorrect address to clients.

This is a little different than what we had originally discussed, since when I started working on this I realized that the addresses are not set per-export but are rather system wide I decided to go with an addition to the config file instead. This makes it easier for me, since i wont have to modify the provisioner to call the new API, it keeps your API stable, and overall it makes more sense.

Queuecumber commented 5 years ago

So using this config I now have a fully working containerized targetd in my cluster. However it was, as usual, not as easy as adding:

portal_addresses: [0.0.0.0, 10.0.10.9]

as I had hoped it would be (where 10.0.10.9 is the proxy address). The problem is that once the kernel has bound to an address, it refuses to bind to 0.0.0.0, and if it is already bound to 0.0.0.0 it then refuses to also bind to a specific address (I believe this is correct behavior). If you only bind to the proxy ip then it wont respond to any requests since it doesnt directly use that address (e.g. it needs to bind to its actual network interface as well as "fake binding" to the proxy address just so that address gets reported during discovery).

I have no idea why it let me do this earlier today with targetcli, but it isnt consistent, it lets me do it sometimes and not other times, and it never works through rtslib interestingly.

So the solution I came up with for kubernetes is to use an initContainer and pass the pod IP address and proxy IP as environment variables, then have a script in the initContainerr that writes those environment variables to the yaml. 

initContainers:
        - name: copy-config
          image: busybox
          command:
            - sh
            - -c
            - |
              cp /targetd-src/targetd.yaml /targetd-dst/targetd.yaml &&
              echo portal_addresses: [$POD_IP, $LB_IP] >> /targetd-dst/targetd.yaml
          env:
            - name: POD_IP
              valueFrom:
                fieldRef:
                  fieldPath: status.podIP
            - name: LB_IP
              value: 10.0.10.9
          volumeMounts:
            - name: target
              mountPath: /targetd-dst
            - name: targetd-config
              mountPath: /targetd-sr

It may be worth adding this to the readme if kubernetes support is a goal.