====== 28 Ceph ISCSI ======
CephのRBDを使ってiscsi gwを作成できる。
Multipathでも利用でき冗長性も確保可能。
===== 1.tcmu-runner =====
RBDバックエンド tcmu-runner
[[https://1.chacra.ceph.com/r/tcmu-runner/master/9c84f7a4348ac326ac269fbdda507953dba6ec2c/centos/7/flavors/default/x86_64/]]
# ls -al
-rw-r--r-- 1 root root 41308 9月 25 10:59 libtcmu-1.5.2-1.el7.x86_64.rpm
-rw-r--r-- 1 root root 2244 9月 25 10:59 libtcmu-devel-1.5.2-1.el7.x86_64.rpm
-rw-r--r-- 1 root root 122032 9月 25 10:58 tcmu-runner-1.5.2-1.el7.x86_64.rpm
# rpm -ivh tcmu-runner-* libtcmu-*
==== tcmu-runner install error ====
下記のようなエラーでglusterfs-apiを求められるので、入れておく。
yum -y install glusterfs-api
# rpm -ivh tcmu-runner-* libtcmu-*
error: Failed dependencies:
glusterfs-api is needed by tcmu-runner-1.5.2-1.el7.x86_64
libgfapi.so.0()(64bit) is needed by tcmu-runner-1.5.2-1.el7.x86_64
libgfapi.so.0(GFAPI_3.4.0)(64bit) is needed by tcmu-runner-1.5.2-1.el7.x86_64
libgfapi.so.0(GFAPI_3.5.0)(64bit) is needed by tcmu-runner-1.5.2-1.el7.x86_64
===== 2.repo =====
# cat << EOM > /etc/yum.repos.d/ceph-iscsi.repo
[ceph-iscsi]
name=ceph-iscsi noarch packages
baseurl=http://download.ceph.com/ceph-iscsi/3/rpm/el7/noarch
enabled=1
gpgcheck=1
gpgkey=https://download.ceph.com/keys/release.asc
type=rpm-md
[ceph-iscsi-source]
name=ceph-iscsi source packages
baseurl=http://download.ceph.com/ceph-iscsi/3/rpm/el7/SRPMS
enabled=0
gpgcheck=1
gpgkey=https://download.ceph.com/keys/release.asc
type=rpm-md
EOM
# yum install ceph-iscsi targetcli
===== 3.kernel4 =====
Kernel4じゃないとrbd-target-apiが起動しないので、kernel4を入れる
エラー
2020-09-25 13:57:26,552 CRITICAL [rbd-target-api:2879:main()] - Secure API requested but the crt/key files missing/incompa
tible?
2020-09-25 13:57:26,552 CRITICAL [rbd-target-api:2881:main()] - Unable to start
→Kernel 4.16
http://choonrpms.choon.net/centos/7/choonrpms-kernel416/x86_64/
yum remove kernel-tools-libs
rpm -ivh kernel-*
===== 4.cpeh-iscsi.conf用意 =====
cat << _EOM_ > /etc/ceph/iscsi-gateway.cfg
[config]
# Name of the Ceph storage cluster. A suitable Ceph configuration file allowing
# access to the Ceph storage cluster from the gateway node is required, if not
# colocated on an OSD node.
cluster_name = ceph
# Place a copy of the ceph cluster's admin keyring in the gateway's /etc/ceph
# drectory and reference the filename here
gateway_keyring = ceph.client.admin.keyring
# API settings.
# The API supports a number of options that allow you to tailor it to your
# local environment. If you want to run the API under https, you will need to
# create cert/key files that are compatible for each iSCSI gateway node, that is
# not locked to a specific node. SSL cert and key files *must* be called
# 'iscsi-gateway.crt' and 'iscsi-gateway.key' and placed in the '/etc/ceph/' directory
# on *each* gateway node. With the SSL files in place, you can use 'api_secure = true'
# to switch to https mode.
# To support the API, the bear minimum settings are:
api_secure = false
# Additional API configuration options are as follows, defaults shown.
api_user = admin
api_password = admin
api_port = 5000
trusted_ip_list = 10.xxx.xxx.xx,10.xxx.xxx.xx
tpg_default_cmdsn_depth = 512
backstore_hw_queue_depth = 512
backstore_queue_depth = 512
_EOM_
/etc/ceph/iscsi-gateway.cfgの反映には、デーモンのリロードが必要
systemctl reload rbd-target-api.service
===== 5.起動 =====
systemctl start rbd-target-api
systemctl start rbd-target-gw
===== 6.gwcli =====
gwcliでコマンドから設定可能
# gwcli
> /> cd /iscsi-target
> /iscsi-target> create iqn.2003-01.com.redhat.iscsi-gw:iscsi-igw
> /iscsi-target> cd iqn.2003-01.com.redhat.iscsi-gw:iscsi-igw/gateways
> /iscsi-target...-igw/gateways> create ceph001 10.xxx.xx.xx
> /iscsi-target...-igw/gateways> create ceph002 10.xxx.xx.xx
> /iscsi-target...-igw/gateways> cd /disks
> /disks> create pool=rbd image=disk_1 size=90G
> /iscsi-target...at:rh7-client> disk add rbd/disk_1
===== 7.dashboard =====
Dashboardからも設定可能
ceph dashboard set-iscsi-api-ssl-verification false
ceph dashboard iscsi-gateway-add http://admin:admin@10.xxx.xx.xx:5000
ceph dashboard iscsi-gateway-add http://admin:admin@10.xxx.xx.xx:5000
# ceph dashboard iscsi-gateway-list
{"gateways": {"ceph001": {"service_url": "http://admin:admin@10.xxx.xx.xx:5000"}}}
=== 削除の場合 ===
ceph dashboard iscsi-gateway-rm GATEWAY_NAME
{{tag>Ceph iscsi}}