Adding the iSCSI APIs #99
Conversation
k8s-ci-robot
added
release-note
k8s-ci-robot
added
cncf-cla: yes
|
Hi @jmpfar. Thanks for your PR. I'm waiting for a kubernetes-csi member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
k8s-ci-robot
added
the
size/XXL
|
I've currently disabled the iSCSI integration tests on github workflow as they do not work on that environment. Notes to reviewer:
|
|
/ok-to-test |
k8s-ci-robot
added
ok-to-test
1. Currently has a very limited support for Multipath 2. Does not contain node level APIs to set reverse CHAP or node IQN 3. Tests format a disk, so special flag is used to enable the iSCSI tests. Take care to use disposable clean VMs for tests. Change-Id: I0fe8431fed00715883ad0431671ec6a060718e0e
Change-Id: Ib669ed4aafad4a7ce6fa4821998e24264072c049
I've tried the test on a clean GCP Windows 2016/2019 VM and this works. This might be related to the Server Target feature install on the github workflow environment. Might be worth fixing with the other disabled integration tests. Change-Id: If76902118f1a2887caf5c554d339ad1dc13f04a8
|
/retest |
|
/test all |
|
Hey, |
|
@jmpfar invoked |
client/api/iscsi/v1alpha1/api.proto
Outdated
| } | ||
|
|
||
| message GetTargetDisksRequest { | ||
| // Target portal to which the initiator will connect. |
There was a problem hiding this comment.
Please fix the comment to mention something along the lines of: Target portal whose disks will be querried
client/api/iscsi/v1alpha1/api.proto
Outdated
| } | ||
|
|
||
| message DisconnectTargetRequest { | ||
| // Target portal to which the initiator will connect. |
There was a problem hiding this comment.
Please fix the comment to mention something along the lines of Target portal from which initiator will disconnect.
client/api/iscsi/v1alpha1/api.proto
Outdated
| message GetTargetDisksResponse { | ||
| // List composed of disk ids (numbers) that are associated with the | ||
| // iSCSI target | ||
| repeated string diskIds = 1; |
There was a problem hiding this comment.
Can we use diskIDs instead of diskIds please? See https://github.com/kubernetes-csi/csi-proxy/blob/master/client/api/disk/v1beta2/api.proto#L76
|
|
||
| func (APIImplementor) AddTargetPortal(portal *TargetPortal) error { | ||
| cmdLine := fmt.Sprintf( | ||
| `New-IscsiTargetPortal -TargetPortalAddress ${Env:iscsi_tp_address} ` + |
There was a problem hiding this comment.
The lack of -InitiatorInstanceName parameter assumes csi-proxy will always use the software iSCSI initiator in Windows rather any hardware NICs with iSCSI offload/support - which is fine. If you can add a comment to specify this, that would be great!
There was a problem hiding this comment.
I've added clarifying comments (in the proto), I think this is a good idea to add this in later versions.
According to Windows documentation, if you don't specify an initiator:
"iSCSI initiator service will use any initiator that can reach the target portal."
So, at least by wording, this might suggest that the hardware initiator may be used
internal/os/iscsi/api.go
Outdated
| `Connect-IscsiTarget -TargetPortalAddress ${Env:iscsi_tp_address}` + | ||
| ` -TargetPortalPortNumber ${Env:iscsi_tp_port} -NodeAddress ${Env:iscsi_target_iqn}` + | ||
| ` -AuthenticationType ${Env:iscsi_auth_type}` + | ||
| ` -IsMultipathEnabled $([System.Convert]::ToBoolean(${Env:iscsi_is_multipath}))`) |
There was a problem hiding this comment.
If IsMultipathEnabled is true then Connect-IscsiTarget will need to be invoked with InitiatorPortalAddress set to the IP address of each network adapter that wants to participate in the multi-path configuration. I think it will probably be better to block specification of IsMultipathEnabled for now?
There was a problem hiding this comment.
I didn't consider the multipath scenario where you use two initiators to the same target, what I was thinking about was the other direction
e.g. I have one NIC that connects to two IPs of the storage array, each one exposing the same IQN.
This scenario will work with the current API
I guess this is more of a scenario for high availability rather than performance, and it was at least what we used in a product I've worked on (although it was far from the normal storage product)
WDYT? The multipath option here was added really quickly just to give an option for users with an already well configured node to use multipath. Full support will probably require more effort anyway, so I can remove the multipath bool and save it for a later version
There was a problem hiding this comment.
Interesting - most production multipath configurations I have seen involve redundant paths all the way from the initiator NICs to the target.
I would say let’s remove the multipath option for now in v1alpha1 and add it later if we hear requests/feedback around it.
There was a problem hiding this comment.
Once the multipath option is removed for now, I will lgtm/approve the PR. Thanks for getting basic iSCSI support going!
There was a problem hiding this comment.
Thanks!
Removed the multipath option
| MUTUAL_CHAP = 2; | ||
| } | ||
|
|
||
| message ConnectTargetRequest { |
There was a problem hiding this comment.
Any thoughts on adding a initiator_address parameter to ConnectTargetRequest ? Can be added in a later version but was wondering if it would be useful in nodes with multiple NICs. We will probably need to add another API group potentially as part of the system group to query the set of host IP addresses as well.
There was a problem hiding this comment.
See the MPIO comments, but I agree, this is a good feature for a later version
This is a mammoth commit as it is, I think I'll start adding features in separate PRs, where the first one is mutual chap support (the node-level set chap function)
Change-Id: Iff20646f3837b952abe10d81c86bdcab799d5d53
1. Fixing errors in proto comments 2. Adding missing comments for AuthenticationType enum 3. Renaming DiskIds to DiskIDs to better conform to other apis 4. Documenting lack of initiator selection features in AddTargetPortal 5. Improving multipath related documentation Change-Id: Ic9ec4387a140f522fa2e3a3ad781a439bc2cb918
This was decided as currently we don't have a way of specifying different initiators. Effectively making multipath very limited in usage, as well as probably confusing Change-Id: I0cd9b7fa7cdb309dbc29ab1a5a5c64909a429f1e
|
Thanks! One more request: can you please squash the commits please? Would like the commit history to not have “address cr comments” commits. |
|
/lgtm |
k8s-ci-robot
added
the
do-not-merge/hold
k8s-ci-robot
added
the
lgtm
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: ddebroy, jmpfar The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
the
approved
|
I squashed and merged this manually. So please ignore #99 (comment) for this PR. |
What type of PR is this?
/kind feature
What this PR does / why we need it:
Adding the iSCSI API group to csi-proxy.
This includes:
Which issue(s) this PR fixes:
Fixes #
Special notes for your reviewer:
ENABLE_ISCSI_TESTSwhich needs to be set to"TRUE"in order to run the iSCSI tests. This was done as a fail safe mechanism as the integration tests install an iSCSI Target on the local machine and format an empty iSCSI drive. So it's advisable to run this on a clean VM if possible.Does this PR introduce a user-facing change?: