我有一个使用 libvirtd 和 iSCSI 设置的家庭实验室。大多数问题都已解决/解决,但有一个问题仍然让我困惑。我在 Google 或 serverfault.com 上找不到答案。
通常,当我登录目标时,我会收到身份验证被拒绝的错误,并发现 iscsiadm 显然已删除我的配置中的 CHAP 凭据。它删除用户名和密码行,并将身份验证方法设置为“无”。这实际上不是问题,因为我可以重新运行我的 Ansible 剧本来恢复凭据,但我不想这样做。
有没有办法配置 iscsiadm 以不删除我的凭据?
我不希望chattr +i
所有节点配置文件都这样,因为这会使我的 Ansible 剧本变得复杂。我确信这不是正确的答案。
iSCSI 主机是 QNAP TS-431P,因此配置起来有点麻烦。:) 不过一旦完成就可以很好地工作。
不确定是否有帮助但这是我的 MWE。
版本:
QNAP firmware: 4.3.6.0959 open-iscsi: 2.1.0 libiscsi: 1.19.0 libiscsi-tools: 1.19.0
/etc/iscsi/启动器名称.iscsi:
InitiatorName=iqn.2005-03.org.open-iscsi:634e222dfd1
/etc/iscsi/iscsid.conf:
node.startup = manual
node.leading_login = No
node.session.timeo.replacement_timeout = 120
node.conn[0].timeo.login_timeout = 15
node.conn[0].timeo.logout_timeout = 15
node.conn[0].timeo.noop_out_interval = 5
node.conn[0].timeo.noop_out_timeout = 5
node.session.err_timeo.abort_timeout = 15
node.session.err_timeo.lu_reset_timeout = 30
node.session.err_timeo.tgt_reset_timeout = 30
node.session.initial_login_retry_max = 8
node.session.cmds_max = 128
node.session.queue_depth = 32
node.session.xmit_thread_priority = -20
node.session.iscsi.InitialR2T = No
node.session.iscsi.ImmediateData = Yes
node.session.iscsi.FirstBurstLength = 262144
node.session.iscsi.MaxBurstLength = 16776192
node.conn[0].iscsi.MaxRecvDataSegmentLength = 262144
node.conn[0].iscsi.MaxXmitDataSegmentLength = 0
discovery.sendtargets.iscsi.MaxRecvDataSegmentLength = 32768
node.session.nr_sessions = 1
node.session.iscsi.FastAbort = Yes
node.session.scan = auto
这是一个节点配置,请注意“node.session.auth”选项已全部设置(显然是虚拟密码和 IP 屏蔽)。
/etc/iscsi/nodes/iqn.2004-04.com.qnap:ts-431p:iscsi.website.14b57f/10.nas.nas.nas,3260,1/默认:
# BEGIN RECORD 2.0-876
node.name = iqn.2004-04.com.qnap:ts-431p:iscsi.website.14b57f
node.tpgt = 1
node.startup = manual
node.leading_login = No
iface.iscsi_ifacename = default
iface.prefix_len = 0
iface.transport_name = tcp
iface.vlan_id = 0
iface.vlan_priority = 0
iface.iface_num = 0
iface.mtu = 0
iface.port = 0
iface.tos = 0
iface.ttl = 0
iface.tcp_wsf = 0
iface.tcp_timer_scale = 0
iface.def_task_mgmt_timeout = 0
iface.erl = 0
iface.max_receive_data_len = 0
iface.first_burst_len = 0
iface.max_outstanding_r2t = 0
iface.max_burst_len = 0
node.discovery_address = 10.nas.nas.nas
node.discovery_port = 3260
node.discovery_type = send_targets
node.session.initial_cmdsn = 0
node.session.initial_login_retry_max = 8
node.session.xmit_thread_priority = -20
node.session.cmds_max = 128
node.session.queue_depth = 32
node.session.nr_sessions = 1
node.session.auth.authmethod = CHAP
node.session.auth.username = gimmedisks
node.session.auth.password = Password@1
node.session.timeo.replacement_timeout = 120
node.session.err_timeo.abort_timeout = 15
node.session.err_timeo.lu_reset_timeout = 30
node.session.err_timeo.tgt_reset_timeout = 30
node.session.err_timeo.host_reset_timeout = 60
node.session.iscsi.FastAbort = Yes
node.session.iscsi.InitialR2T = No
node.session.iscsi.ImmediateData = Yes
node.session.iscsi.FirstBurstLength = 262144
node.session.iscsi.MaxBurstLength = 16776192
node.session.iscsi.DefaultTime2Retain = 0
node.session.iscsi.DefaultTime2Wait = 2
node.session.iscsi.MaxConnections = 1
node.session.iscsi.MaxOutstandingR2T = 1
node.session.iscsi.ERL = 0
node.session.scan = auto
node.conn[0].address = 10.nas.nas.nas
node.conn[0].startup = manual
node.conn[0].tcp.window_size = 524288
node.conn[0].tcp.type_of_service = 0
node.conn[0].timeo.logout_timeout = 15
node.conn[0].timeo.login_timeout = 15
node.conn[0].timeo.auth_timeout = 45
node.conn[0].timeo.noop_out_interval = 5
node.conn[0].timeo.noop_out_timeout = 5
node.conn[0].iscsi.MaxXmitDataSegmentLength = 0
node.conn[0].iscsi.MaxRecvDataSegmentLength = 262144
node.conn[0].iscsi.HeaderDigest = None
node.conn[0].iscsi.DataDigest = None
node.conn[0].iscsi.IFMarker = No
node.conn[0].iscsi.OFMarker = No
# END RECORD