Skip to content

Commit

Permalink
Add ability to mappe individual LUNs to ACLs
Browse files Browse the repository at this point in the history 
WARNING: this is breaking change as the format of 'initiators' has
changed.

Motivation for this change was OndrejHome/ansible.targetcli-modules#5

To be able to use this new format the relevant
OndrejHome.targetcli-modules are needed.

Known issues: the cluster configuration use case is broken at this time.
  • Loading branch information
@OndrejHome
OndrejHome committed Oct 4, 2021
1 parent ce034b4 commit 6754fcb
Show file tree
Hide file tree
Showing 3 changed files with 145 additions and 5 deletions.
130 changes: 126 additions & 4 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ iscsi_targets:
Example Playbook
----------------

Install and configure targetcli server with 2 exported luns under one WWN for 2 specified initiators.
**Example A:** Install and configure targetcli server with 2 exported luns under one WWN for 2 specified initiators.

- hosts: servers
roles:
Expand All @@ -49,10 +49,132 @@ Install and configure targetcli server with 2 exported luns under one WWN for 2
name: 'test2'
type: 'block'
initiators:
- 'iqn.1994-05.com.redhat:client1'
- 'iqn.1994-05.com.redhat:client2'
- name: 'iqn.1994-05.com.redhat:client1'
- name: 'iqn.1994-05.com.redhat:client2'

This role can be also used in combination with [OndrejHome.iscsiadm](https://github.com/OndrejHome/ansible.iscsiadm) that from `v2`
**Example B:** Install and configure targetcli server with 2 exported luns under one WWN for 2 specified initiators. Each initiator has access only to one of the LUNs using the LUN ID 0.

- hosts: servers
roles:
- { role: 'OndrejHome.targetcli' }
vars:
iscsi_targets:
- wwn: 'iqn.1994-05.com.redhat:target'
disks:
- path: '/dev/c7vg/LV1'
name: 'test1'
type: 'block'
- path: '/dev/c7vg/LV2'
name: 'test2'
type: 'block'
initiators:
- name: 'iqn.1994-05.com.redhat:client1'
mapped_luns:
- name: test1
type: block
lun_id: 0
- name: 'iqn.1994-05.com.redhat:client2'
mapped_luns:
- name: test2
type: block
lun_id: 0

**Example C:** Example of variable re-use for larger configuration.

- hosts: servers
roles:
- { role: OndrejHome.targetcli }
vars:
tmpl_disks:
- path: /dev/c7vg/LV1
name: test1
type: block
lun_id: 0
- path: /dev/c7vg/LV2
name: test2
type: block
lun_id: 1
wwn_list:
- "iqn.1994-05.com.redhat:targeta"
- "iqn.1994-05.com.redhat:targetb"
iscsi_targets: []
initiators_list:
- 'iqn.1994-05.com.redhat:client1'
- 'iqn.1994-05.com.redhat:client2'
initiators_tmpl: []
pre_tasks:
- name: generate initiators variable
set_fact:
initiators_tmpl: "{{ initiators_tmpl + [{ 'name':item, 'mapped_luns':tmpl_disks }] }}"
loop: "{{ initiators_list }}"
- name: generate iscsi_targets variable
set_fact:
iscsi_targets: "{{ iscsi_targets + [{'wwn':item, 'disks':tmpl_disks, 'auto_add_luns': False, 'initiators':initiators_tmpl }] }}"
loop: "{{ wwn_list }}"

Above example is equivalent to below one:

- hosts: servers
roles:
- { role: OndrejHome.targetcli }
vars:
iscsi_targets:
- wwn: 'iqn.1994-05.com.redhat:targeta'
disks:
- path: '/dev/c7vg/LV1'
name: 'test1'
type: 'block'
- path: '/dev/c7vg/LV2'
name: 'test2'
type: 'block'
initiators:
- name: 'iqn.1994-05.com.redhat:client1'
auto_add_luns: False
mapped_luns:
- name: test1
type: block
lun_id: 0
- name: test2
type: block
lun_id: 1
- name: 'iqn.1994-05.com.redhat:client2'
auto_add_luns: False
mapped_luns:
- name: test1
type: block
lun_id: 0
- name: test2
type: block
lun_id: 1
- wwn: 'iqn.1994-05.com.redhat:targetb'
disks:
- path: '/dev/c7vg/LV1'
name: 'test1'
type: 'block'
- path: '/dev/c7vg/LV2'
name: 'test2'
type: 'block'
initiators:
- name: 'iqn.1994-05.com.redhat:client1'
auto_add_luns: False
mapped_luns:
- name: test1
type: block
lun_id: 0
- name: test2
type: block
lun_id: 1
- name: 'iqn.1994-05.com.redhat:client2'
auto_add_luns: False
mapped_luns:
- name: test1
type: block
lun_id: 0
- name: test2
type: block
lun_id: 1

**Example D:** This role can be also used in combination with [OndrejHome.iscsiadm](https://github.com/OndrejHome/ansible.iscsiadm) that from `v2`
can install needed utilities and determine the initiator WWN that can be supplied for this role as shown below. Note that group
containing the initiators in example below is named `cluster` and you should adjust it for your inventory.

Expand Down
12 changes: 12 additions & 0 deletions tasks/luns_to_acls.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
- name: map LUNs to ACLs
targetcli_iscsi_acl_mapped_lun:
wwn: "{{ wwn_list.wwn }}"
initiator_wwn: "{{ item.0.name }}"
backstore_type: "{{ item.1.type }}"
backstore_name: "{{ item.1.name }}"
mapped_lun_id: "{{ item.1.lun_id }}"
with_subelements:
- "{{ wwn_list.initiators }}"
- mapped_luns
notify:
- save targetcli configuration
8 changes: 7 additions & 1 deletion tasks/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,7 +73,7 @@
targetcli_iscsi_acl:
wwn: "{{ item.0.wwn }}"
auto_add_luns: "{{ item.0.auto_add_luns | default(omit) }}"
initiator_wwn: "{{ item.1 }}"
initiator_wwn: "{{ item.1.name | default(item.1) }}"
with_subelements:
- "{{ iscsi_targets }}"
- initiators
Expand All @@ -91,3 +91,9 @@
- disks
notify:
- save targetcli configuration

- name: Iterate over WWN targets to map LUNs to ACLs
include_tasks: luns_to_acls.yaml
loop: "{{ iscsi_targets }}"
loop_control:
loop_var: wwn_list

0 comments on commit 6754fcb

Please sign in to comment.