-
Notifications
You must be signed in to change notification settings - Fork 20
/
iscsi.ps1
156 lines (136 loc) · 6.17 KB
/
iscsi.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
#note these strings are used other places!
$IscsiSecrets = @('ISCSI_CHAP_USERNAME',
'ISCSI_CHAP_PASSWORD',
'ISCSI_REVERSE_CHAP_USERNAME',
'ISCSI_REVERSE_CHAP_PASSWORD' )
function TargetExists($name, $server)
{
$servers = Get-IscsiServerTarget -ComputerName $server -ErrorAction Stop
$matched = $servers | ?{$_.TargetName -eq $name}
return ($matched | Measure-Object).Count -ne 0
}
function IscsiVirtualDiskExists($path, $server)
{
$disks = Get-IscsiVirtualDisk -ComputerName $server -ErrorAction Stop
$matched = $disks | ?{$_.Path -eq $path}
return ($matched | Measure-Object).Count -ne 0
}
function EnsureIscsiTargetExists( $targetName,
$computername,
[string] $authType = 'NONE',
[string] $chapUserName = '',
[string] $chapPassword = '',
[string] $rchapUserName = '',
[string] $rchapPassword = '')
{
if(-not $(TargetExists $targetName $computername))
{
$target = New-IscsiServerTarget -TargetName $targetName -ComputerName $computername -InitiatorIds "iqn:*" -ErrorAction Stop
}
$target = Get-IscsiServerTarget -TargetName $targetName -ComputerName $computername -ErrorAction Stop
if($authType -ne "NONE")
{
$chapParams = @{}
$user = $chapUserName
$pass = $chapPassword
$password = ConvertTo-SecureString -String $pass -AsPlainText -Force
$chapParams.Chap = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $user, $password
if($authType -eq "MUTALCHAP")
{
$user = $rchapUserName
$pass = $rchapPassword
$password = ConvertTo-SecureString -String $pass -AsPlainText -Force
$chapParams.ReverseChap = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $user, $password
$chapParams.EnableReverseChap = $true
}
$empty = Set-IscsiServerTarget -TargetName $targetName -EnableChap $True @chapParams -ErrorAction Stop
}
return $target.TargetIqn.ToString()
}
function supports_iscsi($options)
{
return [bool] $options.parameters.iscsiLocalPath
}
function provision_iscsi($options)
{
$name = $options.name
#$options.parameters.type = "pd-ssd"
$localPath = $options.parameters.iscsiLocalPath
$server = $options.parameters.iscsiServerName
$authType = $options.parameters.iscsiAuthType
$portals = $options.parameters.iscsiPortals
$targetPortal = $options.parameters.iscsiTargetPortal
$path = join-path $localPath "$name.vhdx"
$requestSize = $options.volumeClaim.spec.resources.requests.storage
$requestSize = ConvertKubeSize $requestSize
$isFixed = $options.parameters.iscsiUseFixed -eq "true"
$useFixedParam = @{}
if($isFixed){$useFixedParam.UseFixed = $true}
if(-not $server)
{
$server = $targetPortal
}
DebugLog "Loading Secrets"
$secrets = LoadSecrets($IscsiSecrets)
DebugLog "Local path $path on server $server "
$targetName = $name
$iqn = EnsureIscsiTargetExists -targetName $targetName `
-ComputerName $server `
-authType $authType `
-chapUserName $secrets:ISCSI_CHAP_USERNAME `
-chapPassword $secrets:ISCSI_CHAP_PASSWORD `
-rchapUserName $secrets:ISCSI_REVERSE_CHAP_USERNAME `
-rchapPassword $secrets:ISCSI_REVERSE_CHAP_PASSWORD
if(-not $(IscsiVirtualDiskExists $path $server ))
{
$empty = New-IscsiVirtualDisk $path -size $requestSize -computername $server @useFixedParam -ErrorAction Stop 2>&1
}
Add-IscsiVirtualDiskTargetMapping -TargetName $targetName $path -computername $server -ErrorAction Stop
$lun = 0
DebugLog $requestSize
$ret = @{"metadata" = @{
"labels" =@{
"proto" = "iscsi" } };
"spec"= @{
"flexVolume" = @{
"driver" = "microsoft.com/iscsi.cmd";
"fsType" = $options.parameters.iscsiFsType;
"secretRef" = @{
"name" = $options.parameters.iscsiSecret };
"options" = @{
"chapAuthDiscovery" = $options.parameters.iscsiChapAuthDiscovery;
"chapAuthSession" = $options.parameters.iscsiChapAuthSession;
"targetPortal" = $targetPortal;
"iqn" = $iqn;
"lun" = "0";
"authType" = $authType;
"serverName" = $server;
"localPath" = $path;
"isFixed" = $isFixed } } } }
if($portals)
{
$ret.spec.flexVolume.options.portals = $portals
}
return $ret
}
function delete_iscsi($options)
{
$path = $options.volume.spec.flexVolume.options.localPath
$server = $options.volume.spec.flexVolume.options.serverName
$name = $options.volume.metadata.name
if($(TargetExists $name $server))
{
DebugLog "Removing iscsi target $name on server $server no longer exists"
#the goal of this set is to disconnect all people using this target
Set-IscsiServerTarget $name -InitiatorIds "iqn:none" -ComputerName $server -ErrorAction Stop
remove-IscsiServerTarget $name -ComputerName $server -ErrorAction Stop
}
DebugLog "Ensured iscsi target $name on server $server no longer exists"
if($(IscsiVirtualDiskExists $path $server))
{
DebugLog "deleting iscsiDisk $path on $server using local path $path"
$empty = remove-IscsiVirtualDisk $path -computername $server
}
DebugLog "Ensured that iscsiDisk $path on $server using local path $path was deleted"
DeleteRemotePath $path -ComputerName $server
}