Notice
This document is for a development version of Ceph.
iSCSI Service
Deploying iSCSI
To deploy an iSCSI gateway, create a yaml file containing a service specification for iscsi:
service_type: iscsi
service_id: iscsi
placement:
hosts:
- host1
- host2
spec:
pool: mypool # RADOS pool where ceph-iscsi config data is stored.
trusted_ip_list: "IP_ADDRESS_1,IP_ADDRESS_2"
api_port: ... # optional
api_user: ... # optional
api_password: ... # optional
api_secure: true/false # optional
ssl_cert: | # optional
...
ssl_key: | # optional
...
For example:
service_type: iscsi
service_id: iscsi
placement:
hosts:
- [...]
spec:
pool: iscsi_pool
trusted_ip_list: "IP_ADDRESS_1,IP_ADDRESS_2,IP_ADDRESS_3,..."
api_user: API_USERNAME
api_password: API_PASSWORD
ssl_cert: |
-----BEGIN CERTIFICATE-----
MIIDtTCCAp2gAwIBAgIYMC4xNzc1NDQxNjEzMzc2MjMyXzxvQ7EcMA0GCSqGSIb3
DQEBCwUAMG0xCzAJBgNVBAYTAlVTMQ0wCwYDVQQIDARVdGFoMRcwFQYDVQQHDA5T
[...]
-----END CERTIFICATE-----
ssl_key: |
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC5jdYbjtNTAKW4
/CwQr/7wOiLGzVxChn3mmCIF3DwbL/qvTFTX2d8bDf6LjGwLYloXHscRfxszX/4h
[...]
-----END PRIVATE KEY-----
- class ceph.deployment.service_spec.IscsiServiceSpec(service_type='iscsi', service_id=None, pool=None, trusted_ip_list=None, api_port=5000, api_user='admin', api_password='admin', api_secure=None, ssl_cert=None, ssl_key=None, placement=None, unmanaged=False, preview_only=False, config=None, networks=None, extra_container_args=None, extra_entrypoint_args=None, custom_configs=None)
- api_password
api_password
as defined in theiscsi-gateway.cfg
- api_port
api_port
as defined in theiscsi-gateway.cfg
- api_secure
api_secure
as defined in theiscsi-gateway.cfg
- api_user
api_user
as defined in theiscsi-gateway.cfg
- networks: List[str]
A list of network identities instructing the daemons to only bind on the particular networks in that list. In case the cluster is distributed across multiple networks, you can add multiple networks. See Networks and Ports, Specifying Networks and Specifying Networks.
- placement: PlacementSpec
See Daemon Placement.
- pool
RADOS pool where ceph-iscsi config data is stored.
- ssl_cert
SSL certificate
- ssl_key
SSL private key
- trusted_ip_list
list of trusted IP addresses
The specification can then be applied using:
ceph orch apply -i iscsi.yaml
See Daemon Placement for details of the placement specification.
See also: Service Specification.
Configuring iSCSI client
The containerized iscsi service can be used from any host by Configuring the iSCSI Initiators, which will use TCP/IP to send SCSI commands to the iSCSI target (gateway).
Further Reading
Ceph iSCSI Overview: Ceph iSCSI Gateway
Brought to you by the Ceph Foundation
The Ceph Documentation is a community resource funded and hosted by the non-profit Ceph Foundation. If you would like to support this and our other efforts, please consider joining now.