]>
git.proxmox.com Git - ceph.git/blob - ceph/src/pybind/mgr/cephadm/services/iscsi.py
6454893d9425e18027dce0e24b6479b560e37a82
3 from typing
import List
, cast
5 from mgr_module
import MonCommandFailed
6 from ceph
.deployment
.service_spec
import IscsiServiceSpec
8 from orchestrator
import DaemonDescription
, OrchestratorError
9 from .cephadmservice
import CephadmDaemonSpec
, CephService
12 logger
= logging
.getLogger(__name__
)
15 class IscsiService(CephService
):
18 def config(self
, spec
: IscsiServiceSpec
) -> None:
19 assert self
.TYPE
== spec
.service_type
21 self
.mgr
._check
_pool
_exists
(spec
.pool
, spec
.service_name())
23 logger
.info('Saving service %s spec with placement %s' % (
24 spec
.service_name(), spec
.placement
.pretty_str()))
25 self
.mgr
.spec_store
.save(spec
)
27 def prepare_create(self
, daemon_spec
: CephadmDaemonSpec
[IscsiServiceSpec
]) -> CephadmDaemonSpec
:
28 assert self
.TYPE
== daemon_spec
.daemon_type
29 assert daemon_spec
.spec
31 spec
= daemon_spec
.spec
32 igw_id
= daemon_spec
.daemon_id
34 ret
, keyring
, err
= self
.mgr
.check_mon_command({
35 'prefix': 'auth get-or-create',
36 'entity': self
.get_auth_entity(igw_id
),
37 'caps': ['mon', 'profile rbd, '
38 'allow command "osd blacklist", '
39 'allow command "config-key get" with "key" prefix "iscsi/"',
44 if isinstance(spec
.ssl_cert
, list):
45 cert_data
= '\n'.join(spec
.ssl_cert
)
47 cert_data
= spec
.ssl_cert
48 ret
, out
, err
= self
.mgr
.check_mon_command({
49 'prefix': 'config-key set',
50 'key': f
'iscsi/{utils.name_to_config_section("iscsi")}.{igw_id}/iscsi-gateway.crt',
55 if isinstance(spec
.ssl_key
, list):
56 key_data
= '\n'.join(spec
.ssl_key
)
58 key_data
= spec
.ssl_key
59 ret
, out
, err
= self
.mgr
.check_mon_command({
60 'prefix': 'config-key set',
61 'key': f
'iscsi/{utils.name_to_config_section("iscsi")}.{igw_id}/iscsi-gateway.key',
66 'client_name': '{}.{}'.format(utils
.name_to_config_section('iscsi'), igw_id
),
69 igw_conf
= self
.mgr
.template
.render('services/iscsi/iscsi-gateway.cfg.j2', context
)
71 daemon_spec
.keyring
= keyring
72 daemon_spec
.extra_files
= {'iscsi-gateway.cfg': igw_conf
}
76 def config_dashboard(self
, daemon_descrs
: List
[DaemonDescription
]) -> None:
77 def get_set_cmd_dicts(out
: str) -> List
[dict]:
78 gateways
= json
.loads(out
)['gateways']
80 spec
= cast(IscsiServiceSpec
,
81 self
.mgr
.spec_store
.specs
.get(daemon_descrs
[0].service_name(), None))
82 if spec
.api_secure
and spec
.ssl_cert
and spec
.ssl_key
:
84 'prefix': 'dashboard set-iscsi-api-ssl-verification',
89 'prefix': 'dashboard set-iscsi-api-ssl-verification',
92 for dd
in daemon_descrs
:
93 spec
= cast(IscsiServiceSpec
,
94 self
.mgr
.spec_store
.specs
.get(dd
.service_name(), None))
96 logger
.warning('No ServiceSpec found for %s', dd
)
98 ip
= utils
.resolve_ip(dd
.hostname
)
100 if spec
.api_secure
and spec
.ssl_cert
and spec
.ssl_key
:
102 service_url
= '{}://{}:{}@{}:{}'.format(
103 protocol
, spec
.api_user
or 'admin', spec
.api_password
or 'admin', ip
, spec
.api_port
or '5000')
104 gw
= gateways
.get(dd
.hostname
)
105 if not gw
or gw
['service_url'] != service_url
:
106 safe_service_url
= '{}://{}:{}@{}:{}'.format(
107 protocol
, '<api-user>', '<api-password>', ip
, spec
.api_port
or '5000')
108 logger
.info('Adding iSCSI gateway %s to Dashboard', safe_service_url
)
110 'prefix': 'dashboard iscsi-gateway-add',
111 'service_url': service_url
,
116 self
._check
_and
_set
_dashboard
(
117 service_name
='iSCSI',
118 get_cmd
='dashboard iscsi-gateway-list',
119 get_set_cmd_dicts
=get_set_cmd_dicts