From e189c1d06695d98c689191b0019bca1c6a2a8402 Mon Sep 17 00:00:00 2001 From: Brian M Date: Wed, 20 Nov 2024 15:09:21 -0800 Subject: [PATCH] Add support for discovery auth --- .../middlewared/etc_files/scst.conf.mako | 27 ++++++++++++++++++- src/middlewared/middlewared/plugins/etc.py | 1 + 2 files changed, 27 insertions(+), 1 deletion(-) diff --git a/src/middlewared/middlewared/etc_files/scst.conf.mako b/src/middlewared/middlewared/etc_files/scst.conf.mako index b1aefa5a13794..e824f3c04a1d9 100644 --- a/src/middlewared/middlewared/etc_files/scst.conf.mako +++ b/src/middlewared/middlewared/etc_files/scst.conf.mako @@ -51,8 +51,22 @@ fcports_by_port_name = {d['port']: d for d in render_ctx['fcport.query']} targets_by_id = {d['id']: d for d in targets} authenticators = defaultdict(list) - for auth in middleware.call_sync('iscsi.auth.query'): + + discovery_incoming = [] + discovery_outgoing = [] + for auth in render_ctx['iscsi.auth.query']: authenticators[auth['tag']].append(auth) + disc_auth = auth.get('discovery_auth') + if disc_auth in ['CHAP', 'CHAP_MUTUAL']: + user = auth.get('user') + secret = auth.get('secret') + if user and secret: + discovery_incoming.append(f'{user} {secret}') + if disc_auth in ['CHAP_MUTUAL']: + user = auth.get('peeruser') + secret = auth.get('peersecret') + if user and secret: + discovery_outgoing.append(f'{user} {secret}') def ha_node_wwpn_for_fcport(fcport): if render_ctx['failover.node'] == 'A': @@ -388,6 +402,17 @@ HANDLER ${handler} { ## #################################################################################### TARGET_DRIVER iscsi { +% if node == 'A': + internal_portal 169.254.10.1 +% elif node == 'B': + internal_portal 169.254.10.2 +% endif +% for chap_auth in discovery_incoming: + IncomingUser "${chap_auth}" +% endfor +% if discovery_outgoing: + OutgoingUser "${discovery_outgoing[0]}" +% endif enabled 1 link_local 0 ## Currently SCST only supports one iSNS server diff --git a/src/middlewared/middlewared/plugins/etc.py b/src/middlewared/middlewared/plugins/etc.py index e892f5ef765f3..b029b2da0987f 100644 --- a/src/middlewared/middlewared/plugins/etc.py +++ b/src/middlewared/middlewared/plugins/etc.py @@ -226,6 +226,7 @@ class EtcService(Service): {'method': 'failover.status'}, {'method': 'fc.capable'}, {'method': 'fcport.query'}, + {'method': 'iscsi.auth.query'}, {'method': 'iscsi.global.alua_enabled'}, {'method': 'iscsi.global.config'}, {'method': 'iscsi.target.query'},