[ofa-general] srp_daemon and partitions.
Chris Worley
worleys at gmail.com
Mon Jun 8 12:38:17 PDT 2009
On Thu, Nov 20, 2008 at 1:06 PM, Vu Pham <vuhuong at mellanox.com> wrote:
>
> Hi James,
>
> it's srp_daemon and ibsrpdm bug. We'll try to fix it to provide zoning thru pkey.
I don't think pkeys are the answer to zoning, as I don't see a way to
tie a specific disk or partition to a pkey. At one point I tried to
tie IB ports to pkeys, but found that all levels of the SRP stack
needed to be pkey-aware. It looks like a daunting task, and probably
not what pkeys were intended to do.
I think SCST "security groups" are the intended way to zone. The
scst/README says:
...
2. Initiator-oriented. In this mode you define which devices and
their LUNs are accessible for each initiator. In this mode you should
createfor each set of one or more initiators, which should access to
the same set of devices with the same LUNs, a separate security group,
then add to it available devices and names of allowed initiator(s).
...
# echo "add_group
Default_iqn.2007-05.com.example:storage.disk1.sys1.xyz"
>/proc/scsi_tgt/scsi_tgt
# echo "add dev1 0"
>/proc/scsi_tgt/groups/Default_iqn.2007-05.com.example:storage.disk1.sys1.xyz/devices
# echo "add dev2 1"
>/proc/scsi_tgt/groups/Default_iqn.2007-05.com.example:storage.disk1.sys1.xyz/devices
# echo "add_group spec_ini" >/proc/scsi_tgt/scsi_tgt
# echo "add iqn.2007-05.com.example:storage.disk1.spec_ini.xyz"
>/proc/scsi_tgt/groups/spec_ini/names
# echo "add dev2 0" >/proc/scsi_tgt/groups/spec_ini/devices
...
But, I don't understand how the zoning example selects the initiator
visibility... I'd hope w/ IB this could be done w/ the port GUID of
the initiator. The example uses the name of
"iqn.2007-05.com.example:storage.disk1.spec_ini.xyz" to specify the
initiator. I'm guessing "iqn.2007-05.com.example" specifies the host
name of the initiator, but not a clue what
"storage.disk1.spec_ini.xyz" means.
Chris
More information about the general
mailing list