Ask Your Question
0

target acl lost after reboot openstack services

asked 2015-08-24 23:16:09 -0600

allen gravatar image

Hi All,

I encountered a wired issue when using lvm backend for cinder service with iscsi on centos 7 system I found that after reboot openstack services(like:reboot the whole machine),the /etc/target/saveconfig.json file will be recreated and all acs of each targets will be lost..

After reboot ,I can see storage objects of the lvm volumes which I created but the acl of each iscsi target will be lost,that will cause instances can't access volume which I attached before From cinder host /var/log/messages I can see many SCSI Login negotiation failed errors: Aug 25 01:32:13 network kernel: iSCSI Initiator Node: iqn.1994-05.com.redhat:7cbe5f6c387b is not authorized to access iSCSI target portal group: 1. Aug 25 01:32:13 network kernel: iSCSI Login negotiation failed.

targetcli /> ls

o- / ......................................................................................................................... [...]

o- backstores .............................................................................................................. [...]

| o- block ................................................................................................. [Storage Objects: 22]

| | o- iqn.2010-10.org.openstack:volume-09c24a94-e52f-4dfe-b2fa-fdab6d2da61f [/dev/cinder-volumes/volume- 09c24a94-e52f-4dfe-b2fa-fdab6d2da61f (100.0GiB) write-thru activated]

o- iscsi ........................................................................................................... [Targets: 22]

| o- iqn.2010-10.org.openstack:volume-09c24a94-e52f-4dfe-b2fa-fdab6d2da61f ............................................. [TPGs: 1]

| | o- tpg1 .......................................................................................... [no-gen-acls, auth per-acl]

| | o- acls .......................................................................................................... [ACLs:0]

| | o- luns .......................................................................................................... [LUNs: 1]

| | | o- lun0 [block/iqn.2010-10.org.openstack:volume-09c24a94-e52f-4dfe-b2fa-fdab6d2da61f (/dev/cinder-volumes/volume-09c24a94-e52f-4dfe-b2fa-fdab6d2da61f)]

| | o- portals .................................................................................................... [Portals: 1]

| | o- 0.0.0.0:3260 ..................................................................................................... [OK]

Below is my cinder configurations

cat /etc/cinder/cinder.conf [DEFAULT]

enabled_backends=lvm

logdir = /var/log/cinder

state_path = /var/lib/cinder

lock_path = /var/lib/cinder/tmp

volumes_dir = /etc/cinder/volumes

rootwrap_config = /etc/cinder/rootwrap.conf

auth_strategy = keystone

rpc_backend = rabbit

my_ip=175.27.0.11

glance_host = 178.26.0.10

volume_clear_size=5

verbose = True

host = network

[oslo_messaging_rabbit]

rabbit_durable_queues=true

rabbit_hosts=controller02:5672,controller01:5672

rabbit_userid = xxxxx

rabbit_password = xxxxx

rabbit_ha_queues = true

[database] connection = mysql://cinder:xxx@localhost/cinder

[keystone_authtoken]

auth_plugin = password

project_domain_id = default

user_domain_id = default

project_name = service

username = cinder

password = xxxxxx

[oslo_concurrency]

lock_path = /var/lib/cinder/tmp

[lvm]

iscsi_helper=lioadm

volume_group=cinder-volumes

volume_driver=cinder.volume.drivers.lvm.LVMISCSIDriver

iscsi_ip_address=175.27.0.11

volume_backend_name=LVM_iSCSI57

volume_clear_size=5

QUESTIONs: 1. did openstack save the target acl in database if yes May I know which table?

2.is there any way to manual detach volume from instance because the nova volume-detach command simply can't work for such situation,the volume status will be sticked on 'detaching"?

Pls help

B&R Allen,

edit retag flag offensive close merge delete

Comments

What reports systemctl status target ?

dbaxps gravatar imagedbaxps ( 2015-08-25 01:54:59 -0600 )edit

Here is : systemctl status target -l target.service - Cluster Controlled target Loaded: loaded (/usr/lib/systemd/system/target.service; disabled) Drop-In: /run/systemd/system/target.service.d 50-pacemaker.conf Active: active (exited) since Mon 2015-08-24 23:40:13 SGT; 15h ago

allen gravatar imageallen ( 2015-08-25 02:13:39 -0600 )edit

Btw I didn't enable target service because I'm using pacemaker manage the target service I'm wondering whether openstack saved the acl in db or just in /etc/target/saveconfig.json only? Do u have any idea of this?

allen gravatar imageallen ( 2015-08-25 02:16:09 -0600 )edit

1 answer

Sort by ยป oldest newest most voted
0

answered 2016-06-20 21:25:59 -0600

allen gravatar image

anyone can help

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2015-08-24 23:06:11 -0600

Seen: 733 times

Last updated: Jun 20 '16