From: Chris Leech <cleech@redhat.com>
To: Lee Duncan <lduncan@suse.com>,
linux-scsi@vger.kernel.org, open-iscsi@googlegroups.com,
netdev@vger.kernel.org
Cc: Chris Leech <cleech@redhat.com>
Subject: [PATCH v2 00/11] Make iscsid-kernel communications namespace-aware
Date: Sat, 6 May 2023 16:29:19 -0700 [thread overview]
Message-ID: <20230506232930.195451-1-cleech@redhat.com> (raw)
This set of patches modifies the kernel iSCSI initiator communications
so that they are namespace-aware. The goal is to allow multiple iSCSI
daemon (iscsid) to run at once as long as they are in separate
namespaces, and so that iscsid can run in containers.
Container runtime environments seem to want to containerize their own
components, and there have been complaints about the need to run iscsid
from the host network namespace. There are still priviledged
capabilities needed for iscsid, but these changes address the namespace
issue.
I've tested with iscsi_tcp and iser over rxe with an unmodified iscsid
running in a podman container.
Note that with iscsi_tcp, the connected socket will keep the network
namespace alive after container exit. The namespace will exit once the
connection terminates, and I'd recommend running with a iSCSI
noop_out_timeout set to error out the connection after the routing has
been removed.
v2: Changes from Lee's last RFC posting
- Minor changes to patches 2 & 3 to not break iSER
- Large changes in patch 6, merging in patches posted to the previous
discussion. Use of current when setting the netns on an iscsi_tcp
session has been removed, instead an unbound (from a host) session
creation with an explicit netns interface has been added. Similar
changes for iSER endpoints have been added, and iSER support for
non-default network namespaces was enabled.
- The addition of patches 10 & 11 from the previous discussions to force
removal of sessions on namespace exit.
Chris Leech, Lee Duncan (11):
iscsi: create per-net iscsi netlink kernel sockets
iscsi: associate endpoints with a host
iscsi: sysfs filtering by network namespace
iscsi: make all iSCSI netlink multicast namespace aware
iscsi: check net namespace for all iscsi lookup
iscsi: set netns for tcp and iser hosts
iscsi: convert flashnode devices from bus to class
iscsi: rename iscsi_bus_flash_* to iscsi_flash_*
iscsi: filter flashnode sysfs by net namespace
iscsi: make session and connection lists per-net
iscsi: force destroy sesions when a network namespace exits
drivers/infiniband/ulp/iser/iscsi_iser.c | 61 +-
drivers/scsi/be2iscsi/be_iscsi.c | 6 +-
drivers/scsi/bnx2i/bnx2i_iscsi.c | 6 +-
drivers/scsi/cxgbi/libcxgbi.c | 6 +-
drivers/scsi/iscsi_tcp.c | 15 +-
drivers/scsi/libiscsi.c | 16 +
drivers/scsi/qedi/qedi_iscsi.c | 6 +-
drivers/scsi/qla4xxx/ql4_os.c | 64 +-
drivers/scsi/scsi_transport_iscsi.c | 790 ++++++++++++++++-------
include/scsi/libiscsi.h | 4 +
include/scsi/scsi_transport_iscsi.h | 75 ++-
11 files changed, 725 insertions(+), 324 deletions(-)
--
2.39.2
next reply other threads:[~2023-05-06 23:30 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-05-06 23:29 Chris Leech [this message]
2023-05-06 23:29 ` [PATCH 01/11] iscsi: create per-net iscsi netlink kernel sockets Chris Leech
2023-05-06 23:29 ` [PATCH 02/11] iscsi: associate endpoints with a host Chris Leech
2023-05-06 23:29 ` [PATCH 03/11] iscsi: sysfs filtering by network namespace Chris Leech
2023-05-10 19:50 ` michael.christie
2023-05-06 23:29 ` [PATCH 04/11] iscsi: make all iSCSI netlink multicast namespace aware Chris Leech
2023-05-10 19:48 ` michael.christie
2023-05-06 23:29 ` [PATCH 05/11] iscsi: check net namespace for all iscsi lookup Chris Leech
2023-05-12 22:30 ` Mike Christie
2023-05-06 23:29 ` [PATCH 06/11] iscsi: set netns for tcp and iser hosts Chris Leech
2023-05-07 1:29 ` kernel test robot
2023-05-07 2:01 ` kernel test robot
2023-05-10 19:40 ` michael.christie
2023-05-06 23:29 ` [PATCH 07/11] iscsi: convert flashnode devices from bus to class Chris Leech
2023-05-10 19:28 ` michael.christie
2023-05-06 23:29 ` [PATCH 08/11] iscsi: rename iscsi_bus_flash_* to iscsi_flash_* Chris Leech
2023-05-06 23:29 ` [PATCH 09/11] iscsi: filter flashnode sysfs by net namespace Chris Leech
2023-05-06 23:29 ` [PATCH 10/11] iscsi: make session and connection lists per-net Chris Leech
2023-05-10 19:25 ` michael.christie
2023-05-06 23:29 ` [PATCH 11/11] iscsi: force destroy sesions when a network namespace exits Chris Leech
2023-05-10 20:09 ` michael.christie
2023-05-10 20:14 ` michael.christie
2023-05-10 19:54 ` [PATCH v2 00/11] Make iscsid-kernel communications namespace-aware michael.christie
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230506232930.195451-1-cleech@redhat.com \
--to=cleech@redhat.com \
--cc=lduncan@suse.com \
--cc=linux-scsi@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=open-iscsi@googlegroups.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).