-
Notifications
You must be signed in to change notification settings - Fork 26
/
Copy pathREADME
208 lines (144 loc) · 6.5 KB
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
Welcome to Open-iSNS
====================
This is a partial implementation of iSNS, according to RFC4171.
The implementation is still somewhat incomplete, but I'm releasing
it for your reading pleasure.
The distribution comprises
isnsd
This is the iSNS server, supporting persistent storage
of registrations in a file based database.
isnsadm
A command line utility for querying the iSNS database,
and for registering/deregistering nodes and portals
isnsdd
An iSNS Discovery Daemon, which is still very much work
in progress. The daemon is supposed to handle all the
bit banging and server communications required to register
a node, its portals, and to maintain the registration.
It is also supposed to use the iSNS State Change Notification
framework to learn of new targets or initiators coming online,
and inform local services (such as the iSCSI initiator daemon)
about these changes.
Thanks!
-------
Many thanks to Albert Pauw for his fearless testing of snapshots,
and his copious feedback!
What works, after a fashion:
----------------------------
- For now, I've been focusing on getting the iSCSI part to
work. There is some very basic support for FC objects, but
this will be hardly useful yet.
- Registration, deregistration, query, getnext
You can use isnsadm to register iSCSI nodes, and portals.
isnsadm also illustrates how this is supposed to be used from
the client perspective.
- Discovery domains are supported mostly. The administrator
can create discovery domains using isnsadm, and place storage
nodes in domains. Queries by clients are scoped by their
discovery domains membership, so that they will be unable to
see nodes not part of a shared DD.
Open-iSNS currently does not allow clients to place themselves
in a DD.
Optionally, storage nodes that are not in any discovery domain
will be placed in a "default DD" (see the DefaultDiscoveryDomain
in isnsd.conf).
- ESI, supported both by the server and the discovery daemon
- SCN, supported by the server and the discovery daemon
What is still missing
---------------------
- Better documentation (esp. a HOWTO on getting started with iSNS)
- DD Sets
- Various bits and pieces of the protocol
- FC support
Building Open-iSNS
------------------
The Open-iSNS build is now based on autoconf. The distributed tarball
should include a configure script and a config.h.in file generated
from configure.ac. If these are missing, you can generate them
by running
autoconf
autoheader
For most people, it should be sufficient to run configure without any
arguments, or at most with the option --prefix. If run without --prefix,
program files, manpages etc will be installed below /usr/local. To have
everything installed /usr/bin, /usr/share/man etc, run it as
./configure --prefix=/usr
Dependencies:
- If you want to build Open-iSNS with support for authentication,
you need the OpenSSL libraries and header files installed.
The configure script should pick up the presence of these
libraries, and enable security support automatically. To disable
this explicitly in your build, pass the --without-security option
to configure.
- If you want to build Open-iSNS with SLP support, you need the
OpenSLP library and header file installed.
The configure script should pick up the presence of this library,
and enable SLP support automatically. To disable this explicitly
in your build, pass the --without-slp option to configure.
When configure is run, it checks for a the presence of a number of
headers and libraries in your system (the results of most of these checks
are currently ignored :-). Then, it creates a Makefile and a config.h
include file. With these in place, you can build the binaries and libraries:
make
make install
Then, run "make clean" to clean up your binaries, or run "make distclean"
to get back to a clean pre-configuration state.
Testing
-------
See the README in the tests subdirectory for information on running
the isnsd selftests.
Getting started
---------------
On the iSNS server, you need to generate a server key and install it. The
simplest way is probably to use the isnssetup script included in the
source package.
For each client you wish to use, you should then
iSNS Security
-------------
This implementation of iSNS supports authentication, as descibed in RFC
4171. In order to use it, you have to create DSA keys for the server and
all clients.
iSNS uses conceptually the same security mechanism as SLP, and identifies
principals by a "Security Parameter Index", which is essentially a string
identifying a key.
Open-iSNS fully supports DSA based security, and offers a flexible
policy mechanism that ties an SPI to a network entity and the storage
node names it is allowed to use. For an introduction to the security
model used by Open-iSNS, refer to the isns_config(5) manual page. An
overview on setting up the iSNS server for authentication is given in
the EXAMPLES section of the isnsadm(8) manual page.
Downloading Open-iSNS
---------------------
Open-iSNS is available for download from:
https://github.com/gonzoleeman/open-isns/archive/$(VERSION).tar.gz
or, in souce form, from:
[email protected]:gonzoleeman/open-isns.git
You have to grab the latest tarball and compile it; fancy things such
as RPMs are not available yet.
------------------------------------------------------------------
COPYRIGHT NOTICE
Copyright (C) 2007 Olaf Kirch.
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2.1 of the License, or (at your option) any later version.
This library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
License along with this library; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
02110-1301 USA.
------------------------------------------------------------------
Author:
Olaf Kirch <[email protected]>
Current maintainer:
Lee Duncan <[email protected]> 2015
------------------------------------------------------------------
Things to do:
* fully implement/require device discovery sets
* implement ability to pass in flags to systemd service file for isnsd
* improve automated testing (using PyUnit?)
* ensure all tests pass (!!)
* document testing procedure