Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

tree: various tweaks #1

Merged
merged 1 commit into from
Oct 16, 2023
Merged

tree: various tweaks #1

merged 1 commit into from
Oct 16, 2023

Conversation

jlebon
Copy link

@jlebon jlebon commented Oct 13, 2023

These are tweaks we worked on together to get iSCSI booting working.

I didn't reflect the changes back in the main README. Will let you do that. :)

For posterity, notes on some of the things we changed:

  • delete saveconfig.json; we recreate the config imperatively from scratch each time for more clarity
  • put targetcli_script in /usr/local/bin; we can't write files directly in /
  • drop the virtiofs mount unit; we rely on cosa to do that (this assumes then that we're running this from a cosa workdir, likely we'll want to make this more generic in the future)
  • order against target.service, not target.container; the latter is just an input file to the quadlet generator and is foreign to systemd
  • add ConditionFirstBoot=true since we only need to set up the iSCSI target on first boot
  • move network-online.target ordering to [Unit] section
  • make all the targetcli commands run in the same podman exec invocation
  • cargo-cult a bunch more ACL-related targetcli settings

@jlebon
Copy link
Author

jlebon commented Oct 13, 2023

Just writing this here for now (let's adapt the README with that info): with this + coreos/coreos-assembler#3644 + coreos/coreos-assembler#3645, we can directly pass the iPXE config and we don't need to set up a bridge anymore. So the setup procedure is now:

  • set up the metal raw file in e.g. /path/to/workdir/tmp/fcos.raw
  • bring up VM with the Ignition config here
  • in the VM, verify that iscsid is up and running and that the target is set up and mountable:
[root@cosa-devsh ~]# iscsiadm -m discovery -t sendtargets -p 10.0.2.15
10.0.2.15:3260,1 iqn.2023-10.coreos.target.vm:coreos
[root@cosa-devsh ~]# iscsiadm -m node -T iqn.2023-10.coreos.target.vm:coreos -p 10.0.2.15 -l
Logging in to [iface: default, target: iqn.2023-10.coreos.target.vm:coreos, portal: 10.0.2.15,3260]
Login to [iface: default, target: iqn.2023-10.coreos.target.vm:coreos, portal: 10.0.2.15,3260] successful.
[root@cosa-devsh ~]# lsblk
NAME   MAJ:MIN RM  SIZE RO TYPE MOUNTPOINTS
sda      8:0    0  2.4G  0 disk
├─sda1   8:1    0    1M  0 part
├─sda2   8:2    0  127M  0 part
├─sda3   8:3    0  384M  0 part
└─sda4   8:4    0  1.9G  0 part
vda    252:0    0   50G  0 disk
├─vda1 252:1    0    1M  0 part
├─vda2 252:2    0  127M  0 part
├─vda3 252:3    0  384M  0 part /boot
└─vda4 252:4    0 49.5G  0 part /var/lib/containers/storage/overlay
                                /var
                                /sysroot/ostree/deploy/fedora-coreos/var
                                /usr
                                /etc
                                /
                                /sysroot
[root@cosa-devsh ~]# iscsiadm -m node -T iqn.2023-10.coreos.target.vm:coreos -p 10.0.2.15 -u
Logging out of session [sid: 9, target: iqn.2023-10.coreos.target.vm:coreos, portal: 10.0.2.15,3260]
Logout of [sid: 9, target: iqn.2023-10.coreos.target.vm:coreos, portal: 10.0.2.15,3260] successful.
  • start guest VM, using a different network and pointing at the host VM in the iPXE config:
#!ipxe
sanboot iscsi:10.0.2.15::::iqn.2023-10.coreos.target.vm:coreos

podman run -ti --privileged --net=host --rm -v /mnt/workdir:/mnt/workdir \
  quay.io/coreos-assembler/coreos-assembler shell -- \
    kola qemuexec --netboot /mnt/workdir/tmp/ipxe/boot.ipxe --usernet-addr 10.0.3.0/24

The metal image needs to actually be expanded to some reasonable size, e.g.

$ truncate -s 16G fcos.raw

@jlebon
Copy link
Author

jlebon commented Oct 13, 2023

And testing mounting within the VM (manually in the emergency shell for now):

:/root# systemctl start nm-initrd
:/root# iscsiadm -m node -T iqn.2023-10.coreos.target.vm:coreos -p 10.0.2.15 -l
iscsiadm: Could not execute operation on all records: encountered iSCSI database failure
Logging in to [iface: default, target: iqn.2023-10.coreos.target.vm:coreos, portal: 10.0.2.15,3260]
[   98.855888] scsi host2: iSCSI Initiator over TCP/IP
[   98.861372] iscsid[593]: iscsid: Connection1:0 to [target: iqn.2023-10.coreos.target.vm:coreos, portal: 10.0.2.15,3w
[   98.865647] scsi 2:0:0:0: Direct-Access     LIO-ORG  coreos           4.0  PQ: 0 ANSI: 6
[   98.869128] scsi 2:0:0:0: alua: supports implicit and explicit TPGS
[   98.870838] scsi 2:0:0:0: alua: device naa.6001405e6c654c7f5b2459283092ef12 port group 0 rel port 1
[   98.874898] sd 2:0:0:0: [sda] 5013504 512-byte logical blocks: (2.57 GB/2.39 GiB)
[   98.876996] sd 2:0:0:0: Attached scsi generic sg0 type 0
[   98.878544] sd 2:0:0:0: [sda] Write Protect is off
[   98.880346] sd 2:0:0:0: [sda] Write cache: enabled, read cache: enabled, supports DPO and FUA
Login to [iface: default, target: iqn.2023-10.coreos.target.vm:coreos, portal: 10.0.2.15,3260] successful.
:/root# [   98.887868] sd 2:0:0:0: [sda] Preferred minimum I/O size 512 bytes
[   98.889529] sd 2:0:0:0: [sda] Optimal transfer size 8388608 bytes
[   98.893387]  sda: sda1 sda2 sda3 sda4
[   98.897525] sd 2:0:0:0: [sda] Attached SCSI disk

:/root# lsblk
NAME   MAJ:MIN RM  SIZE RO TYPE MOUNTPOINTS
sda      8:0    0  2.4G  0 disk
|-sda1   8:1    0    1M  0 part
|-sda2   8:2    0  127M  0 part
|-sda3   8:3    0  384M  0 part
`-sda4   8:4    0  1.9G  0 part

@jlebon
tree: various tweaks
6faf922 
These are tweaks we worked on together to get iSCSI booting working.

I didn't reflect the changes back in the main README. Will let you do
that. :)

For posterity, notes on some of the things we changed:
- delete `saveconfig.json`; we recreate the config imperatively from
  scratch each time for more clarity
- put `targetcli_script` in `/usr/local/bin`; we can't write files
  directly in `/`
- drop the virtiofs mount unit; we rely on cosa to do that (this assumes
  then that we're running this from a cosa workdir, likely we'll want to
  make this more generic in the future)
- order against `target.service`, not `target.container`; the latter is
  just an input file to the quadlet generator and is foreign to systemd
- add `ConditionFirstBoot=true` since we only need to set up the iSCSI
  target on first boot
- move `network-online.target` ordering to `[Unit]` section
- make all the `targetcli` commands run in the same `podman exec`
  invocation
- cargo-cult a bunch more ACL-related targetcli settings
@jbtrystram jbtrystram merged commit cdcc195 into jbtrystram:main Oct 16, 2023
@jlebon jlebon mentioned this pull request Oct 16, 2023
Closed
jbtrystram added a commit that referenced this pull request Oct 17, 2023
@jbtrystram
Update documentation to reflect PR #1
69ab115
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
2 participants
@jlebon @jbtrystram