diff --git a/README.md b/README.md index 62254a7..613a9b6 100644 --- a/README.md +++ b/README.md @@ -94,9 +94,9 @@ If you are running Kubernetes with rancher/rke please see the following: - https://github.com/rancher/rke/issues/1846 -``` -RHEL / CentOS +#### RHEL / CentOS +``` # Install the following system packages sudo yum install -y lsscsi iscsi-initiator-utils sg3_utils device-mapper-multipath @@ -110,10 +110,11 @@ sudo systemctl start iscsid multipathd # Start and enable iscsi sudo systemctl enable iscsi sudo systemctl start iscsi +``` +#### Ubuntu / Debian -Ubuntu / Debian - +``` # Install the following system packages sudo apt-get install -y open-iscsi lsscsi sg3-utils multipath-tools scsitools @@ -134,6 +135,45 @@ sudo systemctl enable open-iscsi.service sudo service open-iscsi start sudo systemctl status open-iscsi ``` +#### [Talos](https://www.talos.dev/) +To use iscsi storage in kubernetes cluster in talos these steps are needed which are similar to the ones explained in https://www.talos.dev/v1.1/kubernetes-guides/configuration/replicated-local-storage-with-openebs-jiva/#patching-the-jiva-installation + +##### Patch nodes +since talos does not have iscsi support by default, the iscsi extension is needed +create a `patch.yaml` file with +```yaml +- op: add + path: /machine/install/extensions + value: + - image: ghcr.io/siderolabs/iscsi-tools:v0.1.1 +``` +and apply the patch across all of your nodes +```bash +talosctl -e -n patch mc -p @patch.yaml +``` +the extension will not activate until you "upgrade" the nodes, even if there is no update, use the latest version of talos installer. +VERIFY THE TALOS VERSION IN THIS COMMAND BEFORE RUNNING IT AND READ THE [OpenEBS Jiva](https://www.talos.dev/v1.1/kubernetes-guides/configuration/replicated-local-storage-with-openebs-jiva/#patching-the-jiva-installation). +upgrade all of the nodes in the cluster to get the extension +```bash +talosctl -e -n upgrade --image=ghcr.io/siderolabs/installer:v1.1.1 +``` + +in your `values.yaml` file make sure to enable these settings +```yaml + +node: + hostPID: true + driver: + extraEnv: + - name: ISCSIADM_HOST_STRATEGY + value: nsenter + - name: ISCSIADM_HOST_PATH + value: /usr/local/sbin/iscsiadm + iscsiDirHostPath: /usr/local/etc/iscsi + iscsiDirHostPathType: "" +``` +and continue your democratic installation as usuall with other iscsi drivers. + ### freenas-smb diff --git a/docker/iscsiadm b/docker/iscsiadm index 56623d7..1642aaa 100755 --- a/docker/iscsiadm +++ b/docker/iscsiadm @@ -1,5 +1,24 @@ #!/bin/bash -# https://engineering.docker.com/2019/07/road-to-containing-iscsi/ +iscsiadm_host_strategy=$([ $ISCSIADM_HOST_STRATEGY ] && echo $ISCSIADM_HOST_STRATEGY || echo "chroot") +iscsiadm_host_path=$( [ $ISCSIADM_HOST_PATH ] && echo $ISCSIADM_HOST_PATH || echo "/sbin/iscsiadm") -chroot /host /usr/bin/env -i PATH="/usr/sbin:/usr/bin:/sbin:/bin" iscsiadm "${@:1}" +case $iscsiadm_host_strategy in + chroot) + # https://engineering.docker.com/2019/07/road-to-containing-iscsi/ + chroot /host /usr/bin/env -i PATH="/usr/sbin:/usr/bin:/sbin:/bin" iscsiadm "${@:1}" + ;; + + nsenter) + # https://github.com/siderolabs/extensions/issues/38#issuecomment-1125403043 + iscsid_pid=$(for proc in /proc/*/cmdline; do grep -q "iscsid -f" <<< $(cat $proc 2>/dev/null | tr "\0" " ") && echo $(basename $(dirname $proc)) && break; done) + if [ "$iscsid_pid" = "" ]; then + exit 1 + fi + nsenter --mount="/proc/${iscsid_pid}/ns/mnt" --net="/proc/${iscsid_pid}/ns/net" -- $iscsiadm_host_path "${@:1}" + ;; + + *) + exit 1 + ;; +esac