Bug 605925 - RFE: tgtd/scsi-target-utils does not support CHAP for discovery
Summary: RFE: tgtd/scsi-target-utils does not support CHAP for discovery
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: scsi-target-utils
Version: 6.0
Hardware: All
OS: Linux
low
medium
Target Milestone: rc
: ---
Assignee: Andy Grover
QA Contact: Bruno Goncalves
URL:
Whiteboard:
Depends On:
Blocks: 697866
TreeView+ depends on / blocked
 
Reported: 2010-06-19 12:38 UTC by Alexander Todorov
Modified: 2012-06-20 14:52 UTC (History)
9 users (show)

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Clone Of:
Environment:
Last Closed: 2012-06-20 14:52:18 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHEA-2012:0970 0 normal SHIPPED_LIVE scsi-target-utils enhancement update 2012-06-19 19:50:39 UTC

Description Alexander Todorov 2010-06-19 12:38:35 UTC
Description of problem:

In the reverse CHAP iSCSI test cases RTT team members have added a comment like
<quote>
We don't have hardware for this, scsi-target-utils doesn't work correctly 
</quote>


I didn't find a BZ referece and I'm not sure what the problem is. I tried to test that but the installer wasn't able to find any targets when reverse CHAP is enabled.

I was told Marian Ganisin will know more about this as he was first to find the issue. Hopefully Marian will update this bug when he comes on Monday or mark it as duplicate appropriately. 

For revere CHAP in iSCSI I found this RFE:
https://bugzilla.redhat.com/show_bug.cgi?id=602224

which looks related to RHEV and is targeted to 6.1

Comment 1 RHEL Program Management 2010-06-19 12:52:55 UTC
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux major release.  Product Management has requested further
review of this request by Red Hat Engineering, for potential inclusion in a Red
Hat Enterprise Linux Major release.  This request is not yet committed for
inclusion.

Comment 2 Marian Ganisin 2010-06-21 05:44:25 UTC
tgtd doesn't seem to support authentication for SendTargets operations. Don't know if this shall be supported or not, anyway anaconda is executing initiator in that way, it requires authentication also for this call if reverse chap is configured.

Comment 3 Alexander Todorov 2010-06-21 07:10:14 UTC
Hi Mike,
please see comment #2. Can you tell us if this is missing functionality in tgtd or anaconda is not implementing the SendTargets operation properly?

Comment 4 Mike Christie 2010-06-21 17:05:43 UTC
tgtd/scsi-target-utils does not support CHAP for discovery right now.

You can use:
http://sourceforge.net/projects/iscsitarget/develop
(make sure you use RHEL5 kernel with stable releases or use the svn code with newer kernels).

I can also get you the netapp simulator or the equalogic/dell simulator. Both are basically the netapp and dell iscsi target code that runs on top of RHEL/fedora or in a VM (the dell one is VM based I think).

Comment 5 Alexander Todorov 2010-06-24 14:40:46 UTC
(In reply to comment #4)
> tgtd/scsi-target-utils does not support CHAP for discovery right now.
> 

Thanks for the update. I'm changing the summary to reflect this. 

With this BZ I'm requesting that tgtd supports CHAP for discovery in RHEL6.

Comment 6 Mike Christie 2010-06-24 22:05:49 UTC
There is a patch on the list to add this support. The maintainer is just trying to decide if he is happy with interface.

Adding devel ack.

Comment 8 Mike Christie 2010-07-14 03:46:11 UTC
I do not think this is going to make it for 6.0. I am still talking to the maintainer about his patch and if we should change the commands.

Comment 12 Mike Christie 2011-03-17 21:05:12 UTC
Moving to 6.2 to add targets.conf chap support.

Comment 13 Andy Grover 2011-08-10 22:09:47 UTC
Moving to 6.3.

Comment 18 Bruno Goncalves 2012-03-22 08:46:30 UTC
The feature is working as requested on scsi-target-utils-1.0.24-2.el6.x86_64

------------
targets.conf
------------
default-driver iscsi
incomingdiscoveryuser username_in password_in
outgoingdiscoveryuser username_out password_out
<target iqn.2009-10.com.redhat:storage-1>
    write-cache off
    allow-in-use yes
    <backing-store /tmp/loop-disk-1-1>
        scsi_sn 1
        scsi_id 1
        lun 1
    </backing-store>
</target>

------------
enabled CHAP discovery on iscsid.conf
------------

iscovery.sendtargets.auth.authmethod = CHAP

discovery.sendtargets.auth.username = username_in
discovery.sendtargets.auth.password = password_in

discovery.sendtargets.auth.username_out = username_out
discovery.sendtargets.auth.password_out = password_out
------------
Create backend storage
dd if=/dev/zero of=/tmp/loop-disk-1-1 bs=1M count=0 seek=1000 2>/dev/null

service tgtd restart
service iscsid restart

iscsiadm -m discovery -t st -p localhost
[::1]:3260,1 iqn.2009-10.com.redhat:storage-1

iscsiadm -m node -l
Logging in to [iface: default, target: iqn.2009-10.com.redhat:storage-1, portal: ::1,3260] (multiple)
Login to [iface: default, target: iqn.2009-10.com.redhat:storage-1, portal: ::1,3260] successful.

iscsiadm -m session
tcp: [1] [::1]:3260,1 iqn.2009-10.com.redhat:storage-1

Comment 20 errata-xmlrpc 2012-06-20 14:52:18 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHEA-2012-0970.html


Note You need to log in before you can comment on or make changes to this bug.