[stgt] initiator-name discriminator for target binding
FUJITA Tomonori
fujita.tomonori at lab.ntt.co.jp
Thu Jun 4 16:48:37 CEST 2009
On Thu, 04 Jun 2009 17:21:47 +0300
Or Gerlitz <ogerlitz at Voltaire.com> wrote:
> FUJITA Tomonori wrote:
> >> I'd like to check if tgt support initiator-names for target binding.
> >
> > Do you want to do it for strict security or easy administration?
>
> First, its seems to me more strict.
Hmm, an initiator box can change the name to log in a target
illegally. I think that initiator-name-base binding doesn't mean
strict security.
> Second, nowadays, when virtualization comes to town, a single host (hypervisor) may have multiple guests running on top of it, and there's a need to provide a disk for each of them, where the initiator run on the host.
>
> So a possible solution is to set a scheme at the target of defining multiple portals (I mean target names) each associated with a different lun and a different initiator name but they all relate to the same initiator ip address.
Why VMM can't just store the relationship between a guest and a target
name? VMM can do without initiator names, I think.
And I think that people usually do:
a) each guest has the own IP address and runs the iscsi
initiator.
or
b) VMM runs the initiator and create a file system (could be a SAN FS
like vmfs) on it and give a file each guest.
Note that I'm not against the initiator-name binding. I just want to
know how it can be useful.
--
To unsubscribe from this list: send the line "unsubscribe stgt" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
More information about the stgt
mailing list