[stgt] tgt-admin and a -C, --control-port argument
fujita.tomonori at lab.ntt.co.jp
Fri Apr 2 03:34:13 CEST 2010
On Thu, 01 Apr 2010 18:25:02 -0700
Chandra Seetharaman <sekharan at us.ibm.com> wrote:
> On Fri, 2010-04-02 at 09:57 +0900, FUJITA Tomonori wrote:
> > On Thu, 01 Apr 2010 09:54:54 -0700
> > Chandra Seetharaman <sekharan at us.ibm.com> wrote:
> > >
> > > 1. The purpose of multiple tgtds (and the control port) is to make each
> > > tgtd dedicated to ipaddress (or port).
> > >
> > > 2. Each target will be associated with only one ip address (which also
> > > means we have to add a ip address token to target definition).
> > >
> > > (1) and (2) make me think that we do not need an explicit "control port"
> > > parameter for targets.conf syntax.
> > >
> > > If any target has a ip address specifically defined, then tgt-admin can
> > > define a control port and use it at the right place (as it does with tid
> > > currently) and keep the control port definition totally internal to
> > > tgt-admin.
> > Yeah, we could generate 'control port' from 'iscsi ip
> > address (or port)'. However, tgt needs to support more than iSCSI.
> I don't see any problems with that. In future when we add portals for
> different protocols, we can create control ports for them too.
The my point is that I prefer provide the way to specify the control
port explicitly rather than generating the port in the protocol
> > > Does it make sense ? Or am I missing something ?
> > >
> > > I had a related question, will we ever want to make multiple ip
> > > addresses served by a single tgtd ?
> > Yeah, by default, tgtd accepts any ip addresses of the host. Can can
> > change this behavior with 'portal' option.
> My question is will be allowing association of more than one ip address
> to a control port.
Seems that you misunderstand the control port. It's not ip
address:port. It's an unix domain socket.
You can do whatever you want against tgtd via the control port. So we
need some authentication if we allow the management over IP. We use an
unix domain socket so we can use the authentication mechanism of an
unix domain socket.
We could implement authentication over network but I prefer to depend
on other projects about it.
> If that is the case would all the targets associated with that control
> port will be available thru all the ip addresses that are associated
> with that control port ?
To unsubscribe from this list: send the line "unsubscribe stgt" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
More information about the stgt