Skip to content

Commit

Permalink
Update for Proxmox 8 and Bearer Token
Browse files Browse the repository at this point in the history 
- Patch updates for Proxmox VE 8
- Update to select Basic or Bearer authentication.
  • Loading branch information
@TheGrandWazoo
TheGrandWazoo committed Jan 6, 2024
1 parent 466d819 commit b9dd1d6
Show file tree
Hide file tree
Showing 17 changed files with 117,413 additions and 1,268 deletions.
17 changes: 13 additions & 4 deletions perl5/PVE/Storage/LunCmd/FreeNAS.pm
View file
Original file line number Diff line number Diff line change
Expand Up @@ -128,10 +128,13 @@ sub run_lun_command {

syslog("info",(caller(0))[3] . " : $method(@params)");

if(!defined($scfg->{'freenas_user'}) || !defined($scfg->{'freenas_password'})) {
die "Undefined freenas_user and/or freenas_password.";
if (defined($scfg->{'truenas_token_auth'}) && $scfg->{'truenas_token_auth'}) {
if (!defined($scfg->{'truenas_secret'})) {
die "Undefined `truenas_secret` variable.";
}
} elsif (!defined($scfg->{'freenas_user'}) || !defined($scfg->{'freenas_password'})) {
die "Undefined `freenas_user` and/or `freenas_password` variables.";
}

if (!defined $freenas_server_list->{defined($scfg->{freenas_apiv4_host}) ? $scfg->{freenas_apiv4_host} : $scfg->{portal}}) {
freenas_api_check($scfg);
}
Expand Down Expand Up @@ -341,7 +344,13 @@ sub freenas_api_connect {
}
$freenas_server_list->{$apihost}->setHost($scheme . '://' . $apihost);
$freenas_server_list->{$apihost}->addHeader('Content-Type', 'application/json');
$freenas_server_list->{$apihost}->addHeader('Authorization', 'Basic ' . encode_base64($scfg->{freenas_user} . ':' . $scfg->{freenas_password}));
if (defined($scfg->{'truenas_token_auth'})) {
syslog("info", (caller(0))[3] . " : Authentication using Bearer Token Auth");
$freenas_server_list->{$apihost}->addHeader('Authorization', 'Bearer ' . $scfg->{truenas_secret});
} else {
syslog("info", (caller(0))[3] . " : Authentication using Basic Auth");
$freenas_server_list->{$apihost}->addHeader('Authorization', 'Basic ' . encode_base64($scfg->{freenas_user} . ':' . $scfg->{freenas_password}));
}
# If using SSL, don't verify SSL certs
if ($scfg->{freenas_use_ssl}) {
$freenas_server_list->{$apihost}->getUseragent()->ssl_opts(verify_hostname => 0);
Expand Down
157 changes: 157 additions & 0 deletions perl5/PVE/Storage/ZFSPlugin-8.1.3_1.pm.patch
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,157 @@
--- ZFSPlugin.pm.orig 2023-12-31 09:56:18.895228853 -0500
+++ ZFSPlugin.pm 2023-12-31 09:57:08.830488875 -0500
@@ -10,6 +10,7 @@

use base qw(PVE::Storage::ZFSPoolPlugin);
use PVE::Storage::LunCmd::Comstar;
+use PVE::Storage::LunCmd::FreeNAS;
use PVE::Storage::LunCmd::Istgt;
use PVE::Storage::LunCmd::Iet;
use PVE::Storage::LunCmd::LIO;
@@ -26,13 +27,14 @@
modify_lu => 1,
add_view => 1,
list_view => 1,
+ list_extent => 1,
list_lu => 1,
};

my $zfs_unknown_scsi_provider = sub {
my ($provider) = @_;

- die "$provider: unknown iscsi provider. Available [comstar, istgt, iet, LIO]";
+ die "$provider: unknown iscsi provider. Available [comstar, freenas, istgt, iet, LIO]";
};

my $zfs_get_base = sub {
@@ -40,6 +42,8 @@

if ($scfg->{iscsiprovider} eq 'comstar') {
return PVE::Storage::LunCmd::Comstar::get_base;
+ } elsif ($scfg->{iscsiprovider} eq 'freenas') {
+ return PVE::Storage::LunCmd::FreeNAS::get_base;
} elsif ($scfg->{iscsiprovider} eq 'istgt') {
return PVE::Storage::LunCmd::Istgt::get_base;
} elsif ($scfg->{iscsiprovider} eq 'iet') {
@@ -62,6 +66,8 @@
if ($lun_cmds->{$method}) {
if ($scfg->{iscsiprovider} eq 'comstar') {
$msg = PVE::Storage::LunCmd::Comstar::run_lun_command($scfg, $timeout, $method, @params);
+ } elsif ($scfg->{iscsiprovider} eq 'freenas') {
+ $msg = PVE::Storage::LunCmd::FreeNAS::run_lun_command($scfg, $timeout, $method, @params);
} elsif ($scfg->{iscsiprovider} eq 'istgt') {
$msg = PVE::Storage::LunCmd::Istgt::run_lun_command($scfg, $timeout, $method, @params);
} elsif ($scfg->{iscsiprovider} eq 'iet') {
@@ -166,6 +172,15 @@
die "lun_number for guid $guid is not a number";
}

+# Part of the multipath enhancement
+sub zfs_get_wwid_number {
+ my ($class, $scfg, $guid) = @_;
+
+ die "could not find lun_number for guid $guid" if !$guid;
+
+ return $class->zfs_request($scfg, undef, 'list_extent', $guid);
+}
+
# Configuration

sub type {
@@ -184,6 +199,32 @@
description => "iscsi provider",
type => 'string',
},
+ # This is for FreeNAS iscsi and API intergration
+ # And some enhancements asked by the community
+ freenas_user => {
+ description => "FreeNAS API Username",
+ type => 'string',
+ },
+ freenas_password => {
+ description => "FreeNAS API Password (Deprecated)",
+ type => 'string',
+ },
+ truenas_secret => {
+ description => "TrueNAS API Secret",
+ type => 'string',
+ },
+ truenas_token_auth => {
+ description => "TrueNAS API Authentication with Token",
+ type => 'boolean',
+ },
+ freenas_use_ssl => {
+ description => "FreeNAS API access via SSL",
+ type => 'boolean',
+ },
+ freenas_apiv4_host => {
+ description => "FreeNAS API Host",
+ type => 'string',
+ },
# this will disable write caching on comstar and istgt.
# it is not implemented for iet. iet blockio always operates with
# writethrough caching when not in readonly mode
@@ -211,14 +252,20 @@
nodes => { optional => 1 },
disable => { optional => 1 },
portal => { fixed => 1 },
- target => { fixed => 1 },
- pool => { fixed => 1 },
+ target => { fixed => 0 },
+ pool => { fixed => 0 },
blocksize => { fixed => 1 },
iscsiprovider => { fixed => 1 },
nowritecache => { optional => 1 },
sparse => { optional => 1 },
comstar_hg => { optional => 1 },
comstar_tg => { optional => 1 },
+ freenas_user => { optional => 1 },
+ freenas_password => { optional => 1 },
+ truenas_secret => { optional => 1 },
+ truenas_token_auth => { optional => 1 },
+ freenas_use_ssl => { optional => 1 },
+ freenas_apiv4_host => { optional => 1 },
lio_tpg => { optional => 1 },
content => { optional => 1 },
bwlimit => { optional => 1 },
@@ -243,6 +290,40 @@

my $path = "iscsi://$portal/$target/$lun";

+ # Multipath enhancement
+ eval {
+ my $wwid = $class->zfs_get_wwid_number($scfg, $guid);
+# syslog(info,"JD: path get_lun_number guid $guid");
+
+ if ($wwid =~ /^([-\@\w.]+)$/) {
+ $wwid = $1; # $data now untainted
+ } else {
+ die "Bad data in '$wwid'"; # log this somewhere
+ }
+ my $wwid_end = substr $wwid, 16;
+
+ my $mapper = '';
+ sleep 3;
+ run_command("iscsiadm -m session --rescan");
+ sleep 3;
+ my $line = `/usr/sbin/multipath -ll | grep \"$wwid_end\"`;
+ my ($mapper_device) = split(' ', $line);
+ $mapper_device = "" unless $mapper_device;
+ $mapper .= $mapper_device;
+
+ if ($mapper =~ /^([-\@\w.]+)$/) {
+ $mapper = $1; # $data now untainted
+ } else {
+ $mapper = '';
+ }
+
+# syslog(info,"Multipath mapper found: $mapper\n");
+ if ($mapper ne "") {
+ $path = "/dev/mapper/$mapper";
+ sleep 5;
+ }
+ };
+
return ($path, $vmid, $vtype);
}

22 changes: 16 additions & 6 deletions perl5/PVE/Storage/ZFSPlugin.pm.patch
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
--- ZFSPlugin.pm.orig 2022-02-04 12:08:01.000000000 -0500
+++ ZFSPlugin.pm 2022-03-26 13:51:40.660068908 -0400
--- ZFSPlugin.pm.orig 2023-12-31 09:56:18.895228853 -0500
+++ ZFSPlugin.pm 2023-12-31 09:57:08.830488875 -0500
@@ -10,6 +10,7 @@

use base qw(PVE::Storage::ZFSPoolPlugin);
Expand Down Expand Up @@ -58,7 +58,7 @@
# Configuration

sub type {
@@ -184,6 +199,24 @@
@@ -184,6 +199,32 @@
description => "iscsi provider",
type => 'string',
},
Expand All @@ -69,9 +69,17 @@
+ type => 'string',
+ },
+ freenas_password => {
+ description => "FreeNAS API Password",
+ description => "FreeNAS API Password (Deprecated)",
+ type => 'string',
+ },
+ truenas_secret => {
+ description => "TrueNAS API Secret",
+ type => 'string',
+ },
+ truenas_token_auth => {
+ description => "TrueNAS API Authentication with Token",
+ type => 'boolean',
+ },
+ freenas_use_ssl => {
+ description => "FreeNAS API access via SSL",
+ type => 'boolean',
Expand All @@ -83,7 +91,7 @@
# this will disable write caching on comstar and istgt.
# it is not implemented for iet. iet blockio always operates with
# writethrough caching when not in readonly mode
@@ -211,14 +244,18 @@
@@ -211,14 +252,20 @@
nodes => { optional => 1 },
disable => { optional => 1 },
portal => { fixed => 1 },
Expand All @@ -99,12 +107,14 @@
comstar_tg => { optional => 1 },
+ freenas_user => { optional => 1 },
+ freenas_password => { optional => 1 },
+ truenas_secret => { optional => 1 },
+ truenas_token_auth => { optional => 1 },
+ freenas_use_ssl => { optional => 1 },
+ freenas_apiv4_host => { optional => 1 },
lio_tpg => { optional => 1 },
content => { optional => 1 },
bwlimit => { optional => 1 },
@@ -243,6 +280,40 @@
@@ -243,6 +290,40 @@

my $path = "iscsi://$portal/$target/$lun";

Expand Down
91 changes: 91 additions & 0 deletions pve-docs/api-viewer/apidoc-8.0.5_1.js.patch
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,91 @@
--- apidoc.js.orig 2024-01-06 13:02:06.730512378 -0500
+++ apidoc.js 2024-01-06 13:02:55.349787105 -0500
@@ -50336,6 +50336,37 @@
"type" : "string",
"typetext" : "<string>"
},
+ "freenas_user" : {
+ "description" : "FreeNAS user for API access",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "freenas_password" : {
+ "description" : "FreeNAS password for API access (Deprecated)",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "truenas_secret" : {
+ "description" : "TrueNAS Secret for API access",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "freenas_use_ssl" : {
+ "description" : "FreeNAS API access via SSL",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "freenas_apiv4_host" : {
+ "description" : "FreeNAS API Host via IPv4",
+ "format" : "address",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"fuse" : {
"description" : "Mount CephFS through FUSE.",
"optional" : 1,
@@ -50555,6 +50586,12 @@
"type" : "boolean",
"typetext" : "<boolean>"
},
+ "target" : {
+ "description" : "iSCSI target.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"transport" : {
"description" : "Gluster transport: tcp or rdma",
"enum" : [
@@ -50854,6 +50891,37 @@
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
+ },
+ "freenas_user" : {
+ "description" : "FreeNAS user for API access",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "freenas_password" : {
+ "description" : "FreeNAS password for API access (Deprecated)",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "truenas_secret" : {
+ "description" : "TrueNAS secret for API access",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "freenas_use_ssl" : {
+ "description" : "FreeNAS API access via SSL",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "freenas_apiv4_host" : {
+ "description" : "FreeNAS API Host via IPv4",
+ "format" : "address",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
},
"fuse" : {
"description" : "Mount CephFS through FUSE.",
Loading

0 comments on commit b9dd1d6

Please sign in to comment.