CN108366087B - ISCSI service realization method and device based on distributed file system - Google Patents
ISCSI service realization method and device based on distributed file system Download PDFInfo
- Publication number
- CN108366087B CN108366087B CN201711427584.0A CN201711427584A CN108366087B CN 108366087 B CN108366087 B CN 108366087B CN 201711427584 A CN201711427584 A CN 201711427584A CN 108366087 B CN108366087 B CN 108366087B
- Authority
- CN
- China
- Prior art keywords
- iscsi
- target
- available
- initiator
- read
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 34
- 239000003999 initiator Substances 0.000 claims abstract description 192
- 230000004044 response Effects 0.000 claims description 13
- 238000012423 maintenance Methods 0.000 claims description 8
- 238000012544 monitoring process Methods 0.000 claims description 7
- 230000008569 process Effects 0.000 claims description 5
- 238000007726 management method Methods 0.000 description 41
- 238000010586 diagram Methods 0.000 description 4
- 230000006855 networking Effects 0.000 description 4
- 238000004891 communication Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 2
- 238000013500 data storage Methods 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- GOLXNESZZPUPJE-UHFFFAOYSA-N spiromesifen Chemical compound CC1=CC(C)=CC(C)=C1C(C(O1)=O)=C(OC(=O)CC(C)(C)C)C11CCCC1 GOLXNESZZPUPJE-UHFFFAOYSA-N 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1001—Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/10—File systems; File servers
- G06F16/17—Details of further file system functions
- G06F16/176—Support for shared access to files; File sharing support
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/10—File systems; File servers
- G06F16/18—File system types
- G06F16/182—Distributed file systems
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Mining & Analysis (AREA)
- Databases & Information Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention provides a method and a device for realizing ISCSI service based on a distributed file system, wherein the distributed file system comprises a management node and data nodes, and a plurality of ISCSI targets are deployed on each data node; the method is applied to the management node and comprises the following steps: maintaining a Target sharing list comprising ISCSI Target information on all data nodes; when the ISCSI Initiator is started, all available ISCSI targets corresponding to the ISCSI Initiator in a Target sharing list are provided for the ISCSI Initiator, so that the ISCSI Initiator can establish connection with any available ISCSI Target; and receiving a data read-write request from the ISCSI Initiator forwarded by any available ISCSI Target, performing read-write operation on a data node in the distributed file system based on the data read-write request, and returning a read-write operation result to the ISCSI Initiator through any available ISCSI Target.
Description
Technical Field
The present invention relates to the field of computer storage technologies, and in particular, to a method and an apparatus for implementing an ISCSI service based on a distributed file system.
Background
Cloud storage is a new concept that has been extended and developed over the concept of cloud computing (cloud computing). The cloud storage is a framework, and refers to a system which integrates a large number of storage devices of various types in a network through application software to cooperatively work through functions such as cluster application, a grid technology or a distributed file system, and provides data storage and service access functions to the outside.
ISCSI is an important achievement of SCSI over IP, a SCSI command set used by hardware devices that can run at the upper layers of the IP protocol. Briefly, ISCSI may enable a SCSI protocol to be run over IP networks, enabling routing over, for example, high-speed gigabit ethernet. San (storage Area network) to carry high bandwidth of SCSI protocol, a fibre channel is generally adopted to implement networking, which directly results in expensive implementation cost. To reduce networking costs while protecting most of the customers' existing investments in IP networks, the industry is working on the SCSI over IP protocol.
Disclosure of Invention
In view of the above, the present invention provides a method and an apparatus for implementing ISCSI service based on a distributed file system, which can reduce the networking cost of the distributed file system.
In order to achieve the purpose, the invention provides the following technical scheme:
a ISCSI service implementation method based on a distributed file system, wherein the distributed file system comprises a management node and data nodes, and a plurality of ISCSI targets are deployed on each data node; the method is applied to the management node and comprises the following steps:
maintaining a Target sharing list comprising ISCSI Target information on all data nodes;
when the ISCSI Initiator is started, all available ISCSI targets corresponding to the ISCSI Initiator in a Target sharing list are provided for the ISCSI Initiator, so that the ISCSI Initiator can establish connection with any available ISCSI Target;
and receiving a data read-write request from the ISCSI Initiator forwarded by any available ISCSI Target, performing read-write operation on a data node in the distributed file system based on the data read-write request, and returning a read-write operation result to the ISCSI Initiator through any available ISCSI Target.
An ISCSI service implementation device based on a distributed file system, wherein the distributed file system comprises a management node and data nodes, and a plurality of ISCSI targets are deployed on each data node; the device is applied to the management node and comprises the following steps: the device comprises a maintenance unit, a connection control unit and a read-write control unit;
the maintenance unit is used for maintaining a Target sharing list comprising ISCSI Target information on all data nodes;
the connection control unit is used for providing all available ISCSI targets corresponding to the ISCSI initiators in a Target sharing list to the ISCSI initiators when the ISCSI initiators are started, so that the ISCSI initiators can be connected with any available ISCSI Target;
the read-write control unit is configured to receive a data read-write request from the ISCSI Initiator forwarded by any one of the available ISCSI targets, perform read-write operation on a data node in the distributed file system based on the data read-write request, and return a read-write operation result to the ISCSI Initiator through any one of the available ISCSI targets.
According to the technical scheme, a plurality of ISCSI targets can be deployed at each data node of the distributed file system, and the management node in the distributed file system monitors the connection state of each ISCSI Target and updates the connection state to the Target sharing directory, so that the management node can determine the available ISCSI targets of the ISCSI initiators based on the Target sharing directory, and communication management between the ISCSI initiators and the ISCSI targets is realized. The invention can effectively reduce the networking cost of the distributed file system.
Drawings
FIG. 1 is a schematic diagram of ISCSI service architecture based on a distributed file system according to an embodiment of the present invention
FIG. 2 is a flow chart of an ISCSI service implementation method based on a distributed file system according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of an ISCSI service implementation apparatus based on a distributed file system according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the technical solutions of the present invention are described in detail below with reference to the accompanying drawings according to embodiments.
Referring to fig. 1, fig. 1 is a schematic diagram of an ISCSI service architecture based on a distributed file system according to an embodiment of the present invention, as shown in fig. 1, the distributed file system includes a management node and a data node, and an ISCSI Initiator (ISCSI Initiator) is deployed at a client of each operating system platform outside the distributed file system; the ISCSI target is deployed on data nodes of the distributed file system, and multiple ISCSI targets (ISCSI targets) may be deployed on each data node.
In the service architecture shown in fig. 1, the management node is responsible for the relevant configuration and management of the ISCSI Initiator and the management of the communication between the ISCSI Initiator and the ISCSI target.
The following describes the implementation of the present invention in detail with reference to specific embodiments.
Referring to fig. 2, fig. 2 is a flowchart of an ISCSI service implementation method based on a distributed file system according to an embodiment of the present invention, where the method is applied to a management node of the distributed file system, and specifically includes the following steps:
step 101, a Target sharing list including ISCSI Target information on all data nodes is maintained.
In the Target sharing list, the ISCSI Target information includes a connection state of the ISCSI Target.
The connection state between the ISCSI Target and the ISCSI Initiator includes the following:
1. and (3) connecting: the ISCSI Target has established a connection with an ISCSI Initiator.
2. Positive connection: the ISCSI Target is establishing a connection with an ISCSI Initiator.
3. And (3) unconnected: the ISCSI Target has not yet established a connection with any ISCSI Initiator.
4. Not running: the ISCSI Target is not started and cannot establish a connection with the ISCSI Initiator.
In this embodiment, the shared list may be updated and maintained by monitoring the connection states of the ISCSI targets on all the data nodes and updating the ISCSI targets to the Target shared list, and specifically, each ISCSI Target on a data node may report its connection state information periodically, or may report its connection state information only when its connection state changes. And the management node receives the connection state information reported by each ISCSI Target and updates the Target sharing list according to the received connection state information.
In the conventional implementation, after the ISCSI Initiator is started, a connection needs to be established with an ISCSI Target, and then, a user can read and write the ISCSI Target through the ISCSI Initiator, thereby implementing data access to the distributed storage system.
In the invention, each ISCSI Initiator is configured with a specific ISCSI Target on a corresponding specific data node. The specific data node corresponding to the ISCSI Initiator may be any data node on the distributed management system, and the specific ISCSI Target refers to an unconnected ISCSI Target on the specific data node. In an actual implementation, all the unconnected ISCSI targets on the specific data node may be sorted according to a certain rule, for example, the start time is first, and the first ISCSI Target to be sorted is determined as the specific ISCSI Target.
It should be noted that the specific ISCSI Target on the specific data node corresponding to each ISCSI Initiator may be the same or different. Specifically by user configuration.
After the ISCSI Initiator is started, a first Target request may be sent to a specific ISCSI Target on a specific data node corresponding to the ISCSI Initiator; after receiving the first Target request, the specific ISCSI Target generates a second Target request, carries the ISCSI Initiator carried in the first Target request to the second Target request and sends the second Target request to a management node; after receiving the second Target request, the management node may determine all available ISCSI targets corresponding to the ISCSI Initiator according to the second Target request and the Target sharing list, and return all available ISCSI targets to the specific ISCSI Target; the specific ISCSI Target returns all available ISCSI targets to the ISCSI Initiator, so that the user can choose to determine with which available ISCSI Target the ISCSI Initiator establishes a connection.
Therefore, in this step 202, all available ISCSI targets corresponding to the ISCSI Initiator in the Target sharing list are provided to the ISCSI Initiator, which specifically includes:
receiving a second Target request sent by a specific ISCSI Target of the ISCSI Initiator; the second Target request is generated after the specific ISCSI Target receives the first Target request sent by the ISCSI Initiator;
and determining all available ISCSI targets corresponding to the ISCSI Initiator according to the second Target request and the Target sharing list, returning all the available ISCSI targets to the specific ISCSI Target, and returning all the available ISCSI targets to the ISCSI Initiator by the specific ISCSI Target.
In practical implementation, before an ISCSI Target does not break the connection with a certain ISCSI Initiator, other ISCSI initiators cannot establish a connection relationship with the ISCSI Target, that is, the ISCSI initiators and the ISCSI Target are in a one-to-one communication relationship.
Therefore, for ISCSI Target, if its connection state is the above-mentioned 1 st connection state (connected), it is not allowed to establish a connection with other ISCSI initiators except the ISCSI Initiator already established; if the connection status is the 2 nd connection status (positive connection), it is not allowed to establish connection with other ISCSI initiators, except for the ISCSI Initiator. In addition, if the connection state of the ISCSI Target is the above-mentioned 4 th connection state (not started), it is not allowed to establish a connection with any ISCSI Initiator until it is started.
Therefore, after the ISCSI Initiator is started, only the ISCSI Target in the unconnected state can be selected to establish connection, that is: only the Target sharing list in which the connection status is unconnected is available to the ISCSI Initiator.
However, the ISCSI Initiator may not be able to establish a connection with any unconnected ISCSI Target, and each ISCSI Target itself also has an access limitation, and only a part of the ISCSI Initiator is allowed to establish a connection with the ISCSI Initiator, so as to ensure data security.
In order to achieve the above object, in this embodiment, the management node may configure an access right for each ISCSI Target in advance, where the access right includes an IP address range limitation; the IP address range is limited to an IP address set, and as long as the IP address of the ISCSI Initiator falls within the IP address set, access to the ISCSI Target is not allowed. Therefore, the IP address range limitation of each ISCSI Target defines which ISCSI initiators are prohibited from accessing the ISCSI Target, and when determining an available ISCSI Target of a certain ISCSI Initiator, the management node needs to exclude all ISCSI targets prohibited from accessing the ISCSI initiators from the available ISCSI targets. .
Therefore, the method for determining all available ISCSI targets corresponding to the ISCSI Initiator according to the second Target request and the Target sharing list may specifically be: and for each ISCSI Target of which the Target sharing list is in an unconnected state, judging whether the IP address of the ISCSI Initiator carried by the second Target request is within the limit of the IP address range of the ISCSI Target, if so, determining that the ISCSI Target is not the available ISCSI Initiator of the ISCSI Initiator, otherwise, determining that the ISCSI Target is the available ISCSI Initiator of the ISCSI Initiator.
In practical applications, the management node may also support chap authentication.
In an embodiment of the present invention, a management node is pre-configured with a user name and a password for the chap authentication corresponding to each ISCSI Target; in addition, a hop authentication mark is configured for each ISCSI Target in advance and is issued to the ISCSI Target; the chap authentication flag includes required authentication and not required authentication.
After the management node provides all available ISCSI targets corresponding to the ISCSI initiators in the Target sharing list to the ISCSI initiators, the user may select one of the available ISCSI targets, and the ISCSI initiators send connection requests to the ISCSI targets; after receiving the connection request, the ISCSI Target sends a hop authentication request to the ISCSI Initiator; the user inputs the user name and the password which are used for the hop authentication and correspond to the ISCSI Target on an operation interface of the ISCSI Initiator, and the ISCSI Initiator carries the user name and the password which are used for the hop authentication and correspond to the ISCSI Target in a hop authentication response and returns the response to the ISCSI Target; the ISCSI Target forwards the hop authentication response to a management node, the management node compares the user name and the password carried in the hop authentication response with the user name and the password which are corresponding to the ISCSI Target and are used for the hop authentication, if the user name and the password are the same, the hop authentication is successful, and an authentication success message is returned to the ISCSI Target, so that the ISCSI Target and the ISCSI Initiator continue to execute subsequent connection processes, and if the user name and the password are not the same, an authentication failure message is returned to the ISCSI Target, so that the ISCSI Target refuses to establish connection with the ISCSI Initiator.
After the ISCSI Initiator and the ISCSI Target are connected, the ISCSI Initiator may send a data read-write request to the ISCSI Target, so as to realize access to the data node.
In the embodiment of the invention, after the ISCSI Target receives the data read-write request from the ISCSI Initiator, the data read-write request is sent to the management node, the management node performs read-write operation on the data node according to the data read-write request and returns the read-write operation result, and the ISCSI Target returns the read-write operation result to the ISCSI Initiator so as to complete the data read-write request of the ISCSI Initiator.
It should be noted that the data read/write request actually includes a data read request and a data write request, if the data read request is a data read request, the management node needs to perform a read operation on the data node, and if the data write request is a data write request, the management node needs to perform a write operation on the data node. Whether the data node is subjected to read operation or write operation, before the data node is subjected to the read operation or the write operation, whether the ISCSI Initiator has corresponding read-write permission to the ISCSI Target or not needs to be judged, if the ISCSI Initiator does not have the corresponding access permission, the ISCSI Initiator can directly return to forbid access, the data node is not subjected to the read operation or the write operation, and if the ISSI Initiator has the corresponding read-write permission, the data node is subjected to the read operation or the write operation.
Therefore, the method for performing read-write operation on the data node in the distributed file system based on the data read-write request in step 203 may specifically be:
if the data read-write request is a read request, if the ISCSI Initiator has a read permission for any one of the available ISCSI targets, performing read operation on a data node in the distributed file system based on the read request, and if the ISCSI Initiator does not have the read permission for any one of the available ISCSI targets, generating read error information used as a read-write operation result;
if the data read-write request is a write request, if the ISCSI Initiator has write permission for any one of the available ISCSI targets, performing write operation on a data node in the distributed file system based on the write request, and if the ISCSI Initiator does not have write permission for any one of the available ISCSI targets, generating write error information used as a read-write operation result.
In practical implementation, there may be multiple management nodes of the distributed file system, where one of the management nodes serves as a primary management node and the other management nodes serve as backup management nodes. Under the condition that the main management node has no fault, the main management node executes various functions executed by the management nodes in the embodiment of the invention shown in fig. 2, and when the main management node has a fault, one of the standby management nodes can be selected as a new main management node to take over the failed main management node.
The ISCSI service implementation method based on the distributed file system according to the embodiment of the present invention is described in detail above, and the present invention further provides an ISCSI service implementation device based on the distributed file system, which is described in detail below with reference to fig. 3.
Referring to fig. 3, fig. 3 is a schematic structural diagram of an ISCSI service implementation apparatus based on a distributed file system according to an embodiment of the present invention, where the distributed file system includes a management node and data nodes, and each data node deploys a plurality of ISCSI targets; as shown in fig. 3, the apparatus is applied to the management node, and includes: a maintenance unit 301, a connection control unit 302, and a read-write control unit 303; wherein,
a maintaining unit 301, configured to maintain a Target sharing list including ISCSI Target information on all data nodes;
a connection control unit 302, configured to provide all available ISCSI targets corresponding to the ISCSI initiators in a Target sharing list to an ISCSI Initiator when the ISCSI Initiator is started, so that the ISCSI Initiator establishes a connection with any available ISCSI Target;
a read-write control unit 303, configured to receive a data read-write request from the ISCSI Initiator forwarded by any available ISCSI Target, perform a read-write operation on a data node in the distributed file system based on the data read-write request, and return a read-write operation result to the ISCSI Initiator through any available ISCSI Target.
In the device shown in figure 3 of the drawings,
the ISCSI Target information comprises the connection state of the ISCSI Target;
when maintaining a Target sharing list including ISCSI Target information on all data nodes, maintenance unit 301 is configured to: and monitoring the connection state of the ISCSI Target on all the data nodes and updating the ISCSI Target to the Target shared list.
In the device shown in figure 3 of the drawings,
when monitoring the connection states of ISCSI Target on all data nodes, the maintenance unit 301 is configured to: and receiving the connection state information reported periodically by each ISCSI Target or reported when the connection state of the ISCSI Target changes.
The apparatus shown in fig. 3 further comprises a configuration unit 304;
the configuration unit 304 is configured to configure, for each ISCSI Initiator, a specific ISCSI Target on a corresponding specific data node;
the connection control unit 302 provides all available ISCSI targets corresponding to the ISCSI Initiator in the Target sharing list to the ISCSI Initiator, and includes:
receiving a second Target request sent by a specific ISCSI Target of the ISCSI Initiator; the second Target request is generated after the specific ISCSI Target receives the first Target request sent by the ISCSI Initiator;
and determining all available ISCSI targets corresponding to the ISCSI Initiator according to the second Target request and the Target sharing list, returning all the available ISCSI targets to the specific ISCSI Target, and returning all the available ISCSI targets to the ISCSI Initiator by the specific ISCSI Target.
In the device shown in figure 3 of the drawings,
the connection state includes: connected, positively connected, unconnected, not running;
the configuration unit 304 is configured to: configuring an access authority for each ISCSI Target in advance, wherein the access authority comprises an IP address range limitation; the IP address range is limited to an IP address set;
the first Target request carries the IP address of the ISCSI Initiator;
a second Target request generated by a specific ISCSI Target of the ISCSI Initiator carries the IP address of the ISCSI Initiator carried by the first Target request;
when determining all available ISCSI targets corresponding to the ISCSI Initiator according to the second Target request and the Target sharing list, the connection control unit 302 is configured to: and for each ISCSI Target of which the Target sharing list is in an unconnected state, judging whether the IP address of the ISCSI Initiator carried by the second Target request is within the limit of the IP address range of the ISCSI Target, if so, determining that the ISCSI Target is not the available ISCSI Initiator of the ISCSI Initiator, otherwise, determining that the ISCSI Target is the available ISCSI Initiator of the ISCSI Initiator.
In the device shown in figure 3 of the drawings,
the access right further comprises a chap authentication mark; the chap authentication mark comprises authentication needed and authentication not needed;
the configuration unit 304 is configured to pre-configure a user name and a password for the chap authentication corresponding to each ISCSI Target;
in the process of establishing a connection between the ISCSI Initiator and any available ISCSI Target, if any available ISCSI Target needs to be authenticated, the connection control unit 302 receives a hop authentication response from the ISCSI Initiator forwarded by any available ISCSI Target, and if a user name and a password carried in the hop authentication response are the same as a user name and a password used for a hop authentication corresponding to any available ISCSI Target, sends a hop authentication success message to any available ISCSI Target, so that a subsequent connection procedure is executed by any available ISCSI Target and the ISCSI Initiator, otherwise, sends a hop authentication failure message to any available ISCSI Target, so that any available ISCSI Target refuses to establish a connection with the ISCSI Initiator; the said hop authentication response is sent to any available ISCSI Target by the ISCSI Initiator after sending a connection request to any available ISCSI Target and receiving a hop authentication request returned by any available ISCSI Target.
In the device shown in figure 3 of the drawings,
the configuration unit 304 is configured to pre-configure a read-write permission of each ISCSI Initiator to each ISCSI Target, where the read-write permission includes a read permission and a write permission;
the data read-write request is a read request or a write request;
the read-write control unit 304, when performing read-write operation on a data node in the distributed file system based on the data read-write request, is configured to:
if the data read-write request is a read request, if the ISCSI Initiator has a read permission for any one of the available ISCSI targets, performing read operation on a data node in the distributed file system based on the read request, and if the ISCSI Initiator does not have the read permission for any one of the available ISCSI targets, generating read error information used as a read-write operation result;
if the data read-write request is a write request, if the ISCSI Initiator has write permission for any one of the available ISCSI targets, performing write operation on a data node in the distributed file system based on the write request, and if the ISCSI Initiator does not have write permission for any one of the available ISCSI targets, generating write error information used as a read-write operation result.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents, improvements and the like made within the spirit and principle of the present invention should be included in the scope of the present invention.
Claims (14)
1. A method for realizing ISCSI service based on a distributed file system is characterized in that the distributed file system comprises a management node and data nodes, and a plurality of ISCSI targets are deployed on each data node; the method is applied to the management node and comprises the following steps:
maintaining a Target sharing list comprising ISCSI Target information on all data nodes;
when the ISCSI Initiator is started, all available ISCSI targets corresponding to the ISCSI Initiator in a Target sharing list are provided for the ISCSI Initiator, so that the ISCSI Initiator can establish connection with any available ISCSI Target;
and receiving a data read-write request from the ISCSI Initiator forwarded by any available ISCSI Target, performing read-write operation on a data node in the distributed file system based on the data read-write request, and returning a read-write operation result to the ISCSI Initiator through any available ISCSI Target.
2. The method of claim 1,
the ISCSI Target information comprises the connection state of the ISCSI Target;
the method for maintaining a Target sharing list including ISCSI Target information on all data nodes comprises the following steps: and monitoring the connection state of the ISCSI Target on all the data nodes and updating the ISCSI Target to the Target shared list.
3. The method of claim 2,
the method for monitoring the connection state of the ISCSI Target on all the data nodes comprises the following steps: and receiving the connection state information reported periodically by each ISCSI Target or reported when the connection state of the ISCSI Target changes.
4. The method of claim 2,
configuring a specific ISCSI Target on a corresponding specific data node for each ISCSI Initiator;
providing all available ISCSI targets corresponding to the ISCSI initiators in a Target sharing list to the ISCSI initiators, including:
receiving a second Target request sent by a specific ISCSI Target of the ISCSI Initiator; the second Target request is generated after the specific ISCSI Target receives the first Target request sent by the ISCSI Initiator;
and determining all available ISCSI targets corresponding to the ISCSI Initiator according to the second Target request and the Target sharing list, returning all the available ISCSI targets to the specific ISCSI Target, and returning all the available ISCSI targets to the ISCSI Initiator by the specific ISCSI Target.
5. The method of claim 4,
the connection state includes: connected, positively connected, unconnected, not running;
configuring an access authority for each ISCSI Target in advance, wherein the access authority comprises an IP address range limitation; the IP address range is limited to an IP address set;
the first Target request carries the IP address of the ISCSI Initiator;
a second Target request generated by a specific ISCSI Target of the ISCSI Initiator carries the IP address of the ISCSI Initiator carried by the first Target request;
the method for determining all available ISCSI targets corresponding to the ISCSI Initiator according to the second Target request and the Target sharing list includes: and for each ISCSI Target of which the Target sharing list is in an unconnected state, judging whether the IP address of the ISCSI Initiator carried by the second Target request is within the limit of the IP address range of the ISCSI Target, if so, determining that the ISCSI Target is not the available ISCSI Initiator of the ISCSI Initiator, otherwise, determining that the ISCSI Target is the available ISCSI Initiator of the ISCSI Initiator.
6. The method of claim 5,
the access right further comprises a chap authentication mark; the chap authentication mark comprises authentication needed and authentication not needed;
pre-configuring a user name and a password which are corresponding to each ISCSI Target and are used for the chap authentication;
in the process of establishing connection between the ISCSI Initiator and any available ISCSI Target, if any available ISCSI Target needs authentication, receiving a hop authentication response forwarded by any available ISCSI Target from the ISCSI Initiator, if a user name and a password carried by the hop authentication response are the same as those of the user name and the password corresponding to any available ISCSI Target and used for the hop authentication, sending a hop authentication success message to any available ISCSI Target so as to execute a subsequent connection process with the ISCSI Initiator through any available ISCSI Target, and otherwise, sending a hop authentication failure message to any available ISCSI Target so as to enable any available ISCSI Target to refuse to establish connection with the ISCSI Initiator; the said hop authentication response is sent to any available ISCSI Target by the ISCSI Initiator after sending a connection request to any available ISCSI Target and receiving a hop authentication request returned by any available ISCSI Target.
7. The method of claim 6,
the method comprises the steps that the read-write permission of each ISCSI Initiator to each ISCSI Target is configured in advance, wherein the read-write permission comprises read permission and write permission;
the data read-write request is a read request or a write request;
the method for performing read-write operation on the data nodes in the distributed file system based on the data read-write request comprises the following steps:
if the data read-write request is a read request, if the ISCSI Initiator has a read permission for any one of the available ISCSI targets, performing read operation on a data node in the distributed file system based on the read request, and if the ISCSI Initiator does not have the read permission for any one of the available ISCSI targets, generating read error information used as a read-write operation result;
if the data read-write request is a write request, if the ISCSI Initiator has write permission for any one of the available ISCSI targets, performing write operation on a data node in the distributed file system based on the write request, and if the ISCSI Initiator does not have write permission for any one of the available ISCSI targets, generating write error information used as a read-write operation result.
8. The ISCSI service implementation device based on the distributed file system is characterized in that the distributed file system comprises a management node and data nodes, and a plurality of ISCSI targets are deployed on each data node; the device is applied to the management node and comprises the following steps: the device comprises a maintenance unit, a connection control unit and a read-write control unit;
the maintenance unit is used for maintaining a Target sharing list comprising ISCSI Target information on all data nodes;
the connection control unit is used for providing all available ISCSI targets corresponding to the ISCSI initiators in a Target sharing list to the ISCSI initiators when the ISCSI initiators are started, so that the ISCSI initiators can be connected with any available ISCSI Target;
the read-write control unit is configured to receive a data read-write request from the ISCSI Initiator forwarded by any one of the available ISCSI targets, perform read-write operation on a data node in the distributed file system based on the data read-write request, and return a read-write operation result to the ISCSI Initiator through any one of the available ISCSI targets.
9. The apparatus of claim 8,
the ISCSI Target information comprises the connection state of the ISCSI Target;
the maintaining unit, when maintaining a Target sharing list including ISCSI Target information on all data nodes, is configured to: and monitoring the connection state of the ISCSI Target on all the data nodes and updating the ISCSI Target to the Target shared list.
10. The apparatus of claim 9,
the maintenance unit, when monitoring the connection states of the ISCSI Target on all the data nodes, is configured to: and receiving the connection state information reported periodically by each ISCSI Target or reported when the connection state of the ISCSI Target changes.
11. The apparatus of claim 9, further comprising a configuration unit;
the configuration unit is configured to configure, for each ISCSI Initiator, a specific ISCSI Target on a corresponding specific data node;
the connection control unit provides all available ISCSI targets corresponding to the ISCSI Initiator in the Target sharing list to the ISCSI Initiator, and includes:
receiving a second Target request sent by a specific ISCSI Target of the ISCSI Initiator; the second Target request is generated after the specific ISCSI Target receives the first Target request sent by the ISCSI Initiator;
and determining all available ISCSI targets corresponding to the ISCSI Initiator according to the second Target request and the Target sharing list, returning all the available ISCSI targets to the specific ISCSI Target, and returning all the available ISCSI targets to the ISCSI Initiator by the specific ISCSI Target.
12. The apparatus of claim 11,
the connection state includes: connected, positively connected, unconnected, not running;
the configuration unit is configured to: configuring an access authority for each ISCSI Target in advance, wherein the access authority comprises an IP address range limitation; the IP address range is limited to an IP address set;
the first Target request carries the IP address of the ISCSI Initiator;
a second Target request generated by a specific ISCSI Target of the ISCSI Initiator carries the IP address of the ISCSI Initiator carried by the first Target request;
the connection control unit, when determining all available ISCSI targets corresponding to the ISCSI Initiator according to the second Target request and the Target sharing list, is configured to: and for each ISCSI Target of which the Target sharing list is in an unconnected state, judging whether the IP address of the ISCSI Initiator carried by the second Target request is within the limit of the IP address range of the ISCSI Target, if so, determining that the ISCSI Target is not the available ISCSI Initiator of the ISCSI Initiator, otherwise, determining that the ISCSI Target is the available ISCSI Initiator of the ISCSI Initiator.
13. The apparatus of claim 12,
the access right further comprises a chap authentication mark; the chap authentication mark comprises authentication needed and authentication not needed;
the configuration unit is used for pre-configuring a user name and a password which are used for the chap authentication and correspond to each ISCSI Target;
the connection control unit receives a hop authentication response from the ISCSI Initiator forwarded by any available ISCSI Target if the any available ISCSI Target needs authentication in a process of establishing connection between the ISCSI Initiator and the any available ISCSI Target, and sends a hop authentication success message to any available ISCSI Target to enable the ISCSI Target to execute a subsequent connection procedure with the ISCSI Initiator through any available ISCSI Target if a user name and a password carried by the hop authentication response are the same as the user name and the password for the hop authentication corresponding to the any available ISCSI Target, or sends a hop authentication failure message to any available ISCSI Target to enable the any available ISCSI Target to refuse to establish connection with the ISCSI Initiator; the said hop authentication response is sent to any available ISCSI Target by the ISCSI Initiator after sending a connection request to any available ISCSI Target and receiving a hop authentication request returned by any available ISCSI Target.
14. The apparatus of claim 13,
the configuration unit is used for configuring the read-write permission of each ISCSI Initiator to each ISCSI Target in advance, and the read-write permission comprises read permission and write permission;
the data read-write request is a read request or a write request;
the read-write control unit, when performing read-write operation on the data node in the distributed file system based on the data read-write request, is configured to:
if the data read-write request is a read request, if the ISCSI Initiator has a read permission for any one of the available ISCSI targets, performing read operation on a data node in the distributed file system based on the read request, and if the ISCSI Initiator does not have the read permission for any one of the available ISCSI targets, generating read error information used as a read-write operation result;
if the data read-write request is a write request, if the ISCSI Initiator has write permission for any one of the available ISCSI targets, performing write operation on a data node in the distributed file system based on the write request, and if the ISCSI Initiator does not have write permission for any one of the available ISCSI targets, generating write error information used as a read-write operation result.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711427584.0A CN108366087B (en) | 2017-12-26 | 2017-12-26 | ISCSI service realization method and device based on distributed file system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711427584.0A CN108366087B (en) | 2017-12-26 | 2017-12-26 | ISCSI service realization method and device based on distributed file system |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108366087A CN108366087A (en) | 2018-08-03 |
CN108366087B true CN108366087B (en) | 2021-03-05 |
Family
ID=63010193
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201711427584.0A Active CN108366087B (en) | 2017-12-26 | 2017-12-26 | ISCSI service realization method and device based on distributed file system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108366087B (en) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109600436B (en) * | 2018-12-10 | 2021-06-29 | 浪潮电子信息产业股份有限公司 | Distributed iscsi service implementation method, system and related device |
CN109981768B (en) * | 2019-03-21 | 2021-12-07 | 上海霄云信息科技有限公司 | IO multi-path planning method and device in distributed network storage system |
CN110059056A (en) * | 2019-04-18 | 2019-07-26 | 北京思特奇信息技术股份有限公司 | The distributed system read/writable detection method of multinode multifile, device, equipment |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101115009A (en) * | 2007-08-31 | 2008-01-30 | 杭州华三通信技术有限公司 | Storage resource access control method, storage control system and applied host machine |
CN101621526A (en) * | 2009-08-20 | 2010-01-06 | 杭州华三通信技术有限公司 | iSCSI method and apparatus for preventing useless connection from occupying system resources |
CN101808119A (en) * | 2010-03-04 | 2010-08-18 | 杭州华三通信技术有限公司 | Method and equipment for multiple storage array load balancing |
CN102012933A (en) * | 2010-12-02 | 2011-04-13 | 清华大学 | Distributed file system and method for storing data and providing services by utilizing same |
CN102111436A (en) * | 2010-12-20 | 2011-06-29 | 深圳市创新科信息技术有限公司 | Storage device and method for accessing storage device through internet small computer system interface (iSCSI) |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP4550557B2 (en) * | 2004-11-24 | 2010-09-22 | 株式会社日立製作所 | Filter definition management method, filter definition management device, and storage area network |
-
2017
- 2017-12-26 CN CN201711427584.0A patent/CN108366087B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101115009A (en) * | 2007-08-31 | 2008-01-30 | 杭州华三通信技术有限公司 | Storage resource access control method, storage control system and applied host machine |
CN101621526A (en) * | 2009-08-20 | 2010-01-06 | 杭州华三通信技术有限公司 | iSCSI method and apparatus for preventing useless connection from occupying system resources |
CN101808119A (en) * | 2010-03-04 | 2010-08-18 | 杭州华三通信技术有限公司 | Method and equipment for multiple storage array load balancing |
CN102012933A (en) * | 2010-12-02 | 2011-04-13 | 清华大学 | Distributed file system and method for storing data and providing services by utilizing same |
CN102111436A (en) * | 2010-12-20 | 2011-06-29 | 深圳市创新科信息技术有限公司 | Storage device and method for accessing storage device through internet small computer system interface (iSCSI) |
Also Published As
Publication number | Publication date |
---|---|
CN108366087A (en) | 2018-08-03 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP3337097B1 (en) | Network element upgrading method and device | |
US10798218B2 (en) | Environment isolation method and device | |
EP3353952B1 (en) | Managing groups of servers | |
US8713649B2 (en) | System and method for providing restrictions on the location of peer subnet manager (SM) instances in an infiniband (IB) network | |
Yang et al. | Blockchain-based secure distributed control for software defined optical networking | |
US20200236032A1 (en) | Blockchain Routing Protocols | |
EP2780815B1 (en) | Selective ip address allocation for probes that do not have assigned ip addresses | |
CN108366087B (en) | ISCSI service realization method and device based on distributed file system | |
CN110932876B (en) | Communication system, method and device | |
CN105704042A (en) | Message processing method, BNG and BNG cluster system | |
WO2015088324A2 (en) | System and method for managing a faulty node in a distributed computing system | |
CN114124948A (en) | High-availability method, device, equipment and readable medium for cloud component | |
CN100563263C (en) | In network storage service, realize the method and system of system high-available | |
CN108881460B (en) | Method and device for realizing unified monitoring of cloud platform | |
CN111478937B (en) | Load balancing method and device | |
CN117131493A (en) | Authority management system construction method, device, equipment and storage medium | |
US20200236031A1 (en) | Blockchain Routing Protocols | |
KR101703491B1 (en) | Method for providing security service in cloud system and the cloud system thereof | |
CN116346834A (en) | Session synchronization method, device, computing equipment and computer storage medium | |
US9401837B2 (en) | Network management method and network management system | |
CN107959674B (en) | Gateway equipment, and method and system for controlling access to third-party LDAP server user | |
CN115834705B (en) | Authentication service distribution method, node cluster and computer readable storage medium | |
KR100626664B1 (en) | Policy-Based QoS Management Server Apparatus And QoS Management Method | |
CN113535464B (en) | Disaster recovery backup method, server, cluster system and storage device | |
Bahrami | Design of a mobile agents based solution to distributional management of computer networks, taking into account the security mechanisms |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
CB02 | Change of applicant information | ||
CB02 | Change of applicant information |
Address after: 518057 Shenzhen Software Park, No. 9, 501, 502, Science and Technology Middle Road, Nanshan District, Shenzhen City, Guangdong Province Applicant after: Shenzhen Innovation Technology Co., Ltd. Address before: 518057 Shenzhen Software Park, No. 9, 501, 502, Science and Technology Middle Road, Nanshan District, Shenzhen City, Guangdong Province Applicant before: UIT Storage Technology (Shenzhen) Co., Ltd. |
|
GR01 | Patent grant | ||
GR01 | Patent grant |