简体中文版经机器翻译而成,仅供参考。如与英语版出现任何冲突,应以英语版为准。
使用ONTAP存储为 NVMe-oF 配置 Rocky Linux 9.3
贡献者
建议更改
PDF
Red Hat Enterpirse Linux (RHEL) 主机支持具有非对称命名空间访问 (ANA) 的 NVMe over Fibre Channel (NVMe/FC) 和 NVMe over TCP (NVMe/TCP) 协议。 ANA 提供与 iSCSI 和 FCP 环境中的非对称逻辑单元访问 (ALUA) 等效的多路径功能。
了解如何为 Rocky Linux 9.3 配置 NVMe over Fabrics (NVMe-oF) 主机。有关更多支持和功能信息,请参阅"NVME-oF 概述"。
带有 Rocky Linux 9.3 的 NVMe-oF 具有以下已知限制:
-
目前不支持使用 NVMe-oF 协议的 SAN 启动。
第1步:(可选)启用SAN启动
您可以配置主机以使用 SAN 启动来简化部署并提高可扩展性。使用"互操作性表工具"验证您的 Linux 操作系统、主机总线适配器 (HBA)、HBA 固件、HBA 启动 BIOS 和ONTAP版本是否支持 SAN 启动。
步骤
-
在服务器 BIOS 中为 SAN 启动命名空间映射到的端口启用 SAN 启动。
有关如何启用 HBA BIOS 的信息,请参见供应商专用文档。
-
重新启动主机并验证操作系统是否已启动并正在运行。
步骤 2:验证软件版本和 NVMe 配置
检查您的系统是否满足软件要求并验证 NVMe 包安装和主机配置。
步骤
-
在服务器上安装 Rocky Linux 9.3。安装完成后,验证您是否正在运行所需的 Rocky Linux 9.3 内核:
uname -rRocky Linux 内核版本示例:
5.14.0-570.12.1.el9_6.x86_64
-
安装
NVMe-CLI软件包:rpm -qa|grep nvme-cli以下示例显示了 nvme-cli 软件包版本:
nvme-cli-2.11-5.el9.x86_64
-
安装
libnvme软件包:rpm -qa|grep libnvme下面的例子展示了 `libnvme`软件包版本:
libnvme-1.11.1-1.el9.x86_64
-
在 Rocky Linux 主机上,检查 hostnqn 字符串
/etc/nvme/hostnqn:cat /etc/nvme/hostnqn下面的例子展示了 `hostnqn`版本:
nqn.2014-08.org.nvmexpress:uuid:4c4c4544-0056-5410-8048-b9c04f425633
-
验证是否已
hostnqn字符串与匹配hostnqnONTAP 阵列上对应子系统的字符串:::> vserver nvme subsystem host show -vserver vs_coexistence_LPE36002显示示例
Vserver Subsystem Priority Host NQN ------- --------- -------- ------------------------------------------------ vs_coexistence_LPE36002 nvme regular nqn.2014-08.org.nvmexpress:uuid:4c4c4544-0056-5410-8048-b9c04f425633 nvme_1 regular nqn.2014-08.org.nvmexpress:uuid:4c4c4544-0056-5410-8048-b9c04f425633 nvme_2 regular nqn.2014-08.org.nvmexpress:uuid:4c4c4544-0056-5410-8048-b9c04f425633 nvme_3 regular nqn.2014-08.org.nvmexpress:uuid:4c4c4544-0056-5410-8048-b9c04f425633 4 entries were displayed.
如果 hostnqn字符串不匹配、请使用vserver modify用于更新的命令hostnqn要匹配的相应ONTAP 阵列子系统上的字符串hostnqn字符串自/etc/nvme/hostnqn在主机上。
步骤 3:配置 NVMe/FC 和 NVMe/TCP
使用 Broadcom/Emulex 或 Marvell/QLogic 适配器配置 NVMe/FC,或使用手动发现和连接操作配置 NVMe/TCP。
FC——Broadcom/Emulex
为Broadcom/Emulex适配器配置NVMe/FC。
步骤
-
验证您使用的适配器型号是否受支持:
-
显示模型名称:
cat /sys/class/scsi_host/host*/modelname您应看到以下输出:
LPe36002-M64 LPe36002-M64
-
显示模型描述:
cat /sys/class/scsi_host/host*/modeldesc您应该会看到类似于以下示例的输出:
Emulex LightPulse LPe36002-M64 2-Port 64Gb Fibre Channel Adapter Emulex LightPulse LPe36002-M64 2-Port 64Gb Fibre Channel Adapter
-
-
确认您使用的是建议的Broadcom
lpfc固件和内置驱动程序:-
显示固件版本:
cat /sys/class/scsi_host/host*/fwrev该命令返回固件版本:
14.4.317.10, sli-4:6:d 14.4.317.10, sli-4:6:d
-
显示收件箱驱动程序版本:
cat /sys/module/lpfc/version`以下示例显示了驱动程序版本:
0:14.4.0.2
有关支持的适配器驱动程序和固件版本的最新列表,请参见"互操作性表工具"。
-
-
验证的预期输出是否
lpfc_enable_fc4_type`设置为 `3:cat /sys/module/lpfc/parameters/lpfc_enable_fc4_type -
验证是否可以查看启动程序端口:
cat /sys/class/fc_host/host*/port_name以下示例显示端口标识:
0x100000109bf044b1 0x100000109bf044b2
-
验证启动程序端口是否联机:
cat /sys/class/fc_host/host*/port_state您应看到以下输出:
Online Online
-
验证NVMe/FC启动程序端口是否已启用且目标端口是否可见:
cat /sys/class/scsi_host/host*/nvme_info显示示例
NVME Initiator Enabled XRI Dist lpfc2 Total 6144 IO 5894 ELS 250 NVME LPORT lpfc2 WWPN x100000109bf044b1 WWNN x200000109bf044b1 DID x022a00 ONLINE NVME RPORT WWPN x202fd039eaa7dfc8 WWNN x202cd039eaa7dfc8 DID x021310 TARGET DISCSRVC ONLINE NVME RPORT WWPN x202dd039eaa7dfc8 WWNN x202cd039eaa7dfc8 DID x020b10 TARGET DISCSRVC ONLINE NVME Statistics LS: Xmt 0000000810 Cmpl 0000000810 Abort 00000000 LS XMIT: Err 00000000 CMPL: xb 00000000 Err 00000000 Total FCP Cmpl 000000007b098f07 Issue 000000007aee27c4 OutIO ffffffffffe498bd abort 000013b4 noxri 00000000 nondlp 00000058 qdepth 00000000 wqerr 00000000 err 00000000 FCP CMPL: xb 000013b4 Err 00021443 NVME Initiator Enabled XRI Dist lpfc3 Total 6144 IO 5894 ELS 250 NVME LPORT lpfc3 WWPN x100000109bf044b2 WWNN x200000109bf044b2 DID x021b00 ONLINE NVME RPORT WWPN x2033d039eaa7dfc8 WWNN x202cd039eaa7dfc8 DID x020110 TARGET DISCSRVC ONLINE NVME RPORT WWPN x2032d039eaa7dfc8 WWNN x202cd039eaa7dfc8 DID x022910 TARGET DISCSRVC ONLINE NVME Statistics LS: Xmt 0000000840 Cmpl 0000000840 Abort 00000000 LS XMIT: Err 00000000 CMPL: xb 00000000 Err 00000000 Total FCP Cmpl 000000007afd4434 Issue 000000007ae31b83 OutIO ffffffffffe5d74f abort 000014a5 noxri 00000000 nondlp 0000006a qdepth 00000000 wqerr 00000000 err 00000000 FCP CMPL: xb 000014a5 Err 0002149a
FC——Marvell/QLogic
为Marvell/QLogic适配器配置NVMe/FC。
步骤
-
验证您是否正在运行受支持的适配器驱动程序和固件版本:
cat /sys/class/fc_host/host*/symbolic_name以下示例显示了驱动程序和固件版本:
QLE2742 FW:v9.14.00 DVR:v10.02.09.200-k QLE2742 FW:v9.14.00 DVR:v10.02.09.200-k
-
请验证
ql2xnvmeenable已设置。这样、Marvell适配器便可用作NVMe/FC启动程序:cat /sys/module/qla2xxx/parameters/ql2xnvmeenable预期输出为1。
TCP
NVMe/TCP 协议不支持自动连接操作。相反,您可以通过执行 NVMe/TCP 来发现 NVMe/TCP 子系统和命名空间 `connect`或者 `connect-all`手动操作。
步骤
-
检查启动器端口是否可以跨支持的 NVMe/TCP LIF 获取发现日志页面数据:
nvme discover -t tcp -w host-traddr -a traddr
显示示例
nvme discover -t tcp -w 192.168.1.31 -a 192.168.1.24 Discovery Log Number of Records 20, Generation counter 25 =====Discovery Log Entry 0====== trtype: tcp adrfam: ipv4 subtype: current discovery subsystem treq: not specified portid: 4 trsvcid: 8009 subnqn: nqn.1992-08.com.netapp:sn.0f4ba1e74eb611ef9f50d039eab6cb6d:discovery traddr: 192.168.2.25 eflags: explicit discovery connections, duplicate discovery information sectype: none =====Discovery Log Entry 1====== trtype: tcp adrfam: ipv4 subtype: current discovery subsystem treq: not specified portid: 2 trsvcid: 8009 subnqn: nqn.1992-08.com.netapp:sn.0f4ba1e74eb611ef9f50d039eab6cb6d:discovery traddr: 192.168.1.25 eflags: explicit discovery connections, duplicate discovery information sectype: none =====Discovery Log Entry 2====== trtype: tcp adrfam: ipv4 subtype: current discovery subsystem treq: not specified portid: 5 trsvcid: 8009 subnqn: nqn.1992-08.com.netapp:sn.0f4ba1e74eb611ef9f50d039eab6cb6d:discovery traddr: 192.168.2.24 eflags: explicit discovery connections, duplicate discovery information sectype: none =====Discovery Log Entry 3====== trtype: tcp adrfam: ipv4 subtype: current discovery subsystem treq: not specified portid: 1 trsvcid: 8009 subnqn: nqn.1992-08.com.netapp:sn.0f4ba1e74eb611ef9f50d039eab6cb6d:discovery traddr: 192.168.1.24 eflags: explicit discovery connections, duplicate discovery information sectype: none =====Discovery Log Entry 4====== trtype: tcp adrfam: ipv4 subtype: nvme subsystem treq: not specified portid: 4 trsvcid: 4420 subnqn: nqn.1992-08.com.netapp:sn.0f4ba1e74eb611ef9f50d039eab6cb6d:subsystem.nvme_tcp_1 traddr: 192.168.2.25 eflags: none sectype: none =====Discovery Log Entry 5====== trtype: tcp adrfam: ipv4 subtype: nvme subsystem treq: not specified portid: 2 trsvcid: 4420 subnqn: nqn.1992-08.com.netapp:sn.0f4ba1e74eb611ef9f50d039eab6cb6d:subsystem.nvme_tcp_1 traddr: 192.168.1.25 eflags: none sectype: none =====Discovery Log Entry 6====== trtype: tcp adrfam: ipv4 subtype: nvme subsystem treq: not specified portid: 5 trsvcid: 4420 subnqn: nqn.1992-08.com.netapp:sn.0f4ba1e74eb611ef9f50d039eab6cb6d:subsystem.nvme_tcp_1 traddr: 192.168.2.24 eflags: none sectype: none =====Discovery Log Entry 7====== trtype: tcp adrfam: ipv4 subtype: nvme subsystem treq: not specified portid: 1 trsvcid: 4420 subnqn: nqn.1992-08.com.netapp:sn.0f4ba1e74eb611ef9f50d039eab6cb6d:subsystem.nvme_tcp_1 traddr: 192.168.1.24 eflags: none sectype: none =====Discovery Log Entry 8====== trtype: tcp adrfam: ipv4 subtype: nvme subsystem treq: not specified portid: 4 trsvcid: 4420 subnqn: nqn.1992-08.com.netapp:sn.0f4ba1e74eb611ef9f50d039eab6cb6d:subsystem.nvme_tcp_4 traddr: 192.168.2.25 eflags: none sectype: none =====Discovery Log Entry 9====== trtype: tcp adrfam: ipv4 subtype: nvme subsystem treq: not specified portid: 2 trsvcid: 4420 subnqn: nqn.1992-08.com.netapp:sn.0f4ba1e74eb611ef9f50d039eab6cb6d:subsystem.nvme_tcp_4 traddr: 192.168.1.25 eflags: none sectype: none =====Discovery Log Entry 10====== trtype: tcp adrfam: ipv4 subtype: nvme subsystem treq: not specified portid: 5 trsvcid: 4420 subnqn: nqn.1992-08.com.netapp:sn.0f4ba1e74eb611ef9f50d039eab6cb6d:subsystem.nvme_tcp_4 traddr: 192.168.2.24 eflags: none sectype: none =====Discovery Log Entry 11====== trtype: tcp adrfam: ipv4 subtype: nvme subsystem treq: not specified portid: 1 trsvcid: 4420 subnqn: nqn.1992-08.com.netapp:sn.0f4ba1e74eb611ef9f50d039eab6cb6d:subsystem.nvme_tcp_4 traddr: 192.168.1.24 eflags: none sectype: none =====Discovery Log Entry 12====== trtype: tcp adrfam: ipv4 subtype: nvme subsystem treq: not specified portid: 4 trsvcid: 4420 subnqn: nqn.1992-08.com.netapp:sn.0f4ba1e74eb611ef9f50d039eab6cb6d:subsystem.nvme_tcp_3 traddr: 192.168.2.25 eflags: none sectype: none =====Discovery Log Entry 13====== trtype: tcp adrfam: ipv4 subtype: nvme subsystem treq: not specified portid: 2 trsvcid: 4420 subnqn: nqn.1992-08.com.netapp:sn.0f4ba1e74eb611ef9f50d039eab6cb6d:subsystem.nvme_tcp_3 traddr: 192.168.1.25 eflags: none sectype: none =====Discovery Log Entry 14====== trtype: tcp adrfam: ipv4 subtype: nvme subsystem treq: not specified portid: 5 trsvcid: 4420 subnqn: nqn.1992-08.com.netapp:sn.0f4ba1e74eb611ef9f50d039eab6cb6d:subsystem.nvme_tcp_3 traddr: 192.168.2.24 eflags: none sectype: none =====Discovery Log Entry 15====== trtype: tcp adrfam: ipv4 subtype: nvme subsystem treq: not specified portid: 1 trsvcid: 4420 subnqn: nqn.1992-08.com.netapp:sn.0f4ba1e74eb611ef9f50d039eab6cb6d:subsystem.nvme_tcp_3 traddr: 192.168.1.24 eflags: none sectype: none =====Discovery Log Entry 16====== trtype: tcp adrfam: ipv4 subtype: nvme subsystem treq: not specified portid: 4 trsvcid: 4420 subnqn: nqn.1992-08.com.netapp:sn.0f4ba1e74eb611ef9f50d039eab6cb6d:subsystem.nvme_tcp_2 traddr: 192.168.2.25 eflags: none sectype: none =====Discovery Log Entry 17====== trtype: tcp adrfam: ipv4 subtype: nvme subsystem treq: not specified portid: 2 trsvcid: 4420 subnqn: nqn.1992-08.com.netapp:sn.0f4ba1e74eb611ef9f50d039eab6cb6d:subsystem.nvme_tcp_2 traddr: 192.168.1.25 eflags: none sectype: none =====Discovery Log Entry 18====== trtype: tcp adrfam: ipv4 subtype: nvme subsystem treq: not specified portid: 5 trsvcid: 4420 subnqn: nqn.1992-08.com.netapp:sn.0f4ba1e74eb611ef9f50d039eab6cb6d:subsystem.nvme_tcp_2 traddr: 192.168.2.24 eflags: none sectype: none =====Discovery Log Entry 19====== trtype: tcp adrfam: ipv4 subtype: nvme subsystem treq: not specified portid: 1 trsvcid: 4420 subnqn: nqn.1992-08.com.netapp:sn.0f4ba1e74eb611ef9f50d039eab6cb6d:subsystem.nvme_tcp_2 traddr: 192.168.1.24 eflags: none sectype: none
-
验证其他NVMe/TCP启动程序-目标LIF组合是否能够成功提取发现日志页面数据:
nvme discover -t tcp -w host-traddr -a traddr
显示示例
nvme discover -t tcp -w 192.168.1.31 -a 192.168.1.24 nvme discover -t tcp -w 192.168.2.31 -a 192.168.2.24 nvme discover -t tcp -w 192.168.1.31 -a 192.168.1.25 nvme discover -t tcp -w 192.168.2.31 -a 192.168.2.25
-
运行
nvme connect-all在节点中所有受支持的NVMe/TCP启动程序-目标SIP上运行命令:nvme connect-all -t tcp -w host-traddr -a traddr
显示示例
nvme connect-all -t tcp -w 192.168.1.31 -a 192.168.1.24 nvme connect-all -t tcp -w 192.168.2.31 -a 192.168.2.24 nvme connect-all -t tcp -w 192.168.1.31 -a 192.168.1.25 nvme connect-all -t tcp -w 192.168.2.31 -a 192.168.2.25
步骤 4:(可选)为 NVMe/FC 启用 1MB I/O
您可以为配置了 Broadcom 适配器的 NVMe/FC 启用 1MB 大小的 I/O 请求。ONTAP在识别控制器数据中报告的最大数据传输大小 (MDTS) 为 8。这意味着最大I/O请求大小最多可以为1 MB。要发出 1MB 大小的 I/O 请求,您需要增加 `lpfc_sg_seg_cnt`参数从默认值 64 更改为 256。
|
|
这些步骤不适用于逻辑NVMe/FC主机。 |
步骤
-
将 `lpfc_sg_seg_cnt`参数设置为256:
cat /etc/modprobe.d/lpfc.conf
options lpfc lpfc_sg_seg_cnt=256
-
运行 `dracut -f`命令并重新启动主机。
-
验证的值是否 `lpfc_sg_seg_cnt`为256:
cat /sys/module/lpfc/parameters/lpfc_sg_seg_cnt
步骤 5:验证多路径配置
验证内核NVMe多路径状态、ANA状态和ONTAP命名空间是否适用于NVMe-oF配置。
步骤
-
验证是否已启用内核NVMe多路径:
cat /sys/module/nvme_core/parameters/multipath您应看到以下输出:
Y
-
验证相应ONTAP命名库的适当NVMe-oF设置(例如、型号设置为NetApp ONTAP控制器、负载平衡iopolicy设置为循环)是否正确反映在主机上:
-
显示子系统:
cat /sys/class/nvme-subsystem/nvme-subsys*/model您应看到以下输出:
NetApp ONTAP Controller NetApp ONTAP Controller
-
显示策略:
cat /sys/class/nvme-subsystem/nvme-subsys*/iopolicy您应看到以下输出:
round-robin round-robin
-
-
验证是否已在主机上创建并正确发现命名空间:
nvme list显示示例
Node SN Model --------------------------------------------------------- /dev/nvme4n1 81Ix2BVuekWcAAAAAAAB NetApp ONTAP Controller Namespace Usage Format FW Rev ----------------------------------------------------------- 1 21.47 GB / 21.47 GB 4 KiB + 0 B FFFFFFFF
-
验证每个路径的控制器状态是否为活动状态且是否具有正确的ANA状态:
NVMe/FCnvme list-subsys /dev/nvme4n5显示示例
nvme-subsys4 - NQN=nqn.1992-08.com.netapp:sn.3a5d31f5502c11ef9f50d039eab6cb6d:subsystem.nvme_1 hostnqn=nqn.2014-08.org.nvmexpress:uuid:e6dade64-216d- 11ec-b7bb-7ed30a5482c3 iopolicy=round-robin\ +- nvme1 fc traddr=nn-0x2082d039eaa7dfc8:pn-0x2088d039eaa7dfc8,host_traddr=nn-0x20000024ff752e6d:pn-0x21000024ff752e6d live optimized +- nvme12 fc traddr=nn-0x2082d039eaa7dfc8:pn-0x208ad039eaa7dfc8,host_traddr=nn-0x20000024ff752e6d:pn-0x21000024ff752e6d live non-optimized +- nvme10 fc traddr=nn-0x2082d039eaa7dfc8:pn-0x2087d039eaa7dfc8,host_traddr=nn-0x20000024ff752e6c:pn-0x21000024ff752e6c live non-optimized +- nvme3 fc traddr=nn-0x2082d039eaa7dfc8:pn-0x2083d039eaa7dfc8,host_traddr=nn-0x20000024ff752e6c:pn-0x21000024ff752e6c live optimizedNVMe/TCPnvme list-subsys /dev/nvme1n1显示示例
nvme-subsys5 - NQN=nqn.1992-08.com.netapp:sn.0f4ba1e74eb611ef9f50d039eab6cb6d:subsystem.nvme_tcp_3 hostnqn=nqn.2014-08.org.nvmexpress:uuid:4c4c4544-0035-5910-804b-b5c04f444d33 iopolicy=round-robin \ +- nvme13 tcp traddr=192.168.2.25,trsvcid=4420,host_traddr=192.168.2.31, src_addr=192.168.2.31 live optimized +- nvme14 tcp traddr=192.168.2.24,trsvcid=4420,host_traddr=192.168.2.31, src_addr=192.168.2.31 live non-optimized +- nvme5 tcp traddr=192.168.1.25,trsvcid=4420,host_traddr=192.168.1.31, src_addr=192.168.1.31 live optimized +- nvme6 tcp traddr=192.168.1.24,trsvcid=4420,host_traddr=192.168.1.31, src_addr=192.168.1.31 live non-optimized
-
验证NetApp插件是否为每个ONTAP 命名空间设备显示正确的值:
列nvme netapp ontapdevices -o column显示示例
Device Vserver Namespace Path ----------------------- ------------------------------ /dev/nvme1n1 linux_tcnvme_iscsi /vol/tcpnvme_1_0_0/tcpnvme_ns NSID UUID Size ------------------------------------------------------------ 1 5f7f630d-8ea5-407f-a490-484b95b15dd6 21.47GB
JSONnvme netapp ontapdevices -o json显示示例
{ "ONTAPdevices":[ { "Device":"/dev/nvme1n1", "Vserver":"linux_tcnvme_iscsi", "Namespace_Path":"/vol/tcpnvme_1_0_0/tcpnvme_ns", "NSID":1, "UUID":"5f7f630d-8ea5-407f-a490-484b95b15dd6", "Size":"21.47GB", "LBA_Data_Size":4096, "Namespace_Size":5242880 }, ] }
步骤 6:设置安全带内身份验证
从 ONTAP 9.12.1 开始,主机和 ONTAP 控制器之间通过 NVMe/TCP 和 NVMe/FC 支持安全带内身份验证。
要设置安全身份验证、每个主机或控制器都必须与关联 DH-HMAC-CHAP 密钥、它是NVMe主机或控制器的NQN与管理员配置的身份验证密钥的组合。要对其对等方进行身份验证、NVMe主机或控制器必须识别与对等方关联的密钥。
您可以使用命令行界面或Config JSON文件设置安全带内身份验证。如果需要为不同的子系统指定不同的dhchap密钥、则必须使用config JSON文件。
命令行界面
使用命令行界面设置安全带内身份验证。
步骤
-
获取主机NQN:
cat /etc/nvme/hostnqn
-
为主机生成 dhchap 密钥。
以下输出说明了 `gen-dhchap-key`命令参数:
nvme gen-dhchap-key -s optional_secret -l key_length {32|48|64} -m HMAC_function {0|1|2|3} -n host_nqn • -s secret key in hexadecimal characters to be used to initialize the host key • -l length of the resulting key in bytes • -m HMAC function to use for key transformation 0 = none, 1- SHA-256, 2 = SHA-384, 3=SHA-512 • -n host NQN to use for key transformation在以下示例中、将生成一个随机dhchap密钥、其中HMAC设置为3 (SHA-512)。
nvme gen-dhchap-key -m 3 -n nqn.2014-08.org.nvmexpress:uuid:e6dade64-216d-11ec-b7bb-7ed30a5482c3 DHHC-1:03:1CFivw9ccz58gAcOUJrM7Vs98hd2ZHSr+iw+Amg6xZPl5D2Yk+HDTZiUAg1iGgxTYqnxukqvYedA55Bw3wtz6sJNpR4=:
-
在ONTAP控制器上、添加主机并指定两个dhchap密钥:
vserver nvme subsystem host add -vserver <svm_name> -subsystem <subsystem> -host-nqn <host_nqn> -dhchap-host-secret <authentication_host_secret> -dhchap-controller-secret <authentication_controller_secret> -dhchap-hash-function {sha-256|sha-512} -dhchap-group {none|2048-bit|3072-bit|4096-bit|6144-bit|8192-bit} -
主机支持两种类型的身份验证方法:单向和双向。在主机上、连接到ONTAP控制器并根据所选身份验证方法指定dhchap密钥:
nvme connect -t tcp -w <host-traddr> -a <tr-addr> -n <host_nqn> -S <authentication_host_secret> -C <authentication_controller_secret>
-
验证
nvme connect authentication命令、验证主机和控制器dhchap密钥:-
验证主机dhchap密钥:
cat /sys/class/nvme-subsystem/<nvme-subsysX>/nvme*/dhchap_secret
显示单向配置的示例输出
cat /sys/class/nvme-subsystem/nvme-subsys1/nvme*/dhchap_secret DHHC-1:01:iM63E6cX7G5SOKKOju8gmzM53qywsy+C/YwtzxhIt9ZRz+ky: DHHC-1:01:iM63E6cX7G5SOKKOju8gmzM53qywsy+C/YwtzxhIt9ZRz+ky: DHHC-1:01:iM63E6cX7G5SOKKOju8gmzM53qywsy+C/YwtzxhIt9ZRz+ky: DHHC-1:01:iM63E6cX7G5SOKKOju8gmzM53qywsy+C/YwtzxhIt9ZRz+ky:
-
验证控制器dhchap密钥:
cat /sys/class/nvme-subsystem/<nvme-subsysX>/nvme*/dhchap_ctrl_secret
显示双向配置的示例输出
cat /sys/class/nvme-subsystem/nvme-subsys6/nvme*/dhchap_ctrl_secret DHHC-1:03:1CFivw9ccz58gAcOUJrM7Vs98hd2ZHSr+iw+Amg6xZPl5D2Yk+HDTZiUAg1iGgxTYqnxukqvYedA55Bw3wtz6sJNpR4=: DHHC-1:03:1CFivw9ccz58gAcOUJrM7Vs98hd2ZHSr+iw+Amg6xZPl5D2Yk+HDTZiUAg1iGgxTYqnxukqvYedA55Bw3wtz6sJNpR4=: DHHC-1:03:1CFivw9ccz58gAcOUJrM7Vs98hd2ZHSr+iw+Amg6xZPl5D2Yk+HDTZiUAg1iGgxTYqnxukqvYedA55Bw3wtz6sJNpR4=: DHHC-1:03:1CFivw9ccz58gAcOUJrM7Vs98hd2ZHSr+iw+Amg6xZPl5D2Yk+HDTZiUAg1iGgxTYqnxukqvYedA55Bw3wtz6sJNpR4=:
-
JSON 文件
如果ONTAP控制器配置中有多个NVMe子系统、则可以将文件与命令结合 nvme connect-all`使用 `/etc/nvme/config.json。
使用 `-o`选项来生成 JSON 文件。有关更多语法选项、请参见NVMe Connect-all手册页。
步骤
-
配置 JSON 文件:
在以下示例中, dhchap_key`对应于 `dhchap_secret`和 `dhchap_ctrl_key`对应于 `dhchap_ctrl_secret。显示示例
cat /etc/nvme/config.json [ { "hostnqn":"nqn.2014-08.org.nvmexpress:uuid:9796c1ec-0d34-11eb-b6b2-3a68dd3bab57", "hostid":"b033cd4fd6db4724adb48655bfb55448", "dhchap_key":"DHHC-1:01:zGlgmRyWbplWfUCPMuaP3mAypX0+GHuSczx5vX4Yod9lMPim:" }, { "hostnqn":"nqn.2014-08.org.nvmexpress:uuid:4c4c4544-0035-5910-804b-b5c04f444d33", "subsystems":[ { "nqn":"nqn.1992-08.com.netapp:sn.0f4ba1e74eb611ef9f50d039eab6cb6d:subsystem.bidir_DHCP", "ports":[ { "transport":"tcp", "traddr":" 192.168.1.24 ", "host_traddr":" 192.168.1.31 ", "trsvcid":"4420", "dhchap_ctrl_key":"DHHC-1:03:L52ymUoR32zYvnqZFe5OHhMg4gxD79jIyxSShHansXpVN+WiXE222aVc651JxGZlQCI863iVOz5dNWvgb+14F4B4bTQ=:" }, { "transport":"tcp", "traddr":" 192.168.1.24 ", "host_traddr":" 192.168.1.31", "trsvcid":"4420", "dhchap_ctrl_key":"DHHC-1:03:L52ymUoR32zYvnqZFe5OHhMg4gxD79jIyxSShHansXpVN+WiXE222aVc651JxGZlQCI863iVOz5dNWvgb+14F4B4bTQ=:" }, { "transport":"tcp", "traddr":" 192.168.1.24 ", "host_traddr":" 192.168.1.31", "trsvcid":"4420", "dhchap_ctrl_key":"DHHC-1:03:L52ymUoR32zYvnqZFe5OHhMg4gxD79jIyxSShHansXpVN+WiXE222aVc651JxGZlQCI863iVOz5dNWvgb+14F4B4bTQ=:" }, { "transport":"tcp", "traddr":" 192.168.1.24 ", "host_traddr":" 192.168.1.31", "trsvcid":"4420", "dhchap_ctrl_key":"DHHC-1:03:L52ymUoR32zYvnqZFe5OHhMg4gxD79jIyxSShHansXpVN+WiXE222aVc651JxGZlQCI863iVOz5dNWvgb+14F4B4bTQ=:" } ] } ] } ] -
使用config JSON文件连接到ONTAP控制器:
nvme connect-all -J /etc/nvme/config.json
显示示例
traddr=192.168.1.24 is already connected traddr=192.168.1.24 is already connected traddr=192.168.1.24 is already connected traddr=192.168.1.24 is already connected traddr=192.168.1.24 is already connected traddr=192.168.1.24 is already connected traddr=192.168.1.25 is already connected traddr=192.168.1.25 is already connected traddr=192.168.1.25 is already connected traddr=192.168.1.25 is already connected traddr=192.168.1.25 is already connected traddr=192.168.1.25 is already connected
-
验证是否已为每个子系统的相应控制器启用dhchap密码:
-
验证主机dhchap密钥:
cat /sys/class/nvme-subsystem/nvme-subsys0/nvme0/dhchap_secret
DHHC-1:01:zGlgmRyWbplWfUCPMuaP3mAypX0+GHuSczx5vX4Yod9lMPim:
-
验证控制器dhchap密钥:
cat /sys/class/nvme-subsystem/nvme-subsys0/nvme0/dhchap_ctrl_secret
DHHC-1:03:L52ymUoR32zYvnqZFe5OHhMg4gxD79jIyxSShHansXpVN+WiXE222aVc651JxGZlQCI863iVOz5dNWvgb+14F4B4bTQ=:
-
第7步:查看已知问题
没有已知问题。