From 583eef1a3347d21dea09fa90d7af77b778079d3a Mon Sep 17 00:00:00 2001 From: Boris Glimcher Date: Wed, 31 May 2023 02:28:20 +0300 Subject: [PATCH] ci: add support for TLS connection Signed-off-by: Boris Glimcher --- pkg/frontend/nvme_controller.go | 13 +++++++++---- pkg/frontend/nvme_subsystem.go | 2 +- scripts/tests.sh | 14 ++++++++++++++ 3 files changed, 24 insertions(+), 5 deletions(-) diff --git a/pkg/frontend/nvme_controller.go b/pkg/frontend/nvme_controller.go index de20e74a..85dddf4c 100644 --- a/pkg/frontend/nvme_controller.go +++ b/pkg/frontend/nvme_controller.go @@ -75,15 +75,22 @@ func NewNvmeTCPTransport(listenAddr string) NvmeTransport { } } -func (c *nvmeTCPTransport) Params(_ *pb.NvmeController, nqn string) (spdk.NvmfSubsystemAddListenerParams, error) { +func (c *nvmeTCPTransport) Params(ctrl *pb.NvmeController, nqn string) (spdk.NvmfSubsystemAddListenerParams, error) { result := spdk.NvmfSubsystemAddListenerParams{} result.Nqn = nqn - result.SecureChannel = false + + if ctrl.Spec.NvmeControllerId < 0 { + result.SecureChannel = true + } else { + result.SecureChannel = false + } + result.ListenAddress.Trtype = "tcp" result.ListenAddress.Traddr = c.listenAddr.String() result.ListenAddress.Trsvcid = c.listenPort result.ListenAddress.Adrfam = c.protocol + log.Printf("NvmfSubsystemAddListener params: %v", result) return result, nil } @@ -130,10 +137,8 @@ func (s *Server) CreateNvmeController(_ context.Context, in *pb.CreateNvmeContro return nil, status.Errorf(codes.InvalidArgument, msg) } response := utils.ProtoClone(in.NvmeController) - response.Spec.NvmeControllerId = proto.Int32(-1) response.Status = &pb.NvmeControllerStatus{Active: true} s.Nvme.Controllers[in.NvmeController.Name] = response - return response, nil } diff --git a/pkg/frontend/nvme_subsystem.go b/pkg/frontend/nvme_subsystem.go index ad6c20f2..c0240cd2 100644 --- a/pkg/frontend/nvme_subsystem.go +++ b/pkg/frontend/nvme_subsystem.go @@ -62,7 +62,7 @@ func (s *Server) CreateNvmeSubsystem(_ context.Context, in *pb.CreateNvmeSubsyst Nqn: in.NvmeSubsystem.Spec.Nqn, SerialNumber: in.NvmeSubsystem.Spec.SerialNumber, ModelNumber: in.NvmeSubsystem.Spec.ModelNumber, - AllowAnyHost: true, + AllowAnyHost: false, MaxNamespaces: int(in.NvmeSubsystem.Spec.MaxNamespaces), } var result spdk.NvmfCreateSubsystemResult diff --git a/scripts/tests.sh b/scripts/tests.sh index 8fe5b678..4bd05610 100755 --- a/scripts/tests.sh +++ b/scripts/tests.sh @@ -80,5 +80,19 @@ grep "Total" log.txt "${grpc_cli[@]}" call --json_input --json_output opi-spdk-server:50051 DeleteNvmeController "{name : '//storage.opiproject.org/subsystems/subsystem1/controllers/controller1'}" "${grpc_cli[@]}" call --json_input --json_output opi-spdk-server:50051 DeleteNvmeSubsystem "{name : '//storage.opiproject.org/subsystems/subsystem1'}" +# test nvme with TLS +"${grpc_cli[@]}" call --json_input --json_output opi-spdk-server:50051 CreateNvmeSubsystem "{nvme_subsystem_id: 'subsystem2', nvme_subsystem : {spec : {nqn: 'nqn.2022-09.io.spdk:opitest2', serial_number: 'myserial1', model_number: 'mymodel1', max_namespaces: 11} } }" +"${grpc_cli[@]}" call --json_input --json_output opi-spdk-server:50051 CreateNvmeController "{nvme_controller_id: 'controller2', parent: '//storage.opiproject.org/subsystems/subsystem2', nvme_controller : {spec : {nvme_controller_id: -2, pcie_id : {physical_function : 0, virtual_function : 0, port_id: 0}, max_nsq:5, max_ncq:5 } } }" +"${grpc_cli[@]}" call --json_input --json_output opi-spdk-server:50051 CreateNvmeNamespace "{nvme_namespace_id: 'namespace2', parent: '//storage.opiproject.org/subsystems/subsystem2', nvme_namespace : {spec : {volume_name_ref : { value : 'Malloc1' }, host_nsid : 1 } } }" +"${grpc_cli[@]}" call --json_input --json_output opi-spdk-server:50051 GetNvmeSubsystem "{name : '//storage.opiproject.org/subsystems/subsystem2'}" +"${grpc_cli[@]}" call --json_input --json_output opi-spdk-server:50051 GetNvmeController "{name : '//storage.opiproject.org/subsystems/subsystem2/controllers/controller2'}" +"${grpc_cli[@]}" call --json_input --json_output opi-spdk-server:50051 GetNvmeNamespace "{name : '//storage.opiproject.org/subsystems/subsystem2/namespaces/namespace2'}" +# docker run --rm --network=host --privileged -v /dev/hugepages:/dev/hugepages ghcr.io/opiproject/spdk:main spdk_nvme_identify -r 'traddr:127.0.0.1 trtype:TCP adrfam:IPv4 trsvcid:7777 hostnqn:nqn.2014-08.org.nvmexpress:uuid:feb98abe-d51f-40c8-b348-2753f3571d3c' +docker run --rm --network=host --privileged -v /dev/hugepages:/dev/hugepages -v /tmp/opikey.txt:/tmp/opikey.txt ghcr.io/opiproject/spdk:main spdk_nvme_perf -r 'traddr:127.0.0.1 trtype:TCP adrfam:IPv4 trsvcid:7777 subnqn:nqn.2022-09.io.spdk:opitest2 hostnqn:nqn.2014-08.org.nvmexpress:uuid:feb98abe-d51f-40c8-b348-2753f3571d3c' -c 0x1 -q 1 -o 4096 -w randread -t 10 -S ssl --psk-path /tmp/opikey.txt | tee log.txt +grep "Total" log.txt +"${grpc_cli[@]}" call --json_input --json_output opi-spdk-server:50051 DeleteNvmeNamespace "{name : '//storage.opiproject.org/subsystems/subsystem2/namespaces/namespace2'}" +"${grpc_cli[@]}" call --json_input --json_output opi-spdk-server:50051 DeleteNvmeController "{name : '//storage.opiproject.org/subsystems/subsystem2/controllers/controller2'}" +"${grpc_cli[@]}" call --json_input --json_output opi-spdk-server:50051 DeleteNvmeSubsystem "{name : '//storage.opiproject.org/subsystems/subsystem2'}" + # this is last line docker-compose ps -a