I just setup iscisi on a reef cluster and I couldn’t add targets properly until I put in the username and password entered for the gateways via the "Discovery Authentication" button at the top of the targets page in the iscsi area. I don’t remember if the quincy console had that though. In my previous setup, it was something you entered through the command line.
-Brent -----Original Message----- From: Ramon Orrù <ramon.o...@lnf.infn.it> Sent: Wednesday, November 15, 2023 6:27 AM To: ceph-users@ceph.io Subject: [ceph-users] iSCSI GW trusted IPs Hi, I’m configuring the iSCSI GW services on a quincy 17.2.3 cluster. I brought almost everything up and running (using cephadm), but I’m stuck in a configuration detail: if I check the gateway status in the Block -> iSCSI -> Overview section of the dashboard, they’re showing “Down” status, while the gateways are actually running. It makes me think the mgr is not able to talk with iSCSI APIs in order to collect info on the gateways, despite I correctly added my mgr hosts IPs to the trusted_ip_list parameter in my iscsi service definition yaml. While further checking the gateway logs I found some messages like: debug ::ffff:172.17.17.22 - - [15/Nov/2023 10:54:05] "GET /api/config?decrypt_passwords=True HTTP/1.1" 200 - debug ::ffff:172.17.17.22 - - [15/Nov/2023 10:54:05] "GET /api/_ping HTTP/1.1" 200 - debug ::ffff:172.17.17.22 - - [15/Nov/2023 10:54:05] "GET /api/gatewayinfo HTTP/1.1" 200 - Just after I reload the dashboard page. So I tried to add the 172.17.17.22 IP address to trusted_ip_list and it worked: iSCSI gateways status went green and Up on the dashboard. It sounds to me like it's some container private network address, but I can’t find any evidence of it when inspecting the containers cephadm spawned. My question is: how can I identify the IPs I need to make the iSCSI gateways properly reachable? I tried to add the whole 172.16.0.0/24 private class but no luck , the iscsi container starts but is not allowing 172.17.17.22 to access the APIs. Thanks in advance regards Ramon _______________________________________________ ceph-users mailing list -- ceph-users@ceph.io To unsubscribe send an email to ceph-users-le...@ceph.io _______________________________________________ ceph-users mailing list -- ceph-users@ceph.io To unsubscribe send an email to ceph-users-le...@ceph.io
