技术领域technical field
本发明涉及计算机存储技术领域,特别涉及一种基于分布式文件系统的ISCSI服务实现方法和装置。The invention relates to the technical field of computer storage, in particular to a distributed file system-based ISCSI service implementation method and device.
背景技术Background technique
云存储是在云计算(cloud computing)概念上延伸和发展出来的一个新的概念。云存储是一种架构,是指通过集群应用、网格技术或分布式文件系统等功能,将网络中大量各种不同类型的存储设备通过应用软件集合起来协同工作,共同对外提供数据存储和业务访问功能的一个系统。Cloud storage is a new concept extended and developed on the concept of cloud computing. Cloud storage is a kind of architecture, which refers to the collection of a large number of different types of storage devices in the network through application software to work together through functions such as cluster applications, grid technology or distributed file systems, and jointly provide data storage and services to the outside world. A system of access functions.
ISCSI是SCSI over IP的一项重要成就,是一个供硬件设备使用的可以在IP协议的上层运行的SCSI指令集。简单的说,ISCSI可以实现在IP网络上运行SCSI协议,使其能够在诸如高速千兆以太网上进行路由选择。SAN(Storage Area Network)为了承载SCSI协议的高带宽,一般采取光纤通道实现联网,这样直接造成实现成本昂贵。为了降低联网成本,同时保护大部分客户在IP网络已有的投资,业界致力于对SCSI over IP协议的研究。ISCSI is an important achievement of SCSI over IP. It is a SCSI instruction set for hardware devices that can run on the upper layer of the IP protocol. Simply put, ISCSI can implement the SCSI protocol running on the IP network, enabling it to perform routing on such as high-speed Gigabit Ethernet. In order to bear the high bandwidth of the SCSI protocol, SAN (Storage Area Network) generally uses Fiber Channel to implement networking, which directly results in high implementation costs. In order to reduce networking costs and protect most customers' existing investment in IP networks, the industry is committed to research on the SCSI over IP protocol.
发明内容Contents of the invention
有鉴于此,本发明的目的在于提供一种基于分布式文件系统的ISCSI服务实现方法和装置,能够降低分布式文件系统的联网成本。In view of this, the object of the present invention is to provide a distributed file system-based ISCSI service realization method and device, which can reduce the networking cost of the distributed file system.
为了达到上述目的,本发明提供了如下技术方案:In order to achieve the above object, the present invention provides the following technical solutions:
一种基于分布式文件系统的ISCSI服务实现方法,所述分布式文件系统包括管理节点和数据节点,每个数据节点上部署多个ISCSI Target;该方法应用于所述管理节点,包括:A method for implementing an ISCSI service based on a distributed file system, the distributed file system includes a management node and a data node, and multiple ISCSI Targets are deployed on each data node; the method is applied to the management node, including:
维护一包括所有数据节点上的ISCSI Target信息的Target共享列表;Maintain a Target sharing list including ISCSI Target information on all data nodes;
在ISCSI Initiator启动时,将Target共享列表中所述ISCSI Initiator对应的所有可用ISCSI Target提供给所述ISCSI Initiator,以使所述ISCSI Initiator与任一可用ISCSI Target建立连接;When the ISCSI Initiator is started, all available ISCSI Targets corresponding to the ISCSI Initiator in the Target sharing list are provided to the ISCSI Initiator, so that the ISCSI Initiator can establish a connection with any available ISCSI Target;
接收所述任一可用ISCSI Target转发的来自所述ISCSI Initiator的数据读写请求,基于该数据读写请求对分布式文件系统中的数据节点进行读写操作,并通过所述任一可用ISCSI Target返回读写操作结果到所述ISCSI Initiator。Receive the data read and write request from the ISCSI Initiator forwarded by the any available ISCSI Target, perform read and write operations on the data nodes in the distributed file system based on the data read and write request, and pass the any available ISCSI Target Return the read and write operation results to the ISCSI Initiator.
一种基于分布式文件系统的ISCSI服务实现装置,所述分布式文件系统包括管理节点和数据节点,每个数据节点上部署多个ISCSI Target;该装置应用于所述管理节点,包括:维护单元、连接控制单元、读写控制单元;An ISCSI service implementation device based on a distributed file system, the distributed file system includes a management node and a data node, and multiple ISCSI Targets are deployed on each data node; the device is applied to the management node, including: a maintenance unit , connection control unit, read and write control unit;
所述维护单元,用于维护一包括所有数据节点上的ISCSI Target信息的Target共享列表;The maintenance unit is used to maintain a Target sharing list including ISCSI Target information on all data nodes;
所述连接控制单元,用于在ISCSI Initiator启动时,将Target共享列表中所述ISCSI Initiator对应的所有可用ISCSI Target提供给所述ISCSI Initiator,以使所述ISCSI Initiator与任一可用ISCSI Target建立连接;The connection control unit is configured to provide all available ISCSI Targets corresponding to the ISCSI Initiator in the Target sharing list to the ISCSI Initiator when the ISCSI Initiator is started, so that the ISCSI Initiator can establish a connection with any available ISCSI Target ;
所述读写控制单元,用于接收所述任一可用ISCSI Target转发的来自所述ISCSIInitiator的数据读写请求,基于该数据读写请求对分布式文件系统中的数据节点进行读写操作,并通过所述任一可用ISCSI Target返回读写操作结果到所述ISCSI Initiator。The read-write control unit is configured to receive a data read-write request from the ISCSIInitiator forwarded by any available ISCSI Target, perform read-write operations on data nodes in the distributed file system based on the data read-write request, and Return the read and write operation results to the ISCSI Initiator through any available ISCSI Target.
由上面的技术方案可知,本发明中,在分布式文件系统的每个数据节点可以部署多个ISCSI target,由分布式文件系统中的管理节点对每个ISCSI target的连接状态进行监控并更新至target共享目录,从而使得管理节点可以基于上述Target共享目录确定各ISCSI Initiator的可用ISCSI target,实现对ISCSI Initiator和ISCSI target之间的通信管理。本发明可以有效降低分布式文件系统的联网成本。As can be seen from the above technical solution, in the present invention, multiple ISCSI targets can be deployed on each data node of the distributed file system, and the management node in the distributed file system monitors and updates the connection status of each ISCSI target to The target shared directory, so that the management node can determine the available ISCSI target of each ISCSI Initiator based on the above-mentioned Target shared directory, and implement communication management between the ISCSI Initiator and the ISCSI target. The invention can effectively reduce the networking cost of the distributed file system.
附图说明Description of drawings
图1是本发明实施例基于分布式文件系统的ISCSI服务架构示意图Fig. 1 is a schematic diagram of an ISCSI service architecture based on a distributed file system according to an embodiment of the present invention
图2是本发明实施例基于分布式文件系统的ISCSI服务实现方法流程图;Fig. 2 is the flow chart of the method for realizing the ISCSI service based on the distributed file system according to the embodiment of the present invention;
图3是本发明实施例基于分布式文件系统的ISCSI服务实现装置的结构示意图。FIG. 3 is a schematic structural diagram of an apparatus for implementing an ISCSI service based on a distributed file system according to an embodiment of the present invention.
具体实施方式Detailed ways
为了使本发明的目的、技术方案及优点更加清楚明白,下面结合附图并据实施例,对本发明的技术方案进行详细说明。In order to make the purpose, technical solution and advantages of the present invention clearer, the technical solution of the present invention will be described in detail below in conjunction with the accompanying drawings and embodiments.
参见图1,图1是本发明实施例基于分布式文件系统的ISCSI服务架构示意图,如图1所示,分布式文件系统中包括管理节点和数据节点,ISCSI Initiator(ISCSI启动器)部署在分布式文件系统之外的各类操作系统平台的客户端;ISCSI target则部署在分布式文件系统的数据节点上,且每个数据节点上可以部署多个ISCSI target(ISCSI目标器)。Referring to FIG. 1, FIG. 1 is a schematic diagram of an ISCSI service architecture based on a distributed file system according to an embodiment of the present invention. As shown in FIG. Clients of various operating system platforms other than the distributed file system; the ISCSI target is deployed on the data nodes of the distributed file system, and multiple ISCSI targets (ISCSI targets) can be deployed on each data node.
在图1所示服务架构中,管理节点负责ISCSI Initiator的相关配置和管理,以及对ISCSI Initiator和ISCSI target之间通信的管理。In the service architecture shown in Figure 1, the management node is responsible for the configuration and management of the ISCSI Initiator, as well as the management of the communication between the ISCSI Initiator and the ISCSI target.
下面结合具体实施例对本发明的实现进行详细说明。The implementation of the present invention will be described in detail below in conjunction with specific embodiments.
参见图2,图2是本发明实施例基于分布式文件系统的ISCSI服务实现方法流程图,该方法应用于分布式文件系统的管理节点,具体包括以下步骤:Referring to Fig. 2, Fig. 2 is the flowchart of the implementation method of the ISCSI service based on the distributed file system according to the embodiment of the present invention, the method is applied to the management node of the distributed file system, and specifically includes the following steps:
步骤101、维护一包括所有数据节点上的ISCSI Target信息的Target共享列表。Step 101. Maintain a target sharing list including ISCSI Target information on all data nodes.
Target共享列表中,ISCSI Target信息包括ISCSI Target的连接状态。In the target sharing list, the ISCSI Target information includes the connection status of the ISCSI Target.
ISCSI Target与ISCSI Initiator的连接状态包括以下几种:The connection status between ISCSI Target and ISCSI Initiator includes the following types:
1、已连接:ISCSI Target与一ISCSI Initiator已经建立连接。1. Connected: The ISCSI Target has established a connection with an ISCSI Initiator.
2、正连接:ISCSI Target与一ISCSI Initiator正在建立连接。2. Connecting: The ISCSI Target is establishing a connection with an ISCSI Initiator.
3、未连接:ISCSI Target尚未与任何ISCSI Initiator建立连接。3. Not connected: The ISCSI Target has not yet established a connection with any ISCSI Initiator.
4、未运行:ISCSI Target未启动,不能与ISCSI Initiator建立连接。4. Not running: The ISCSI Target is not started, and cannot establish a connection with the ISCSI Initiator.
本实施例中,可以通过监控所有数据节点上的ISCSI Target的连接状态并更新至该Target共享列表的方法,实现对共享列表的更新维护,具体地,数据节点上的各ISCSITarget可以周期性上报自身的连接状态信息,也可以只在自身连接状态变化时上报自身的连接状态信息。管理节点接收到各ISCSI Target上报的连接状态信息,并根据接收到的连接状态信息更新Target共享列表。In this embodiment, the update and maintenance of the shared list can be realized by monitoring the connection status of the ISCSI Target on all data nodes and updating to the Target shared list. Specifically, each ISCSITarget on the data node can periodically report itself connection status information, or only report its own connection status information when its own connection status changes. The management node receives the connection status information reported by each ISCSI Target, and updates the Target sharing list according to the received connection status information.
步骤202、在ISCSI Initiator启动时,将Target共享列表中所述ISCSI Initiator对应的所有可用ISCSI Target提供给所述ISCSI Initiator,以使所述ISCSI Initiator与任一可用ISCSI Target建立连接。Step 202 , when the ISCSI Initiator starts, provide all available ISCSI Targets corresponding to the ISCSI Initiator in the Target sharing list to the ISCSI Initiator, so that the ISCSI Initiator establishes a connection with any available ISCSI Target.
在现有实现中,ISCSI Initiator启动后,需要与一个ISCSI Target建立连接,之后,用户才可以通过ISCSI Initiator对ISCSI Target进行读写,从而实现对分布式存储系统的数据访问。In the existing implementation, after the ISCSI Initiator is started, it needs to establish a connection with an ISCSI Target, and then the user can read and write to the ISCSI Target through the ISCSI Initiator, thereby realizing data access to the distributed storage system.
本发明中,为每个ISCSI Initiator配置对应的特定数据节点上的特定ISCSITarget。该ISCSI Initiator对应的特定数据节点可以是分布式管理系统上的任一数据节点,特定ISCSI Target是指该特定数据节点上的一个未连接的ISCSI Target。在实际实现中,可以按照某种规则,例如启动时间先后,对该特定数据节点上所有未连接的ISCSITarget进行排序,将排序第一的ISCSI Target确定该特定ISCSI Target。In the present invention, each ISCSI Initiator is configured with a specific ISCSITarget on a corresponding specific data node. The specific data node corresponding to the ISCSI Initiator may be any data node on the distributed management system, and the specific ISCSI Target refers to an unconnected ISCSI Target on the specific data node. In actual implementation, all unconnected ISCSITargets on the specific data node may be sorted according to a certain rule, such as starting time, and the specific ISCSI Target is determined by the ISCSI Target ranked first.
需要说明的是,各ISCSI Initiator对应的特定数据节点上的特定ISCSI Target可以相同,也可以不同。具体由用户配置确定。It should be noted that the specific ISCSI Target on the specific data node corresponding to each ISCSI Initiator may be the same or different. The details are determined by user configuration.
ISCSI Initiator启动后可以向其对应的特定数据节点上的特定ISCSI Target发送第一Target请求;该特定ISCSI Target接收到该第一Target请求后,生成第二Target请求,将该第一Target请求中携带的该ISCSI Initiator携带到第二Target请求中并发送到管理节点;管理节的接收到第二Target请求后,可以根据第二Target请求和Target共享列表确定所述ISCSI Initiator对应的所有可用ISCSI Target,将所有可用ISCSI Target返回所述该特定ISCSI Target;该特定ISCSI Target再将所有可用ISCSI Target返回给该ISCSI Initiator,从而用户可以选择确定该ISCSI Initiator与哪个可用ISCSI Target建立连接。After the ISCSI Initiator is started, it can send the first Target request to the specific ISCSI Target on its corresponding specific data node; after the specific ISCSI Target receives the first Target request, it generates a second Target request and carries it in the first Target request The ISCSI Initiator is carried in the second Target request and sent to the management node; after the management node receives the second Target request, it can determine all available ISCSI Targets corresponding to the ISCSI Initiator according to the second Target request and the Target sharing list, All available ISCSI Targets are returned to the specific ISCSI Target; the specific ISCSI Target then returns all available ISCSI Targets to the ISCSI Initiator, so that the user can choose which available ISCSI Target to establish a connection with the ISCSI Initiator.
因此,本步骤202中,将Target共享列表中所述ISCSI Initiator对应的所有可用ISCSI Target提供给所述ISCSI Initiator,具体包括:Therefore, in this step 202, all available ISCSI Targets corresponding to the ISCSI Initiator in the Target sharing list are provided to the ISCSI Initiator, specifically including:
接收所述ISCSI Initiator的特定ISCSI Target发送的第二Target请求;该第二Target请求是该特定ISCSI Target接收到所述ISCSI Initiator发送的第一Target请求后生成的;receiving a second Target request sent by a specific ISCSI Target of the ISCSI Initiator; the second Target request is generated after the specific ISCSI Target receives the first Target request sent by the ISCSI Initiator;
根据第二Target请求和Target共享列表确定所述ISCSI Initiator对应的所有可用ISCSI Target,将所有可用ISCSI Target返回所述该特定ISCSI Target,由该特定ISCSITarget将所有可用ISCSI Target返回给所述ISCSI Initiator。Determine all available ISCSI Targets corresponding to the ISCSI Initiator according to the second Target request and the Target sharing list, return all available ISCSI Targets to the specific ISCSI Target, and the specific ISCSITarget returns all available ISCSI Targets to the ISCSI Initiator.
在实际实现中,在ISCSI Target没有断掉与某一ISCSI Initiator的连接之前,其他ISCSI Initiator不能与该ISCSI Target建立连接关系,也即ISCSI Initiator与ISCSITarget是一对一的通信关系。In actual implementation, before the ISCSI Target disconnects from a certain ISCSI Initiator, other ISCSI Initiators cannot establish a connection relationship with the ISCSI Target, that is, the ISCSI Initiator and the ISCSITarget have a one-to-one communication relationship.
因此,对于ISCSI Target来说,如果其连接状态为上述第1连接状态(已连接),则除了已与其建立连接ISCSI Initiator外,不允许其再与其它ISCSI Initiator建立连接;其连接状态为上述第2连接状态(正连接),则除了证与其建立连接ISCSI Initiator外,也不允许其再与其它ISCSI Initiator建立连接。另外,如果ISCSI Target的连接状态为上述第4种连接状态(未启动),则在其被启动之前,也不允许其与任何ISCSI Initiator建立连接。Therefore, for an ISCSI Target, if its connection status is the above-mentioned first connection status (connected), it is not allowed to establish a connection with other ISCSI Initiators except for the ISCSI Initiator that has established a connection with it; its connection status is the above-mentioned first connection status. 2 connection state (connecting), then in addition to establishing a connection with the ISCSI Initiator, it is not allowed to establish a connection with other ISCSI Initiators. In addition, if the connection state of the ISCSI Target is the fourth connection state (not started), it is not allowed to establish a connection with any ISCSI Initiator before it is started.
由此可知,ISCSI Initiator启动后,只能选择与处于未连接状态的ISCSI Target建立连接,也即:只有Target共享列表中连接状态为未连接的Target共享列表,对该ISCSIInitiator是可用的。It can be seen that after the ISCSI Initiator is started, it can only choose to establish a connection with the ISCSI Target in the unconnected state, that is, only the Target shared list whose connection status is unconnected in the Target shared list is available to the ISCSI Initiator.
然而,ISCSI Initiator并不是可以与任何未连接的ISCSI Target都能建立连接的,每个ISCSI Target自身也具有访问限制,只允许部分ISCSI Initiator与其建立连接,以保障数据安全。However, the ISCSI Initiator cannot establish a connection with any unconnected ISCSI Target, and each ISCSI Target itself has access restrictions, allowing only some ISCSI Initiators to establish connections with it to ensure data security.
为了实现上述目的,本实施例中,管理节点可以预先为每个ISCSI Target配置访问权限,所述访问权限包括IP地址范围限制;所述IP地址范围限制为一IP地址集合,只要ISCSI Initiator的IP地址落入该IP地址集合内,则不允许访问该ISCSI Target。因此,各ISCSI Target的IP地址范围限制限定了禁止哪些ISCSI Initiator访问该ISCSI Target,管理节点在确定某一ISCSI Initiator的可用ISCSI Target,需要将禁止该ISCSIInitiator访问的所有ISCSI Target摈除在可用ISCSI Target之外。。In order to achieve the above purpose, in this embodiment, the management node can pre-configure access rights for each ISCSI Target, the access rights include IP address range restrictions; the IP address range is limited to an IP address set, as long as the IP address of the ISCSI Initiator If the address falls into the IP address set, access to the iSCSI Target is not allowed. Therefore, the IP address range of each ISCSI Target limits which ISCSI Initiators are prohibited from accessing the ISCSI Target. When the management node determines the available ISCSI Targets of a certain ISCSI Initiator, it needs to remove all the ISCSI Targets that are prohibited from being accessed by the ISCSI Initiator from the available ISCSI Targets. outside. .
因此,上述根据第二Target请求和Target共享列表确定所述ISCSI Initiator对应的所有可用ISCSI Target的方法具体可以为:针对Target共享列表处于未连接状态的每个ISCSI Target,判断所述第二Target请求携带的所述ISCSI Initiator的IP地址是否位于该ISCSI Target的IP地址范围限制之内,如果是,则确定该ISCSI Target不是所述ISCSIInitiator的可用ISCSI Initiator,否则,确定该ISCSI Target是所述ISCSI Initiator的可用ISCSI Initiator。Therefore, the above-mentioned method of determining all available ISCSI Targets corresponding to the ISCSI Initiator according to the second Target request and the Target sharing list may specifically be: for each ISCSI Target whose Target sharing list is in an unconnected state, determine whether the second Target request Whether the IP address of the ISCSI Initiator carried is within the IP address range limit of the ISCSI Target, if yes, then determine that the ISCSI Target is not an available ISCSI Initiator of the ISCSI Initiator, otherwise, determine that the ISCSI Target is the ISCSI Initiator Available ISCSI Initiators.
在实际应用中,管理节点还可以支持chap认证。In practical applications, the management node can also support chap authentication.
在本发明的一个实施例中,管理节点中预先配置了各ISCSI Target对应的用于chap认证的用户名和密码;另外还预先为各ISCSI Target配置chap认证标志并下发到该ISCSI Target;所述chap认证标志包括需要认证和不需要认证。In one embodiment of the present invention, the user name and password used for chap authentication corresponding to each ISCSI Target are pre-configured in the management node; in addition, chap authentication marks are also pre-configured for each ISCSI Target and issued to the ISCSI Target; The chap certification mark includes certification required and certification not required.
管理节点将Target共享列表中ISCSI Initiator对应的所有可用ISCSI Target提供给该ISCSI Initiator之后,用户可以选择其中一个可用ISCSI Target,该ISCSIInitiator向该ISCSI Target发送连接请求;该ISCSI Target接收到连接请求后,向该ISCSI Initiator发送chap认证请求;用户在ISCSI Initiator操作界面输入该ISCSITarget对应的用于chap认证的用户名和密码,该ISCSI Initiator将该ISCSI Target对应的用于chap认证的用户名和密码携带在chap认证响应中返回给该ISCSI Target;该ISCSITarget将该chap认证响应转发到管理节点,管理节点用该chap认证响应中携带的用户名和密码与预先配置的该ISCSI Target对应的用于chap认证的用户名和密码进行比较,如果相同,则chap认证成功,返回认证成功消息给该ISCSI Target,从而该ISCSI Target与该ISCSI Initiator继续执行后续的连接流程,如果不相同,则返回认证失败消息给该ISCSITarget,从而该ISCSI Target拒绝与该ISCSI Initiator建立连接。After the management node provides all available ISCSI Targets corresponding to the ISCSI Initiator in the Target sharing list to the ISCSI Initiator, the user can select one of the available ISCSI Targets, and the ISCSI Initiator sends a connection request to the ISCSI Target; after the ISCSI Target receives the connection request, Send a chap authentication request to the ISCSI Initiator; the user enters the user name and password for chap authentication corresponding to the ISCSITarget on the ISCSI Initiator interface, and the ISCSI Initiator carries the user name and password for chap authentication corresponding to the ISCSI Target in the chap authentication The response is returned to the ISCSI Target; the ISCSITarget forwards the chap authentication response to the management node, and the management node uses the username and password carried in the chap authentication response to the pre-configured username and password for chap authentication corresponding to the ISCSI Target For comparison, if they are the same, the chap authentication is successful, and the authentication success message is returned to the ISCSI Target, so that the ISCSI Target and the ISCSI Initiator continue to execute the subsequent connection process, if not, the authentication failure message is returned to the ISCSITarget, so that the ISCSI Target The iSCSI Target refuses to establish a connection with the iSCSI Initiator.
步骤203、接收所述任一可用ISCSI Target转发的来自所述ISCSI Initiator的数据读写请求,基于该数据读写请求对分布式文件系统中的数据节点进行读写操作,并通过所述任一可用ISCSI Target返回读写操作结果到所述ISCSI Initiator。Step 203: Receive the data read and write request from the ISCSI Initiator forwarded by any available ISCSI Target, perform read and write operations on the data nodes in the distributed file system based on the data read and write request, and pass any The ISCSI Target can be used to return the read and write operation results to the ISCSI Initiator.
ISCSI Initiator与ISCSI Target建立连接后,ISCSI Initiator可以向该ISCSITarget发送数据读写请求,以实现对数据节点的访问。After the ISCSI Initiator establishes a connection with the ISCSI Target, the ISCSI Initiator can send a data read and write request to the ISCSITarget to realize access to the data node.
本发明实施例中,当ISCSI Target接收到来自ISCSI Initiator的数据读写请求后,将数据读写请求发送到管理节点,由管理节点根据数据读写请求对数据节点进行读写操作,并返回读写操作结果,ISCSI Target将读写操作结果返回给ISCSI Initiator,从而完成ISCSI Initiator的数据读写请求。In the embodiment of the present invention, when the ISCSI Target receives the data read and write request from the ISCSI Initiator, it sends the data read and write request to the management node, and the management node performs read and write operations on the data node according to the data read and write request, and returns the read and write request. As for the write operation result, the ISCSI Target returns the read and write operation result to the ISCSI Initiator to complete the data read and write request of the ISCSI Initiator.
需要注意的是,数据读写请求实际上包括数据读请求和数据写请求,如果是数据读请求,则管理节点需要对数据节点进行读操作,如果是数据写请求,则管理节点需要对数据节点进行写操作。无论是对数据节点执行读操作还是写操作,在执行之前,均需要判断判断ISCSI Initiator是否对ISCSI Target具有相应的读写权限,如果没有相应的访问权限,则可以直接返回禁止访问,不再对数据节点执行读操作或写操作,如果有相应的读写权限,则对数据节点执行读操作或写操作。It should be noted that data read and write requests actually include data read requests and data write requests. If it is a data read request, the management node needs to perform a read operation on the data node. to perform a write operation. Regardless of whether it is to perform a read operation or a write operation on a data node, before executing it, it is necessary to judge whether the ISCSI Initiator has the corresponding read and write permissions for the ISCSI Target. Data nodes perform read or write operations, and if they have corresponding read and write permissions, perform read or write operations on the data nodes.
因此,本步骤203所述基于该数据读写请求对分布式文件系统中的数据节点进行读写操作的方法具体可以为:Therefore, the method for performing read and write operations on the data nodes in the distributed file system based on the data read and write request described in step 203 may specifically be:
如果该数据读写请求为读请求,则若所述ISCSI Initiator对所述任一可用ISCSITarget具有读权限,则基于该读请求对分布式文件系统中的数据节点进行读操作,若所述ISCSI Initiator对所述任一可用ISCSI Target不具有读权限,则生成用作读写操作结果的读错误信息;If the data read and write request is a read request, if the ISCSI Initiator has read permission for any available ISCSITarget, then based on the read request, the data node in the distributed file system is read, and if the ISCSI Initiator Does not have read permission to any available ISCSI Target, then generates read error information used as the result of the read and write operation;
如果该数据读写请求为写请求,则若所述ISCSI Initiator对所述任一可用ISCSITarget具有写权限,则基于该写请求对分布式文件系统中的数据节点进行写操作,若所述ISCSI Initiator对所述任一可用ISCSI Target不具有写权限,则生成用作读写操作结果的写错误信息。If the data read and write request is a write request, then if the ISCSI Initiator has write permission to the any available ISCSITarget, then based on the write request, the data node in the distributed file system is written, if the ISCSI Initiator If there is no write permission for any of the available ISCSI Targets, a write error message is generated as a result of the read and write operations.
在实际实现中,分布式文件系统的管理节点可以有多个,其中一个作为主管理节点,其它管理节点作为备份管理节点。在主管理节点未故障的情况下,由主管理节点执行上述图2所示本发明实施例中管理节点执行的各项功能,当主管理节点故障时,可以从备管理节点中选择一个作为新的主管理节点,接替故障的主管理节点。In actual implementation, there may be multiple management nodes in the distributed file system, one of which is used as the main management node, and the other management nodes are used as backup management nodes. In the case that the main management node is not faulty, the main management node performs various functions performed by the management node in the embodiment of the present invention shown in Figure 2 above. When the main management node fails, one of the standby management nodes can be selected as a new The primary management node takes over from the failed primary management node.
以上对本发明实施例基于分布式文件系统的ISCSI服务实现方法进行了详细说明,本发明还提供了一种基于分布式文件系统的ISCSI服务实现装置,以下结合图3进行详细说明。The method for realizing the ISCSI service based on the distributed file system in the embodiment of the present invention has been described above in detail. The present invention also provides a device for realizing the ISCSI service based on the distributed file system, which will be described in detail below with reference to FIG. 3 .
参见图3,图3是本发明实施例基于分布式文件系统的ISCSI服务实现装置的结构示意图,所述分布式文件系统包括管理节点和数据节点,每个数据节点上部署多个ISCSITarget;如图3所示,该装置应用于所述管理节点,包括:维护单元301、连接控制单元302、读写控制单元303;其中,Referring to FIG. 3, FIG. 3 is a schematic structural diagram of an ISCSI service implementation device based on a distributed file system according to an embodiment of the present invention. The distributed file system includes a management node and a data node, and multiple ISCSITargets are deployed on each data node; as shown in FIG. 3, the device is applied to the management node, including: a maintenance unit 301, a connection control unit 302, and a read-write control unit 303; wherein,
维护单元301,用于维护一包括所有数据节点上的ISCSI Target信息的Target共享列表;A maintenance unit 301, configured to maintain a Target sharing list including ISCSI Target information on all data nodes;
连接控制单元302,用于在ISCSI Initiator启动时,将Target共享列表中所述ISCSI Initiator对应的所有可用ISCSI Target提供给所述ISCSI Initiator,以使所述ISCSI Initiator与任一可用ISCSI Target建立连接;The connection control unit 302 is configured to provide all available ISCSI Targets corresponding to the ISCSI Initiator in the Target sharing list to the ISCSI Initiator when the ISCSI Initiator is started, so that the ISCSI Initiator establishes a connection with any available ISCSI Target;
读写控制单元303,用于接收所述任一可用ISCSI Target转发的来自所述ISCSIInitiator的数据读写请求,基于该数据读写请求对分布式文件系统中的数据节点进行读写操作,并通过所述任一可用ISCSI Target返回读写操作结果到所述ISCSI Initiator。The read-write control unit 303 is configured to receive a data read-write request from the ISCSIInitiator forwarded by any available ISCSI Target, perform read-write operations on data nodes in the distributed file system based on the data read-write request, and pass The any available ISCSI Target returns the read and write operation results to the ISCSI Initiator.
图3所示装置中,In the device shown in Figure 3,
所述ISCSI Target信息包括ISCSI Target的连接状态;The ISCSI Target information includes the connection status of the ISCSI Target;
所述维护单元301,维护一包括所有数据节点上的ISCSI Target信息的Target共享列表时,用于:监控所有数据节点上的ISCSI Target的连接状态并更新至该Target共享列表。The maintenance unit 301, when maintaining a target sharing list including ISCSI Target information on all data nodes, is configured to: monitor the connection status of the ISCSI Targets on all data nodes and update to the target sharing list.
图3所示装置中,In the device shown in Figure 3,
所述维护单元301,监控所有数据节点上的ISCSI Target的连接状态时,用于:接收各ISCSI Target周期性上报或在自身连接状态变化时上报的连接状态信息。The maintenance unit 301, when monitoring the connection states of the ISCSI Targets on all data nodes, is configured to: receive connection state information reported periodically by each ISCSI Target or reported when its own connection state changes.
图3所示装置还包括配置单元304;The device shown in FIG. 3 also includes a configuration unit 304;
所述配置单元304,用于为每个ISCSI Initiator配置对应的特定数据节点上的特定ISCSI Target;The configuration unit 304 is configured to configure a specific ISCSI Target on a corresponding specific data node for each ISCSI Initiator;
所述连接控制单元302,将Target共享列表中所述ISCSI Initiator对应的所有可用ISCSI Target提供给所述ISCSI Initiator,包括:The connection control unit 302 provides all available ISCSI Targets corresponding to the ISCSI Initiator in the Target sharing list to the ISCSI Initiator, including:
接收所述ISCSI Initiator的特定ISCSI Target发送的第二Target请求;该第二Target请求是该特定ISCSI Target接收到所述ISCSI Initiator发送的第一Target请求后生成的;receiving a second Target request sent by a specific ISCSI Target of the ISCSI Initiator; the second Target request is generated after the specific ISCSI Target receives the first Target request sent by the ISCSI Initiator;
根据第二Target请求和Target共享列表确定所述ISCSI Initiator对应的所有可用ISCSI Target,将所有可用ISCSI Target返回所述该特定ISCSI Target,由该特定ISCSITarget将所有可用ISCSI Target返回给所述ISCSI Initiator。Determine all available ISCSI Targets corresponding to the ISCSI Initiator according to the second Target request and the Target sharing list, return all available ISCSI Targets to the specific ISCSI Target, and the specific ISCSITarget returns all available ISCSI Targets to the ISCSI Initiator.
图3所示装置中,In the device shown in Figure 3,
所述连接状态包括:已连接、正连接、未连接、未运行;The connection state includes: connected, connecting, not connected, not running;
所述配置单元304,用于:预先为每个ISCSI Target配置访问权限,所述访问权限包括IP地址范围限制;所述IP地址范围限制为一IP地址集合;The configuration unit 304 is configured to: pre-configure access rights for each ISCSI Target, the access rights include IP address range restrictions; the IP address range is limited to an IP address set;
所述第一Target请求携带所述ISCSI Initiator的IP地址;The first Target request carries the IP address of the ISCSI Initiator;
所述ISCSI Initiator的特定ISCSI Target生成的第二Target请求携带所述第一Target请求携带的所述ISCSI Initiator的IP地址;The second Target request generated by the specific ISCSI Target of the ISCSI Initiator carries the IP address of the ISCSI Initiator carried in the first Target request;
所述连接控制单元302,根据第二Target请求和Target共享列表确定所述ISCSIInitiator对应的所有可用ISCSI Target时,用于:针对Target共享列表处于未连接状态的每个ISCSI Target,判断所述第二Target请求携带的所述ISCSI Initiator的IP地址是否位于该ISCSI Target的IP地址范围限制之内,如果是,则确定该ISCSI Target不是所述ISCSI Initiator的可用ISCSI Initiator,否则,确定该ISCSI Target是所述ISCSIInitiator的可用ISCSI Initiator。The connection control unit 302, when determining all available ISCSI Targets corresponding to the ISCSIInitiator according to the second Target request and the Target sharing list, is configured to: for each ISCSI Target whose Target sharing list is in an unconnected state, determine that the second Whether the IP address of the ISCSI Initiator carried in the Target request is within the IP address range limit of the ISCSI Target, if yes, then determine that the ISCSI Target is not an available ISCSI Initiator of the ISCSI Initiator, otherwise, determine that the ISCSI Target is the Available ISCSI Initiators for the ISCSIInitiator described above.
图3所示装置中,In the device shown in Figure 3,
所述访问权限还包括chap认证标志;所述chap认证标志包括需要认证和不需要认证;The access authority also includes a chap authentication mark; the chap authentication mark includes needing authentication and not needing authentication;
所述配置单元304,用于预先配置每个ISCSI Target对应的用于chap认证的用户名和密码;The configuration unit 304 is configured to pre-configure the user name and password for chap authentication corresponding to each ISCSI Target;
所述连接控制单元302,在所述ISCSI Initiator与任一可用ISCSI Target建立连接的过程中,如果所述任一可用ISCSI Target需要认证,则接收所述任一可用ISCSITarget转发的来自所述ISCSI Initiator的chap认证响应,如果该chap认证响应携带的用户名和密码与所述任一可用ISCSI Target对应的用于chap认证的用户名和密码相同,则向所述任一可用ISCSI Target发送chap认证成功消息,以使通过所述任一可用ISCSI Target与所述ISCSI Initiator执行后续连接流程,否则,向所述任一可用ISCSI Target发送chap认证失败消息,以使所述任一可用ISCSI Target拒绝与所述ISCSI Initiator建立连接;其中,所述chap认证响应是所述ISCSI Initiator向所述任一可用ISCSI Target发送连接请求,并接收到所述任一可用ISCSI Target返回的chap认证请求后,发向所述任一可用ISCSITarget的。The connection control unit 302, in the process of establishing a connection between the ISCSI Initiator and any available ISCSI Target, if the any available ISCSI Target requires authentication, receive the information from the ISCSI Initiator forwarded by the any available ISCSI Target. chap authentication response, if the username and password carried by the chap authentication response are the same as the username and password for chap authentication corresponding to any available ISCSI Target, then send a chap authentication success message to any available ISCSI Target, so that any available ISCSI Target and the ISCSI Initiator perform a subsequent connection process, otherwise, send a chap authentication failure message to the any available ISCSI Target, so that the any available ISCSI Target refuses to communicate with the ISCSI Initiator Initiator establishes a connection; wherein, the chap authentication response is that the ISCSI Initiator sends a connection request to any available ISCSI Target, and after receiving the chap authentication request returned by any available ISCSI Target, sends it to any An available ISCSITarget.
图3所示装置中,In the device shown in Figure 3,
所述配置单元304,用于预先配置每个ISCSI Initiator对每个ISCSI Target的读写权限,所述读写权限包括读权限和写权限;The configuration unit 304 is configured to pre-configure the read and write permissions of each ISCSI Initiator to each ISCSI Target, the read and write permissions include read permissions and write permissions;
所述数据读写请求为读请求或写请求;The data read and write request is a read request or a write request;
所述读写控制单元304,基于该数据读写请求对分布式文件系统中的数据节点进行读写操作时,用于:The read-write control unit 304, when performing read-write operations on data nodes in the distributed file system based on the data read-write request, is used to:
如果该数据读写请求为读请求,则若所述ISCSI Initiator对所述任一可用ISCSITarget具有读权限,则基于该读请求对分布式文件系统中的数据节点进行读操作,若所述ISCSI Initiator对所述任一可用ISCSI Target不具有读权限,则生成用作读写操作结果的读错误信息;If the data read and write request is a read request, if the ISCSI Initiator has read permission for any available ISCSITarget, then based on the read request, the data node in the distributed file system is read, and if the ISCSI Initiator Does not have read permission to any available ISCSI Target, then generates read error information used as the result of the read and write operation;
如果该数据读写请求为写请求,则若所述ISCSI Initiator对所述任一可用ISCSITarget具有写权限,则基于该写请求对分布式文件系统中的数据节点进行写操作,若所述ISCSI Initiator对所述任一可用ISCSI Target不具有写权限,则生成用作读写操作结果的写错误信息。If the data read and write request is a write request, then if the ISCSI Initiator has write permission to the any available ISCSITarget, then based on the write request, the data node in the distributed file system is written, if the ISCSI Initiator If there is no write permission for any of the available ISCSI Targets, a write error message is generated as a result of the read and write operations.
以上所述仅为本发明的较佳实施例而已,并不用以限制本发明,凡在本发明的精神和原则之内,所做的任何修改、等同替换、改进等,均应包含在本发明保护的范围之内。The above descriptions are only preferred embodiments of the present invention, and are not intended to limit the present invention. Any modifications, equivalent replacements, improvements, etc. made within the spirit and principles of the present invention shall be included in the present invention. within the scope of protection.
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711427584.0ACN108366087B (en) | 2017-12-26 | 2017-12-26 | ISCSI service realization method and device based on distributed file system |
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711427584.0ACN108366087B (en) | 2017-12-26 | 2017-12-26 | ISCSI service realization method and device based on distributed file system |
| Publication Number | Publication Date |
|---|---|
| CN108366087Atrue CN108366087A (en) | 2018-08-03 |
| CN108366087B CN108366087B (en) | 2021-03-05 |
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201711427584.0AActiveCN108366087B (en) | 2017-12-26 | 2017-12-26 | ISCSI service realization method and device based on distributed file system |
| Country | Link |
|---|---|
| CN (1) | CN108366087B (en) |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109600436A (en)* | 2018-12-10 | 2019-04-09 | 浪潮电子信息产业股份有限公司 | A kind of distribution iscsi service implementing method, system and relevant apparatus |
| CN109981768A (en)* | 2019-03-21 | 2019-07-05 | 上海霄云信息科技有限公司 | I/o multipath planning method and equipment in distributed network storage system |
| CN110059056A (en)* | 2019-04-18 | 2019-07-26 | 北京思特奇信息技术股份有限公司 | The distributed system read/writable detection method of multinode multifile, device, equipment |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060109850A1 (en)* | 2004-11-24 | 2006-05-25 | Hitachi, Ltd. | IP-SAN network access control list generating method and access control list setup method |
| CN101115009A (en)* | 2007-08-31 | 2008-01-30 | 杭州华三通信技术有限公司 | Storage resource access control method, storage control system and application host |
| CN101621526A (en)* | 2009-08-20 | 2010-01-06 | 杭州华三通信技术有限公司 | iSCSI method and apparatus for preventing useless connection from occupying system resources |
| CN101808119A (en)* | 2010-03-04 | 2010-08-18 | 杭州华三通信技术有限公司 | Method and equipment for multiple storage array load balancing |
| CN102012933A (en)* | 2010-12-02 | 2011-04-13 | 清华大学 | Distributed file system and method for storing data and providing services by utilizing same |
| CN102111436A (en)* | 2010-12-20 | 2011-06-29 | 深圳市创新科信息技术有限公司 | Storage device and method for accessing storage device through internet small computer system interface (iSCSI) |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060109850A1 (en)* | 2004-11-24 | 2006-05-25 | Hitachi, Ltd. | IP-SAN network access control list generating method and access control list setup method |
| CN101115009A (en)* | 2007-08-31 | 2008-01-30 | 杭州华三通信技术有限公司 | Storage resource access control method, storage control system and application host |
| CN101621526A (en)* | 2009-08-20 | 2010-01-06 | 杭州华三通信技术有限公司 | iSCSI method and apparatus for preventing useless connection from occupying system resources |
| CN101808119A (en)* | 2010-03-04 | 2010-08-18 | 杭州华三通信技术有限公司 | Method and equipment for multiple storage array load balancing |
| CN102012933A (en)* | 2010-12-02 | 2011-04-13 | 清华大学 | Distributed file system and method for storing data and providing services by utilizing same |
| CN102111436A (en)* | 2010-12-20 | 2011-06-29 | 深圳市创新科信息技术有限公司 | Storage device and method for accessing storage device through internet small computer system interface (iSCSI) |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109600436A (en)* | 2018-12-10 | 2019-04-09 | 浪潮电子信息产业股份有限公司 | A kind of distribution iscsi service implementing method, system and relevant apparatus |
| CN109600436B (en)* | 2018-12-10 | 2021-06-29 | 浪潮电子信息产业股份有限公司 | A kind of distributed iscsi service realization method, system and related device |
| CN109981768A (en)* | 2019-03-21 | 2019-07-05 | 上海霄云信息科技有限公司 | I/o multipath planning method and equipment in distributed network storage system |
| CN109981768B (en)* | 2019-03-21 | 2021-12-07 | 上海霄云信息科技有限公司 | IO multi-path planning method and device in distributed network storage system |
| CN110059056A (en)* | 2019-04-18 | 2019-07-26 | 北京思特奇信息技术股份有限公司 | The distributed system read/writable detection method of multinode multifile, device, equipment |
| Publication number | Publication date |
|---|---|
| CN108366087B (en) | 2021-03-05 |
| Publication | Publication Date | Title |
|---|---|---|
| JP4311637B2 (en) | Storage controller | |
| US10158579B2 (en) | Resource silos at network-accessible services | |
| EP3353952B1 (en) | Managing groups of servers | |
| US9842154B2 (en) | Secure data replication | |
| CN102316043B (en) | Port virtualization method, switch and communication system | |
| US20200236032A1 (en) | Blockchain Routing Protocols | |
| US10909009B2 (en) | System and method to create a highly available quorum for clustered solutions | |
| CN104580395A (en) | Multi-cloud cooperative storage middleware system based on existing cloud storage platform | |
| WO2017107827A1 (en) | Method and apparatus for isolating environment | |
| JP2013187707A (en) | Host provision system and communication control method | |
| CN104158879A (en) | Cloud management platform architecture system and method for distributed data center | |
| US11494130B2 (en) | Operation data accessing device and accessing method thereof | |
| CN103118073A (en) | Virtual machine data persistence storage system and method in cloud environment | |
| CN108366087B (en) | ISCSI service realization method and device based on distributed file system | |
| CN117131493A (en) | Permission management system construction method, device, equipment and storage medium | |
| US9774600B1 (en) | Methods, systems, and computer readable mediums for managing infrastructure elements in a network system | |
| CN119127095B (en) | Multi-tenant distributed file system, request method and device based on gRPC | |
| CN108200151B (en) | ISCSI Target load balancing method and device in distributed storage system | |
| EP3884648B1 (en) | Geo-replicated iot hub | |
| CN108600156A (en) | A kind of server and safety certifying method | |
| US20200236031A1 (en) | Blockchain Routing Protocols | |
| CN102868594B (en) | Method and device for message processing | |
| JP5734421B2 (en) | Management information generation method, management information generation program, and management information generation apparatus | |
| CN111831743B (en) | Block chain data storage system and method based on cloud storage | |
| CN108848156B (en) | Access gateway processing method, device and storage medium |
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information | Address after:518057 Shenzhen Software Park, No. 9, 501, 502, Science and Technology Middle Road, Nanshan District, Shenzhen City, Guangdong Province Applicant after:Shenzhen Innovation Technology Co.,Ltd. Address before:518057 Shenzhen Software Park, No. 9, 501, 502, Science and Technology Middle Road, Nanshan District, Shenzhen City, Guangdong Province Applicant before:UITSTOR (USA) Inc. | |
| CB02 | Change of applicant information | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| PP01 | Preservation of patent right | Effective date of registration:20250430 Granted publication date:20210305 | |
| PP01 | Preservation of patent right |