How to provide custom iSCSI initiatornames for nodes in Red Hat OpenShift Container Platform 4.x

Solution Verified - Updated

Environment

  • Red Hat OpenShift Container Platform (RHOCP)4

Issue

  • How to provide custom iSCSI initiatornames for nodes in Red Hat OpenShift Container Platform 4.x

  • What is the recommended way to edit InitiatorName in /etc/iscsi/initiatorname.iscsi on worker nodes?

Resolution

At time of this writing, nothing internal to OpenShift should use iSCSI, so the following change should be safe to apply. However, Red Hat recommend that these changes be tested in a development cluster. Make sure that everything works as expected and in doubt contact Red Hat Technical Support.

It is not supported to edit any files manually in OCP 4.x. All custom changes need to be pushed with the Machine Config Operator.

OCP 4.x generates unique iSCSI IDs by default with:

# /usr/lib/systemd/system/coreos-generate-iscsi-initiatorname.service
# Note we should rip this out once it's fixed upstream:
# https://bugzilla.redhat.com/show_bug.cgi?id=1493296
# We have a time bomb for that in manifest.yaml.
[Unit]
Description=CoreOS Generate iSCSI Initiator Name
Documentation=https://bugzilla.redhat.com/show_bug.cgi?id=1493296
Documentation=https://bugzilla.redhat.com/show_bug.cgi?id=1687722
# But only if not already written by Ignition
# https://bugzilla.redhat.com/show_bug.cgi?id=1868174
ConditionPathExists=!/etc/iscsi/initiatorname.iscsi
Before=iscsid.service
[Service]
Type=oneshot
ExecStart=/usr/bin/sh -c 'echo "InitiatorName=`/usr/sbin/iscsi-iname`" > /etc/iscsi/initiatorname.iscsi'
RemainAfterExit=yes
[Install]
WantedBy=multi-user.target

That means that the following service exists on all worker nodes:

$ cat /usr/lib/systemd/system/coreos-generate-iscsi-initiatorname.service

# Note we should rip this out once it's fixed upstream:
# https://bugzilla.redhat.com/show_bug.cgi?id=1493296
# We have a time bomb for that in manifest.yaml.
[Unit]
Description=CoreOS Generate iSCSI Initiator Name
Documentation=https://bugzilla.redhat.com/show_bug.cgi?id=1493296
Documentation=https://bugzilla.redhat.com/show_bug.cgi?id=1687722
# But only if not already written by Ignition
# https://bugzilla.redhat.com/show_bug.cgi?id=1868174
ConditionPathExists=!/etc/iscsi/initiatorname.iscsi
Before=iscsid.service
[Service]
Type=oneshot
ExecStart=/usr/bin/sh -c 'echo "InitiatorName=`/usr/sbin/iscsi-iname`" > /etc/iscsi/initiatorname.iscsi'
RemainAfterExit=yes
[Install]
WantedBy=multi-user.target

In turn, it is possible with the following MachineConfig to configure custom names, for example by hostname:

cat << 'EOF' | oc create -f -
kind: MachineConfig
apiVersion: machineconfiguration.openshift.io/v1
metadata:
  name: 99-worker-custom-isci-initiatorname
  labels:
    machineconfiguration.openshift.io/role: worker
spec:
  config:
    ignition:
      version: 3.2.0
    systemd:
      units:
        - contents: |
            [Unit]
            Description=Custom CoreOS Generate iSCSI Initiator Name
            Before=coreos-generate-iscsi-initiatorname.service
            Before=iscsid.service

            [Service]
            Type=oneshot
            ExecStart=/usr/bin/sh -c 'echo "InitiatorName=`hostname`" > /etc/iscsi/initiatorname.iscsi'
            RemainAfterExit=yes
            
            [Install]
            WantedBy=multi-user.target
          name: custom-coreos-generate-iscsi-initiatorname.service
          enabled: true
EOF

Verification:

> oc get mc -o yaml 99-worker-custom-isci-initiatorname

apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
metadata:
  creationTimestamp: "2022-11-01T14:06:33Z"
  generation: 1
  labels:
    machineconfiguration.openshift.io/role: worker
  name: 99-worker-custom-isci-initiatorname
  resourceVersion: "0000000"
  uid: 00900000-0000-0000-0000-000000000000
spec:
  config:
    ignition:
      version: 3.2.0
    systemd:
      units:
      - contents: |
          [Unit]
          Description=Custom CoreOS Generate iSCSI Initiator Name
          Before=coreos-generate-iscsi-initiatorname.service
          Before=iscsid.service

          [Service]
          Type=oneshot
          ExecStart=/usr/bin/sh -c 'echo "InitiatorName=`hostname`" > /etc/iscsi/initiatorname.iscsi'
          RemainAfterExit=yes

          [Install]
          WantedBy=multi-user.target
        enabled: true
        name: custom-coreos-generate-iscsi-initiatorname.service

Now, wait a while. The MachineConfig operator will restart each worker node, one by one. One can make this more complex, for example by calling a shell script from the oneshot service, as in: https://access.redhat.com/solutions/5092381

watch oc get nodes && oc get machines -A

Every 2.0s: oc get nodes && oc get machines -A                                                                                                                                                                        Mon Jun  8 14:03:53 2020

NAME                                  STATUS                     ROLES    AGE   VERSION
clusterx-xxx-master-0       Ready                      master   12d   v1.22.8+9e95cb9
clusterx-xxx-master-1       Ready                      master   12d   v1.22.8+9e95cb9
clusterx-xxx-master-2       Ready                      master   12d   v1.22.8+9e95cb9
clusterx-xxx-worker-xxxxx   Ready,SchedulingDisabled   worker   12d   v1.22.8+9e95cb9
clusterx-xxx-worker-yyyyy   Ready                      worker   12d   v1.22.8+9e95cb9
NAMESPACE               NAME                                  PHASE     TYPE   REGION   ZONE   AGE
openshift-machine-api   clusterx-xxx-master-0       Running                          12d
openshift-machine-api   clusterx-xxx-master-1       Running                          12d
openshift-machine-api   clusterx-xxx-master-2       Running                          12d
openshift-machine-api   clusterx-xxx-worker-xxxxx   Running                          12d
openshift-machine-api   clusterx-xxx-worker-yyyyy   Running                          12d

As with all configurations applied with the MachineConfig operator, the worker node will be restarted to apply the change. After the worker node restarted, one will be able to see the following (custom file /etc/systemd/system/custom-coreos-generate-iscsi-initiatorname.service supersedes /usr/lib/systemd/system/coreos-generate-iscsi-initiatorname.service):

[core@clusterx-xxx ~]$ cat /usr/lib/systemd/system/coreos-generate-iscsi-initiatorname.service
# Note we should rip this out once it's fixed upstream:
# https://bugzilla.redhat.com/show_bug.cgi?id=1493296
# We have a time bomb for that in manifest.yaml.
[Unit]
Description=CoreOS Generate iSCSI Initiator Name
Documentation=https://bugzilla.redhat.com/show_bug.cgi?id=1493296
Documentation=https://bugzilla.redhat.com/show_bug.cgi?id=1687722
# But only if not already written by Ignition
# https://bugzilla.redhat.com/show_bug.cgi?id=1868174
ConditionPathExists=!/etc/iscsi/initiatorname.iscsi
Before=iscsid.service
[Service]
Type=oneshot
ExecStart=/usr/bin/sh -c 'echo "InitiatorName=`/usr/sbin/iscsi-iname`" > /etc/iscsi/initiatorname.iscsi'
RemainAfterExit=yes
[Install]
WantedBy=multi-user.target




[core@clusterX-xxxx ~] cat /etc/systemd/system/custom-coreos-generate-iscsi-initiatorname.service 
[Unit]
Description=Custom CoreOS Generate iSCSI Initiator Name
Before=coreos-generate-iscsi-initiatorname.service
Before=iscsid.service

[Service]
Type=oneshot
ExecStart=/usr/bin/sh -c 'echo "InitiatorName=`hostname`" > /etc/iscsi/initiatorname.iscsi'
RemainAfterExit=yes

[Install]
WantedBy=multi-user.target

For environments that rely on DHCP please change replace the ExecStart with the following line

ExecStart=/usr/bin/sh -c 'sleep 30; echo "InitiatorName=`hostname`" > /etc/iscsi/initiatorname.iscsi'
SBR
Product(s)
Components

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.