On Thu, 04 Jun 2009 17:21:47 +0300 Or Gerlitz <ogerlitz@xxxxxxxxxxxx> wrote: > FUJITA Tomonori wrote: > >> I'd like to check if tgt support initiator-names for target binding. > > > > Do you want to do it for strict security or easy administration? > > First, its seems to me more strict. Hmm, an initiator box can change the name to log in a target illegally. I think that initiator-name-base binding doesn't mean strict security. > Second, nowadays, when virtualization comes to town, a single host (hypervisor) may have multiple guests running on top of it, and there's a need to provide a disk for each of them, where the initiator run on the host. > > So a possible solution is to set a scheme at the target of defining multiple portals (I mean target names) each associated with a different lun and a different initiator name but they all relate to the same initiator ip address. Why VMM can't just store the relationship between a guest and a target name? VMM can do without initiator names, I think. And I think that people usually do: a) each guest has the own IP address and runs the iscsi initiator. or b) VMM runs the initiator and create a file system (could be a SAN FS like vmfs) on it and give a file each guest. Note that I'm not against the initiator-name binding. I just want to know how it can be useful. -- To unsubscribe from this list: send the line "unsubscribe stgt" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
