I am sponsoring this case for Jack Meng. It requests a patch
binding for iSCSI boot, updating PSARC 2008/427 as a result.
I do not expect this to be controversial so I have marked it
Self Review, but am happy to start a timer if an ARC member
so desires or significant discussion ensues.
-- mark
Template Version: @(#)onepager.txt 1.35 07/11/07 SMI
Copyright 2008 Sun Microsystems
1. Introduction
1.1. Project/Component Working Name:
iSCSI Boot in Solaris with iBFT/OBP
1.2. Name of Document Author/Supplier:
Jack Meng (jack.meng at sun.com)
1.3. Date of This Document:
01/08/10
1.3.1. Date this project was conceived:
N/A
1.4. Name of Major Document Customer(s)/Consumer(s):
1.4.1. The PAC or CPT you expect to review your project:
Solaris PAC
1.4.2. The ARC(s) you expect to review your project:
PSARC
1.4.3. The Director/VP who is "Sponsoring" this project:
Scott.Tracy at Sun.Com
1.4.4. The name of your business unit:
Archive Software
1.5. Email Aliases:
1.5.1. Responsible Manager: Grant.Zhang at sun.com
1.5.2. Responsible Engineer: iscsi-boot-iteam at sun.com
1.5.3. Marketing Manager: margaret.hamburger at sun.com
1.5.4. Interest List: iscsi-interest at sun.com
2. Project Summary
2.1. Project Description:
This project is to enable Solaris to boot off iSCSI luns via regular
network
adapters. Different approaches, iBFT/OBP, are adopted to implement this
feature
on x86/sparc platforms. This case supersedes PSARC/2007/450, iSCSI
Software boot.
2.2. Risks and Assumptions:
On x86 platform, iSCSI boot depends on NIC's firmware to implement
its own iSCSI initiator and to support iBFT to pass boot info to OS.
That means the solution on x86 needs dedicated hardware/firmware.
Currently Intel 1G/10G Pro. series NICs support this feature along with
Broadcom in their high-end NICs.
On Sparc platform, iSCSI boot depends on OBP to implement its own iSCSI
stack
to connect to the iSCSI target, load boot archive, and pass the boot
info to
Solaris OS via standard OBP properties. A suite of standard properties
need
to be defined in OBP.
iSCSI disk will still be incapable of being a dump device with this
project.
3. Business Summary
3.1. Problem Area:
Currently Solaris is unable to be boot-off from iSCSI disk. This
is a drawback which limits Solaris' competency in iSCSI SAN
environment, diskless clients and so on.
3.2. Market/Requester:
System Group
3.3. Business Justification:
iSCSI boot is required on Solaris in FY09, both on x86 and SPARC
platform,
because:
1) Sun customers are requesting iSCSI boot options on our
Ethernet
cards and Storages
2) Intel has iSCSI boot option on their standard NIC for Windows
and Linux OS, and Sun can offer this today if we have iSCSI
boot on Solaris
3) iSCSI boot is supported on Linux and Windows; therefore we
need
to reach parity on Solaris
4) iSCSI boot will be the replacement for PXE boot
5) The plan allows iSCSI boot on the standard Network
cards without using expensive TOE HBAs.
Justification from System Marketing team.
3.4. Competitive Analysis:
Linux and Microsoft Windows are capable of booting-off iSCSI disk
with the support to iBFT and few other ways(PXE/Boot server).
Solaris is significantly behind them in this area and this project is
the
effort to pace up with those competitors with feasible solutions both
for
x86 and Sparc.
3.5. Opportunity Window/Exposure:
N/A
3.6. How will you know when you are done?:
Solaris is able to boot off iSCSI disk with IBFT NIC on x86, and with
OBP on SPARC.
4. Technical Description:
4.1. Details:
This project enables Solaris to directly boot off iSCSI disk both on
x86 and
Sparc platform. For doing that it modifies the 'Kernel' stage of
Solaris' booting
process to enumerate the iSCSI disk with and then mount the rootfs
there. Therefore
the info of the boot iSCSI target is essential for the kernel to
achieve this, and
there are completely different ways on x86 and Sparc platform, iBFT/OBP
respectively,
to pass the info to the ramdisk/kernel. However that info will be
unified to the same set
of properties so the rest procedure of iSCSI boot is the same for x86
and Sparc.
4.1.1 iBFT on x86
On x86, iBFT is chosen as the method of passing iSCSI boot
parameters.
iBFT(iSCSI Boot Firmware Table) is defined in ACPI 3.0b
specification and
is a block of information that contains various parameters that
are useful
to the iSCSI Boot process. For Solaris by scanning the low
memory, it
is able to know if it is doing an iSCSI boot and loading
necessary
parameters then. It is iBF's responsibility to present the
iSCSI disk
to load OS boot loader and then the ramdisk.
4.1.2 OBP on Sparc
On Sparc, kernel reads properties of the boot iSCSI lun from
OBP if OBP indicates
this is an iSCSI boot. Before that, OBP constructs an iSCSI
boot disk with its
own iSCSI/TCP/IP stack and loads/executes the booter from
there, and then the
kernel is loaded and started.
Overall, for the Solaris kernel, the only difference regarding
iSCSI boot
on x86 and Sparc is the way to retrieve info of the boot iSCSI
lun
as described above. Afterwards it is the same routine to
plumb/configure the NIC, load/initialize the iscsi initiator
driver, wait for
iscsi initiator to discovery the boot target and then mount the
rootfs from there.
4.1.3 Security
For booting, it is loading OS specific data so the important
thing is to make sure
that data come from the authenticated server/target. Solaris
iSCSI boot uses CHAP
(Challenge-handshake authentication protocol, RFC1994) to do
ensure the data iSCSI
initiator received for booting comes from the target it claims
to have come from.
IPsec in initiator side is not available during the boot but
will take effect
after Solaris fully starts up.
However, despite the security put in place for this project,
Sun will still require
customers to have a physically secured network for iSCSI boot,
similar to the FC
situation.
4.1.4 Dump
iSCSI disk is incapable of being the dump device in Solaris,
and this project will
not address this issue. This is a decision after evaluating
benefits/risks of each
possible solution.
4.1.5 Installation
Both LEGACY and NEW installer (Caiman) will be supported to
configure iSCSI disk.
The project team are working with the installer team to draft a
design.
Currently Solaris is able to be installed on iSCSI disk with
the LEGACY installer if
applying a workaround.
4.1.6 stmsboot
stmsboot will be supporting iSCSI along with this project.
4.1.7 Note
This project doesn't apply to RFC 4173 and doesn't mean to.
4.2. Bug/RFE Number(s):
6701045 iSCSI boot on X86
6714847 iSCSI boot on Sparc, driver part
6717072 stmsboot needs to support iscsi
6713364 iscsi needs to support PSARC 2008/337 scsi-self-identifying
6422549 delay nl7c_init() call until after the root is mounted
4.3. In Scope:
Solaris Kernel, Solaris iSCSI Software Initiator, stmsboot
4.4. Out of Scope:
OBP, Solaris Installer
4.5. Interfaces:
Imported:
Interfaces to load iBFT info on x86, TBD.
Exported:
Properties in OBP for Solaris OS to load/save iSCSI
boot parameters, TBD.
4.6. Doc Impact:
TBD
4.7. Admin/Config Impact:
Administrator needs to learn how to configure iBFT/BIOS on x86 platform
and/or
OBP properties on Sparc to enable iSCSI boot.
4.8. HA Impact:
Solaris cluster should be able to boot off iSCSI luns, will work with
cluster
team if they have any special requirement.
On x86, Intel's NIC support failover during booting if multiple ports
exist
and are configured to connect the same target.
4.9. I18N/L10N Impact:
N/A
4.10. Packaging& Delivery:
N/A
4.11. Security Impact:
iSCSI is based on TCP/IP which may expose security vulnerabilities.
Please refer to
4.1.3 for more details of the solution.
4.12. Dependencies:
Support to Sparc platform depends on case FWSAC 2008/466 which enables
iSCSI boot on OBP.
5. Reference Documents:
new-boot sparc
http://sac.sfbay/PSARC/2006/525
Solaris Boot Architecture
http://sac.sfbay/PSARC/2004/454
scsi-self-identifying
http://sac.eng.sun.com/PSARC/2008/337
iSCSI Software boot
http://sac.sfbay/PSARC/2007/450
Intel iSCSI Boot Support
http://www.intel.com/network/connectivity/products/iscsiboot.htm
IBFT Specification
http://www.microsoft.com/whdc/system/platform/firmware/ibft.mspx
Challenge Handshake Authentication Protocol
http://www.ietf.org/rfc/rfc1994.txt
6. Resources and Schedule:
6.1. Projected Availability:
Q2 FY 2009 for iBFT support (x86 solution)
Q3 FY 2009 for OBP support (Sparc solution) and iSCSI support in
Solaris installer
6.2. Cost of Effort:
12 engineering months
6.3. Cost of Capital Resources:
Approx. capital of $5000 for one LSI iSCSI array.
6.4. Product Approval Committee requested information:
6.4.1. Consolidation or Component Name:
ON, NWS
6.4.3. Type of CPT Review and Approval expected:
Standard
6.4.4. Project Boundary Conditions:
N/A
6.4.5. Is this a necessary project for OEM agreements:
N/A
6.4.6. Notes:
6.4.7. Target RTI Date/Release/Binding:
Solaris Nevada B104 for x86
Solaris Nevada B127 for Sparc
Solaris Update 9 for both x86 and Sparc
This feature is required to be backported to S10U9 and requires
a patch binding.
6.4.8. Target Code Design Review Date:
Aug. 15 2008
6.5. ARC review type:
Standard
6.6. ARC Exposure:
open
6.6.1. Rationale:
N/A
7. Prototype Availability:
7.1. Prototype Availability:
Prototype done by Jun 10 2008
7.2. Prototype Cost:
4 engineering months
