Sunday, 25 August 2019

How to Install and Configure iSCSI Target on CentOS 7



iSCSI (Internet Small Computer Systems Interface) is an Internet Protocol based storage networking for connecting remote storage devices over the network. It provides block-level access to storage devices. iSCSI is used to facilitate block-level data data transfer between iSCSI initiator on a client machine and target on a storage server over local area networks (LANs), wide area networks (WANs).
iSCSI target configuration:

In this tutorial, 5 GB additional disk added to the server and mapped to /dev/sdb that will be used to create iSCSI target.

[root@iscsi-target ~]# fdisk -l
……………………………
Disk /dev/sdb: 5368 MB, 5368709120 bytes, 10485760 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
[root@iscsi-target ~]#

Step 1. Installing Packages: Run the following command to install iscsi target binary and targetcli commands:

[root@iscsi-target ~]# yum install targetcli
Loaded plugins: fastestmirror
………………..
Installed:
  targetcli.noarch 0:2.1.fb46-7.el7

Dependency Installed:
  libnl.x86_64 0:1.1.4-3.el7          pyparsing.noarch 0:1.5.6-9.el7              python-configshell.noarch 1:1.1.fb23-5.el7      python-ethtool.x86_64 0:0.8-7.el7
  python-kmod.x86_64 0:0.9-4.el7      python-rtslib.noarch 0:2.1.fb63-13.el7      python-six.noarch 0:1.9.0-2.el7                 python-urwid.x86_64 0:1.1.1-3.el7

Complete!
[root@iscsi-target ~]#

Once the targetcli package installed, start the iscsi target service and enable it on system startup:

[root@iscsi-target ~]# systemctl enable target
Created symlink from /etc/systemd/system/multi-user.target.wants/target.service to /usr/lib/systemd/system/target.service.
[root@iscsi-target ~]# systemctl restart target
[root@iscsi-target ~]#

Once service is started, enter below command to get iSCSI CLI interactive prompt:

[root@iscsi-target ~]# targetcli
Warning: Could not load preferences file /root/.targetcli/prefs.bin.
targetcli shell version 2.1.fb46
Copyright 2011-2013 by Datera, Inc and others.
For help on commands, type 'help'.

/>

Using ls command check the existing iscsi configuration:

/> ls
o- / ......................................................................................................................... [...]
  o- backstores .............................................................................................................. [...]
  | o- block .................................................................................................. [Storage Objects: 0]
  | o- fileio ................................................................................................. [Storage Objects: 0]
  | o- pscsi .................................................................................................. [Storage Objects: 0]
  | o- ramdisk ................................................................................................ [Storage Objects: 0]
  o- iscsi ............................................................................................................ [Targets: 0]
  o- loopback ......................................................................................................... [Targets: 0]
/>

Step 2. Configure iSCSI target: Now create storage backend using disk /dev/sdb as a block-type backing store for storage object:

/> cd backstores/block
/backstores/block> create name=iscsi-disk1 dev=/dev/sdb
Created block storage object iscsi-disk1 using /dev/sdb.
/backstores/block>

Step 3. Create iscsi target: Run the following commands to create a iscsi target, here we are creating a default IQN:

/backstores> cd /iscsi
/iscsi> create iqn.2019-08.local.Linuxcnf.iscsi-target:iscsi-disk1
Created target iqn.2019-08.local.linuxcnf.iscsi-target:iscsi-disk1.
Created TPG 1.
Global pref auto_add_default_portal=true
Created default portal listening on all IPs (0.0.0.0), port 3260.
/iscsi>

Step 4: Creating iSCSI LUNs: add the LUNS or logical units to make the storage effective. The LUN should use the previously mentioned backing storage object named scsi-disk1.

/iscsi> cd /iscsi/iqn.2019-08.local.linuxcnf.iscsi-target:iscsi-disk1/tpg1/luns
/iscsi/iqn.20...sk1/tpg1/luns> create /backstores/block/iscsi-disk1
Created LUN 0.
/iscsi/iqn.20...sk1/tpg1/luns>

Step 5: Creating ACL: ACL restrict access to LUNs from unauthorized remote systems and exit from the iscsi interactive session:

/iscsi/iqn.20...sk1/tpg1/luns> cd /iscsi/iqn.2019-08.local.linuxcnf.iscsi-target:iscsi-disk1/tpg1/acls
/iscsi/iqn.20...sk1/tpg1/acls> create iqn.2019-08.local.linuxcnf.iscsi-target:iscsi-disk1:iscsi-initiator
Created Node ACL for iqn.2019-08.local.linuxcnf.iscsi-target:iscsi-disk1:iscsi-initiator
Created mapped LUN 0.
/iscsi/iqn.20...sk1/tpg1/acls>

Run the following command to get the list of created configuration:

/iscsi/iqn.20...sk1/tpg1/acls> cd /
/> ls
o- / ......................................................................................................................... [...]
  o- backstores .............................................................................................................. [...]
  | o- block .................................................................................................. [Storage Objects: 1]
  | | o- iscsi-disk1 ...................................................................... [/dev/sdb (5.0GiB) write-thru activated]
  | |   o- alua ................................................................................................... [ALUA Groups: 1]
  | |     o- default_tg_pt_gp ....................................................................... [ALUA state: Active/optimized]
  | o- fileio ................................................................................................. [Storage Objects: 0]
  | o- pscsi .................................................................................................. [Storage Objects: 0]
  | o- ramdisk ................................................................................................ [Storage Objects: 0]
  o- iscsi ............................................................................................................ [Targets: 1]
  | o- iqn.2019-08.local.linuxcnf.iscsi-target:iscsi-disk1 ............................................................ [TPGs: 1]
  |   o- tpg1 ............................................................................................... [no-gen-acls, no-auth]
  |     o- acls .......................................................................................................... [ACLs: 1]
  |     | o- iqn.2019-08.local.linuxcnf.iscsi-target:iscsi-disk1:iscsi-initiator ............................... [Mapped LUNs: 1]
  |     |   o- mapped_lun0 ........................................................................... [lun0 block/iscsi-disk1 (rw)]
  |     o- luns .......................................................................................................... [LUNs: 1]
  |     | o- lun0 ................................................................ [block/iscsi-disk1 (/dev/sdb) (default_tg_pt_gp)]
  |     o- portals .................................................................................................... [Portals: 1]
  |       o- 0.0.0.0:3260 ..................................................................................................... [OK]
  o- loopback ......................................................................................................... [Targets: 0]
/>

Run the exit command to exit with saving configuration from the targetcli interactive session:

/iscsi/iqn.20...sk1/tpg1/acls> exit
Global pref auto_save_on_exit=true
Last 10 configs saved in /etc/target/backup/.
Configuration saved to /etc/target/saveconfig.json
[root@iscsi-target ~]#

Step 6. Firewall configuration: Run the following commands configure firewall to allow port 3260 accessible from remote systems:

[root@iscsi-target ~]# firewall-cmd --permanent --add-port=3260/tcp
success
[root@iscsi-target ~]# firewall-cmd --reload
success
[root@iscsi-target ~]#

If iptables are running intead of firewalld, run the following commands:

[root@iscsi-target ~]# iptables -I INPUT -p tcp -m tcp --dport 3260 -j ACCEPT
[root@iscsi-target ~]# service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[  OK  ]
[root@iscsi-target ~]#

Done!!! iSCSI Target is configured successfully.

 iSCSI Initiator Node Configuration: Follow the article How to Configure iSCSI Initiator Node on CentOS 7.
By at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)