Using iscsi you can share block level storage to the client machine. This iscsi uses the existing ip to share and access the storage over the network.We can setup linux iSCSI target initiator , so that storage can be shared from one Linux server to the client linux machine. So Let’s setup linux iSCSI target initiator on RHEL7.
Steps to setup linux iSCSI target initiator on RHEL7
We have two systems to setup linux iSCSI target initiator with RHEL7 installed.
a.Server (iscsi target ) Hostname: rhel1 IP: 172.31.8.245
From this server we will be creating one disk (lun) and presenting to our client (rhel2).
b. Client (iscsi initiator ) Hostname: rhel2 IP:172.31.9.104
This is the machine which will access the storage lun from the server(rhel1).
Step1: Install targetcli on server rhel1.
On the iscsi target server rhel1 install the package called targetcli.
[root@rhel1 ~]# yum install targetcli
Step2: Check the disk to configured on rhel1.
Check the disk on the rhel1 server which we will be configuring as a lun . In this case we have attached 2 Gb disk (/dev/xvdf) on the server.
[root@rhel1 ~]# fdisk -l WARNING: fdisk GPT support is currently new, and therefore in an experimental phase. Use at your own discretion. Disk /dev/xvda: 10.7 GB, 10737418240 bytes, 20971520 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk label type: gpt # Start End Size Type Name 1 2048 4095 1M BIOS boot parti 2 4096 20971486 10G Microsoft basic Disk /dev/xvdf: 2147 MB, 2147483648 bytes, 4194304 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes [root@rhel1 ~]#
Step3: Setup iscsi target on rhel1.
Now let’s setup iscsi target for the disk /dev/xvdf.
a. Access the targetcli.
Give the command targetcli on the server rhel1.
[root@rhel1 ~]# targetcli Warning: Could not load preferences file /root/.targetcli/prefs.bin. targetcli shell version 2.1.fb41 Copyright 2011-2013 by Datera, Inc and others. For help on commands, type 'help'. />
To check details of configuration just type ls command at prompt , since we don’t configured as of now it will give blank output as below:
[root@rhel1 ~]# targetcli Warning: Could not load preferences file /root/.targetcli/prefs.bin. targetcli shell version 2.1.fb41 Copyright 2011-2013 by Datera, Inc and others. For help on commands, type 'help'. /> ls o- / ......................................................................................................................... [...] o- backstores .............................................................................................................. [...] | o- block .................................................................................................. [Storage Objects: 0] | o- fileio ................................................................................................. [Storage Objects: 0] | o- pscsi .................................................................................................. [Storage Objects: 0] | o- ramdisk ................................................................................................ [Storage Objects: 0] o- iscsi ............................................................................................................ [Targets: 0] o- loopback ......................................................................................................... [Targets: 0] />
b. Create block level lun.
Now we need to create a lun (mytestlun) by using the disk /dev/xvdf under iscsi using block create command and reconfirm the same using ls command.
/> /backstores/block create mytestlun /dev/xvdf Created block storage object mytestlun using /dev/xvdf. /> ls o- / ......................................................................................................................... [...] o- backstores .............................................................................................................. [...] | o- block .................................................................................................. [Storage Objects: 1] | | o- mytestlun ..................................................................... [/dev/xvdf (2.0GiB) write-thru deactivated] | o- fileio ................................................................................................. [Storage Objects: 0] | o- pscsi .................................................................................................. [Storage Objects: 0] | o- ramdisk ................................................................................................ [Storage Objects: 0] o- iscsi ............................................................................................................ [Targets: 0] o- loopback ......................................................................................................... [Targets: 0] />
The ls command confirms that /dev/xvdf is now configured as block device as a lun name mytestlun.
c.Create iscsi target on rhel1
Now create iscsi target on the server rhel1 using iscsi/ create command :
/> iscsi/ create Created target iqn.2003-01.org.linux-iscsi.rhel1.x8664:sn.2b9c39390493. Created TPG 1. Global pref auto_add_default_portal=true Created default portal listening on all IPs (0.0.0.0), port 3260. />
Above command created a target with iqn number which is nothing but unique identifier so that iscsi target and initiator can communicate with each other. To check the iqn number again use ls command:
/> ls o- / ......................................................................................................................... [...] o- backstores .............................................................................................................. [...] | o- block .................................................................................................. [Storage Objects: 1] | | o- mytestlun ..................................................................... [/dev/xvdf (2.0GiB) write-thru deactivated] | o- fileio ................................................................................................. [Storage Objects: 0] | o- pscsi .................................................................................................. [Storage Objects: 0] | o- ramdisk ................................................................................................ [Storage Objects: 0] o- iscsi ............................................................................................................ [Targets: 1] | o- iqn.2003-01.org.linux-iscsi.rhel1.x8664:sn.2b9c39390493 ........................................................... [TPGs: 1] | o- tpg1 ............................................................................................... [no-gen-acls, no-auth] | o- acls .......................................................................................................... [ACLs: 0] | o- luns .......................................................................................................... [LUNs: 0] | o- portals .................................................................................................... [Portals: 1] | o- 0.0.0.0:3260 ..................................................................................................... [OK] o- loopback ......................................................................................................... [Targets: 0] />
d. Bring the lun under iscsi luns configuration.
Now we need to bring the lun created in backstores under iscsi luns configuration with command below:
/> iscsi/iqn.2003-01.org.linux-iscsi.rhel1.x8664:sn.2b9c39390493/tpg1/luns create /backstores/block/mytestlun Created LUN 0. />
Note: Here we are following the hierarchy given in the ls output meaning that we are using iscsi followd by iqn number followed by port group tpg1 and then luns. You can confirm using ls command:
/> ls o- / ......................................................................................................................... [...] o- backstores .............................................................................................................. [...] | o- block .................................................................................................. [Storage Objects: 1] | | o- mytestlun ....................................................................... [/dev/xvdf (2.0GiB) write-thru activated] | o- fileio ................................................................................................. [Storage Objects: 0] | o- pscsi .................................................................................................. [Storage Objects: 0] | o- ramdisk ................................................................................................ [Storage Objects: 0] o- iscsi ............................................................................................................ [Targets: 1] | o- iqn.2003-01.org.linux-iscsi.rhel1.x8664:sn.2b9c39390493 ........................................................... [TPGs: 1] | o- tpg1 ............................................................................................... [no-gen-acls, no-auth] | o- acls .......................................................................................................... [ACLs: 0] | o- luns .......................................................................................................... [LUNs: 1] | | o- lun0 .................................................................................... [block/mytestlun (/dev/xvdf)] | o- portals .................................................................................................... [Portals: 1] | o- 0.0.0.0:3260 ..................................................................................................... [OK] o- loopback ......................................................................................................... [Targets: 0] />
Now if you see lun0 is created and configured under luns hierarchy which is created using “block/mytestlun” .
After this we need to configure ACL for the lun0 so that it can be access only by valid iscsi initiator in our case rhel2.
e. Note down the iqn number of the client rhel2.
So before proceeding we need to follow below steps on iscsi initiator rhel2 client.
- Install package “iscsi-initiator-utils” on the client rhel2.
[root@rhel2 ~]# yum install iscsi-initiator-utils
- Note down the iqn number from client so that ACL can be configured on server.
[root@rhel2 ~]# cat /etc/iscsi/initiatorname.iscsi InitiatorName=iqn.1994-05.com.redhat:15acf6ffb6 [root@rhel2 ~]#
In the above step iqn number is “iqn.1994-05.com.redhat:15acf6ffb6” please make note the same so that it can be used for giving ACL to lun0.
f. Configure the ACL for created lun0
Now we are configuring the ACL so that lun0 can be mapped with iqn number “iqn.1994-05.com.redhat:15acf6ffb6” of the client (rhel2). Give below acl create command on rhel1 :
/> /iscsi/iqn.2003-01.org.linux-iscsi.rhel1.x8664:sn.2b9c39390493/tpg1/acls create iqn.1994-05.com.redhat:15acf6ffb6 Created Node ACL for iqn.1994-05.com.redhat:15acf6ffb6 Created mapped LUN 0. /> /> ls o- / ......................................................................................................................... [...] o- backstores .............................................................................................................. [...] | o- block .................................................................................................. [Storage Objects: 1] | | o- mytestlun ....................................................................... [/dev/xvdf (2.0GiB) write-thru activated] | o- fileio ................................................................................................. [Storage Objects: 0] | o- pscsi .................................................................................................. [Storage Objects: 0] | o- ramdisk ................................................................................................ [Storage Objects: 0] o- iscsi ............................................................................................................ [Targets: 1] | o- iqn.2003-01.org.linux-iscsi.rhel1.x8664:sn.2b9c39390493 ........................................................... [TPGs: 1] | o- tpg1 ............................................................................................... [no-gen-acls, no-auth] | o- acls .......................................................................................................... [ACLs: 1] | | o- iqn.1994-05.com.redhat:15acf6ffb6 .................................................................... [Mapped LUNs: 1] | | o- mapped_lun0 ............................................................................. [lun0 block/mytestlun (rw)] | o- luns .......................................................................................................... [LUNs: 1] | | o- lun0 .................................................................................... [block/mytestlun (/dev/xvdf)] | o- portals .................................................................................................... [Portals: 1] | o- 0.0.0.0:3260 ..................................................................................................... [OK] o- loopback ......................................................................................................... [Targets: 0] />
ls command confirms that lun0 has been given access to iqn number of the client rhel2 “iqn.1994-05.com.redhat:15acf6ffb6”. So that this lun0 can be access by rhel2 for further operations. Here our server side configuration is done. Just type exit command at the prompt to save the configuration.
/> exit Global pref auto_save_on_exit=true Last 10 configs saved in /etc/target/backup. Configuration saved to /etc/target/saveconfig.json [root@rhel1 ~]#
All the configuration is stored in the file “/etc/target/saveconfig.json”
Follow below steps on client rhel2 iscsi initiator.
NOTE: Please ping the rhel1 server from client rhel2. before proceeding.
Leave a Reply