Navigation

Tags Archives: iscsi

How To Configure The ISCSI Client Initiator

By on March 1, 2021 in

The ISCSI Client machine is known as the initiator and connects to the ISCSI target server.

 

This page explains how to configure the ISCSI initiator.

 

Preliminaries

 

Two services are essential for the initiator:

 

isci
iscsid

 

 

Important SUSE NOTE: Initiator and Target may not run on the same SUSE server!

 

SUSE does not support the running of iSCSI target software and iSCSI initiator software on the same server in a production environment.

 

On the client machines, install the iSCSI initiator software:

 

centos:
yum install iscsi-initiator-utils

 

or

 

dnf -y install iscsi-initiator-utils

 

suse1:~ # zypper in yast2-iscsi-client
Loading repository data…
Reading installed packages…
‘yast2-iscsi-client’ is already installed.

 

ubuntu:

 

# yum install iscsi-initiator-utils
The package installs several files including the following:

 

/etc/iscsi/iscsid.conf: The configuration file read by iscsid and iscsiadm. This file is heavily commented with descriptions for each configuration directive.
/sbin/iscsid: The Open-iSCSI daemon that implements the control path and management facilities
/sbin/iscsiadm: The Open-iSCSI administration utility used to discover and log in to iSCSI targets

 

[root@mars ~]# yum install iscsi-initiator-utils
Last metadata expiration check: 1:06:41 ago on Mon 01 Feb 2021 19:55:33 CET.
Package iscsi-initiator-utils-6.2.0.878-5.gitd791ce0.el8.x86_64 is already installed.
Dependencies resolved.
Nothing to do.
Complete!
[root@mars ~]#

 

 

Configuring the Initiator

 
Next enable and start the iscsid service:

 

systemctl enable iscsid ; systemctl start iscsid ; systemctl status iscsid

 

then map the client initiator to the target server iscsi lun using the iscsi utility iscsiadm.

 

We “discover the iscsi lan” first:

 

note: -m = mode, -t = target

 

[root@centos1 ~]# iscsiadm -m discovery -t sendtargets -p 10.0.8.10
10.0.8.10:3260,1 iqn.2003-01.org.linux-iscsi.centosstorage.x8664:sn.3ad620590c10
[root@centos1 ~]#

 

If you cannot connect, try

 

iscsiadm -m discovery -t st -d8 -p ipaddress

 

this sets debug mode

 

After discovery, the nodes table and the send_targets tables in the database are updated:

 

[root@mars ~]# ls /var/lib/iscsi/nodes
iqn.2003-01.org.linux-iscsi.clusterserver.x8664:sn.43a4217f336e
[root@mars ~]#

 

[root@mars ~]# ls /var/lib/iscsi/send_targets
10.0.2.10,3260
[root@mars ~]#

 

on the client node (ie initiator machine)

 

[root@centos1 ~]# ls /var/lib/iscsi/nodes
iqn.2003-01.org.linux-iscsi.centosstorage.x8664:sn.3ad620590c10
[root@centos1 ~]#

 

This tells you if the node has the riqht iqn for the target. In this case I had changed the target iqn through reinstallations, but the old iqn is still on the nodes.

 

I went into /etc/iscsi/send_targets/ and deleted the respective directories for this iqn (by ip address)

 

and also under /nodes

 

OR you can delete the record thus:

 

iscsiadm -m discoverydb -o delete -t sendtargets -p 10.0.5.10

 

Then on the iscsi client, we now can map or mount the iscsi disk on the client

 

(port has to be opened on the iscsi target server for this to work).

 

Next we can mount the iscsi disk, we have to login to the iscsi target (make sure you have the CORRECT IQN for the target server that it is currently using – it can be changed!):

 

iscsiadm -m node -T iqn.2003-01.org.linux-iscsi.centosstorage.x8664:sn.3ad620590c10 -p 10.0.8.10 -l

 

note: uppercase T, not lower case, -l = login

 

if you now do fdisk -l on the client, you will see the drive presented at the client level.

 

but how to know if its a local disk or a iscsi disk?

 

root@ubuntu1:~# fdisk -l

 

note that on kvm cluster, the guest hard drive is called vda

 

Device Start End Sectors Size Type
/dev/vda1 2048 4095 2048 1M BIOS boot
/dev/vda2 4096 2101247 2097152 1G Linux filesystem
/dev/vda3 2101248 41940991 39839744 19G Linux filesystem

 

Disk /dev/mapper/ubuntu–vg-ubuntu–lv: 18.102 GiB, 20396900352 bytes, 39837696 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes

 

Disk /dev/sda: 976.58 MiB, 1024000000 bytes, 2000000 sectors
Disk model: lun0
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 1310720 bytes
root@ubuntu4:~#

 

cat /proc/scsi/scsi

 

NOTE that the path is scsi/scsi – NOT iscsi/iscsi

 

root@ubuntu4:~# cat /proc/scsi/scsi
Attached devices:
Host: scsi0 Channel: 00 Id: 00 Lun: 00
Vendor: QEMU Model: QEMU DVD-ROM Rev: 2.5+
Type: CD-ROM ANSI SCSI revision: 05
Host: scsi6 Channel: 00 Id: 00 Lun: 00
Vendor: LIO-ORG Model: lun0 Rev: 4.0
Type: Direct-Access ANSI SCSI revision: 05
root@ubuntu4:~#

 

Our iscsi disk is the one with the Host: scsi6 Channel: 00 Id: 00 Lun: 00
Vendor: LIO-ORG Model: lun0
, as this is the name of our target disk lun (it does not have to be lunN – we just named it that, it could be anything testlun, testdisk, iscsidisk1, iscsilun1 or whatever we choose).

 

and you can use

 

dmesg | grep -i “attached ”

 

root@ubuntu4:~# dmesg | grep -i “attached ”
[ 1.234130] sr 0:0:0:0: Attached scsi CD-ROM sr0
[ 1.234292] sr 0:0:0:0: Attached scsi generic sg0 type 5
[ 6289.190304] sd 6:0:0:0: Attached scsi generic sg1 type 0
[ 6289.200739] sd 6:0:0:0: [sda] Attached SCSI disk
root@ubuntu4:~#

 

If you cannot see the disk in fdisk -l

 

then try

 

service iscsi stop
service iscsid stop
service iscsid start
service iscsi start

 

At this point the disk is “attached” ie available to the client system, but it is not yet formatted for the client, nor is it mounted.

 

So the next step is to partition the disk as normal using fdisk, then check with:

 

root@ubuntu4:~# fdisk -l /dev/sda
Disk /dev/sda: 976.58 MiB, 1024000000 bytes, 2000000 sectors
Disk model: lun0
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 1310720 bytes
Disklabel type: dos
Disk identifier: 0x66588ba2

 

Device Boot Start End Sectors Size Id Type
/dev/sda1 2560 1999999 1997440 975.3M 83 Linux
root@ubuntu4:~#

 

Then create a file system on the disk:

 

root@ubuntu4:~# mkfs.ext4 /dev/sda1
mke2fs 1.45.5 (07-Jan-2020)
Creating filesystem with 249680 4k blocks and 62464 inodes
Filesystem UUID: 883be9c3-ffc9-4e24-b359-c0d308fd8da3
Superblock backups stored on blocks:
32768, 98304, 163840, 229376

 

Allocating group tables: done
Writing inode tables: done
Creating journal (4096 blocks): done
Writing superblocks and filesystem accounting information: done

 

root@ubuntu4:~#

 

Next, create a mountpoint:

 

root@ubuntu4:/# mkdir /media/ISCSIDISK

 

and then mount the disk:

 

mount -t ext4 /dev/sda1 /media/ISCSIDISK/

 

df

… … ..details omitted for brevity…
/dev/sda1 966616 2444 897852 1% /media/ISCSIDISK

 

Use the -u (or –logout) option to close a session. To view session information:

 

# iscsiadm -m session [-P [printlevel]]

The print levels are 1, 2, and 3. Each shows more detail.

 

There are three ways to disable or delete an iSCSI target.

 

First, to disable an iSCSI target:

 

# iscsiadm –m node -T iqn.2006-01.com.openfiler:tsn.d625a0d9cb77 –portal 192.168.1.141:3260 -u

 

Second, it is possible to delete the target’s record ID:/p>

 

# iscsiadm -m node -o delete -T iqn.2006-01.com.openfiler:tsn.d625a0d9cb77 –portal 192.168.1.141:3260

 

Thirdly, stop the iSCSI service.

 

How to tell if a scsi disk is mounted?

 

you can use: iscsiadm -m session -P 3 | grep ‘Target\|disk’

 

root@ubuntu1:/# iscsiadm -m session -P 3 | grep ‘Target\|disk’
Target: iqn.2003-01.org.linux-iscsi.storage.x8664:sn.e1034e062623 (non-flash)
Target Reset Timeout: 30
Attached scsi disk sdb State: running
root@ubuntu1:/#

 

You can display indepth info about the devices with:

 

iscsiadm -m session -P 3

 

[root@mars ~]# ls /dev/disk/by-path/
ip-10.0.2.10:3260-iscsi-iqn.2003-01.org.linux-iscsi.pxeserver.x8664:sn.855935678496-lun-0 pci-0000:00:01.1-ata-1-part1 pci-0000:00:01.1-ata-2
pci-0000:00:01.1-ata-1 pci-0000:00:01.1-ata-1-part2
[root@mars ~]#

 

[root@mars ~]# dmesg | grep -i “attached ”
[ 2.756694] scsi 0:0:0:0: Attached scsi generic sg0 type 0
[ 2.756785] scsi 1:0:0:0: Attached scsi generic sg1 type 5
[ 2.762075] sd 0:0:0:0: [sda] Attached SCSI disk
[ 2.795943] sr 1:0:0:0: Attached scsi CD-ROM sr0
[55977.808879] sd 2:0:0:0: Attached scsi generic sg2 type 0
[55977.837483] sd 2:0:0:0: [sdb] Attached SCSI disk
[root@mars ~]#

 

To get WWID of LUN you can use the /dev/disk/by-id/ file:

 

[root@mars ~]# ls -la /dev/disk/by-id/
total 0
drwxr-xr-x. 2 root root 480 Feb 2 12:48 .
drwxr-xr-x. 6 root root 120 Feb 1 21:01 ..
lrwxrwxrwx. 1 root root 9 Feb 1 21:01 ata-VBOX_CD-ROM_VB2-01700376 -> ../../sr0
lrwxrwxrwx. 1 root root 9 Feb 1 21:01 ata-VBOX_HARDDISK_VBf3c88a6a-cf0578ec -> ../../sda
lrwxrwxrwx. 1 root root 10 Feb 1 21:01 ata-VBOX_HARDDISK_VBf3c88a6a-cf0578ec-part1 -> ../../sda1
lrwxrwxrwx. 1 root root 10 Feb 1 21:01 ata-VBOX_HARDDISK_VBf3c88a6a-cf0578ec-part2 -> ../../sda2
lrwxrwxrwx. 1 root root 10 Feb 1 21:01 dm-name-cl-root -> ../../dm-0
lrwxrwxrwx. 1 root root 10 Feb 1 21:01 dm-name-cl-swap -> ../../dm-1
lrwxrwxrwx. 1 root root 10 Feb 1 21:01 dm-uuid-LVM-FuVL5Fn8Dp2pso0dIHewV8iE9N1knbQH9DpPYinWb5ODH4UFhKvVQAq50g5Qs17F -> ../../dm-0
lrwxrwxrwx. 1 root root 10 Feb 1 21:01 dm-uuid-LVM-FuVL5Fn8Dp2pso0dIHewV8iE9N1knbQHGcKKvFjrcod5uBLityueqeQP9KzqgESq -> ../../dm-1
lrwxrwxrwx. 1 root root 10 Feb 1 21:01 lvm-pv-uuid-DeJN3u-fLwO-z5PJ-1Lnn-FW73-w1Mv-2sCf0U -> ../../sda2
lrwxrwxrwx. 1 root root 9 Feb 1 21:01 scsi-0ATA_VBOX_HARDDISK_VBf3c88a6a-cf0578ec -> ../../sda
lrwxrwxrwx. 1 root root 10 Feb 1 21:01 scsi-0ATA_VBOX_HARDDISK_VBf3c88a6a-cf0578ec-part1 -> ../../sda1
lrwxrwxrwx. 1 root root 10 Feb 1 21:01 scsi-0ATA_VBOX_HARDDISK_VBf3c88a6a-cf0578ec-part2 -> ../../sda2
lrwxrwxrwx. 1 root root 9 Feb 1 21:01 scsi-1ATA_VBOX_HARDDISK_VBf3c88a6a-cf0578ec -> ../../sda
lrwxrwxrwx. 1 root root 10 Feb 1 21:01 scsi-1ATA_VBOX_HARDDISK_VBf3c88a6a-cf0578ec-part1 -> ../../sda1
lrwxrwxrwx. 1 root root 10 Feb 1 21:01 scsi-1ATA_VBOX_HARDDISK_VBf3c88a6a-cf0578ec-part2 -> ../../sda2
lrwxrwxrwx. 1 root root 9 Feb 2 12:48 scsi-1LIO-ORG_lun0:8cde0c81-987d-43cf-a43c-6258cfadad32 -> ../../sdb
lrwxrwxrwx. 1 root root 9 Feb 2 12:48 scsi-360014058cde0c81987d43cfa43c6258c -> ../../sdb
lrwxrwxrwx. 1 root root 9 Feb 1 21:01 scsi-SATA_VBOX_HARDDISK_VBf3c88a6a-cf0578ec -> ../../sda
lrwxrwxrwx. 1 root root 10 Feb 1 21:01 scsi-SATA_VBOX_HARDDISK_VBf3c88a6a-cf0578ec-part1 -> ../../sda1
lrwxrwxrwx. 1 root root 10 Feb 1 21:01 scsi-SATA_VBOX_HARDDISK_VBf3c88a6a-cf0578ec-part2 -> ../../sda2
lrwxrwxrwx. 1 root root 9 Feb 2 12:48 scsi-SLIO-ORG_lun0_8cde0c81-987d-43cf-a43c-6258cfadad32 -> ../../sdb
lrwxrwxrwx. 1 root root 9 Feb 2 12:48 wwn-0x60014058cde0c81987d43cfa43c6258c -> ../../sdb
[root@mars ~]#

 

 

Before using the iscsiadm command to connect to an iSCSI target, you have to make sure that the supporting
modules are loaded.

 

 

Typically, you do that by starting the iSCSI client-support script. The names of these scripts
differ among the various distributions.

 

Assuming that the name of the service script is

 

iscsi.service,

 

systemctl start iscsi.service; systemctl enable iscsi.service

 

(service iscsi start; chkconfig iscsi on on a System-V server).

 

you can check they are loaded:

 

[root@mars init.d]# lsmod | grep iscsi

iscsi_tcp 24576 2
libiscsi_tcp 28672 1 iscsi_tcp
libiscsi 61440 2 libiscsi_tcp,iscsi_tcp
scsi_transport_iscsi 122880 4 libiscsi_tcp,iscsi_tcp,libiscsi
[root@mars init.d]#

 

or with the systemctl status command

 

To discover what targets are available on a specific server:

 

iscsiadm –mode discovery –type sendtargets –portal 10.0.2.10:3260 –discover

 

[root@mars init.d]# iscsiadm –mode discovery –type sendtargets –portal 10.0.2.10:3260 –discover
10.0.2.10:3260,1 iqn.2003-01.org.linux-iscsi.pxeserver.x8664:sn.855935678496
[root@mars init.d]#

 

OR

 

[root@mars init.d]# iscsiadm –mode discoverydb -P 1
SENDTARGETS:
DiscoveryAddress: 10.0.2.10,3260
Target: iqn.2003-01.org.linux-iscsi.pxeserver.x8664:sn.855935678496
Portal: 10.0.2.10:3260,1
Iface Name: default
iSNS:
No targets found.
STATIC:
No targets found.
FIRMWARE:
No targets found.
[root@mars init.d]#

 

the -P is a “print level”, ie level of verbosity of information.

 

[root@mars iscsi]# iscsiadm –mode node -P 0
10.0.2.10:3260,1 iqn.2003-01.org.linux-iscsi.pxeserver.x8664:sn.855935678496
[root@mars iscsi]# iscsiadm –mode node -P 1
Target: iqn.2003-01.org.linux-iscsi.pxeserver.x8664:sn.855935678496
Portal: 10.0.2.10:3260,1
Iface Name: default
[root@mars iscsi]#

 

iscsiadm node mode:

 

To log in, you’ll use the node mode. Node in iSCSI terminology means the actual connection that is established between an iSCSI target
and a specific portal.

 

The portal is the IP address and the port number that have to be used to make a connection to the iSCSI target.

 

lsscsi shows the existing connections:

 

[root@mars init.d]# lsscsi
[0:0:0:0] disk ATA VBOX HARDDISK 1.0 /dev/sda
[1:0:0:0] cd/dvd VBOX CD-ROM 1.0 /dev/sr0
[2:0:0:0] disk LIO-ORG lun0 4.0 /dev/sdb
[root@mars init.d]#

 

IMPORTANT: rebooting and persistence:

 

iSCSI does not usually require manual modification of configuration files.

 

To establish a connection, you just log into the iSCSI target. This automatically creates the configuration files and these
config files are persistent. Which means after a reboot, the server will automatically remember its last iSCSI
connections.

 

Disconnecting iSCSI

 

iSCSI is set up to reestablish all sessions on reboot of the server. If your configuration changes, you might have to remove the configuration.

 

To do this you must disconnect, which also means that the connection is gone from the iSCSI target server perspective.

 

Use

 

iscsiadm –mode node –logout

 

This disconnects you from all iSCSI disks, which allows you to do maintenance on the iSCSI storage area network.

 

If, after a reboot, you also want the iSCSI sessions not to be reestablished automatically, the easiest approach is to remove the entire contents of the $ISCSI_ROOT/node directory.

 

On a reboot after this, the iSCSI service won’t find any configuration; so you have to restablish the connections manually again.

 

NOTE: to restore the config, use:

/> restoreconfig /etc/target/saveconfig.json
Configuration restored from /etc/target/saveconfig.json
/>

 

Troubleshooting

 

IQN – these can change, it is possible for more than one IQN on the target to exist!

 

you may need to delete superfluous ones, eg if the hostname of the server changes then a new IQN will need to be generated on the target.

 

also, if drives are not available for whatever reason for the backstore, then iSCSI clients will not be able to connect to them.

 

client problems: try logging out of all connections, rediscover, and then re-login.

 

check the sections in targetcli are all correct.

 

make sure the configuration is saved (saveconfig)

 

make sure any loop devices on the server are available via the losetup command

 

Essential, else iscsid and other commands will not work!

 

Use the systemctl command to enable and start the iscsid service.

CLIENT:

 

systemctl enable iscsid
systemctl start iscsid

 

SERVER:
systemctl status target.service

Continue Reading

How To Configure ISCSI Target Server

By on March 1, 2021 in

 (Intro from Wikipedia)

 

 iSCSI an acronym for Internet Small Computer Systems Interface , an Internet Protocol (IP)-based storage networking standard for linking data storage facilities. It provides block-level access to storage devices by carrying SCSI commands over a TCP/IP network.

 

iSCSI is used to facilitate data transfers over intranets and to manage storage over long distances. It can be used to transmit data over local area networks (LANs), wide area networks (WANs), or the Internet and can enable location-independent data storage and retrieval.

 

The protocol allows clients (called initiators) to send SCSI commands (CDBs) to storage devices (targets) on remote servers. It is a storage area network (SAN) protocol, allowing organizations to consolidate storage into storage arrays while providing clients (such as database and web servers) with the illusion of locally attached SCSI disks.

 

iSCSI mainly competes with Fibre Channel, but unlike traditional Fibre Channel, which usually requires dedicated cabling, iSCSI can be run over long distances using existing network infrastructure.

 

 

POINTS TO WATCH WHEN CONFIGURING ISCSI

 

[root@centosstorage iscsi]# cat initiatorname.iscsi
InitiatorName=iqn.1994-05.com.redhat:7db3edc45
[root@centosstorage iscsi]#

 

Make sure you set

 

systemctl enable –now target

 

otherwise the iscsi configuration gets lost on reboots!

 

systemctl status target.service

 

 

To disconnect initiator client from target server

 

on the client do:

 

iscsiadm –mode node –logout

 

 

on ubuntu: to disable firewall:

 

root@storageserver:/# systemctl disable ufw
Synchronizing state of ufw.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install disable ufw
Removed /etc/systemd/system/multi-user.target.wants/ufw.service.
root@storageserver:/#
root@storageserver:/#

 

 

Installing Target ISCSI server on Ubuntu:

 

Preliminaries

 

note:
The Linux SCSI target framework, also known as TGT, can be used to create an iSCSI target server. TGT simplifies the creations and maintenance of iSCSI targets. TGT is supported by various Linux flavors (SUSE Linux, Fedora, RHEL, Debian, and Ubuntu). Execute the following command to install the TGT package.

 

root@LinuxSQL01:/# sudo apt-get install TGT

 

(I have NOT used TGT here – iscsi was already available in the ubuntu server installation)

 

Be sure to start and enable both iscsid and iscsi. Note that you will likely need to restart these if you edit the IQN of the initiator later.

 

 

systemctl enable iscsid iscsi
systemctl start iscsid iscsi

 

create the storage file:

 

root@storageserver:~# dd if=/dev/zero of=/storage/VHD1.img bs=10k count=100000
100000+0 records in
100000+0 records out
1024000000 bytes (1.0 GB, 977 MiB) copied, 1.44653 s, 708 MB/s
root@storageserver:~#

 

this creates a 1GB virtual disk

 

next use losetup to make the device available – this is NOT a file system mount — it must NOT be mounted for the iscsi to be able to access it.

 

 

check to see exactly which loop device is available, loop1 might already be taken on the machine!

 

use df to find out

 

on my VM loop5 is the next one free:

 

root@storageserver:~# losetup /dev/loop5 /storage/VHD1.img

 

NOTE if you reboot the storage server, then you first have to run losetup for your storage device before you can use iscsi!

 

 

the iscsi port must be open, otherwise clients cannot connect to the target!

 

on the server:

 

firewall-cmd –permanent –add-port=3260/tcp

 

then do a

 

firewall-cmd –reload

 

then call up

 

[root@clusterserver ~]# targetcli

 

root@storageserver:~# apt install targetcli-fb

 

ISCSI TARGET CONFIG using targetcli

 

The ISCSI server which manages connections to the storage is known as the target.

 

NOTE the iSCSI target drive must be UNMOUNTED before configuring for iSCSI

 

Configuration of the target is carried out using a commandline interface tool called targetcli. This can be used as pure command line commands, or alternatively in interactive mode. The description below refers to the interactive mode.

 

[root@centosstorage iscsi]# targetcli
Warning: Could not load preferences file /root/.targetcli/prefs.bin.
targetcli shell version 2.1.53
Copyright 2011-2013 by Datera, Inc and others.
For help on commands, type ‘help’.

/>

 

First, create the backstore/s. These are the data storage devices. They can be physical or virtual drives.

 

The types of backstores are described as follows:

 

block: Linux block devices such as /dev/sda
fileio: Any file on a mounted file system such as /tmp/disk1.img
pscsi: Any storage object that supports pass-through SCSI commands
ramdisk: Memory copy RAM disks

 

/> /backstores/block create lun0 /dev/loop1
Created block storage object lun0 using /dev/loop1.
/>

 

NOTE: if you dont have a physical storage device available, for testing purposes, you can simply create an iSCSI target for a
disk file by using the backstores fileio command, for example as follows:

 

/backstores/fileio create lun0 /media/storage/VHD1.img 100M

 

This creates a 100MB virtual drive file.

 

Then create the iscsi IQN target for the server. The IQN is a globally-unique identifying number for the server.

 

/> /iscsi create
Created target iqn.2003-01.org.linux-iscsi.centosstorage.x8664:sn.3ad620590c10.
Created TPG 1.
Global pref auto_add_default_portal=true
Created default portal listening on all IPs (0.0.0.0), port 3260.
/>

 

Then add the lun to the iscsi system using the IQN we have just created for the server:

 

/iscsi/iqn.20…c10/tpg1/luns> create /backstores/block/lun0
Created LUN 0.
/iscsi/iqn.20…c10/tpg1/luns>

/iscsi/iqn.20…c10/tpg1/luns> ls
o- luns …………………………………………………………………………………………………… [LUNs: 1]
o- lun0 ………………………………………………………………….. [block/lun0 (/dev/loop1) (default_tg_pt_gp)]
/iscsi/iqn.20…c10/tpg1/luns>

 

 

ADD THE ACL PERMISSION:

 

Note we use tpgi and the iqn of the server and the client: tpg1 means target permission group 1

 

you need the client initiator iqn names for this. Call them up on the client machines from shell command line:

 

cat /etc/iscsi/initiatorname.iscsi

 

[root@centos1 ~]# cat /etc/iscsi/initiatorname.iscsi

InitiatorName=iqn.1994-05.com.redhat:d1136c5524b9

 

NOTE – if you clone machines, a NEW hostname, ip, mac: means a new iscsi iqn!

 

if the iqn is identical with the other nodes (due to Oracle VM machine cloning), then you need to do following to generate a new unique iqn for the node:

 

mv /etc/iscsi/initiatorname.iscsi /var/tmp/initiatorname.iscsi.backup
echo “InitiatorName=`/sbin/iscsi-iname`” > /etc/iscsi/initiatorname.iscsi
cat /etc/iscsi/initiatorname.iscsi

 

root@ubuntu2:~# mv /etc/iscsi/initiatorname.iscsi /var/tmp/initiatorname.iscsi.backup
root@ubuntu2:~# echo “InitiatorName=`/sbin/iscsi-iname`” > /etc/iscsi/initiatorname.iscsi
root@ubuntu2:~# cat /etc/iscsi/initiatorname.iscsi
InitiatorName=iqn.2005-03.org.open-iscsi:48e32ccf636f
root@ubuntu2:~#

 

/>

 

then in targetcli on the target iscsi server ie centossstorage, you need to do this for each client who wishes to connect to the target.

 

 

/> /iscsi/iqn.2003-01.org.linux-iscsi.centosstorage.x8664:sn.3ad620590c10/tpg1/acls create iqn.1994-05.com.redhat:d1136c5524b9
Created Node ACL for iqn.1994-05.com.redhat:d1136c5524b9
Created mapped LUN 0.

/>

/> ls
o- / …………………………………………………………………………………………………………. […]
o- backstores ……………………………………………………………………………………………….. […]
| o- block …………………………………………………………………………………….. [Storage Objects: 1]
| | o- lun0 ………………………………………………………………… [/dev/loop1 (4.7GiB) write-thru activated]
| | o- alua ……………………………………………………………………………………… [ALUA Groups: 1]
| | o- default_tg_pt_gp …………………………………………………………….. [ALUA state: Active/optimized]
| o- fileio ……………………………………………………………………………………. [Storage Objects: 0]
| o- pscsi …………………………………………………………………………………….. [Storage Objects: 0]
| o- ramdisk …………………………………………………………………………………… [Storage Objects: 0]
o- iscsi ……………………………………………………………………………………………… [Targets: 1]
| o- iqn.2003-01.org.linux-iscsi.centosstorage.x8664:sn.3ad620590c10 …………………………………………… [TPGs: 1]
| o- tpg1 ………………………………………………………………………………….. [no-gen-acls, no-auth]
| o- acls ……………………………………………………………………………………………. [ACLs: 3]
| | o- iqn.1994-05.com.redhat:ce78a43c3f55 ………………………………………………………… [Mapped LUNs: 1]
| | | o- mapped_lun0 ………………………………………………………………………. [lun0 block/lun0 (rw)]
| | o- iqn.1994-05.com.redhat:d1136c5524b9 ………………………………………………………… [Mapped LUNs: 1]
| | | o- mapped_lun0 ………………………………………………………………………. [lun0 block/lun0 (rw)]
| | o- iqn.1994-05.com.redhat:e6a379479d2 …………………………………………………………. [Mapped LUNs: 1]
| | o- mapped_lun0 ………………………………………………………………………. [lun0 block/lun0 (rw)]
| o- luns ……………………………………………………………………………………………. [LUNs: 1]
| | o- lun0 …………………………………………………………… [block/lun0 (/dev/loop1) (default_tg_pt_gp)]
| o- portals ………………………………………………………………………………………. [Portals: 1]
| o- 0.0.0.0:3260 ……………………………………………………………………………………….. [OK]
o- loopback …………………………………………………………………………………………… [Targets: 0]
/>

 

 

next do a saveconfig:

 

/> saveconfig

Configuration saved to /etc/target/saveconfig.json

/>
/> exit
Global pref auto_save_on_exit=true
Last 10 configs saved in /etc/target/backup/.
Configuration saved to /etc/target/saveconfig.json
[root@centosstorage iscsi]#

 

NOTE: to restore the config, use:

 

/> restoreconfig VHD1.img

 

 

IMPORTANT

 

make sure you set

 

systemctl enable –now target

 

otherwise the iscsi configuration gets lost on reboots!

 

 

Continue Reading