ISCSI targets are used to share disk on network to ISCSI Clients. This is IP based storage, work with internet protocol. In this post we will see HowTo configure ISCSI targets/Clients on Ubuntu18.
SetUp
In this Setup, we are using Ubuntu 18.04 Machine, latest as if now in July 2020.
root@srv2:~# lsb_release -d Description: Ubuntu 18.04.4 LTS root@srv2:~# uname -r 4.15.0-1091-oem root@srv2:~# targetcli --version /usr/bin/targetcli version 2.1.fb43
Now we will see how we can create iscsi targets and connect them through iscsi clients to use as Disks. For this we are going to use Qcow2 files to export it through iscsi targets from iscsi Servers.
In case you like to export block device you need to use real disk or Loop devices, in one of previous post we mentioned both making of loop devices and create iscsi targets with loop devices in CentOS7.
Installation of iscsi targets server and client
To get iscsi target server features we need install below packages.
apt-get install target-cli tgt
Creation of File Disk
As mentioned we are using qcow2 file to create iscsi export disk, to create qcow2 file through below commands.
qemu-img create -f qcow2 file-path -o size=Size-in-MB,preallocation=metadata
Above command is used to create Qcow2 file for file based iscsi targets disks.
We have create three below Qcow2 file to work with iscsi target server.
ssirohi@srv2:/data/vm_images/iscsi-disks$ ls -l Disk*
-rw-r--r-- 1 ssirohi ssirohi 10739318784 Jul 17 04:24 Disk1
-rw-r--r-- 1 ssirohi ssirohi 10739318784 Jul 17 04:24 Disk2
-rw-r--r-- 1 ssirohi ssirohi 10739318784 Jul 17 04:25 Disk3
ssirohi@srv2:/data/vm_images/iscsi-disks$ qemu-img info Disk1
image: Disk1
file format: qcow2
virtual size: 10G (10737418240 bytes)
disk size: 1.8M
cluster_size: 65536
Format specific information:
compat: 1.1
lazy refcounts: false
refcount bits: 16
corrupt: false
Creation of Fileio Device
For creating iscsi targets, first we need to create backstore devices, in this case we created fileio devices which could map to one iscsi target’s luns which further could mount on various remote machine through TCP/IP methods. For security purpose we can manage ACL on same, so only few allowed machine could able to connect.
target-cli command is used to do various activities for iscsi target server.
root@srv2:~# targetcli targetcli shell version 2.1.fb43 Copyright 2011-2013 by Datera, Inc and others. For help on commands, type 'help'. /> ls o- / ........................................... [...] o- backstores ................................ [...] | o- block .................... [Storage Objects: 0] | o- fileio ................... [Storage Objects: 0] | o- pscsi .................... [Storage Objects: 0] | o- ramdisk .................. [Storage Objects: 0] o- iscsi .............................. [Targets: 0] o- loopback ........................... [Targets: 0] o- vhost .............................. [Targets: 0] />
Creation of Disk would only applied on fileio if we are using Files to create Disks.
/> cd backstores/fileio /backstores/fileio> ls o- fileio ....................... [Storage Objects: 0] /backstores/fileio> create Disk1 /data/vm_images/iscsi-disks/Disk1 Created fileio Disk1 with size 10739318784 /backstores/fileio> create Disk2 /data/vm_images/iscsi-disks/Disk2 Created fileio Disk2 with size 10739318784 /backstores/fileio> create Disk3 /data/vm_images/iscsi-disks/Disk3 Created fileio Disk3 with size 10739318784 /backstores/fileio> ls o- fileio ......................................................... [Storage Objects: 3] o- Disk1 ........ [/data/vm_images/iscsi-disks/Disk1 (10.0GiB) write-back deactivated] o- Disk2 ........ [/data/vm_images/iscsi-disks/Disk2 (10.0GiB) write-back deactivated] o- Disk3 ........ [/data/vm_images/iscsi-disks/Disk3 (10.0GiB) write-back deactivated] /backstores/fileio>
We have create Disk above, which we could use further to create iscsi target for luns which further could mount to iscsi clients.
Creation of ISCSI target
Let’s create Iscsi target with above created Disks.
/backstores/fileio> cd /iscsi
/iscsi> ls
o- iscsi .................................................................. [Targets: 0]
/iscsi> create iqn.2020-07.com.geekpills.iscsi:disks
Created target iqn.2020-07.com.geekpills.iscsi:disks.
Created TPG 1.
Global pref auto_add_default_portal=true
Created default portal listening on all IPs (0.0.0.0), port 3260.
/iscsi> ls
o- iscsi ................................................................... [Targets: 1]
o- iqn.2020-07.com.geekpills.iscsi:disks .................................... [TPGs: 1]
o- tpg1 ...................................................... [no-gen-acls, no-auth]
o- acls ................................................................. [ACLs: 0]
o- luns ................................................................. [LUNs: 0]
o- portals ........................................................... [Portals: 1]
o- 0.0.0.0:3260 ............................................................ [OK]
/iscsi>
Creation of Luns
Now we have iscsi target to work further on it. Now we can create luns on it to mount on iscsi Clients.
/iscsi> cd iqn.2020-07.com.geekpills.iscsi:disks/tpg1/luns /iscsi/iqn.20...sks/tpg1/luns> ls o- luns ..................................................................... [LUNs: 0] /iscsi/iqn.20...sks/tpg1/luns> create /backstores/fileio/Disk1 Created LUN 0. /iscsi/iqn.20...sks/tpg1/luns> create /backstores/fileio/Disk2 Created LUN 1. /iscsi/iqn.20...sks/tpg1/luns> create /backstores/fileio/Disk3 Created LUN 2. /iscsi/iqn.20...sks/tpg1/luns> ls o- luns ........................................................................ [LUNs: 3] o- lun0 ............................. [fileio/Disk1 (/data/vm_images/iscsi-disks/Disk1)] o- lun1 ............................. [fileio/Disk2 (/data/vm_images/iscsi-disks/Disk2)] o- lun2 ............................. [fileio/Disk3 (/data/vm_images/iscsi-disks/Disk3)] /iscsi/iqn.20...sks/tpg1/luns>
Creation of access control list(ACL)
To control access on these iscsi and luns, we have to create access control list, these access control list should name as name iscsi target we used above.
/iscsi/iqn.20...sks/tpg1/luns> cd ../acls
/iscsi/iqn.20...sks/tpg1/acls> ls
o- acls ........................................................................ [ACLs: 0]
/iscsi/iqn.20...sks/tpg1/acls> create iqn.2020-07.com.geekpills.iscsi:disks
Created Node ACL for iqn.2020-07.com.geekpills.iscsi:disks
Created mapped LUN 2.
Created mapped LUN 1.
Created mapped LUN 0.
/iscsi/iqn.20...sks/tpg1/acls> ls
o- acls ........................................................................ [ACLs: 1]
o- iqn.2020-07.com.geekpills.iscsi:disks .............................. [Mapped LUNs: 3]
o- mapped_lun0 .............................................. [lun0 fileio/Disk1 (rw)]
o- mapped_lun1 .............................................. [lun1 fileio/Disk2 (rw)]
o- mapped_lun2 .............................................. [lun2 fileio/Disk3 (rw)]
/iscsi/iqn.20...sks/tpg1/acls>
We need to provide User/password for it.
/iscsi/iqn.20...sks/tpg1/acls> cd iqn.2020-07.com.geekpills.iscsi:disks/ /iscsi/iqn.20...s.iscsi:disks> pwd /iscsi/iqn.2020-07.com.geekpills.iscsi:disks/tpg1/acls/iqn.2020-07.com.geekpills.iscsi:disks /iscsi/iqn.20...s.iscsi:disks> set auth userid=iscsi_tgts Parameter userid is now 'iscsi_tgts'. /iscsi/iqn.20...s.iscsi:disks> set auth password=passw0rd Parameter password is now 'passw0rd'.
We have to save whole configuration which we did above like below.
/> saveconfig Last 10 configs saved in /etc/rtslib-fb-target/backup. Configuration saved to /etc/rtslib-fb-target/saveconfig.json /> ls o- / ................................................................................ [...] o- backstores ..................................................................... [...] | o- block ......................................................... [Storage Objects: 0] | o- fileio ........................................................ [Storage Objects: 3] | | o- Disk1 ......... [/data/vm_images/iscsi-disks/Disk1 (10.0GiB) write-back activated] | | o- Disk2 ......... [/data/vm_images/iscsi-disks/Disk2 (10.0GiB) write-back activated] | | o- Disk3 ......... [/data/vm_images/iscsi-disks/Disk3 (10.0GiB) write-back activated] | o- pscsi ......................................................... [Storage Objects: 0] | o- ramdisk ....................................................... [Storage Objects: 0] o- iscsi ................................................................... [Targets: 1] | o- iqn.2020-07.com.geekpills.iscsi:disks .................................... [TPGs: 1] | o- tpg1 ...................................................... [no-gen-acls, no-auth] | o- acls ................................................................. [ACLs: 1] | | o- iqn.2020-07.com.geekpills.iscsi:disks ....................... [Mapped LUNs: 3] | | o- mapped_lun0 ....................................... [lun0 fileio/Disk1 (rw)] | | o- mapped_lun1 ....................................... [lun1 fileio/Disk2 (rw)] | | o- mapped_lun2 ....................................... [lun2 fileio/Disk3 (rw)] | o- luns ................................................................. [LUNs: 3] | | o- lun0 ...................... [fileio/Disk1 (/data/vm_images/iscsi-disks/Disk1)] | | o- lun1 ...................... [fileio/Disk2 (/data/vm_images/iscsi-disks/Disk2)] | | o- lun2 ...................... [fileio/Disk3 (/data/vm_images/iscsi-disks/Disk3)] | o- portals ........................................................... [Portals: 1] | o- 0.0.0.0:3260 ............................................................ [OK] o- loopback ................................................................ [Targets: 0] o- vhost ................................................................... [Targets: 0] />
Client configuration
Now out iscsi target server is ready, we need connect on client and mount to used further.
For client side configuration we need to follow below steps
- Installation of client iscsi initiator packages
- Checking of Server-client communication for iscsi targets
- start initiator, provide access to client
- Connect iscsi targets
Install iscsi clients package
For iscsi client, we need to install open-iscsi package to client machine.
root@srv29:~# lsb_release -d Description: Ubuntu 18.04.4 LTS root@srv29:~# uname -r 4.15.0-111-generic # apt-get install open-iscsi
Above package installation worked for Ubuntu/Debian machine, But for RHEL/CentOS machine, we need to install iscsi-initiator-utils package
[root@srv19 ~]# cat /etc/redhat-release CentOS Linux release 8.2.2004 (Core) [root@srv19 ~]# uname -r 4.18.0-193.6.3.el8_2.x86_64 [root@srv19 ~]# yum whatprovides iscsiadm Last metadata expiration check: 0:03:02 ago on Sun 19 Jul 2020 06:10:52 AM BST. iscsi-initiator-utils-6.2.0.878-4.gitd791ce0.el8.i686 : iSCSI daemon and utility programs Repo : BaseOS Matched from: Filename : /usr/sbin/iscsiadm # yum install iscsi-initiator-utils
Is target visible to client
Let’s try to see if iscsi target are visible on clients. We can check it through below commands.
root@srv29:~# iscsiadm -m discovery -t st -p 192.168.0.2 192.168.0.2:3260,1 iqn.2020-07.com.geekpills.iscsi:disks
Now, we can see targets from clients machine, we could able to mount it in further process.
Provide Access to client for connection
We need to apply apply initiator name in below way, we need to mention it in specific file.
root@srv29:~# egrep -v "^#" /etc/iscsi/initiatorname.iscsi InitiatorName=iqn.2020-07.com.geekpills.iscsi:disks
As we provided ACL on iscsi targets on iscsi Server machine, SO we need to provide credentials to connect like below
root@srv29:~# egrep "authmethod|username|password" /etc/iscsi/iscsid.conf| grep -v ^# node.session.auth.authmethod = CHAP node.session.auth.username_in = iscsi_tgts node.session.auth.password_in = passw0rd
We should start iscsi client service and enable it on-boot.
root@srv29:~# systemctl start iscsid.service root@srv29:~# systemctl enable iscsid.service Synchronizing state of iscsid.service with SysV service script with /lib/systemd/systemd-sysv-install. Executing: /lib/systemd/systemd-sysv-install enable iscsid
Attach Disk to client
Before attaching Disk we should need to check Disk on client machine.
root@srv29:~# sfdisk -s /dev/loop0: 99312 /dev/loop1: 98820 /dev/vda: 20971520 /dev/mapper/ubuntu--vg-ubuntu--lv: 4194304 total: 25363956 blocks root@srv29:~# iscsiadm -m node -T iqn.2020-07.com.geekpills.iscsi:disks -p 192.168.0.2 -l Logging in to [iface: default, target: iqn.2020-07.com.geekpills.iscsi:disks, portal: 192.168.0.2,3260] (multiple) Login to [iface: default, target: iqn.2020-07.com.geekpills.iscsi:disks, portal: 192.168.0.2,3260] successful. root@srv29:~# sfdisk -s /dev/loop0: 99312 /dev/loop1: 98820 /dev/vda: 20971520 /dev/mapper/ubuntu--vg-ubuntu--lv: 4194304 /dev/sda: 10487616 /dev/sdb: 10487616 /dev/sdc: 10487616 total: 56826804 blocks
Now, we know how we can SetUP iscsi target server which could use as alternative providing storage solutions.