How to Setup iSCSI Storage Server on Ubuntu 18.04 LTS

ISCSI targets are used to share disk on network to ISCSI Clients. This is IP based storage, work with internet protocol. In this post we will see HowTo configure ISCSI targets/Clients on Ubuntu18.

SetUp

In this Setup, we are using Ubuntu 18.04 Machine, latest as if now in July 2020.

root@srv2:~# lsb_release -d
Description:    Ubuntu 18.04.4 LTS

root@srv2:~# uname -r
4.15.0-1091-oem

root@srv2:~# targetcli --version
/usr/bin/targetcli version 2.1.fb43

Now we will see how we can create iscsi targets and connect them through iscsi clients to use as Disks. For this we are going to use Qcow2 files to export it through iscsi targets from iscsi Servers.
In case you like to export block device you need to use real disk or Loop devices, in one of previous post we mentioned both making of loop devices and create iscsi targets with loop devices in CentOS7.

Installation of iscsi targets server and client

To get iscsi target server features we need install below packages.

apt-get install target-cli tgt

Creation of File Disk

As mentioned we are using qcow2 file to create iscsi export disk, to create qcow2 file through below commands.

qemu-img create -f qcow2 file-path -o size=Size-in-MB,preallocation=metadata

Above command is used to create Qcow2 file for file based iscsi targets disks.

We have create three below Qcow2 file to work with iscsi target server.

ssirohi@srv2:/data/vm_images/iscsi-disks$ ls -l Disk*
-rw-r--r-- 1 ssirohi ssirohi 10739318784 Jul 17 04:24 Disk1
-rw-r--r-- 1 ssirohi ssirohi 10739318784 Jul 17 04:24 Disk2
-rw-r--r-- 1 ssirohi ssirohi 10739318784 Jul 17 04:25 Disk3
ssirohi@srv2:/data/vm_images/iscsi-disks$ qemu-img info Disk1
image: Disk1
file format: qcow2
virtual size: 10G (10737418240 bytes)
disk size: 1.8M
cluster_size: 65536
Format specific information:
    compat: 1.1
    lazy refcounts: false
    refcount bits: 16
    corrupt: false

Creation of Fileio Device

For creating iscsi targets, first we need to create backstore devices, in this case we created fileio devices which could map to one iscsi target’s luns which further could mount on various remote machine through TCP/IP methods. For security purpose we can manage ACL on same, so only few allowed machine could able to connect.

target-cli command is used to do various activities for iscsi target server.

root@srv2:~# targetcli
targetcli shell version 2.1.fb43
Copyright 2011-2013 by Datera, Inc and others.
For help on commands, type 'help'.

/> ls
o- / ........................................... [...]
  o- backstores ................................ [...]
  | o- block .................... [Storage Objects: 0]
  | o- fileio ................... [Storage Objects: 0]
  | o- pscsi .................... [Storage Objects: 0]
  | o- ramdisk .................. [Storage Objects: 0]
  o- iscsi .............................. [Targets: 0]
  o- loopback ........................... [Targets: 0]
  o- vhost .............................. [Targets: 0]
/>

Creation of Disk would only applied on fileio if we are using Files to create Disks.

/> cd backstores/fileio
/backstores/fileio> ls
o- fileio ....................... [Storage Objects: 0]
/backstores/fileio> create Disk1 /data/vm_images/iscsi-disks/Disk1
Created fileio Disk1 with size 10739318784
/backstores/fileio> create Disk2 /data/vm_images/iscsi-disks/Disk2
Created fileio Disk2 with size 10739318784
/backstores/fileio> create Disk3 /data/vm_images/iscsi-disks/Disk3
Created fileio Disk3 with size 10739318784
/backstores/fileio> ls
o- fileio ......................................................... [Storage Objects: 3]
  o- Disk1 ........ [/data/vm_images/iscsi-disks/Disk1 (10.0GiB) write-back deactivated]
  o- Disk2 ........ [/data/vm_images/iscsi-disks/Disk2 (10.0GiB) write-back deactivated]
  o- Disk3 ........ [/data/vm_images/iscsi-disks/Disk3 (10.0GiB) write-back deactivated]
/backstores/fileio> 

We have create Disk above, which we could use further to create iscsi target for luns which further could mount to iscsi clients.

Creation of ISCSI target

Let’s create Iscsi target with above created Disks.

/backstores/fileio> cd /iscsi
/iscsi> ls
o- iscsi .................................................................. [Targets: 0]
/iscsi> create iqn.2020-07.com.geekpills.iscsi:disks
Created target iqn.2020-07.com.geekpills.iscsi:disks.
Created TPG 1.
Global pref auto_add_default_portal=true
Created default portal listening on all IPs (0.0.0.0), port 3260.
/iscsi> ls
o- iscsi ................................................................... [Targets: 1]
  o- iqn.2020-07.com.geekpills.iscsi:disks .................................... [TPGs: 1]
    o- tpg1 ...................................................... [no-gen-acls, no-auth]
      o- acls ................................................................. [ACLs: 0]
      o- luns ................................................................. [LUNs: 0]
      o- portals ........................................................... [Portals: 1]
        o- 0.0.0.0:3260 ............................................................ [OK]
/iscsi>

Creation of Luns

Now we have iscsi target to work further on it. Now we can create luns on it to mount on iscsi Clients.

/iscsi> cd iqn.2020-07.com.geekpills.iscsi:disks/tpg1/luns
/iscsi/iqn.20...sks/tpg1/luns> ls
o- luns ..................................................................... [LUNs: 0]
/iscsi/iqn.20...sks/tpg1/luns> create /backstores/fileio/Disk1
Created LUN 0.
/iscsi/iqn.20...sks/tpg1/luns> create /backstores/fileio/Disk2
Created LUN 1.
/iscsi/iqn.20...sks/tpg1/luns> create /backstores/fileio/Disk3
Created LUN 2.
/iscsi/iqn.20...sks/tpg1/luns> ls
o- luns ........................................................................ [LUNs: 3]
  o- lun0 ............................. [fileio/Disk1 (/data/vm_images/iscsi-disks/Disk1)]
  o- lun1 ............................. [fileio/Disk2 (/data/vm_images/iscsi-disks/Disk2)]
  o- lun2 ............................. [fileio/Disk3 (/data/vm_images/iscsi-disks/Disk3)]
/iscsi/iqn.20...sks/tpg1/luns>

Creation of access control list(ACL)

To control access on these iscsi and luns, we have to create access control list, these access control list should name as name iscsi target we used above.

/iscsi/iqn.20...sks/tpg1/luns> cd ../acls
/iscsi/iqn.20...sks/tpg1/acls> ls
o- acls ........................................................................ [ACLs: 0]
/iscsi/iqn.20...sks/tpg1/acls> create iqn.2020-07.com.geekpills.iscsi:disks
Created Node ACL for iqn.2020-07.com.geekpills.iscsi:disks
Created mapped LUN 2.
Created mapped LUN 1.
Created mapped LUN 0.
/iscsi/iqn.20...sks/tpg1/acls> ls
o- acls ........................................................................ [ACLs: 1]
  o- iqn.2020-07.com.geekpills.iscsi:disks .............................. [Mapped LUNs: 3]
    o- mapped_lun0 .............................................. [lun0 fileio/Disk1 (rw)]
    o- mapped_lun1 .............................................. [lun1 fileio/Disk2 (rw)]
    o- mapped_lun2 .............................................. [lun2 fileio/Disk3 (rw)]
/iscsi/iqn.20...sks/tpg1/acls>

We need to provide User/password for it.

/iscsi/iqn.20...sks/tpg1/acls> cd iqn.2020-07.com.geekpills.iscsi:disks/
/iscsi/iqn.20...s.iscsi:disks> pwd
/iscsi/iqn.2020-07.com.geekpills.iscsi:disks/tpg1/acls/iqn.2020-07.com.geekpills.iscsi:disks
/iscsi/iqn.20...s.iscsi:disks> set auth userid=iscsi_tgts
Parameter userid is now 'iscsi_tgts'.
/iscsi/iqn.20...s.iscsi:disks> set auth password=passw0rd
Parameter password is now 'passw0rd'.

We have to save whole configuration which we did above like below.

/> saveconfig 
Last 10 configs saved in /etc/rtslib-fb-target/backup.
Configuration saved to /etc/rtslib-fb-target/saveconfig.json
/> ls
o- / ................................................................................ [...]
  o- backstores ..................................................................... [...]
  | o- block ......................................................... [Storage Objects: 0]
  | o- fileio ........................................................ [Storage Objects: 3]
  | | o- Disk1 ......... [/data/vm_images/iscsi-disks/Disk1 (10.0GiB) write-back activated]
  | | o- Disk2 ......... [/data/vm_images/iscsi-disks/Disk2 (10.0GiB) write-back activated]
  | | o- Disk3 ......... [/data/vm_images/iscsi-disks/Disk3 (10.0GiB) write-back activated]
  | o- pscsi ......................................................... [Storage Objects: 0]
  | o- ramdisk ....................................................... [Storage Objects: 0]
  o- iscsi ................................................................... [Targets: 1]
  | o- iqn.2020-07.com.geekpills.iscsi:disks .................................... [TPGs: 1]
  |   o- tpg1 ...................................................... [no-gen-acls, no-auth]
  |     o- acls ................................................................. [ACLs: 1]
  |     | o- iqn.2020-07.com.geekpills.iscsi:disks ....................... [Mapped LUNs: 3]
  |     |   o- mapped_lun0 ....................................... [lun0 fileio/Disk1 (rw)]
  |     |   o- mapped_lun1 ....................................... [lun1 fileio/Disk2 (rw)]
  |     |   o- mapped_lun2 ....................................... [lun2 fileio/Disk3 (rw)]
  |     o- luns ................................................................. [LUNs: 3]
  |     | o- lun0 ...................... [fileio/Disk1 (/data/vm_images/iscsi-disks/Disk1)]
  |     | o- lun1 ...................... [fileio/Disk2 (/data/vm_images/iscsi-disks/Disk2)]
  |     | o- lun2 ...................... [fileio/Disk3 (/data/vm_images/iscsi-disks/Disk3)]
  |     o- portals ........................................................... [Portals: 1]
  |       o- 0.0.0.0:3260 ............................................................ [OK]
  o- loopback ................................................................ [Targets: 0]
  o- vhost ................................................................... [Targets: 0]
/> 

Client configuration

Now out iscsi target server is ready, we need connect on client and mount to used further.
For client side configuration we need to follow below steps

• Installation of client iscsi initiator packages
• Checking of Server-client communication for iscsi targets
• start initiator, provide access to client
• Connect iscsi targets

Install iscsi clients package

For iscsi client, we need to install open-iscsi package to client machine.

root@srv29:~# lsb_release -d
Description:    Ubuntu 18.04.4 LTS
root@srv29:~# uname -r
4.15.0-111-generic

# apt-get install open-iscsi

Above package installation worked for Ubuntu/Debian machine, But for RHEL/CentOS machine, we need to install iscsi-initiator-utils package

[root@srv19 ~]# cat /etc/redhat-release 
CentOS Linux release 8.2.2004 (Core) 
[root@srv19 ~]# uname -r
4.18.0-193.6.3.el8_2.x86_64

[root@srv19 ~]# yum whatprovides iscsiadm
Last metadata expiration check: 0:03:02 ago on Sun 19 Jul 2020 06:10:52 AM BST.
iscsi-initiator-utils-6.2.0.878-4.gitd791ce0.el8.i686 : iSCSI daemon and utility programs
Repo        : BaseOS
Matched from:
Filename    : /usr/sbin/iscsiadm

# yum install iscsi-initiator-utils

Is target visible to client

Let’s try to see if iscsi target are visible on clients. We can check it through below commands.

root@srv29:~# iscsiadm -m discovery -t st -p 192.168.0.2
192.168.0.2:3260,1 iqn.2020-07.com.geekpills.iscsi:disks

Now, we can see targets from clients machine, we could able to mount it in further process.

Provide Access to client for connection

We need to apply apply initiator name in below way, we need to mention it in specific file.

root@srv29:~# egrep -v "^#" /etc/iscsi/initiatorname.iscsi
InitiatorName=iqn.2020-07.com.geekpills.iscsi:disks

As we provided ACL on iscsi targets on iscsi Server machine, SO we need to provide credentials to connect like below

root@srv29:~#  egrep "authmethod|username|password"  /etc/iscsi/iscsid.conf| grep -v ^#
node.session.auth.authmethod = CHAP
node.session.auth.username_in = iscsi_tgts
node.session.auth.password_in = passw0rd

We should start iscsi client service and enable it on-boot.

root@srv29:~# systemctl  start iscsid.service
root@srv29:~# systemctl  enable iscsid.service
Synchronizing state of iscsid.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable iscsid

Attach Disk to client

Before attaching Disk we should need to check Disk on client machine.

root@srv29:~# sfdisk -s
/dev/loop0:     99312
/dev/loop1:     98820
/dev/vda:  20971520
/dev/mapper/ubuntu--vg-ubuntu--lv:   4194304
total: 25363956 blocks

root@srv29:~# iscsiadm -m node -T iqn.2020-07.com.geekpills.iscsi:disks -p 192.168.0.2 -l
Logging in to [iface: default, target: iqn.2020-07.com.geekpills.iscsi:disks, portal: 192.168.0.2,3260] (multiple)
Login to [iface: default, target: iqn.2020-07.com.geekpills.iscsi:disks, portal: 192.168.0.2,3260] successful.

root@srv29:~# sfdisk -s
/dev/loop0:     99312
/dev/loop1:     98820
/dev/vda:  20971520
/dev/mapper/ubuntu--vg-ubuntu--lv:   4194304
/dev/sda:  10487616
/dev/sdb:  10487616
/dev/sdc:  10487616
total: 56826804 blocks

Now, we know how we can SetUP iscsi target server which could use as alternative providing storage solutions.