Linux ISCSI服务配置,客户端进行访问
环境配置:
- server端 172.25.0.11
- client端 172.25.0.10
配置ISCSI服务端
1、安装软件包
yum install targetcli -y
2、防火墙放行target的端口 3260
[root@server0 ~]# firewall-cmd --permanent --add-port=3260/tcp
success
[root@server0 ~]# firewall-cmd --reload
success
[root@server0 ~]# firewall-cmd --list-all
public (default, active)
interfaces: eth0
sources:
services: dhcpv6-client ssh
ports: 3260/tcp
masquerade: no
forward-ports:
icmp-blocks:
rich rules:
3、准备本地块设备,也就是准备磁盘
[root@server0 ~]# fdisk /dev/sdb Command (m for help): n Partition type: p primary (0 primary, 0 extended, 4 free) e extended Select (default p): p Partition number (1-4, default 1): 回车 First sector (2048-20971519, default 2048): 回车 Last sector, +sectors or +size{K,M,G} (2048-20971519, default 20971519): 回车 Command (m for help): p p查看刚刚分好的新区 Disk identifier: 0x6dc8b66f Device Boot Start End Blocks Id System /dev/sdb1 2048 20971519 10484736 83 Linux Command (m for help): w 保存 [root@server0 ~]# partprobe [root@server0 ~]# lsblk 可以看见系统已经生成sdb1的设备文件 ... sdb 8:16 0 10G 0 disk └─sdb1 8:17 0 10G 0 part
创建逻辑卷
[root@server0 ~]# pvcreate /dev/sdb1 ---->创物理卷 Physical volume "/dev/sdb1" successfully created [root@server0 ~]# pvs PV VG Fmt Attr PSize PFree /dev/sdb1 lvm2 a-- 10.00g 10.00g [root@server0 ~]# vgcreate ISCSI_vg /dev/sdb1 ---->创建名为ISCSI_vg卷组 Volume group "ISCSI_vg" successfully created [root@server0 ~]# vgs VG #PV #LV #SN Attr VSize VFree ISCSI_vg 1 0 0 wz--n- 10.00g 10.00g [root@server0 ~]# lvcreate -n disk1_lv -L 100m ISCSI_vg ---->创建名为disk1_lv的逻辑卷 Logical volume "disk1_lv" created [root@server0 ~]# lvs LV VG Attr LSize Pool Origin Data% Move Log Cpy%Sync Convert disk1_lv ISCSI_vg -wi-a----- 100.00m
4、创建target,本节重点,也是最不容易理解的地方
首先打开targetcli工具,ls可以看见目前target下没有任何配置
[root@server0 ~]# targetcli /> ls o- / ............................................................................................................. [...] o- backstores .................................................................................................. [...] | o- block ...................................................................................... [Storage Objects: 0] | o- fileio ..................................................................................... [Storage Objects: 0] | o- pscsi ...................................................................................... [Storage Objects: 0] | o- ramdisk .................................................................................... [Storage Objects: 0] o- iscsi ................................................................................................ [Targets: 0] o- loopback ............................................................................................. [Targets: 0] />
(1)创建名为 iqn.2014-06.com.example.com:server0的target
/> /iscsi create iqn.2014-06.com.example.com:server0 Created target iqn.2014-06.com.example.com:server0. Created TPG 1 可以看到iscsi创建了一个名为iqn.2014-06.com.example.com:server0的target,并且系统又在底下自动创建了tgp1 /> ls o- iscsi ................................................................................................ [Targets: 1] | o- iqn.2014-06.com.example.com:server0 ................................................................... [TPGs: 1] | o- tpg1 ................................................................................... [no-gen-acls, no-auth] | o- acls .............................................................................................. [ACLs: 0] | o- luns .............................................................................................. [LUNs: 0] | o- portals ........................................................................................ [Portals: 0] o- loopback ............................................................................................. [Targets: 0 />
(2)为tgp1定义portals,也就是定义ip和端口
/> /iscsi/iqn.2014-06.com.example.com:server0/tpg1/portals create 172.25.0.11 3260
Using default IP port 3260
Created network portal 172.25.0.11:3260.
/> ls
| o- iqn.2014-06.com.example.com:server0 ................................................................... [TPGs: 1]
| o- tpg1 ................................................................................... [no-gen-acls, no-auth]
| o- acls .............................................................................................. [ACLs: 0]
| o- luns .............................................................................................. [LUNs: 0]
| o- portals ........................................................................................ [Portals: 1]
| o- 172.25.0.11:3260 ..................................................................................... [OK]
o- loopback ............................................................................................. [Targets: 0]
(3)为target绑定本地块设备,绑定刚刚创建的逻辑卷
首先定义一个block
/> /backstores/block create name=server0.disk1 dev=/dev/ISCSI_vg/disk1_lv
Created block storage object server0.disk1 using /dev/ISCSI_vg/disk1_lv
/> ls
o- / ............................................................................................................. [...]
o- backstores .................................................................................................. [...]
| o- block ...................................................................................... [Storage Objects: 1]
| | o- server0.disk1 ...................................... [/dev/ISCSI_vg/disk1_lv (100.0MiB) write-thru deactivated
为target指定LUN(逻辑单元号),也就是把刚才定义的block分配给target
/> /iscsi/iqn.2014-06.com.example.com:server0/tpg1/luns create /backstores/block/server0.disk1
Created LUN 0.
/> ls
o- iscsi ................................................................................................ [Targets: 1]
| o- iqn.2014-06.com.example.com:server0 ................................................................... [TPGs: 1]
| o- tpg1 ................................................................................... [no-gen-acls, no-auth]
| o- acls .............................................................................................. [ACLs: 0]
| o- luns .............................................................................................. [LUNs: 1]
| | o- lun0 ....................................................... [block/server0.disk1 (/dev/ISCSI_vg/disk1_lv)]
| o- portals ........................................................................................ [Portals: 1]
| o- 172.25.0.11:3260 ..................................................................................... [OK]
o- loopback ............................................................................................. [Targets: 0
(4)为target设定acl(访问控制列表)
配置只允许名为 iqn.2014-06.com.example:desktop0的客户端访问
/> iscsi/iqn.2014-06.com.example.com:server0/tpg1/acls create iqn.2014-06.com.example:desktop0 Created Node ACL for iqn.2014-06.com.example:desktop0 Created mapped LUN 0.
关闭密码验证
/> /iscsi/iqn.2014-06.com.example.com:server0/tpg1/ set attribute authentication=0 Parameter authentication is now '0'.
关闭tgp级别的acl节点限制,也就是只针对tgp/acl下的initiator进行限制,而不是整个tgp
/> /iscsi/iqn.2014-06.com.example.com:server0/tpg1/ set attribute generate_node_acls=0 Parameter generate_node_acls is now '0'.
(5)保存退出
/> saveconfig 配置完毕保存 /> exit 退出
最后配置下来总的列表就是这样
/> ls o- / ............................................................................................................. [...] o- backstores .................................................................................................. [...] | o- block ...................................................................................... [Storage Objects: 1] | | o- server0.disk1 ........................................ [/dev/ISCSI_vg/disk1_lv (100.0MiB) write-thru activated] | o- fileio ..................................................................................... [Storage Objects: 0] | o- pscsi ...................................................................................... [Storage Objects: 0] | o- ramdisk .................................................................................... [Storage Objects: 0] o- iscsi ................................................................................................ [Targets: 1] | o- iqn.2014-06.com.example.com:server0 ................................................................... [TPGs: 1] | o- tpg1 ................................................................................... [no-gen-acls, no-auth] | o- acls .............................................................................................. [ACLs: 1] | | o- iqn.2014-06.com.example:desktop0 ......................................................... [Mapped LUNs: 1] | | o- mapped_lun0 ............................................................. [lun0 block/server0.disk1 (rw)] | o- luns .............................................................................................. [LUNs: 1] | | o- lun0 ....................................................... [block/server0.disk1 (/dev/ISCSI_vg/disk1_lv)] | o- portals ........................................................................................ [Portals: 1] | o- 172.25.0.11:3260 ..................................................................................... [OK] o- loopback ............................................................................................. [Targets: 0
服务端配置完成
错误补救:
万一有写错了配置,就删掉重新进行配置,可以看见portals已经没有内容了
/> /iscsi/iqn.2014-06.com.example.com:server0/tpg1/portals/ delete 172.25.0.11 3260
Deleted network portal 172.25.0.11:3260
/> ls
o- iscsi ................................................................................................ [Targets: 1]
| o- iqn.2014-06.com.example.com:server0 ................................................................... [TPGs: 1]
| o- tpg1 ................................................................................... [no-gen-acls, no-auth]
| o- acls .............................................................................................. [ACLs: 1]
| | o- iqn.2014-06.com.example:desktop0 ......................................................... [Mapped LUNs: 1]
| | o- mapped_lun0 ............................................................. [lun0 block/server0.disk1 (rw)]
| o- luns .............................................................................................. [LUNs: 1]
| | o- lun0 ....................................................... [block/server0.disk1 (/dev/ISCSI_vg/disk1_lv)]
| o- portals ........................................................................................ [Portals: 0]
o- loopback ............................................................................................. [Targets: 0]
重新配置
/> /iscsi/iqn.2014-06.com.example.com:server0/tpg1/portals create 172.25.0.11 3260
Using default IP port 3260
Created network portal 172.25.0.11:3260.
/> ls
| o- iqn.2014-06.com.example.com:server0 ................................................................... [TPGs: 1]
| o- tpg1 ................................................................................... [no-gen-acls, no-auth]
| o- acls .............................................................................................. [ACLs: 1]
| | o- iqn.2014-06.com.example:desktop0 ......................................................... [Mapped LUNs: 1]
| | o- mapped_lun0 ............................................................. [lun0 block/server0.disk1 (rw)]
| o- luns .............................................................................................. [LUNs: 1]
| | o- lun0 ....................................................... [block/server0.disk1 (/dev/ISCSI_vg/disk1_lv)]
| o- portals ........................................................................................ [Portals: 1]
| o- 172.25.0.11:3260 ..................................................................................... [OK]
o- loopback ............................................................................................. [Targets: 0
client端配置
1、安装软件包
[root@desktop0 ~]# yum install iscsi-initiator-utils -y 红帽系统一般都会安装,所以此步骤可以跳过
2、启动服务,并设定开机重启
[root@desktop0 ~]# systemctl start iscsi iscsid [root@desktop0 ~]# systemctl enable iscsi iscsid
3、修改文件,因为服务端中acls指定只允许名为iqn.2014-06.com.example:dekstop0的设备去访问,所以这个文件就这样配置
[root@desktop0 ~]# vim /etc/iscsi/initiatorname.iscsi
InitiatorName=iqn.2014-06.com.example:desktop0
修改之后重启iscisd服务
[root@desktop0 ~]# systemctl restart iscsid
4、发现设备
[root@desktop0 ~]# iscsiadm -m discovery -t st -p 172.25.0.11 172.25.0.11:3260,1 iqn.2014-06.com.example.com:server0
5、登录iscsi
首先查看一下目前系统设备
[root@desktop0 ~]# lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT sda 8:0 0 10G 0 disk └─sda1 8:1 0 10G 0 part / sdb 8:16 0 10G 0 disk sr0 11:0 1 1024M 0 rom
登录
[root@desktop0 ~]# iscsiadm -m node -T iqn.2014-06.com.example.com:server0 -l 或者可以写为 [root@desktop0 ~]# iscsiadm -m node -l
可以发现多了一块100M的磁盘
[root@desktop0 ~]# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 10G 0 disk
└─sda1 8:1 0 10G 0 part /
sdb 8:16 0 10G 0 disk
sdc 8:32 0 100M 0 disk
sr0 11:0 1 1024M 0 rom
6、对磁盘进行分区
分区
[root@desktop0 ~]# fdisk /dev/sdc Command (m for help): n Select (default p): p Partition number (1-4, default 1): 回车 First sector (8192-204799, default 8192): 回车 Using default value 8192 Last sector, +sectors or +size{K,M,G} (8192-204799, default 204799): 回车 Command (m for help): w [root@desktop0 ~]# partprobe
格式化
[root@desktop0 ~]# mkfs.ext4 /dev/sdc1
7、设定开机挂载
查看uuid,加入/etc/fstab文件中,注意挂载选项必须加_netdev
[root@desktop0 ~]# blkid /dev/sdc1 /dev/sdc1: UUID="8bd4649c-3191-4962-a8a9-08e2093bdc1c" TYPE="ext4" [root@desktop0 ~]# vim /etc/fstab ... UUID=8bd4649c-3191-4962-a8a9-08e2093bdc1c /mnt/iscsi ext4 defaults,_netdev 0 0
创建挂载点并且挂载
[root@desktop0 ~]# mkdir -p /mnt/iscsi
[root@desktop0 ~]# mount -a
[root@desktop0 ~]# df -h
/dev/sdc1 89M 1.6M 81M 2% /mnt/iscsi
错误补救:
每次开机iscsi都会自动登录,iscsi会从/var/lib/iscsi/nodes/目录去找到发现的target去登录
[root@desktop0 ~]# ls /var/lib/iscsi/nodes/ iqn.2014-06.com.example.com:server0
彻底删除发现过的target
首先取消登录所有的target
[root@desktop0 ~]# iscsiadm -m node -u
然后指定名字删除,此时发现存储目录已经没有数据,下次也不会重新去自动登录了
[root@desktop0 ~]# iscsiadm -m node -T iqn.2014-06.com.example.com:server0 -o delete [root@desktop0 ~]# ls /var/lib/iscsi/nodes/
然后就可以重启服务重新进行发现,登录,挂载的操作
本教程到此结束
如果有什么建议或者看不明白的地方,欢迎评论区留言或者私信本人,看到了第一时间处理。
本人为Linux菜鸟,还望Linux大神多多指教。