RHEL: iSCSI target/initiator configuration on RHEL7

RHEL: iSCSI target/initiator configuration on RHEL7

# Tested on RHEL 7


# iSCSI target configuration
# ------------------------------------------------------------------------------------------

# Install required package: targetcli

yum install -y targetcli

# and enable the target service on startup

systemctl enable target


# To create an iSCSI target, we'll use 'targetcli', tool for administering targets:

targetcli
   targetcli shell version 2.1.fb41
   Copyright 2011-2013 by Datera, Inc and others.
   For help on commands, type 'help'.

   />

# As backstore, the exported SCSI device, we may choose between "fileio", a file treated
# as a disk image, "block", a local disk block device such as a LVM logical volume or a
# physical device (HDD, DVD, etc), "pscsi" , a local SCSI device of any type, and "ramdisk",
# shared kernel memory. For test purposes, we could also use "nullio" mode, which is not
# backed by any storage and discards all writes, and returns all-zeroes for reads.

# To simplify things, I'll use a fileio device.

# Fileio storage can support either 'write_back' or 'write_thru' operation. The 'write_back'
# enables the local file system cache. This improves performance but increases the risk of
# data loss. It is recommended to use 'write_back=false' to disable 'write_back' in favor
# of 'write_thru'.

# I'll create my fileio backstore, "sharedLUN", of 512M.

/> /backstores/fileio/ create sharedLUN /myluns/sharedLUN.img 512M write_back=false
   Created fileio sharedLUN with size 536870912

# To create a block backstore, use a command like following one:
# /> /backstores/block create name=block_backend dev=[/dev/sdc|/dev/iscsivg/lv_iscsi]
# Note that block backstores usually provide the best performance.


# Then, I create an IQN (Iscsi Qualified Name) called iqn.2016-02.com.example.myserver with
# a target named "myiscsi" and get an associated TPG (Target Portal Group):

/> /iscsi/ create iqn.2016-02.com.example.myserver:myiscsi
   Created target iqn.2016-02.com.example.myserver:myiscsi.
   Created TPG 1.
   Global pref auto_add_default_portal=true
   Created default portal listening on all IPs (0.0.0.0), port 3260.

/> cd /iscsi/iqn.2016-02.com.example.myserver:myiscsi/tpg1
   /iscsi/iqn.20...:myiscsi/tpg1> ls
      o- tpg1 ..................................................... [no-gen-acls, no-auth]
        o- acls ................................................................ [ACLs: 0]
        o- luns ................................................................ [LUNs: 0]
        o- portals .......................................................... [Portals: 0]


# Depending on the RHEL 7 version it may be that a default portal is automatically created
# by the "/iscsi/ create" command. If it is not the case, let's create one. For that we
# have two options: create a default portal, or create a portal specifying what IP address
# to listen to. Creating a default portal uses the default iSCSI port 3260 and allows the
# target to listen on all IP addresses on that port.

# I'll create a default portal

/iscsi/iqn.20...:myiscsi/tpg1> portals/ create
   Using default IP port 3260
   Binding to INADDR_ANY (0.0.0.0)
   Created network portal 0.0.0.0:3260

# Otherwise, to create a portal specifying what IP address to listen to, use this:

# /iscsi/iqn.20...:myiscsi/tpg1> portals/ create 192.168.54.113
#   Using default IP port 3260
#   Created network portal 192.168.54.113:3260


# Now, create a lun. Depending on the kind of backstore previously chosen:

/iscsi/iqn.20...:myiscsi/tpg1> luns/ create /backstores/fileio/sharedLUN
   Created LUN 0.

# For the block backstore shown here above
# /iscsi/iqn.20...:myiscsi/tpg1> luns/ create /backstores/block/block_backend


# Finally, create an acl and an identifier

/iscsi/iqn.20...:myiscsi/tpg1> acls/ create iqn.2016-02.com.example.myserver:client
   Created Node ACL for iqn.2016-02.com.example.myserver:client
   Created mapped LUN 0.

/iscsi/iqn.20...:myiscsi/tpg1> cd acls/iqn.2016-02.com.example.myserver:client/

/iscsi/iqn.20...server:client> set auth userid=myuser
   Parameter userid is now 'myuser'.

/iscsi/iqn.20...server:client> set auth password=mypassword
   Parameter password is now 'mypassword'.

/iscsi/iqn.20...server:client> cd ../..

/iscsi/iqn.20...:myiscsi/tpg1> ls
   o- tpg1 ................................................................... [no-gen-acls, no-auth]
     o- acls .............................................................................. [ACLs: 1]
     | o- iqn.2016-02.com.example.myserver:client .................................. [Mapped LUNs: 1]
     |   o- mapped_lun0 ................................................ [lun0 fileio/sharedLUN (rw)]
     o- luns .............................................................................. [LUNs: 1]
     | o- lun0 ........................................... [fileio/sharedLUN (/myluns/sharedLUN.img)]
     o- portals ........................................................................ [Portals: 1]
       o- 0.0.0.0:3260 ......................................................................... [OK]


# We're done. On exit is automatically saved to /etc/target/saveconfig.json file

/iscsi/iqn.20...:myiscsi/tpg1> exit
   Global pref auto_save_on_exit=true
   Last 10 configs saved in /etc/target/backup.
   Configuration saved to /etc/target/saveconfig.json


# Out iSCSI target is ready to be used.


# If you ever want to clean the entire current local configuration, you can do it by running
# targetcli command like this:

# targetcli clearconfig confirm=true
     All configuration cleared





# iSCSI initiator configuration
# ------------------------------------------------------------------------------------------

# Install required package: iscsi-initiator-utils

yum install -y iscsi-initiator-utils


# Edit /etc/iscsi/initiatorname.iscsi file and replace default content with the initiator
# name configured as acl on target side:

vi /etc/iscsi/initiatorname.iscsi
   InitiatorName=iqn.2016-02.com.example.myserver:client


# If userid and a password have been configured on the server, edit /etc/iscsi/iscsid.conf
# and uncomment/modify following lines

vi /etc/iscsi/iscsid.conf
   node.session.auth.authmethod = CHAP
   node.session.auth.username = myuser
   node.session.auth.password = mypassword


# In RHEL 7, the iSCSI service is lazily started by default. That is, should an iscsiadm
# command be issued the service will start.

# Discover the target

iscsiadm --mode discovery --type sendtargets --portal 192.168.54.113
   192.168.54.113:3260,1 iqn.2016-02.com.example.myserver:myiscsi


# Log in to the target

iscsiadm --mode node --targetname iqn.2016-02.com.example.myserver:myiscsi --portal 192.168.54.113 --login
   Logging in to [iface: default, target: iqn.2016-02.com.example.myserver:myiscsi, portal: 192.168.54.113,3260] (multiple)
   Login to [iface: default, target: iqn.2016-02.com.example.myserver:myiscsi, portal: 192.168.54.113,3260] successful.


# Check the newly discovered target

lsblk --scsi
   NAME HCTL       TYPE VENDOR   MODEL             REV TRAN
   sda  1:0:0:0    disk ATA      ST3160815A       D    ata
   sdb  1:0:1:0    disk ATA      ST3160021A       8.01 ata
   sdc  3:0:0:0    disk ATA      ST3160215ACE     G    ata
   sdd  8:0:0:0    disk LIO-ORG  sharedLUN       4.0  iscsi
   sr0  3:0:1:0    rom  HL-DT-ST DVDRAM GSA-4120B A102 ata

lsblk | egrep "NAME|sdd"
   NAME                MAJ:MIN RM   SIZE RO TYPE MOUNTPOINT
   sdd                   8:48   0   512M  0 disk


# Now we are ready to start working with the target. For instance:

mkfs.ext4 /dev/sdd
[...]

blkid /dev/sdd
   /dev/sdd: UUID="35968eb6-b024-485b-a859-71475285c39b" TYPE="ext4"


# If you are planning to persistently mount target, add a line like this to /etc/fstab:
   UUID=35968eb6-b024-485b-a859-71475285c39b    /mnt      ext4     _netdev    0 0


# Display initiator configuration

iscsiadm -m session -P 3
   iSCSI Transport Class version 2.0-870
   version 6.2.0.873-30
   Target: iqn.2016-02.com.example.myserver:myiscsi (non-flash)
        Current Portal: 192.168.54.113:3260,1
        Persistent Portal: 192.168.54.113:3260,1
                **********
                Interface:
                **********
                Iface Name: default
                Iface Transport: tcp
                Iface Initiatorname: iqn.2016-02.com.example.myserver:client
                Iface IPaddress: 192.168.54.113
                Iface HWaddress: <empty>
                Iface Netdev: <empty>
                SID: 1
                iSCSI Connection State: LOGGED IN
                iSCSI Session State: LOGGED_IN
                Internal iscsid Session State: NO CHANGE
                *********
                Timeouts:
                *********
                Recovery Timeout: 120
                Target Reset Timeout: 30
                LUN Reset Timeout: 30
                Abort Timeout: 15
                *****
                CHAP:
                *****
                username: myuser
                password: ********
                username_in: <empty>
                password_in: ********
                ************************
                Negotiated iSCSI params:
                ************************
                HeaderDigest: None
                DataDigest: None
                MaxRecvDataSegmentLength: 262144
                MaxXmitDataSegmentLength: 262144
                FirstBurstLength: 65536
                MaxBurstLength: 262144
                ImmediateData: Yes
                InitialR2T: Yes
                MaxOutstandingR2T: 1
                ************************
                Attached SCSI devices:
                ************************
                Host Number: 8  State: running
                scsi8 Channel 00 Id 0 Lun: 0
                        Attached scsi disk sdd          State: running
0 (0)
Article Rating (No Votes)
Rate this article
Attachments
There are no attachments for this article.
Comments
There are no comments for this article. Be the first to post a comment.
Full Name
Email Address
Security Code Security Code
Related Articles RSS Feed
RHEL: Manually encrypting a filesystem with LUKS
Viewed 942 times since Sun, May 27, 2018
Manage SSH Key File With Passphrase
Viewed 533 times since Tue, Mar 5, 2019
LVM: Mount LVM Partition(s) in Rescue Mode
Viewed 858 times since Sat, Jun 2, 2018
Linux - How to monitor CPU usage
Viewed 509 times since Fri, Jun 8, 2018
Epoch & Unix Timestamp Conversion Tools
Viewed 13747 times since Fri, Jun 22, 2018
RHEL: Back-up/Replicate a partition table
Viewed 943 times since Sun, May 27, 2018
Linux Screen
Viewed 748 times since Sat, Jun 2, 2018
Open SSL HowTo: Decode SSL Certificate
Viewed 476 times since Mon, Feb 18, 2019
Setup SSL Tunnel Using Stunnel on Ubuntu
Viewed 425 times since Fri, Sep 28, 2018
Tip: SSD and Linux. Enable TRIM and check if it works
Viewed 103 times since Fri, May 15, 2020