CentOS7配置iSCSI服务
在网络上的存贮服务为iSCSI Target,而连接到iSCSI Target服务的叫iSCSI Initiator
1. 直接配置iSCSI Target服务
1.1. 安装targetcli软件
[root@server1 ~]# yum install -y targetcli
Loaded plugins: fastestmirror
base | 3.6 kB 00:00
extras | 3.4 kB 00:00
updates | 3.4 kB 00:00
(1/4): base/7/x86_64/group_gz | 156 kB 00:00
(2/4): extras/7/x86_64/primary_db | 129 kB 00:00
1.2. 配置iSCSI Target服务
在/var/lib/iscsi_disks目录下,创建一个磁盘镜像文件作为SCSI驱动器
[root@server1 ~]# mkdir /var/lib/iscsi_disks
1.2.1. 进入targetcli中进行设置
[root@server1 ~]# targetcli
Warning: Could not load preferences file /root/.targetcli/prefs.bin.
targetcli shell version 2.1.fb46
Copyright 2011-2013 by Datera, Inc and others.
For help on commands, type 'help'.
/> cd backstores/fileio
1.2.2. 创建一个磁盘镜像文件disk01.img,名称为disk01
/backstores/fileio> create disk01 /var/lib/iscsi_disks/disk01.img 5G
Created fileio disk01 with size 5368709120
/backstores/fileio> cd /iscsi
1.2.3. 创建一个target
/iscsi> create iqn.2017-10.com.smartmap:storage.target00
Created target iqn.2017-10.com.smartmap:storage.target00.
Created TPG 1.
Global pref auto_add_default_portal=true
Created default portal listening on all IPs (0.0.0.0), port 3260.
/iscsi> cd iqn.2017-10.com.smartmap:storage.target00/tpg1/luns
1.2.4. 设置LUN
/iscsi/iqn.20...t00/tpg1/luns> create /backstores/fileio/disk01
Created LUN 0.
/iscsi/iqn.20...t00/tpg1/luns> cd ../acls
1.2.5. 设置ACL
/iscsi/iqn.20...t00/tpg1/acls> create iqn.2017-10.com.smartmap:192.168.1.101
Created Node ACL for iqn.2017-10.com.smartmap:192.168.1.101
Created mapped LUN 0.
1.2.6. 为认证建立UserID
/iscsi/iqn.20...t00/tpg1/acls> set auth userid=username
Unknown configuration group: auth
/iscsi/iqn.20...t00/tpg1/acls> cd iqn.2017-10.com.smartmap:192.168.1.101
/iscsi/iqn.20...192.168.1.101> set auth userid=username
Parameter userid is now 'username'.
/iscsi/iqn.20...192.168.1.101> set auth password=password
Parameter password is now 'password'.
/iscsi/iqn.20...192.168.1.101> exit
Global pref auto_save_on_exit=true
Last 10 configs saved in /etc/target/backup.
Configuration saved to /etc/target/saveconfig.json
1.3. 配置完成后查看其监听
[root@server1 ~]# ss -napt | grep 3260
LISTEN 0 256 *:3260 *:*
1.4. 开启target服务
[root@server1 ~]# systemctl enable target
Created symlink from /etc/systemd/system/multi-user.target.wants/target.service to /usr/lib/systemd/system/target.service.
[root@server1 ~]#
1.5. 在防火墙中设置iSCSI Target服务
[root@server1 ~]# firewall-cmd --add-service=iscsi-target --permanent
success
[root@server1 ~]# firewall-cmd --reload
success
[root@server1 ~]#
2. 应用scsi-target-utils配置iSCSI Initiator
2.1. 安装scsi-target-utils软件
[root@server3 ~]# yum -y install epel-release
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.tuna.tsinghua.edu.cn
* extras: mirrors.tuna.tsinghua.edu.cn
* updates: mirrors.tuna.tsinghua.edu.cn
Resolving Dependencies
--> Running transaction check
---> Package epel-release.noarch 0:7-9 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
[root@server3 ~]# yum --enablerepo=epel install -y scsi-target-utils
Loaded plugins: fastestmirror
epel/x86_64/metalink | 6.1 kB 00:00
epel | 4.3 kB 00:00
(1/3): epel/x86_64/group_gz | 261 kB 00:00
2.2. 配置iSCSI Target服务
2.2.1. 创建一个磁盘镜像文件作为SCSI驱动器
在/var/lib/iscsi_disks目录下,创建一个磁盘镜像文件作为SCSI驱动器
[root@server3 ~]# mkdir /var/lib/iscsi_disks
[root@server3 ~]# dd if=/dev/zero of=/var/lib/iscsi_disks/disk01.img count=0 bs=1 seek=5G
0+0 records in
0+0 records out
0 bytes (0 B) copied, 0.000322535 s, 0.0 kB/s
[root@server3 ~]#
2.2.2. 修改targets.conf文件
[root@server3 ~]# vi /etc/tgt/targets.conf
[root@server3 ~]#
在文件结尾加上如下的内容
<target iqn.2017-10.com.smartmap:target00>
backing-store /var/lib/iscsi_disks/disk01.img
initiator-address 192.168.1.103
incominguser username password
</target>
2.2.3. 修改SELinux的Context设置
[root@server3 ~]# chcon -R -t tgtd_var_lib_t /var/lib/iscsi_disks
chcon: can't apply partial context to unlabeled file ‘disk01.img’
chcon: can't apply partial context to unlabeled file ‘/var/lib/iscsi_disks’
[root@server3 ~]# semanage fcontext -a -t tgtd_var_lib_t /var/lib/iscsi_disks/
-bash: semanage: command not found
[root@server3 ~]#
2.2.4. 在防火墙中设置iSCSI Target服务
[root@server1 ~]# firewall-cmd --add-service=iscsi-target --permanent
success
[root@server1 ~]# firewall-cmd --reload
success
[root@server1 ~]#
2.2.5. 开启tgtd服务
[root@server3 ~]# systemctl start tgtd
[root@server3 ~]# systemctl enable tgtd
Created symlink from /etc/systemd/system/multi-user.target.wants/tgtd.service to /usr/lib/systemd/system/tgtd.service.
[root@server3 ~]#
3. 配置iSCSI Initiator
3.1. 安装iscsi-initiator-utils软件
[root@server2 ~]# yum install -y iscsi-initiator-utils
Loaded plugins: fastestmirror
base | 3.6 kB 00:00
extras | 3.4 kB 00:00
3.2. 配置iSCSI Initiator连接的服务
[root@server2 ~]# vi /etc/iscsi/initiatorname.iscsi
修改成如下的内容
InitiatorName=iqn.2017-10.com.smartmap:192.168.1.101
3.3. 配置iSCSI Initiator连接的认证信息
[root@server2 ~]# vi /etc/iscsi/iscsid.conf
node.session.auth.authmethod = CHAP
# To set a CHAP username and password for initiator
# authentication by the target(s), uncomment the following lines:
node.session.auth.username = username
node.session.auth.password = password
3.4. 发现iSCSI-Target服务
[root@server2 ~]# iscsiadm -m discovery -t sendtargets -p 192.168.1.101
192.168.1.101:3260,1 iqn.2017-10.com.smartmap:storage.target00
[root@server2 ~]#
3.5. 查看iSCSI-Target服务连接状态
[root@server2 ~]# iscsiadm -m node -o show
# BEGIN RECORD 6.2.0.874-2
node.name = iqn.2017-10.com.smartmap:storage.target00
node.tpgt = 1
node.startup = automatic
node.leading_login = No
iface.hwaddress = <empty>
iface.ipaddress = <empty>
iface.iscsi_ifacename = default
iface.net_ifacename = <empty>
iface.gateway = <empty>
iface.subnet_mask = <empty>
iface.transport_name = tcp
iface.initiatorname = <empty>
iface.state = <empty>
iface.vlan_id = 0
iface.vlan_priority = 0
iface.vlan_state = <empty>
iface.iface_num = 0
iface.mtu = 0
iface.port = 0
iface.bootproto = <empty>
iface.dhcp_alt_client_id_state = <empty>
iface.dhcp_alt_client_id = <empty>
iface.dhcp_dns = <empty>
iface.dhcp_learn_iqn = <empty>
iface.dhcp_req_vendor_id_state = <empty>
iface.dhcp_vendor_id_state = <empty>
iface.dhcp_vendor_id = <empty>
iface.dhcp_slp_da = <empty>
iface.fragmentation = <empty>
iface.gratuitous_arp = <empty>
iface.incoming_forwarding = <empty>
iface.tos_state = <empty>
iface.tos = 0
iface.ttl = 0
iface.delayed_ack = <empty>
iface.tcp_nagle = <empty>
iface.tcp_wsf_state = <empty>
iface.tcp_wsf = 0
iface.tcp_timer_scale = 0
iface.tcp_timestamp = <empty>
iface.redirect = <empty>
iface.def_task_mgmt_timeout = 0
iface.header_digest = <empty>
iface.data_digest = <empty>
iface.immediate_data = <empty>
iface.initial_r2t = <empty>
iface.data_seq_inorder = <empty>
iface.data_pdu_inorder = <empty>
iface.erl = 0
iface.max_receive_data_len = 0
iface.first_burst_len = 0
iface.max_outstanding_r2t = 0
iface.max_burst_len = 0
iface.chap_auth = <empty>
iface.bidi_chap = <empty>
iface.strict_login_compliance = <empty>
iface.discovery_auth = <empty>
iface.discovery_logout = <empty>
node.discovery_address = 192.168.1.101
node.discovery_port = 3260
node.discovery_type = send_targets
node.session.initial_cmdsn = 0
node.session.initial_login_retry_max = 8
node.session.xmit_thread_priority = -20
node.session.cmds_max = 128
node.session.queue_depth = 32
node.session.nr_sessions = 1
node.session.auth.authmethod = CHAP
node.session.auth.username = username
node.session.auth.password = ********
node.session.auth.username_in = <empty>
node.session.auth.password_in = <empty>
node.session.timeo.replacement_timeout = 120
node.session.err_timeo.abort_timeout = 15
node.session.err_timeo.lu_reset_timeout = 30
node.session.err_timeo.tgt_reset_timeout = 30
node.session.err_timeo.host_reset_timeout = 60
node.session.iscsi.FastAbort = Yes
node.session.iscsi.InitialR2T = No
node.session.iscsi.ImmediateData = Yes
node.session.iscsi.FirstBurstLength = 262144
node.session.iscsi.MaxBurstLength = 16776192
node.session.iscsi.DefaultTime2Retain = 0
node.session.iscsi.DefaultTime2Wait = 2
node.session.iscsi.MaxConnections = 1
node.session.iscsi.MaxOutstandingR2T = 1
node.session.iscsi.ERL = 0
node.session.scan = auto
node.conn[0].address = 192.168.1.101
node.conn[0].port = 3260
node.conn[0].startup = manual
node.conn[0].tcp.window_size = 524288
node.conn[0].tcp.type_of_service = 0
node.conn[0].timeo.logout_timeout = 15
node.conn[0].timeo.login_timeout = 15
node.conn[0].timeo.auth_timeout = 45
node.conn[0].timeo.noop_out_interval = 5
node.conn[0].timeo.noop_out_timeout = 5
node.conn[0].iscsi.MaxXmitDataSegmentLength = 0
node.conn[0].iscsi.MaxRecvDataSegmentLength = 262144
node.conn[0].iscsi.HeaderDigest = None
node.conn[0].iscsi.IFMarker = No
node.conn[0].iscsi.OFMarker = No
# END RECORD
[root@server2 ~]#
3.6. 登录到iSCSI Target
[root@server2 ~]# iscsiadm -m node --login
Logging in to [iface: default, target: iqn.2017-10.com.smartmap:storage.target00 , portal: 192.168.1.101,3260] (multiple)
Login to [iface: default, target: iqn.2017-10.com.smartmap:storage.target00, por tal: 192.168.1.101,3260] successful.
[root@server2 ~]#
3.7. 验证建立会话状态
[root@server2 ~]# iscsiadm -m session -o show
tcp: [1] 192.168.1.101:3260,1 iqn.2017-10.com.smartmap:storage.target00 (non-flash)
[root@server2 ~]#
3.8. 验证分区
3.9. 在iSCSI Initiator中应用iSCSI Target提供的分区
3.9.1. 创建分区Label
[root@server2 ~]# parted --script /dev/sdb "mklabel msdos"
[root@server2 ~]#
3.9.2. 创建分区
[root@server2 ~]# parted --script /dev/sdb "mkpart primary 0% 100%"
3.9.3. 格式化文件系统
[root@server2 ~]# mkfs.xfs -i size=1024 -s size=4096 /dev/sdb1
meta-data=/dev/sdb1 isize=1024 agcount=4, agsize=327424 blks
= sectsz=4096 attr=2, projid32bit=1
= crc=1 finobt=0, sparse=0
data = bsize=4096 blocks=1309696, imaxpct=25
= sunit=0 swidth=0 blks
naming =version 2 bsize=4096 ascii-ci=0 ftype=1
log =internal log bsize=4096 blocks=2560, version=2
= sectsz=4096 sunit=1 blks, lazy-count=1
realtime =none extsz=4096 blocks=0, rtextents=0
[root@server2 ~]#
3.9.4. 挂载分区
[root@server2 ~]# mount /dev/sdb1 /mnt
3.9.5. 查看分区验证
[root@server2 ~]# df -hT