SAN iSCSI on Oracle Linux 7.x using targetcli

This article explains the steps to set up an SAN LUN configuration on Oracle Linux 7, RedHat 7 and CentOS 7, all of them uses the targetcli as  a front-end for viewing, editing, and saving the configuration of the Linux-IO Target without the need to manipulate the kernel target’s configuration files directly.

Plan:

  1. Creation of Linux partition:
  2. Target targetcli
  3. Creation of iSCSI Initiator

1. Creation of Linux partition:

We are going to create a simple Linux partition on the disk /dev/sdc using the tool

# fdisk -l /dev/sdc
Disk /dev/sdc: 12.9 GB, 12884901888 bytes, 25165824 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk label type: dos
Disk identifier: 0x33eba5c5
   Device Boot      Start         End      Blocks   Id  System

Creation of a partition.

# fdisk /dev/sdc
Welcome to fdisk (util-linux 2.23.2).
Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.
Command (m for help): n
Partition type:
   p   primary (0 primary, 0 extended, 4 free)
   e   extended
Select (default p):
Using default response p
Partition number (1-4, default 1):
First sector (2048-25165823, default 2048): ENTER
Using default value 2048
Last sector, +sectors or +size{K,M,G} (2048-25165823, default 25165823): ENTER
Using default value 25165823
Partition 1 of type Linux and of size 12 GiB is set
Command (m for help): w
The partition table has been altered!
Calling ioctl() to re-read partition table.


# fdisk -l /dev/sdc
Disk /dev/sdc: 12.9 GB, 12884901888 bytes, 25165824 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk label type: dos
Disk identifier: 0x33eba5c5
  Device Boot      Start         End      Blocks   Id  System
/dev/sdc1            2048    25165823    12581888   83  Linux

Verification of the UUID of the new partition

# blkid /dev/sdc1
/dev/sdc1: UUID="Ez7HTK-DnTM-FB8h-iCjc-W3Bo-0hEG-P3vUfP" TYPE="LVM2_member"

2. Target targetcli

targetcli is a command line interface that allows an administrator to export local storage resources (backed by either files, volumes, local SCSI devices, or RAM disks) to remote systems. It has a tree-based layout, includes built-in tab-completion, and provides full auto-complete support and inline documentation., for more info.

a. Install the package targetcli:

# yum install targetcli -y

b. Start and enable the target service for autostartup.

# systemctl start target
# systemctl enable target

c. Run the targetcli

# targetcli
targetcli shell version 2.1.fb41
Copyright 2011-2013 by Datera, Inc and others.
For help on commands, type 'help'.
/> ls
o- / ...................................................................... [...]
  o- backstores ........................................................... [...]
  | o- block ............................................... [Storage Objects: 0]
  | o- fileio .............................................. [Storage Objects: 0]
  | o- pscsi ............................................... [Storage Objects: 0]
  | o- ramdisk ............................................. [Storage Objects: 0]
  o- iscsi ......................................................... [Targets: 0]
  o- loopback ...................................................... [Targets: 0]
/>

 

d. Create a Backstore

Backstores enable support for different methods of storing an exported LUN’s data on the local machine. Creating a storage object defines the resources the backstore will use.

/> cd /backstores/block
/backstores/block> ls
o- block ................................................... [Storage Objects: 0]
/backstores/block> create scsi_sdc /dev/sdc1
'export_backstore_name_as_model' is set but emulate_model_alias
  not supported by kernel.
/backstores/block> ls
o- block ................................................... [Storage Objects: 1]
  o- scsi_sdc ...................... [/dev/sdc1 (12.0GiB) write-thru deactivated]
/backstores/block>

e. Create an iSCSI Target

Create an iSCSI target using the target name “iqn.2017-02.tn.wadhahdaouehi.san:iscsiSDC”

/backstores/block> cd /iscsi
/iscsi> create iqn.2017-02.tn.wadhahdaouehi.san:iscsiSDC
Created target iqn.2017-02.tn.wadhahdaouehi.san:iscsisdc.
Created TPG 1.
Global pref auto_add_default_portal=true
Created default portal listening on all IPs (0.0.0.0), port 3260.
/iscsi>
/iscsi> ls
o- iscsi ........................................................... [Targets: 1]
  o- iqn.2017-02.tn.wadhahdaouehi.san:iscsisdc ........................ [TPGs: 1]
    o- tpg1 .............................................. [no-gen-acls, no-auth]
      o- acls ......................................................... [ACLs: 0]
      o- luns ......................................................... [LUNs: 0]
      o- portals ................................................... [Portals: 1]
        o- 0.0.0.0:3260 .................................................... [OK]
/iscsi>

 

f. Configure ACLs

Create an ACL for each initiator that will be connecting. This enforces authentication when that initiator connects, allowing only LUNs to be exposed to each initiator. Usually each initator has exclusive access to a LUN. Both targets and initiators have unique identifying names. The initiator’s unique name must be known to configure ACLs. For open-iscsi initiators, this can be found in /etc/iscsi/initiatorname.iscsi

/iscsi> cd iqn.2017-02.tn.wadhahdaouehi.san:iscsisdc/tpg1/acls
/iscsi/iqn.20...sdc/tpg1/acls> create iqn.2017-02.tn.wadhahdaouehi.node:node1
Created Node ACL for iqn.2017-02.tn.wadhahdaouehi.node:node1
/iscsi/iqn.20...sdc/tpg1/acls>

g. Configure LUNs:

Create LUNs of already created storage objects.

/> cd iscsi/iqn.2017-02.tn.wadhahdaouehi.san:iscsisdc/tpg1/luns
/iscsi/iqn.20...sdc/tpg1/luns>
/iscsi/iqn.20...sdc/tpg1/luns> create /backstores/block/scsi_sdc
Created LUN 0.
Created LUN 0->0 mapping in node ACL iqn.2017-02.tn.wadhahdaouehi.node:node1
/iscsi/iqn.20...sdc/tpg1/luns>

g. Save and check configurate:

/> saveconfig
Last 10 configs saved in /etc/target/backup.
Configuration saved to /etc/target/saveconfig.json
/>
/> ls
o- / ...................................................................... [...]
  o- backstores ........................................................... [...]
  | o- block ............................................... [Storage Objects: 1]
  | | o- scsi_sdc .................... [/dev/sdc1 (12.0GiB) write-thru activated]
  | o- fileio .............................................. [Storage Objects: 0]
  | o- pscsi ............................................... [Storage Objects: 0]
  | o- ramdisk ............................................. [Storage Objects: 0]
  o- iscsi ......................................................... [Targets: 1]
  | o- iqn.2017-02.tn.wadhahdaouehi.san:iscsisdc ...................... [TPGs: 1]
  |   o- tpg1 ............................................ [no-gen-acls, no-auth]
  |     o- acls ....................................................... [ACLs: 1]
  |     | o- iqn.2017-02.tn.wadhahdaouehi.node:node1 ........... [Mapped LUNs: 1]
  |     |   o- mapped_lun0 ........................... [lun0 block/scsi_sdc (rw)]
  |     o- luns ....................................................... [LUNs: 1]
  |     | o- lun0 .................................. [block/scsi_sdc (/dev/sdc1)]
  |     o- portals ................................................. [Portals: 1]
  |       o- 0.0.0.0:3260 .................................................. [OK]
  o- loopback ...................................................... [Targets: 0]
/>
/> exit
Global pref auto_save_on_exit=true
Last 10 configs saved in /etc/target/backup.
Configuration saved to /etc/target/saveconfig.json

 

  1. Restart the targetcli service
# systemctl restart target.service

 

3. Creation of iSCSI Initiator:

a. Installiscsi-initiator-utils

# yum  install iscsi-initiator-utils -y

If a custom name was given to the ACL in Section 24.1.6, “Configure ACLs”, then change the /etc/iscsi/initiatorname.isci file to match.

# cat /etc/iscsi/initiatorname.iscsi
InitiatorName= iqn.2017-02.tn.wadhahdaouehi.node:node1

b. Discover the target.

My SAN targetcli has the ip address: 192.168.100.21

# iscsiadm -m discovery --type sendtargets -p 192.168.100.21
192.168.100.21:3260,1 iqn.2017-02.tn.wadhahdaouehi.san:iscsisdc

c. Log in to the target

# iscsiadm -m node --targetname iqn.2017-02.tn.wadhahdaouehi.san:iscsisdc -p 192.168.100.21 -l
Logging in to [iface: default, target: iqn.2017-02.tn.wadhahdaouehi.san:iscsisdc, portal: 192.168.100.21,3260] (multiple)
Login to [iface: default, target: iqn.2017-02.tn.wadhahdaouehi.san:iscsisdc, portal: 192.168.100.21,3260] successful.

d. Verification:

After the successful login, we checked the block storage with his UUID.

# blkid | grep 'UUID="Ez7HTK-DnTM-FB8h-iCjc-W3Bo-0hEG-P3vUfP"'
/dev/sdd: UUID="Ez7HTK-DnTM-FB8h-iCjc-W3Bo-0hEG-P3vUfP" TYPE="LVM2_member"

Note: Now on the initiator side, the disk have the name /dev/sdd.

Conclusion:

With this procedur, we can also add target disks, partition and also LVM logical volume and dont forget the initiator target ACL.

Bookmark the permalink.
Loading Facebook Comments ...

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.