This article explains the steps to set up an SAN LUN configuration on Oracle Linux 7, RedHat 7 and CentOS 7, all of them uses the targetcli as a front-end for viewing, editing, and saving the configuration of the Linux-IO Target without the need to manipulate the kernel target’s configuration files directly.
Plan:
- Creation of Linux partition:
- Target targetcli
- Creation of iSCSI Initiator
1. Creation of Linux partition:
We are going to create a simple Linux partition on the disk /dev/sdc using the tool
# fdisk -l /dev/sdc Disk /dev/sdc: 12.9 GB, 12884901888 bytes, 25165824 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk label type: dos Disk identifier: 0x33eba5c5 Device Boot Start End Blocks Id System
Creation of a partition.
# fdisk /dev/sdc Welcome to fdisk (util-linux 2.23.2). Changes will remain in memory only, until you decide to write them. Be careful before using the write command. Command (m for help): n Partition type: p primary (0 primary, 0 extended, 4 free) e extended Select (default p): Using default response p Partition number (1-4, default 1): First sector (2048-25165823, default 2048): ENTER Using default value 2048 Last sector, +sectors or +size{K,M,G} (2048-25165823, default 25165823): ENTER Using default value 25165823 Partition 1 of type Linux and of size 12 GiB is set Command (m for help): w The partition table has been altered! Calling ioctl() to re-read partition table. # fdisk -l /dev/sdc Disk /dev/sdc: 12.9 GB, 12884901888 bytes, 25165824 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk label type: dos Disk identifier: 0x33eba5c5 Device Boot Start End Blocks Id System /dev/sdc1 2048 25165823 12581888 83 Linux
Verification of the UUID of the new partition
# blkid /dev/sdc1 /dev/sdc1: UUID="Ez7HTK-DnTM-FB8h-iCjc-W3Bo-0hEG-P3vUfP" TYPE="LVM2_member"
2. Target targetcli
targetcli is a command line interface that allows an administrator to export local storage resources (backed by either files, volumes, local SCSI devices, or RAM disks) to remote systems. It has a tree-based layout, includes built-in tab-completion, and provides full auto-complete support and inline documentation., for more info.
a. Install the package targetcli:
# yum install targetcli -y
b. Start and enable the target service for autostartup.
# systemctl start target # systemctl enable target
c. Run the targetcli
# targetcli targetcli shell version 2.1.fb41 Copyright 2011-2013 by Datera, Inc and others. For help on commands, type 'help'. /> ls o- / ...................................................................... [...] o- backstores ........................................................... [...] | o- block ............................................... [Storage Objects: 0] | o- fileio .............................................. [Storage Objects: 0] | o- pscsi ............................................... [Storage Objects: 0] | o- ramdisk ............................................. [Storage Objects: 0] o- iscsi ......................................................... [Targets: 0] o- loopback ...................................................... [Targets: 0] />
d. Create a Backstore
Backstores enable support for different methods of storing an exported LUN’s data on the local machine. Creating a storage object defines the resources the backstore will use.
/> cd /backstores/block /backstores/block> ls o- block ................................................... [Storage Objects: 0] /backstores/block> create scsi_sdc /dev/sdc1 'export_backstore_name_as_model' is set but emulate_model_alias not supported by kernel. /backstores/block> ls o- block ................................................... [Storage Objects: 1] o- scsi_sdc ...................... [/dev/sdc1 (12.0GiB) write-thru deactivated] /backstores/block>
e. Create an iSCSI Target
Create an iSCSI target using the target name “iqn.2017-02.tn.wadhahdaouehi.san:iscsiSDC”
/backstores/block> cd /iscsi /iscsi> create iqn.2017-02.tn.wadhahdaouehi.san:iscsiSDC Created target iqn.2017-02.tn.wadhahdaouehi.san:iscsisdc. Created TPG 1. Global pref auto_add_default_portal=true Created default portal listening on all IPs (0.0.0.0), port 3260. /iscsi> /iscsi> ls o- iscsi ........................................................... [Targets: 1] o- iqn.2017-02.tn.wadhahdaouehi.san:iscsisdc ........................ [TPGs: 1] o- tpg1 .............................................. [no-gen-acls, no-auth] o- acls ......................................................... [ACLs: 0] o- luns ......................................................... [LUNs: 0] o- portals ................................................... [Portals: 1] o- 0.0.0.0:3260 .................................................... [OK] /iscsi>
f. Configure ACLs
Create an ACL for each initiator that will be connecting. This enforces authentication when that initiator connects, allowing only LUNs to be exposed to each initiator. Usually each initator has exclusive access to a LUN. Both targets and initiators have unique identifying names. The initiator’s unique name must be known to configure ACLs. For open-iscsi initiators, this can be found in /etc/iscsi/initiatorname.iscsi
/iscsi> cd iqn.2017-02.tn.wadhahdaouehi.san:iscsisdc/tpg1/acls /iscsi/iqn.20...sdc/tpg1/acls> create iqn.2017-02.tn.wadhahdaouehi.node:node1 Created Node ACL for iqn.2017-02.tn.wadhahdaouehi.node:node1 /iscsi/iqn.20...sdc/tpg1/acls>
g. Configure LUNs:
Create LUNs of already created storage objects.
/> cd iscsi/iqn.2017-02.tn.wadhahdaouehi.san:iscsisdc/tpg1/luns /iscsi/iqn.20...sdc/tpg1/luns> /iscsi/iqn.20...sdc/tpg1/luns> create /backstores/block/scsi_sdc Created LUN 0. Created LUN 0->0 mapping in node ACL iqn.2017-02.tn.wadhahdaouehi.node:node1 /iscsi/iqn.20...sdc/tpg1/luns>
g. Save and check configurate:
/> saveconfig Last 10 configs saved in /etc/target/backup. Configuration saved to /etc/target/saveconfig.json /> /> ls o- / ...................................................................... [...] o- backstores ........................................................... [...] | o- block ............................................... [Storage Objects: 1] | | o- scsi_sdc .................... [/dev/sdc1 (12.0GiB) write-thru activated] | o- fileio .............................................. [Storage Objects: 0] | o- pscsi ............................................... [Storage Objects: 0] | o- ramdisk ............................................. [Storage Objects: 0] o- iscsi ......................................................... [Targets: 1] | o- iqn.2017-02.tn.wadhahdaouehi.san:iscsisdc ...................... [TPGs: 1] | o- tpg1 ............................................ [no-gen-acls, no-auth] | o- acls ....................................................... [ACLs: 1] | | o- iqn.2017-02.tn.wadhahdaouehi.node:node1 ........... [Mapped LUNs: 1] | | o- mapped_lun0 ........................... [lun0 block/scsi_sdc (rw)] | o- luns ....................................................... [LUNs: 1] | | o- lun0 .................................. [block/scsi_sdc (/dev/sdc1)] | o- portals ................................................. [Portals: 1] | o- 0.0.0.0:3260 .................................................. [OK] o- loopback ...................................................... [Targets: 0] /> /> exit Global pref auto_save_on_exit=true Last 10 configs saved in /etc/target/backup. Configuration saved to /etc/target/saveconfig.json
- Restart the targetcli service
# systemctl restart target.service
3. Creation of iSCSI Initiator:
a. Installiscsi-initiator-utils
# yum install iscsi-initiator-utils -y
If a custom name was given to the ACL in Section 24.1.6, “Configure ACLs”, then change the /etc/iscsi/initiatorname.isci file to match.
# cat /etc/iscsi/initiatorname.iscsi InitiatorName= iqn.2017-02.tn.wadhahdaouehi.node:node1
b. Discover the target.
My SAN targetcli has the ip address: 192.168.100.21
# iscsiadm -m discovery --type sendtargets -p 192.168.100.21 192.168.100.21:3260,1 iqn.2017-02.tn.wadhahdaouehi.san:iscsisdc
c. Log in to the target
# iscsiadm -m node --targetname iqn.2017-02.tn.wadhahdaouehi.san:iscsisdc -p 192.168.100.21 -l Logging in to [iface: default, target: iqn.2017-02.tn.wadhahdaouehi.san:iscsisdc, portal: 192.168.100.21,3260] (multiple) Login to [iface: default, target: iqn.2017-02.tn.wadhahdaouehi.san:iscsisdc, portal: 192.168.100.21,3260] successful.
d. Verification:
After the successful login, we checked the block storage with his UUID.
# blkid | grep 'UUID="Ez7HTK-DnTM-FB8h-iCjc-W3Bo-0hEG-P3vUfP"' /dev/sdd: UUID="Ez7HTK-DnTM-FB8h-iCjc-W3Bo-0hEG-P3vUfP" TYPE="LVM2_member"
Note: Now on the initiator side, the disk have the name /dev/sdd.
Conclusion:
With this procedur, we can also add target disks, partition and also LVM logical volume and dont forget the initiator target ACL.