ISCSI Server installation and Configuration.
ISCSI (Internet Small Computer System Interface) - (IP)-based storage networking standard for linking data storage facilities. By carrying SCSI commands over IP networks
iscsi targets should be raw disk or block file only.
ISCSI Target - Server from where the ISCSI disk space is shared.
ISCSI Initator - Clients on which the ISCSI targets are mounted.
SERVER / TARGET side Configuration
====================
Package requirments
----------------------
yum install scsi-target-utils.i386
yum install openssl-devel.i386
/etc/init.d/tgtd start
Creating iscsi lun
=============
tgtadm --lld iscsi --op new --mode target --tid 1 -T iqn.2011-04.com.mxmail:storage.disk2.mxmail.com
tgtadm --lld iscsi --op show --mode target
Attaching storage to the LUN
----------------------------
tgtadm --lld iscsi --op new --mode logicalunit --tid 1 --lun 1 -b /iscsifile
All configuration files for iscsi is stored in /var/lib/iscsi/
Procedure to delete a LUN from ISCSI Server
Disable the connection from client ISCSI targets and Logging out of the portal session,
iscsiadm --mode discovery --type sendtargets --portal 192.168.1.1 (List the portal sessions)
iscsiadm --m node -T iqn.2013-08.com.iscsi:storage.proxmox_vm.mllab.net --portal 192.168.1.1:3260 -u ( Will log out from the portal sessions)
iscsiadm -m node -o delete -T iqn.2013-08.com.iscsi:storage.proxmox_vm.mllab.net --portal 192.168.1.1:3260 (Delete the portal connections)
Remove the Target from the ISCSI server side
Below listed are the steps to be followed for deleting a LUN from the ISCSI server.
Assumptions for this example,
The ISCSI server has multiple LUN configured. Each LUN is using one logical Unit(disk/slice/folder/blockdevice)
Unbind the IP Address from the Access List before deleting the logical unit.
tgtadm --lld iscsi --op unbind --mode target --tid 3 -I 192.168.1.0/24
tgtadm --lld iscsi --op unbind --mode target --tid 3 -I 172.22.1.0/24
Delete the Logincal Unit (Device/Folder/Slice) that is mapped to the LUN
tgtadm --lld iscsi --op delete --mode logicalunit --tid 3 --lun 1
Look for any active sessions connected to the LUN.
tgtadm --lld iscsi --op show --mode target
I_T nexus information:
I_T nexus: 10
Initiator: iqn.1998-01.com.vmware:esxi1-4805d107
Connection: 0
IP Address: 192.168.1.2
I_T nexus: 13
Initiator: iqn.1998-01.com.vmware:esxi3-4716f412
Connection: 0
IP Address: 192.168.1.4
I_T nexus: 15
Initiator: iqn.1998-01.com.vmware:esxi5-31cd0643
Connection: 0
IP Address: 192.168.1.6
In this case there are 3 Sessions connected to the LUN (Connection ID 10, 13 and 15)
Disconnect each of the sessions before deleting the LUN.
tgtadm --lld iscsi --op delete --mode conn --tid 3 --sid 10
tgtadm --lld iscsi --op delete --mode conn --tid 3 --sid 13
tgtadm --lld iscsi --op delete --mode conn --tid 3 --sid 15
Delete the LUN ID 3
tgtadm --lld iscsi --op delete --mode target --tid 3
View to confirm the target LUN is deleted.
tgtadm --lld iscsi --op show --mode target
ISCSI (Internet Small Computer System Interface) - (IP)-based storage networking standard for linking data storage facilities. By carrying SCSI commands over IP networks
iscsi targets should be raw disk or block file only.
ISCSI Target - Server from where the ISCSI disk space is shared.
ISCSI Initator - Clients on which the ISCSI targets are mounted.
SERVER / TARGET side Configuration
====================
Package requirments
----------------------
yum install scsi-target-utils.i386
yum install openssl-devel.i386
/etc/init.d/tgtd start
Creating iscsi lun
=============
tgtadm --lld iscsi --op new --mode target --tid 1 -T iqn.2011-04.com.mxmail:storage.disk2.mxmail.com
tgtadm --lld iscsi --op show --mode target
Attaching storage to the LUN
----------------------------
tgtadm --lld iscsi --op new --mode logicalunit --tid 1 --lun 1 -b /iscsifile
or for physical disk
tgtadm --lld iscsi --op new --mode logicalunit --tid 1 --lun 1 -b /dev/sdb
tgtadm --lld iscsi --op show --mode target
Securing the iscsi targets
===================
IP based restriction
------------------
tgtadm --lld iscsi --op bind --mode target --tid 1 -I ALL #Allowing all IP on the network to access Target ID1
tgtadm --lld iscsi --op bind --mode target --tid 1 -I 192.168.2.10 #Allowing specific IP access to Target ID1
tgtadm --lld iscsi --op bind --mode target --tid 1 -I 192.168.2.0/24 #Allowing specific IP subnet to Target ID1
User based restriction
---------------------
tgtadm --lld iscsi --op new --mode account --user user1 --password password1 #Creation of User account
tgtadm --lld iscsi --op bind --mode account --tid 1 --user fujita #Adding User account to the target ID1
tgtadm --lld iscsi --op unbind --mode account --tid 1 --user fujita #Removing User account to the target ID1
-------------------------------------------------------------------------------------
To make the configuration persistent across add the above lines into /etc/rc.local file
Securing the iscsi targets
===================
IP based restriction
------------------
tgtadm --lld iscsi --op bind --mode target --tid 1 -I ALL #Allowing all IP on the network to access Target ID1
tgtadm --lld iscsi --op bind --mode target --tid 1 -I 192.168.2.10 #Allowing specific IP access to Target ID1
tgtadm --lld iscsi --op bind --mode target --tid 1 -I 192.168.2.0/24 #Allowing specific IP subnet to Target ID1
User based restriction
---------------------
tgtadm --lld iscsi --op new --mode account --user user1 --password password1 #Creation of User account
tgtadm --lld iscsi --op bind --mode account --tid 1 --user fujita #Adding User account to the target ID1
tgtadm --lld iscsi --op unbind --mode account --tid 1 --user fujita #Removing User account to the target ID1
-------------------------------------------------------------------------------------
To make the configuration persistent across add the above lines into /etc/rc.local file
--------------------------------------------------------------------------------------
INITIATOR side Configuration
=====================
yum install iscsi-initiator-utils-6.2.0.865-0.8.el5
yum install lsscsi-0.17-3.el5
service iscsi start
chkconfig iscsi on
Running discovery of the iscsi server.
iscsiadm --mode discovery --type sendtargets --portal 192.168.10.10 (Target Server IP)
Should list an output like this: 192.168.10.10:3260,1 iqn.2011-04.com.mxmail:storage.disk2.mxmail.com
vi /etc/iscsi/initiatorname.iscsi
add this value - InitiatorName=iqn.2011-04.com.mxmail:storage.disk2.mxmail.com
iscsiadm -m nodeWill show all the iscsi devices.
#lsscsi (Command to display the mapped iscsi disks)
[0:0:0:0] disk VMware Virtual disk 1.0 /dev/sda
[9:0:0:0] storage IET Controler 0001 - #LUN Controller
[9:0:0:1] disk IET VIRTUAL-DISK 0001 /dev/sdb #Virtual Disk mapped to /dev/sdb
#fdisk -l /dev/sdb
Disk /dev/sdb: 3221 MB, 3221225472 bytes
100 heads, 62 sectors/track, 1014 cylinders
Units = cylinders of 6200 * 512 = 3174400 bytes
Disk /dev/sdb doesn't contain a valid partition table
INITIATOR side Configuration
=====================
yum install iscsi-initiator-utils-6.2.0.865-0.8.el5
yum install lsscsi-0.17-3.el5
service iscsi start
chkconfig iscsi on
Running discovery of the iscsi server.
iscsiadm --mode discovery --type sendtargets --portal 192.168.10.10 (Target Server IP)
Should list an output like this: 192.168.10.10:3260,1 iqn.2011-04.com.mxmail:storage.disk2.mxmail.com
vi /etc/iscsi/initiatorname.iscsi
add this value - InitiatorName=iqn.2011-04.com.mxmail:storage.disk2.mxmail.com
iscsiadm -m nodeWill show all the iscsi devices.
#lsscsi (Command to display the mapped iscsi disks)
[0:0:0:0] disk VMware Virtual disk 1.0 /dev/sda
[9:0:0:0] storage IET Controler 0001 - #LUN Controller
[9:0:0:1] disk IET VIRTUAL-DISK 0001 /dev/sdb #Virtual Disk mapped to /dev/sdb
#fdisk -l /dev/sdb
Disk /dev/sdb: 3221 MB, 3221225472 bytes
100 heads, 62 sectors/track, 1014 cylinders
Units = cylinders of 6200 * 512 = 3174400 bytes
Disk /dev/sdb doesn't contain a valid partition table
All configuration files for iscsi is stored in /var/lib/iscsi/
Procedure to delete a LUN from ISCSI Server
Disable the connection from client ISCSI targets and Logging out of the portal session,
iscsiadm --mode discovery --type sendtargets --portal 192.168.1.1 (List the portal sessions)
iscsiadm --m node -T iqn.2013-08.com.iscsi:storage.proxmox_vm.mllab.net --portal 192.168.1.1:3260 -u ( Will log out from the portal sessions)
iscsiadm -m node -o delete -T iqn.2013-08.com.iscsi:storage.proxmox_vm.mllab.net --portal 192.168.1.1:3260 (Delete the portal connections)
Remove the Target from the ISCSI server side
Below listed are the steps to be followed for deleting a LUN from the ISCSI server.
Assumptions for this example,
The ISCSI server has multiple LUN configured. Each LUN is using one logical Unit(disk/slice/folder/blockdevice)
Unbind the IP Address from the Access List before deleting the logical unit.
tgtadm --lld iscsi --op unbind --mode target --tid 3 -I 192.168.1.0/24
tgtadm --lld iscsi --op unbind --mode target --tid 3 -I 172.22.1.0/24
Delete the Logincal Unit (Device/Folder/Slice) that is mapped to the LUN
tgtadm --lld iscsi --op delete --mode logicalunit --tid 3 --lun 1
Look for any active sessions connected to the LUN.
tgtadm --lld iscsi --op show --mode target
I_T nexus information:
I_T nexus: 10
Initiator: iqn.1998-01.com.vmware:esxi1-4805d107
Connection: 0
IP Address: 192.168.1.2
I_T nexus: 13
Initiator: iqn.1998-01.com.vmware:esxi3-4716f412
Connection: 0
IP Address: 192.168.1.4
I_T nexus: 15
Initiator: iqn.1998-01.com.vmware:esxi5-31cd0643
Connection: 0
IP Address: 192.168.1.6
In this case there are 3 Sessions connected to the LUN (Connection ID 10, 13 and 15)
Disconnect each of the sessions before deleting the LUN.
tgtadm --lld iscsi --op delete --mode conn --tid 3 --sid 10
tgtadm --lld iscsi --op delete --mode conn --tid 3 --sid 13
tgtadm --lld iscsi --op delete --mode conn --tid 3 --sid 15
Delete the LUN ID 3
tgtadm --lld iscsi --op delete --mode target --tid 3
View to confirm the target LUN is deleted.
tgtadm --lld iscsi --op show --mode target
