Thursday, July 28, 2011

Configuring ISCSI targets and initiators.

ISCSI Server installation and Configuration.

ISCSI (Internet Small Computer System Interface) - (IP)-based storage networking standard for linking data storage facilities. By carrying SCSI commands over IP networks
iscsi targets should be raw disk or block file only.


ISCSI Target - Server from where the ISCSI disk space is shared.
ISCSI Initator - Clients on which the ISCSI targets are mounted.

SERVER / TARGET side Configuration
====================

Package requirments
----------------------
yum install scsi-target-utils.i386
yum install openssl-devel.i386

/etc/init.d/tgtd start

Creating iscsi lun
=============
tgtadm --lld iscsi --op new --mode target --tid 1 -T iqn.2011-04.com.mxmail:storage.disk2.mxmail.com
tgtadm --lld iscsi --op show --mode target

Attaching storage to the LUN
----------------------------
tgtadm --lld iscsi --op new --mode logicalunit --tid 1 --lun 1 -b /iscsifile

or for physical disk
tgtadm --lld iscsi --op new --mode logicalunit --tid 1 --lun 1 -b /dev/sdb
tgtadm --lld iscsi --op show --mode target

Securing the iscsi targets
===================

IP based restriction
------------------
tgtadm --lld iscsi --op bind --mode target --tid 1 -I ALL #Allowing all IP on the network to access Target ID1
tgtadm --lld iscsi --op bind --mode target --tid 1 -I 192.168.2.10 #Allowing specific IP access to Target ID1
tgtadm --lld iscsi --op bind --mode target --tid 1 -I 192.168.2.0/24 #Allowing specific IP subnet to Target ID1

User based restriction
---------------------
tgtadm --lld iscsi --op new --mode account --user user1 --password password1 #Creation of User account
tgtadm --lld iscsi --op bind --mode account --tid 1 --user fujita #Adding User account to the target ID1
tgtadm --lld iscsi --op unbind --mode account --tid 1 --user fujita #Removing User account to the target ID1

-------------------------------------------------------------------------------------
To make the configuration persistent across add the above lines into /etc/rc.local file
--------------------------------------------------------------------------------------



INITIATOR side Configuration
=====================

yum install iscsi-initiator-utils-6.2.0.865-0.8.el5
yum install lsscsi-0.17-3.el5
service iscsi start
chkconfig iscsi on

Running discovery of the iscsi server.
iscsiadm --mode discovery --type sendtargets --portal 192.168.10.10 (Target Server IP)
Should list an output like this: 192.168.10.10:3260,1 iqn.2011-04.com.mxmail:storage.disk2.mxmail.com

vi /etc/iscsi/initiatorname.iscsi
add this value - InitiatorName=iqn.2011-04.com.mxmail:storage.disk2.mxmail.com

iscsiadm -m node
Will show all the iscsi devices.

#lsscsi (Command to display the mapped iscsi disks)
[0:0:0:0] disk VMware Virtual disk 1.0 /dev/sda
[9:0:0:0] storage IET Controler 0001 - #LUN Controller
[9:0:0:1] disk IET VIRTUAL-DISK 0001 /dev/sdb #Virtual Disk mapped to /dev/sdb

#fdisk -l /dev/sdb
Disk /dev/sdb: 3221 MB, 3221225472 bytes
100 heads, 62 sectors/track, 1014 cylinders
Units = cylinders of 6200 * 512 = 3174400 bytes

Disk /dev/sdb doesn't contain a valid partition table

All configuration files for iscsi is stored in /var/lib/iscsi/




Procedure to delete a LUN from ISCSI Server

Disable the connection from client ISCSI targets and Logging out of the portal session,

iscsiadm --mode discovery --type sendtargets --portal 192.168.1.1 (List the portal sessions)

iscsiadm --m node -T iqn.2013-08.com.iscsi:storage.proxmox_vm.mllab.net  --portal 192.168.1.1:3260 -u ( Will log out from the portal sessions)


iscsiadm -m node -o delete -T iqn.2013-08.com.iscsi:storage.proxmox_vm.mllab.net  --portal 192.168.1.1:3260 (Delete the portal connections)


Remove the Target from the ISCSI server side


Below listed are the steps to be followed for deleting a LUN from the ISCSI server.

Assumptions for this example,

The ISCSI server has multiple LUN configured. Each LUN is using one logical Unit(disk/slice/folder/blockdevice)


Unbind the IP Address from the Access List before deleting the logical unit.
tgtadm --lld iscsi --op unbind --mode target --tid 3 -I 192.168.1.0/24
tgtadm --lld iscsi --op unbind --mode target --tid 3 -I 172.22.1.0/24


Delete the Logincal Unit (Device/Folder/Slice) that is mapped to the LUN
tgtadm --lld iscsi --op delete --mode logicalunit --tid 3 --lun 1


Look for any active sessions connected to the LUN.
tgtadm --lld iscsi --op show --mode target
  I_T nexus information:
        I_T nexus: 10
            Initiator: iqn.1998-01.com.vmware:esxi1-4805d107
            Connection: 0
                IP Address: 192.168.1.2
        I_T nexus: 13
            Initiator: iqn.1998-01.com.vmware:esxi3-4716f412
            Connection: 0
                IP Address: 192.168.1.4
        I_T nexus: 15
            Initiator: iqn.1998-01.com.vmware:esxi5-31cd0643
            Connection: 0
                IP Address: 192.168.1.6

In this case there are 3 Sessions connected to the LUN (Connection ID 10, 13 and 15)

Disconnect each of the sessions before deleting the LUN.
tgtadm --lld iscsi --op delete --mode conn --tid 3 --sid 10
tgtadm --lld iscsi --op delete --mode conn --tid 3 --sid 13
tgtadm --lld iscsi --op delete --mode conn --tid 3 --sid 15


Delete the LUN ID 3
tgtadm --lld iscsi --op delete --mode target --tid 3


View to confirm the target LUN is deleted.

tgtadm --lld iscsi --op show --mode target