Part 2: Storage
Targets provide access to the storage backend. The backend could be:
- Physical disks
- Logical Volumes
Servers connect to the targets using the iSCSI initiator.
Once a server is connected to the storage, devices will appear in:
- The lsscsi command
- IQN: iSCSI Qualified Name is a well structured name which needs to be unique and which is used to identify targets.
- Initiator: The iSCSI clients that's identified by an IQN.
- Target: The service on an iSCSI server that gives access to the backend storage.
- Access Control List: A list of clients that are allowed access to a specific target.
- Portal: also referred to as node. Contains the IP address and ports that a target or initiator uses to establish connections.
- Discovery: The process where an initiator finds the targets that are configured on a portal.
- LUN: Logical unit which is basically the block devices that are shared through the target.
- Login: Authentication that gives an initiator access to LUNs
- TPG: Target Portal Group, a collection of IP addresses and TCP ports to which specific iSCSI target will listen on.
Setting up iSCSI
Prepare the Initiator
On the iSCSI clients
- Install the iscsi-initiator-utils
yum install -y iscsi-initiator-utils
- Get the initiator name
The output will look simalar to:
This will be needed when configuring target ACLs.
On the node that will be the target run the following commands and configurations.
yum install -y targetcli
Targetcli is organized similar to a normal file system. You can use basic command like ls to view the structure.
targetcli will put you in the targetcli. From the root, type
ls to see the configuration.
Create a backing store:
create dev=/dev/sdb name=sdb
Create the target
The IQN format is iqn.YYYY-MM.reverse.domain:identifyer
- Change to the LUN path:
- Create a LUN using the backstore created earlier:
- Configure ACLs
Change to the ACL path
- Create the new ACL
This will allow access to the LUN from the specified initiator
- Return to the top level and review the settings
- Exit the targetcli. The configuration will automatically be saved.
- Enable and start the target service
systemctl start target
systemctl enable target
- Check the status of the target service
systemctl status target
- Reboot to make sure everything is working.
After the reboot run
targetcli lsto verify the service configuration loaded.
- Open the firewall ports
firewall-cmd --add-service=iscsi-target --permanent
Connecting the initiator to the target
On the initiator (the iSCSI client) do the following
- Discover the targets using the iscsiadm command
iscsiadm --mode discoverydb --type sendtargets --portal <ip of target> --discover
- Login to the target using iscsiadm
iscsiadm --mode node --targetname iqn.2019-03.com.example:diskb --portal 192.168.4.210:3260 --login
- Check the status
iscsiadm --mode node
Reboot to verify everything is working properly.
systemctl status iscsid and
lsscsi to verify the iSCSI configurations held after a reboot.
Review the man pages for iscsiadm for all of the available options.
Configuring LVM over iSCSI
Once the initiator is configured and the target is attached, the rest of the configuration is as if the disk was locally attached.
- Create the volume group
vgcreate vgsan /dev/sdc
- Create the logial volume
lvcreate -l 100%FREE -n lvsan vgsan
- Put a filesystem on the new volume
- Add an entry to fstab is the volume is to be mounted at boot.
/dev/vgsan/lvsan /san ext4 _netdev 0 0
The _netdev is extreamly important since the fstab loads before networking. The _netdev will tell the system to wait for networking before mounting the volume.
mount -ato mount the new volume. Check it mounted using
df -h. You should see a line simalar to:
/dev/mapper/vgsan-lvsan 988M 2.6M 919M 1% /san
Exam hint: Now would be a great time to restart the client and server to verify everything works. Shutdown client, reboot server, start client
For even more RHEL/CentOS based SAN configurations check out the Books.