文章目录
前言
最近需要基于共享存储去配置 LVM 镜像,由于没有 FCSAN 环境,就想通过部署 iSCSI 服务来提供共享存储。下面是本次实验环境的基本信息:
OS Version:Red Hat Enterprise Linux Server release 7.9 (Maipo)
| No. | Hostname | IP | Role |
|---|---|---|---|
| 1 | iscsi-server | 172.16.206.30 | Server |
| 2 | iscsi-client1 | 172.16.206.31 | Client |
| 3 | iscsi-client2 | 172.16.206.32 | Client |
另外,为了配置更加方便,所有节点的系统防火墙以及 SELinux 模块都被博主禁用了;如果大家的环境里面有安全方面的要求,还需要自己放行相应的端口。
1. iSCSI 简介
iSCSI(Internet Small Computer System Interface),即 Internet 小型计算机系统接口。iSCSI 是一个基于 TCP/IP 的协议,用于通过 IP 网络仿真 SCSI 高性能本地存储总线,从而为远程块存储设备提供数据传输和管理。下图为块 I/O 网络堆栈组件:
2. iSCSI Server 端配置
2.1. 添加磁盘
博主使用的是 SmartX 超融合平台的虚拟机,默认会将系统盘的盘符识别成 vda 而不是我们常见的 sda 标识。在 Server 节点上,除了 vda 系统盘,博主还额外添加了4块 50GB 的磁盘,本次实验就是将这4块磁盘共享给两台 Client 节点当做块设备使用。
[root@iscsi-server ~]# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
vda 252:0 0 100G 0 disk
├─vda1 252:1 0 2M 0 part
├─vda2 252:2 0 500M 0 part /boot
└─vda3 252:3 0 99.5G 0 part
├─rhel-root 253:0 0 83.5G 0 lvm /
└─rhel-swap 253:1 0 16G 0 lvm [SWAP]
vdb 252:16 0 50G 0 disk
vdc 252:32 0 50G 0 disk
vdd 252:48 0 50G 0 disk
vde 252:64 0 50G 0 disk
2.2. 安装 targetcli 软件包
targetcli 既是命令行实用程序,也是一个交互式 shell;我们可以通过配置本地 yum 源直接安装该工具包。
[root@iscsi-server ~]# yum -y install targetd targetcli
2.3. 创建块设备
直接运行
targetcli命令进入交互模式,Server 端所有配置都在交互模式下进行。
[root@iscsi-server ~]# targetcli
targetcli shell version 2.1.51
Copyright 2011-2013 by Datera, Inc and others.
For help on commands, type 'help'.
/> ls
o- / ......................................................................................................................... [...]
o- backstores .............................................................................................................. [...]
| o- block .................................................................................................. [Storage Objects: 0]
| o- fileio ................................................................................................. [Storage Objects: 0]
| o- pscsi .................................................................................................. [Storage Objects: 0]
| o- ramdisk ................................................................................................ [Storage Objects: 0]
o- iscsi ............................................................................................................ [Targets: 0]
o- loopback ......................................................................................................... [Targets: 0]
/> cd backstores/block
/backstores/block> create block01 /dev/vdb
Created block storage object block01 using /dev/vdb.
/backstores/block> create block02 /dev/vdc
Created block storage object block02 using /dev/vdc.
/backstores/block> create block03 /dev/vdd
Created block storage object block03 using /dev/vdd.
/backstores/block> create block04 /dev/vde
Created block storage object block04 using /dev/vde.
2.4. 创建 Target
关于为 Target 创建 IQN,有以下几点需要进行说明:
- 在为 Target 创建 IQN 时会在此 IQN 下面创建一个默认的 TPG。
- IQN 即 iSCSI 限定名称,一个全球唯一名称,用于以强制命名格式来识别启动器(initiator)和目标(target)。
- 通用格式:iqn.YYYY-MM.com.reversed.domain[:optional_string];
- iqn:表示此名称将使用域作为其标识符;
- YYYY-MM:拥有域名的第一个月;
- com.reversed.domain:此 iSCSI 名称的创建组织的逆向域名;
- optional_string:以冒号为前缀的可选字符串。
- 管理员如果不指定要创建的 IQN,系统会自动生成一个 IQN。
- 建议管理员根据需要指定一个具有一定意义的 IQN。
/backstores/block> cd /iscsi
/iscsi> create iqn.2023-09.com.example.lab:remotedisk
Created target iqn.2023-09.com.example.lab:remotedisk.
Created TPG 1.
Global pref auto_add_default_portal=true
Created default portal listening on all IPs (0.0.0.0), port 3260.
2.5. 创建 LUN
/iscsi> ls
o- iscsi .............................................................................................................. [Targets: 1]
o- iqn.2023-09.com.example.lab:remotedisk .............................................................................. [TPGs: 1]
o- tpg1 ................................................................................................. [no-gen-acls, no-auth]
o- acls ............................................................................................................ [ACLs: 0]
o- luns ............................................................................................................ [LUNs: 0]
o- portals ...................................................................................................... [Portals: 1]
o- 0.0.0.0:3260 ....................................................................................................... [OK]
/iscsi> cd iqn.2023-09.com.example.lab:remotedisk/tpg1/luns
/iscsi/iqn.20...isk/tpg1/luns> create /backstores/block/block01
Created LUN 0.
/iscsi/iqn.20...isk/tpg1/luns> create /backstores/block/block02
Created LUN 1.
/iscsi/iqn.20...isk/tpg1/luns> create /backstores/block/block03
Created LUN 2.
/iscsi/iqn.20...isk/tpg1/luns> create /backstores/block/block04
Created LUN 3.
2.6. 创建 ACL
下面创建的 ACL 表示将 Target 配置为仅接受以
iqn.2023-09.com.example.lab:client作为其启动器 IQN 的客户端的连接。
/iscsi/iqn.20...isk/tpg1/luns> cd ../acls
/iscsi/iqn.20...isk/tpg1/acls> create iqn.2023-09.com.example.lab:client
Created Node ACL for iqn.2023-09.com.example.lab:client
Created mapped LUN 3.
Created mapped LUN 2.
Created mapped LUN 1.
Created mapped LUN 0.
2.7. 配置门户创建监听
管理员需要创建一个门户配置以指定监听 IP 地址和端口;如果未指定 IP 则默认使用 0.0.0.0 地址;如果未指定端口号则默认使用 3260 端口。
/iscsi/iqn.20...isk/tpg1/acls> cd ../portals/
/iscsi/iqn.20.../tpg1/portals> ls
o- portals ............................................................................................................ [Portals: 1]
o- 0.0.0.0:3260 ............................................................................................................. [OK]
/iscsi/iqn.20.../tpg1/portals> delete 0.0.0.0 3260
Deleted network portal 0.0.0.0:3260
/iscsi/iqn.20.../tpg1/portals> create 172.16.206.30
Using default IP port 3260
Created network portal 172.16.206.30:3260.
2.8. 查看全部配置信息并保存退出
/iscsi/iqn.20.../tpg1/portals> cd /
/> ls
o- / ......................................................................................................................... [...]
o- backstores .............................................................................................................. [...]
| o- block .................................................................................................. [Storage Objects: 4]
| | o- block01 ......................................................................... [/dev/vdb (50.0GiB) write-thru activated]
| | | o- alua ................................................................................................... [ALUA Groups: 1]
| | | o- default_tg_pt_gp ....................................................................... [ALUA state: Active/optimized]
| | o- block02 ......................................................................... [/dev/vdc (50.0GiB) write-thru activated]
| | | o- alua ................................................................................................... [ALUA Groups: 1]
| | | o- default_tg_pt_gp ....................................................................... [ALUA state: Active/optimized]
| | o- block03 ......................................................................... [/dev/vdd (50.0GiB) write-thru activated]
| | | o- alua ................................................................................................... [ALUA Groups: 1]
| | | o- default_tg_pt_gp ....................................................................... [ALUA state: Active/optimized]
| | o- block04 ......................................................................... [/dev/vde (50.0GiB) write-thru activated]
| | o- alua ................................................................................................... [ALUA Groups: 1]
| | o- default_tg_pt_gp ....................................................................... [ALUA state: Active/optimized]
| o- fileio ................................................................................................. [Storage Objects: 0]
| o- pscsi .................................................................................................. [Storage Objects: 0]
| o- ramdisk ................................................................................................ [Storage Objects: 0]
o- iscsi ............................................................................................................ [Targets: 1]
| o- iqn.2023-09.com.example.lab:remotedisk ............................................................................ [TPGs: 1]
| o- tpg1 ............................................................................................... [no-gen-acls, no-auth]
| o- acls .......................................................................................................... [ACLs: 1]
| | o- iqn.2023-09.com.example.lab:client ................................................................... [Mapped LUNs: 4]
| | o- mapped_lun0 ............................................................................... [lun0 block/block01 (rw)]
| | o- mapped_lun1 ............................................................................... [lun1 block/block02 (rw)]
| | o- mapped_lun2 ............................................................................... [lun2 block/block03 (rw)]
| | o- mapped_lun3 ............................................................................... [lun3 block/block04 (rw)]
| o- luns .......................................................................................................... [LUNs: 4]
| | o- lun0 .................................................................... [block/block01 (/dev/vdb) (default_tg_pt_gp)]
| | o- lun1 .................................................................... [block/block02 (/dev/vdc) (default_tg_pt_gp)]
| | o- lun2 .................................................................... [block/block03 (/dev/vdd) (default_tg_pt_gp)]
| | o- lun3 .................................................................... [block/block04 (/dev/vde) (default_tg_pt_gp)]
| o- portals .................................................................................................... [Portals: 1]
| o- 172.16.206.30:3260 ............................................................................................... [OK]
o- loopback ......................................................................................................... [Targets: 0]
/> exit
Global pref auto_save_on_exit=true
Configuration saved to /etc/target/saveconfig.json
2.9. 启用 Target 服务
[root@iscsi-server ~]# systemctl start target.service
[root@iscsi-server ~]# systemctl enable target.service
3. iSCSI Client 端配置
两台 Client 节点的配置方法一样,下面仅以 iscsi-client1 节点进行配置示例。
3.1. 安装 iscsi-initiator-utils 软件包
- 先检查系统是否已安装该软件包(博主的环境在安装系统时已经自动安装过了)。
[root@iscsi-client1 ~]# rpm -qa |grep -i iscsi-initiator
iscsi-initiator-utils-iscsiuio-6.2.0.874-19.el7.x86_64
iscsi-initiator-utils-6.2.0.874-19.el7.x86_64
- 如果未安装此软件包,可以配置本地 yum 源直接进行安装即可。
[root@iscsi-client1 ~]# yum -y install iscsi-initiator-utils
3.2. 重置 IQN
作为 iSCSI 节点,客户端需要一个唯一的 IQN;默认的
/etc/iscsi/initiatorname.iscsi文件包含一个使用红帽的域生成的 IQN,管理员通常会将 IQN 重置为自己的域以及相应的客户端系统字符串。
[root@iscsi-client1 ~]# vim /etc/iscsi/initiatorname.iscsi
[root@iscsi-client1 ~]# cat /etc/iscsi/initiatorname.iscsi
InitiatorName=iqn.2023-09.com.example.lab:client
[root@iscsi-client1 ~]# systemctl restart iscsi
[root@iscsi-client1 ~]# systemctl restart iscsid
3.3. 发现目标
[root@iscsi-client1 ~]# iscsiadm -m discovery -t st -p 172.16.206.30
172.16.206.30:3260,1 iqn.2023-09.com.example.lab:remotedisk
3.4. 登录
[root@iscsi-client1 ~]# iscsiadm -m node -T iqn.2023-09.com.example.lab:remotedisk -p 172.16.206.30:3260 -l
Logging in to [iface: default, target: iqn.2023-09.com.example.lab:remotedisk, portal: 172.16.206.30,3260] (multiple)
Login to [iface: default, target: iqn.2023-09.com.example.lab:remotedisk, portal: 172.16.206.30,3260] successful.
3.5. 查看已挂载的块设备信息
[root@iscsi-client1 ~]# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 50G 0 disk
sdb 8:16 0 50G 0 disk
sdc 8:32 0 50G 0 disk
sdd 8:48 0 50G 0 disk
vda 252:0 0 100G 0 disk
├─vda1 252:1 0 2M 0 part
├─vda2 252:2 0 500M 0 part /boot
└─vda3 252:3 0 99.5G 0 part
├─rhel-root 253:0 0 83.5G 0 lvm /
└─rhel-swap 253:1 0 16G 0 lvm [SWAP]
3.6. 查看 iSCSI 会话信息
使用
-P N(0 ≤ N ≤ 3)选项可以获取有关 Target 的信息,N 的值越大,获取到的信息越详细。
[root@iscsi-client1 ~]# iscsiadm -m session -P 3
iSCSI Transport Class version 2.0-870
version 6.2.0.874-19
Target: iqn.2023-09.com.example.lab:remotedisk (non-flash)
Current Portal: 172.16.206.30:3260,1
Persistent Portal: 172.16.206.30:3260,1
**********
Interface:
**********
Iface Name: default
Iface Transport: tcp
Iface Initiatorname: iqn.2023-09.com.example.lab:client
Iface IPaddress: 172.16.206.31
Iface HWaddress: <empty>
Iface Netdev: <empty>
SID: 1
iSCSI Connection State: LOGGED IN
iSCSI Session State: LOGGED_IN
Internal iscsid Session State: NO CHANGE
*********
Timeouts:
*********
Recovery Timeout: 120
Target Reset Timeout: 30
LUN Reset Timeout: 30
Abort Timeout: 15
*****
CHAP:
*****
username: <empty>
password: ********
username_in: <empty>
password_in: ********
************************
Negotiated iSCSI params:
************************
HeaderDigest: None
DataDigest: None
MaxRecvDataSegmentLength: 262144
MaxXmitDataSegmentLength: 262144
FirstBurstLength: 65536
MaxBurstLength: 262144
ImmediateData: Yes
InitialR2T: Yes
MaxOutstandingR2T: 1
************************
Attached SCSI devices:
************************
Host Number: 2 State: running
scsi2 Channel 00 Id 0 Lun: 0
Attached scsi disk sda State: running
scsi2 Channel 00 Id 0 Lun: 1
Attached scsi disk sdd State: running
scsi2 Channel 00 Id 0 Lun: 2
Attached scsi disk sdc State: running
scsi2 Channel 00 Id 0 Lun: 3
Attached scsi disk sdb State: running
总结
关于 iSCSI 有两个配置文件以及一个数据目录值得关注,分别是:
- 配置文件
- /etc/iscsi/initiatorname.iscsi
- /etc/iscsi/iscsid.conf
- 数据目录
- /var/lib/iscsi/
其中 /etc/iscsi/initiatorname.iscsi 配置文件的作用在前面已经说过了,而 /etc/iscsi/iscsid.conf 配置文件可以用来定义 iSCSI 超时以及队列深度等参数,修改这些文件需要重启 iscsi 和 iscsid 服务。
当在 Client 节点上发现了目标后,会将目标节点的信息和配置存储在 /var/lib/iscsi/nodes/ 目录中;当我们在登录出现报错时,往往需要清理掉这些目录下的残留信息,下面博主以 iscsi-client2 节点为例。
博主在配置 iscsi-client2 节点时写错了 /etc/iscsi/initiatorname.iscsi 配置文件,导致在登录时出现如下报错:
[root@iscsi-client2 iscsi]# iscsiadm -m node -T iqn.2023-09.com.example.lab:remotedisk -p 172.16.206.30:3260 -l
Logging in to [iface: default, target: iqn.2023-09.com.example.lab:remotedisk, portal: 172.16.206.30,3260] (multiple)
iscsiadm: Could not login to [iface: default, target: iqn.2023-09.com.example.lab:remotedisk, portal: 172.16.206.30,3260].
iscsiadm: initiator reported error (24 - iSCSI login failed due to authorization failure)
iscsiadm: Could not log into all portals
最后的解决方法如下所示:
- 将 /etc/iscsi/initiatorname.iscsi 配置文件修改正确。
- 删除残留信息。
[root@iscsi-client2 ~]# rm -rf /var/lib/iscsi/nodes/*
[root@iscsi-client2 ~]# rm -rf /var/lib/iscsi/send_targets/*
- 重启服务。
[root@iscsi-client2 ~]# systemctl restart iscsi
[root@iscsi-client2 ~]# systemctl restart iscsid
- 重新发现。
[root@iscsi-client2 ~]# iscsiadm -m discovery -t st -p 172.16.206.30
172.16.206.30:3260,1 iqn.2023-09.com.example.lab:remotedisk
[root@iscsi-client2 ~]# iscsiadm -m node -T iqn.2023-09.com.example.lab:remotedisk -p 172.16.206.30:3260 -l
Logging in to [iface: default, target: iqn.2023-09.com.example.lab:remotedisk, portal: 172.16.206.30,3260] (multiple)
Login to [iface: default, target: iqn.2023-09.com.example.lab:remotedisk, portal: 172.16.206.30,3260] successful.
