iSCSI Configuration on RHEL 7 / CentOS 7
[root@server1 ~]# fdisk -c /dev/sdb
Press ‘p’ to print partition table
Press ‘n’ to create a new partition
Press ‘p’ to create primary partition
Type Partition Number : 1
First Sector : PRESS ENTER
Last Sector : +1G
Press ‘p’ to print partition tables again
Press ‘t’ to change partition ID
Type your partition Number :1
Type Partition code : 8e
Press ‘p’ to print partition tables again
Press ‘w’ to save and exit
Step 2: if required, use partprobe command to update partition table entry into kernel.
[root@server1 ~]# partprobe /dev/sdb
Step 3: Now create a Logical Volume using /dev/sdb1 partition
[root@server1 ~]# pvcreate /dev/sdb1
[root@server1 ~]# vgcreate iSCSI_vg /dev/sdb1
[root@server1 ~]# lvcreate -n iscsi_lv1 -l 100%FREE iSCSI_vg
Step 4: First you need to install “targetcli” package
[root@server1 ~]# yum install targetcli -y
Step 5: Now run targetcli with no options to enter into interactive mode:
[root@server1 ~]# targetcli
/> ls
Now Configure the existing /dev/iSCSI_vg/iscsi_lv1 logical volume as a block-type backing store using the name of “server1.disk1”.
/> cd backstores/
/backstores> ls
/backstores> cd block
/backstores/block> ls
/backstores/block> create server1.disk1 /dev/iSCSI_vg/iscsi_lv1
/backstores/block> ls
Now Create a unique iSCSI Qualified Name (IQN) for the target.
/backstores/block> cd /iscsi
/iscsi> create iqn.2014-10.com.example.server1:iscsi-1
Now an ACL for client node (initiator). the initiator will be connecting with it’s initiator name.
/iscsi> cd /iscsi/iqn.2014-10.com.example.server1:iscsi-1/tpg1/acls
/iscsi/iqn.20…i-1/tpg1/acls> create iqn.2014-10.com.example.com.server1:server2
Now set username and password into ACL to access this LUN
/> cd iqn.2014-10.com.example.com.server1:server2
/> set auth userid=user1
/> set auth password=password
Now Create a LUN under the target, The LUN should use the previously defined backing storage device named “server1.disk1″
/iscsi/iqn.20…i-1/tpg1/acls> cd /iscsi/iqn.2014-10.com.example.server1:iscsi-1/tpg1/luns
/iscsi/iqn.20…i-1/tpg1/luns> create /backstores/block/server1.disk1
Now Configure a portal for the target to listen on 192.168.0.254
/iscsi/iqn.20…i-1/tpg1/luns> cd /iscsi/iqn.2014-10.com.example.server1:iscsi-1/tpg1/portals
/iscsi/iqn.20…/tpg1/portals> create 192.168.0.254
Now view, verify and save the target server configuration
/iscsi/iqn.20…/tpg1/portals> cd /
/> ls
Now Save this configuration
/> saveconfig
/> exit
NOTE-: this configuration will be saved to ” ~]# cat /etc/target/saveconfig.json”
Step 6: Now Enable and Start target service
[root@server1 ~]# systemctl enable target.service
[root@server1 ~]# systemctl restart target.service
[root@server1 ~]# systemctl status target.service
Step 7: Now Configure firewall to allow target service
[root@server1 ~]# firewall-cmd –permanent –add-port=3260/tcp
[root@server1 ~]# firewall-cmd –reload
Accessing iSCSI Storage with CHAP Authentication
Step 1: First you need to install iSCSI initiator package
[root@server2 ~]# yum install iscsi-initiator-utils -y
Step 2: Now Create a unique iSCSI IQN name for the client initiator. Otherwise you will not able to connect/login into IQN
[root@server2 ~]# vim /etc/iscsi/initiatorname.iscsi
InitiatorName=iqn.2014-10.com.example.server1:server2
:wq (save and exit)
Step 3: Now you need to modify “/etc/iscsi/iscsid.conf” to provide username and password for chap authentication
[root@server2 ~]# vim /etc/iscsi/iscsid.conf
# line 54: uncomment
node.session.auth.authmethod = CHAP
# line 58,59: uncomment and specify the username and password you set on the iSCSI target server
node.session.auth.username = user1
node.session.auth.password = password
:wq (save and exit)
Step 4: Now Enable and start iscsi client service
[root@server2 ~]# systemctl restart iscsid.service
[root@server2 ~]# systemctl enable iscsid.service
Step 5: Now discover target using the following command:
[root@server2 ~]# iscsiadm -m discovery -t st -p 192.168.0.254
Step 6: Confirm status after discovery
[root@server2 ~]# iscsiadm -m node -o show
Step 7: Now connect/login the discovered target into system
[root@server2 ~]# iscsiadm -m node -T iqn.2014-10.com.example.server1:tgt1 -p 192.168.0.254 -l
Step 8: Confirm the established session
[root@server2 ~]# iscsiadm -m session -o show
Step 9: Confirm the partitions
[root@server2 ~]# cat /proc/partitions
Step 10: Create label, create a new primary partition, format it using xfs file system and the mount it on /mnt directory.
[root@server2 ~]# parted –script /dev/sdb “mklabel msdos”
[root@server2 ~]# parted –script /dev/sdb “mkpart primary 0% 100%”
[root@server2 ~]# mkfs.xfs -i size=1024 -s size=4096 /dev/sdb1
[root@server2 ~]# mount /dev/sdb1 /mnt
[root@server2 ~]# df -hT
Step 11: Now make it persistent entry to mount at booting
[root@server2 ~]# blkid
Now Copy the UUID of /deb/sdb1 and paste it into /etc/fstab as following:
[root@server2 ~]# vim /etc/fstab
UUID=”be41aa12-1e30-4678-8c19-da3506df1d84″ /mnt xfs _netdev 0 0
:wq (save and exit)
[root@server2 ~]# umount /mnt/
[root@server2 ~]# mount -a
[root@server2 ~]# df -h Step 12: Now unmount the iSCSI Storage
[root@server2 ~]# cd
[root@server2 ~]# umount /mnt/
[root@server2 ~]# vim /etc/fstab
Remove the following entry form this file
UUID=”be41aa12-1e30-4678-8c19-da3506df1d84″ /mnt xfs _netdev 0 0
:wq (save and exit)
To Disconnect iSCSI storage
[root@server2 ~]# iscsiadm -m node -T iqn.2014-10.com.example.server1:tgt1 -p 192.168.0.254 -u
To delete cache as well
Now if you want to connect it again, you need to discover it again.
Configuring iSCSI Targets without CHAP Authentication
Step 1: First you need to create partition
[root@server1 ~]# fdisk -c /dev/sdc
Press ‘p’ to print partition table
Press ‘n’ to create a new partition
Press ‘p’ to create primary partition
Type Partition Number : 1
First Sector : PRESS ENTER
Last Sector : +1G
Press ‘p’ to print partition tables again
Press ‘t’ to change partition ID
Type your partition Number :1
Type Partition code : 8e
Press ‘p’ to print partition tables again
Press ‘w’ to save and exit
Step 2: if required, use partprobe command to update partition table entry into kernel.
[root@server1 ~]# partprobe /dev/sdc
Step 3: Now create a Logical Volume using /dev/sdc1 partition
[root@server1 ~]# pvcreate /dev/sdc1
[root@server1 ~]# vgcreate iSCSI_vg2 /dev/sdc1
[root@server1 ~]# lvcreate -n iscsi_lv2 -l 100%FREE iSCSI_vg2
Step 4: First you need to install “targetcli” package
[root@server1 ~]# yum install targetcli -y
Step 5: Now run targetcli with no options to enter into interactive mode:
[root@server1 ~]# targetcli
/> ls
Now Configure the existing /dev/iSCSI_vg2/iscsi_lv2 logical volume as a block-type backing store using the name of “server1.disk2”.
/> cd backstores/
/backstores> ls
/backstores> cd block
/backstores/block> ls
/backstores/block> create server1.disk2 /dev/iSCSI_vg2/iscsi_lv2
/backstores/block> ls
Now Create a unique iSCSI Qualified Name (IQN) for the target.
/backstores/block> cd /iscsi
/iscsi> create iqn.2014-10.com.example.server1:iscsi-2
Now an ACL for client node (initiator). the initiator will be connecting with it’s initiator name.
/iscsi> cd /iscsi/iqn.2014-10.com.example.server1:iscsi-2/tpg1/acls
/iscsi/iqn.20…i-1/tpg1/acls> create iqn.2014-10.com.example.com.server1:tgt1
By default authentication is enabled. To disable it:
/> cd /iscsi/iqn.2014-10.com.example.server1:iscsi-2/tgp1/
/iscsi/iqn.20…i-1/tpg1> set attribute authentication=0
/iscsi/iqn.20…i-1/tpg1> set attribute generate_node_acls=1
Now Create a LUN under the target, The LUN should use the previously defined backing storage device named “server1.disk2″
/iscsi/iqn.20…i-1/tpg1/acls> cd /iscsi/iqn.2014-10.com.example.server1:iscsi-2/tpg1/luns
/iscsi/iqn.20…i-1/tpg1/luns> create /backstores/block/server1.disk2
Now Configure a portal for the target to listen on 192.168.0.254
/iscsi/iqn.20…i-1/tpg1/luns> cd /iscsi/iqn.2014-10.com.example.server1:iscsi-2/tpg1/portals
/iscsi/iqn.20…/tpg1/portals> create 192.168.0.254
Now view, verify and save the target server configuration
/iscsi/iqn.20…/tpg1/portals> cd /
/> ls
Now Save this configuration
/> saveconfig
/> exit
NOTE-: this configuration will be saved to ” ~]# cat /etc/target/saveconfig.json”
Step 6: Now Enable and Start target service
[root@server1 ~]# systemctl enable target.service
[root@server1 ~]# systemctl restart target.service
[root@server1 ~]# systemctl status target.service
Step 7: Now Configure firewall to allow target service
[root@server1 ~]# firewall-cmd –permanent –add-port=3260/tcp
[root@server1 ~]# firewall-cmd –reload
Accessing iSCSI Storage without CHAP Authentication
Step 1: First you need to install iSCSI initiator package
[root@server2 ~]# yum install iscsi-initiator-utils -y
Step 2: Now Create a unique iSCSI IQN name for the client initiator. Otherwise you will not able to connect/login into IQN
[root@server2 ~]# vim /etc/iscsi/initiatorname.iscsi
InitiatorName=iqn.2014-10.com.example.server1:tgt1
:wq (save and exit)
Step 3: Now Enable and start iscsi client service
[root@server2 ~]# systemctl restart iscsid.service
[root@server2 ~]# systemctl enable iscsid.service
Step 4: Now discover target using the following command:
[root@server2 ~]# iscsiadm -m discovery -t st -p 192.168.0.254
Step 5: Now you need to connect iscsi storage into system
[root@server2 ~]# iscsiadm -m node -T iqn.2014-10.com.example.server1:iscsi-2 -p 192.168.0.254 -l
[root@server2 ~]# fdisk -l
Step 6: Create label, create a new primary partition, format it using xfs file system and the mount it on /iscsi2 directory.
[root@server2 ~]# parted –script /dev/sdb “mklabel msdos”
[root@server2 ~]# parted –script /dev/sdb “mkpart primary 0% 100%”
[root@server2 ~]# mkfs.xfs -i size=1024 -s size=4096 /dev/sdb1
[root@server2 ~]# mount /dev/sdb1 /iscsi2
[root@server2 ~]# df -hT
Step 7: Now make it persistent entry to mount at booting
[root@server2 ~]# blkid
Now Copy the UUID of /deb/sdc1 and paste it into /etc/fstab as following:
[root@server2 ~]# vim /etc/fstab
UUID=”be41aa12-1e30-4678-8c19-da3506df1d84″ /iscsi2 xfs _netdev 0 0
:wq (save and exit)
[root@server2 ~]# umount /mnt/
[root@server2 ~]# mount -a
[root@server2 ~]# df -h
Step 8: Now unmount the iSCSI Storage
[root@server2 ~]# cd
[root@server2 ~]# umount /iscsi2
[root@server2 ~]# vim /etc/fstab
Remove the following entry form this file
UUID=”be41aa12-1e30-4678-8c19-da3506df1d84″ /mnt xfs _netdev 0 0
:wq (save and exit)
To Disconnect iSCSI storage
root@server2 ~]# iscsiadm -m node -T iqn.2014-10.com.example.server1:iscsi-2 -p 192.168.0.254 -u
To delete cache as well
[root@server2 ~]# iscsiadm -m node -T iqn.2014-10.com.example.server1:iscsi-2 -p 192.168.0.254 -o delete
Now if you want to connect it again, you need to discover it again.
NOTE-: iSCSI store caching in /var/lib/iscsi/ directory sometimes when we try to add another iscsi targets, system takes some information
from cache. so you have two option to address it.
1. reboot your system
2. remove iscsi cache
To remove nodes cache
[root@server2 ~]# rm -rf /var/lib/iscsi/nodes/*
To remove send_targets cache
[root@server2 ~]# rm -rf /var/lib/iscsi/send_targets/*
Recent Comments