Difference between revisions of "ISCSI"
(Created page with "Introduction iSCSI, is an abbreviation of Internet Small Computer System Interface, an Internet Protocol (IP)-based storage networking standard for linking data storage facil...") |
|||
| Line 1: | Line 1: | ||
| − | Introduction | + | |
| + | == Introduction == | ||
| + | |||
iSCSI, is an abbreviation of Internet Small Computer System Interface, an Internet Protocol (IP)-based storage networking standard for linking data storage facilities. | iSCSI, is an abbreviation of Internet Small Computer System Interface, an Internet Protocol (IP)-based storage networking standard for linking data storage facilities. | ||
| Line 7: | Line 9: | ||
It is a popular Storage Area Network (SAN) protocol, allowing organizations to consolidate storage into data center storage arrays while providing hosts (such as database and web servers) with the illusion of locally-attached disks. Unlike traditional Fibre Channel, which requires special-purpose cabling, iSCSI can be run over long distances using existing network infrastructure. | It is a popular Storage Area Network (SAN) protocol, allowing organizations to consolidate storage into data center storage arrays while providing hosts (such as database and web servers) with the illusion of locally-attached disks. Unlike traditional Fibre Channel, which requires special-purpose cabling, iSCSI can be run over long distances using existing network infrastructure. | ||
| − | Requirements | + | |
| + | == Requirements == | ||
| + | |||
IPBrick v5.3 or later versions. | IPBrick v5.3 or later versions. | ||
| − | Software | + | |
| + | == Software == | ||
| + | |||
Access the console: | Access the console: | ||
| Line 18: | Line 24: | ||
NOTE: This procedure is done directly at the server's console as a root user. | NOTE: This procedure is done directly at the server's console as a root user. | ||
| − | ipbrick:~# vi /etc/apt/sources.list | + | ipbrick:~# vi /etc/apt/sources.list |
#deb http://repository.ipbrick.com/wheezy wheezy main contrib non-free ipbrick60 | #deb http://repository.ipbrick.com/wheezy wheezy main contrib non-free ipbrick60 | ||
| − | |||
deb http://ftp.pt.debian.org/debian stable main contrib non-free | deb http://ftp.pt.debian.org/debian stable main contrib non-free | ||
| − | |||
deb http://ftp.debian.org/debian/ wheezy-updates main contrib non-free | deb http://ftp.debian.org/debian/ wheezy-updates main contrib non-free | ||
| − | |||
deb http://security.debian.org/ wheezy/updates main contrib non-free | deb http://security.debian.org/ wheezy/updates main contrib non-free | ||
| − | Installation | + | |
| + | |||
| + | == Installation == | ||
| + | |||
| + | |||
Still at the console, run these commands: | Still at the console, run these commands: | ||
| Line 39: | Line 46: | ||
| − | Configuration | + | |
| + | == Configuration == | ||
| + | |||
In order to configure an iSCSI interface please follow these steps: | In order to configure an iSCSI interface please follow these steps: | ||
| Line 68: | Line 77: | ||
And also the authentication parameters: | And also the authentication parameters: | ||
| − | - NO AUTHENTICATION: If access to the storage is to be done without authentication, no changes to the configuration file are necessary, the following lines should remain as comments: | + | - '''NO AUTHENTICATION''': If access to the storage is to be done without authentication, no changes to the configuration file are necessary, the following lines should remain as comments: |
... | ... | ||
| Line 76: | Line 85: | ||
| − | - WITH AUTHENTICATION - CHAP: | + | - '''WITH AUTHENTICATION - CHAP''': |
... | ... | ||
| Line 205: | Line 214: | ||
at: | at: | ||
| − | Downloads » Documentation » Other documentation | + | Downloads » Documentation » Other documentation |
Don't forget to: | Don't forget to: | ||
| Line 222: | Line 231: | ||
(...) | (...) | ||
| − | Firewall | + | |
| + | == Firewall == | ||
| + | |||
Usually, the firewall service is disabled at an intranet server. However, by default, IPBRICK has it active. So, in order create a rule to allow the communication between the IPBRICK and the SAN, please access the following menu: | Usually, the firewall service is disabled at an intranet server. However, by default, IPBRICK has it active. So, in order create a rule to allow the communication between the IPBRICK and the SAN, please access the following menu: | ||
| Line 238: | Line 249: | ||
Click on the Insert button to create the rule | Click on the Insert button to create the rule | ||
| − | Manage iSCSI | + | |
| + | == Manage iSCSI == | ||
| + | |||
Some useful commands to manage iSCSI on IPBrick: | Some useful commands to manage iSCSI on IPBrick: | ||
Revision as of 11:04, 11 February 2015
Contents
Introduction
iSCSI, is an abbreviation of Internet Small Computer System Interface, an Internet Protocol (IP)-based storage networking standard for linking data storage facilities.
iSCSI is used to facilitate data transfers over intranets and to manage storage over long distances. iSCSI can be used to transmit data over local area networks (LANs), wide area networks (WANs), or the Internet and can enable location-independent data storage and retrieval. The protocol allows clients (called initiators) to send SCSI commands (CDBs) to SCSI storage devices (targets) on remote servers.
It is a popular Storage Area Network (SAN) protocol, allowing organizations to consolidate storage into data center storage arrays while providing hosts (such as database and web servers) with the illusion of locally-attached disks. Unlike traditional Fibre Channel, which requires special-purpose cabling, iSCSI can be run over long distances using existing network infrastructure.
Requirements
IPBrick v5.3 or later versions.
Software
Access the console:
NOTE: This procedure is done directly at the server's console as a root user.
ipbrick:~# vi /etc/apt/sources.list
#deb http://repository.ipbrick.com/wheezy wheezy main contrib non-free ipbrick60 deb http://ftp.pt.debian.org/debian stable main contrib non-free deb http://ftp.debian.org/debian/ wheezy-updates main contrib non-free deb http://security.debian.org/ wheezy/updates main contrib non-free
Installation
Still at the console, run these commands:
ipbrick:~# apt-get update ...
ipbrick:~# apt-get install open-iscsi
Configuration
In order to configure an iSCSI interface please follow these steps:
NOTE: The service configuration is done directly at the server's console as a root user.
The \verb|/etc/iscsi/initiatorname.iscsi| file will identify ONLY the IPBRICK server.
Usually its name is composed by these elements:
iqn + . + year-month + . + server_name + : + custom_string
E.g:
iqn.2012-08.com.domain.ipbrick:fileserver
The configuration file /etc/iscsi/iscsid.conf can be edited to set the service's autostart parameter:
... node.startup = automatic ...
And also the authentication parameters:
- NO AUTHENTICATION: If access to the storage is to be done without authentication, no changes to the configuration file are necessary, the following lines should remain as comments:
... #node.session.auth * #discovery.sendtargets.auth * ...
- WITH AUTHENTICATION - CHAP:
... node.session.auth.authmethod = CHAP ... node.session.auth.username = username node.session.auth.password = password ... discovery.sendtargets.auth.authmethod = CHAP ... discovery.sendtargets.auth.username = username discovery.sendtargets.auth.password = password ...
NOTE: Please replace username and password by the username and password of your iSCSI Target.
Proceed by stopping and then restarting the iSCSI service - execute:
/etc/init.d/open-iscsi stop /etc/init.d/open-iscsi start
Run iscsiadm to discover the iSCSI devices on the iSCSI Server with the IP 192.168.69.15
Example:
ipbrick:~# iscsiadm -m discovery -t st -p 192.168.69.15 192.168.69.15:3260,1 iqn.2004-04.com.qnap:ts-439u:iscsi.ipbrick.be0e78 192.168.69.15:3260,1 iqn.2004-04.com.qnap:ts-439u:iscsi.ipbrick1.be0e78
Map the Target
ipbrick:~# iscsiadm -m node -l -T "iqn.2004-04.com.qnap:ts-439u: iscsi.ipbrick.be0e78" Logging in to [iface: default, target: iqn.2004-04.com.qnap:ts-439u:iscsi.ipbrick.be0e78, portal: 192.168.69.15,3260] Login to [iface: default, target: iqn.2004-04.com.qnap:ts-439u: iscsi.ipbrick.be0e78, portal: 192.168.69.15,3260]: successful
With a dmesg command it's now possible to see the new disc as a device sdb:
Loading iSCSI transport class v2.0-871. iscsi: registered transport (tcp) scsi1 : iSCSI Initiator over TCP/IP scsi2 : iSCSI Initiator over TCP/IP scsi3 : iSCSI Initiator over TCP/IP scsi4 : iSCSI Initiator over TCP/IP scsi5 : iSCSI Initiator over TCP/IP scsi6 : iSCSI Initiator over TCP/IP scsi 5:0:0:0: Direct-Access QNAP iSCSI Storage 3.1 PQ: 0 ANSI: 5 sd 5:0:0:0: [sdb] 104857600 512-byte hardware sectors: (53.6 GB/50.0 GiB) sd 5:0:0:0: [sdb] Write Protect is off sd 5:0:0:0: [sdb] Mode Sense: 2f 00 00 00 sd 5:0:0:0: [sdb] Write cache: disabled, read cache: enabled, doesn't support DPO or FUA sdb: sdb1 sd 5:0:0:0: [sdb] Attached SCSI disk
If necessary, format the disc and use this procedure as an example that creates a new partition /dev/sdb:
mkfs.xfs /dev/sdb
To create a label follow this example:
mkfs.xfs -L SANSERVER /dev/sdb
NOTE: XFS filesystem labels can be at most 12 characters long; if label is longer than 12 characters, mkfs.xfs will not proceed with creating the filesystem.
Execute these commands to access the new disc and check if all is OK:
mount LABEL=SANSERVER /mnt df -h umount /mnt
It will be necessary to inscribe it at /etc/fstab
Assuming that this new volume will be used as home3, create its mount point:
mkdir /home3
Map /etc/fstab by executing the nano editor:
nano /etc/fstab
Inscribe the following:
LABEL=SANSERVER home3 xfs noauto,defaults,usrquota,grpquota 0 2
The following scripts will enable automount.
Execute the transcribed script (iscsi-aux.sh) at the server (the transfer can be made by scp):
#!/bin/bash
TMPFILE=/tmp/iscsi_aux.txt
TMPFILE2=/tmp/iscsi_aux.tgz
echo "begin-base64 644 ola
H4sIAGVBGVAAA+3UX0+CUBgGcK7Pp3ib3XShHA5/TpvrwgzrLAInVtdIZ5Mt
wQlubc3v3gFqmTNdm5qt93cDcl7EnccHWcR6kiZF60kX/cvmJJunRTPJ4zxp
5WNtN6jCbbs6KqtHanKqGYxSh5nccdR1w+Im14Du6PkbzfMimgFosywrNs1t
W/+jGif6KEn1UZSPCSGNgdv3RLczdKEXeF7wKPxr8ITvhurzANxO9wZE2A0F
XLkPouvCXXDvD6EfCH9IqgXjQh9nE2kSEke5hNNXYwFJSgDKbS7O1Empemb1
X1MT9X2L96V2uxrOpl9m5+uHl9eaz+u+S+ZRTEqNnvA7HpEvSQGUkN/e92Mh
Vf9nMVP1Dw1nT2+Aqv+cf9v/8vyj/5btaJQxRh0NmC73/3b65/2v86dqg2/P
jV/P36JmeZ0xw7Yw/0Oo83eOJn/GrSp/jvkfxHL/WTaVab29O33Gj/rP1JzB
bcZW8t/Tb8P8P/t/HPmbdf6r/cf8EUIIIYQQQgghhBBCCCGEENrqDaroa64A
KAAA
====" > ${TMPFILE}
uudecode -o ${TMPFILE2} ${TMPFILE}
tar -zxv -C / -f ${TMPFILE2}
rm /etc/rc0.d/K30open-iscsi
rm /etc/rc6.d/K30open-iscsi
rm ${TMPFILE}
rm ${TMPFILE2}
exit 0
NOTE: You can download this script at our eshop: eshop.ipbrick.com
at:
Downloads » Documentation » Other documentation
Don't forget to:
Change its permissions (make it executable):
chmod 755 iscsi-aux.sh
Execute the script:
./iscsi-aux.sh
Edit the /etc/init.d/IPB-mount-iscsi.sh script with the following mount point:
(...) ISCSI1=/home3 (...)
Firewall
Usually, the firewall service is disabled at an intranet server. However, by default, IPBRICK has it active. So, in order create a rule to allow the communication between the IPBRICK and the SAN, please access the following menu:
Advanced Configurations -> Network -> Firewall
Click on Insert and create a rule of this type:
Type of configuration to insert: General Settings Rule: INPUT Interface: ETHx (The NIC used in the iSCSI connection) Protocol ALL Policy: ACCEPT
Click on the Insert button to create the rule
Manage iSCSI
Some useful commands to manage iSCSI on IPBrick:
Restart the openiscsi: /etc/init.d/open-iscsi restart Check the session status: /etc/init.d/open-iscsi status Use the dmesg command to find the disc's device;
