RHEL 6 – ISCSI Administration Series – Configuring ISCSI Server and Client


 

ISCSI Server Configuration on RHEL 6

Overall Steps :

  1.  Install the RPM required for ISCSI Target Administration
  2.  Enable the ISCSI Target Services
  3.  Configure the ISCSI target to share the storage
  4.  Attach Luns to the ISCSI Target
  5.  Share the ISCSI Target to specific Client Machines
  6.  Add CHAP user authentication ISCSI target
  7.  Save the configuration to /etc/tgt/targets.conf , so that configuration won’t last after reboot
  8.  Make rules for IPTABLES to accept iscsi client connection on port 3260

 

ISCSI Administration

 

Step 1: Install the RPM required for ISCSI Target Administration

[root@gurkulsan ~]# yum list scsi-target-utils
Loaded plugins: product-id, refresh-packagekit, security, subscription-manager
Updating certificate-based repositories.
Unable to read consumer identity
Installed Packages
scsi-target-utils.x86_64 1.0.24-2.el6 @anaconda-RedHatEnterpriseLinux-201206132210.x86_64/6.3
[root@gurkulsan ~]#

Check the files which are installed by scsi-target-utils rpm

 

[root@gurkulsan ~]# rpm -ql scsi-target-utils
/etc/rc.d/init.d/tgtd
/etc/sysconfig/tgtd
/etc/tgt/targets.conf
/usr/sbin/tgt-admin
/usr/sbin/tgt-setup-lun
/usr/sbin/tgtadm
/usr/sbin/tgtd
/usr/sbin/tgtimg
/usr/share/doc/scsi-target-utils-1.0.24
/usr/share/doc/scsi-target-utils-1.0.24/README
/usr/share/doc/scsi-target-utils-1.0.24/README.iscsi
/usr/share/doc/scsi-target-utils-1.0.24/README.iser
/usr/share/doc/scsi-target-utils-1.0.24/README.lu_configuration
/usr/share/doc/scsi-target-utils-1.0.24/README.mmc
/usr/share/man/man5/targets.conf.5.gz
/usr/share/man/man8/tgt-admin.8.gz
/usr/share/man/man8/tgt-setup-lun.8.gz
/usr/share/man/man8/tgtadm.8.gz

 

Step 2  : Enable the ISCSI Target Services to auto start during boot. And also start the service

 

[root@gurkulsan ~]# /etc/init.d/tgtd start
Starting SCSI target daemon: [ OK ]
[root@gurkulsan ~]# chkconfig tgtd on

 

Step 3: Configure the ISCSI target as a base of shared storage

We can configure ISCSI target using the target administration utility tgtadm. The tgtadm will have following syntax

[root@gurkulsan ~]# tgtadm –help
Usage: tgtadm [OPTION]
Linux SCSI Target Framework Administration Utility, version 1.0.24

–lld –mode target –op new –tid –targetname
add a new target with and . must not be zero.
–lld –mode target –op delete [–force] –tid
delete the specific target with .
With force option, the specific target is deleted
even if there is an activity.
–lld –mode target –op show
show all the targets.
–lld –mode target –op show –tid
show the specific target’s parameters.
–lld –mode target –op update –tid –name

–value
change the target parameters of the specific target with .
–lld –mode target –op bind –tid –initiator-address

–lld –mode target –op bind –tid –initiator-name
enable the target to accept the specific initiators.
–lld –mode target –op unbind –tid –initiator-address

–lld –mode target –op unbind –tid –initiator-name
disable the specific permitted initiators.
–lld –mode logicalunit –op new –tid –lun
–backing-store –bstype –bsoflags
add a new logical unit with to the specific target with . The logical unit is offered to the initiators. must be block device files (including LVM and RAID devices) or regular files.
bstype option is optional.
bsoflags supported options are sync and direct (sync:direct for both).
–lld –mode logicalunit –op delete –tid –lun
delete the specific logical unit with that the target with has.
–lld –mode account –op new –user –password
add a new account with and .
–lld –mode account –op delete –user
delete the specific account having .
–lld –mode account –op bind –tid –user [–outgoing]
add the specific account having to  the specific target with .
could be or .
If you use –outgoing option, the account will be added as an outgoing account.
–lld –mode account –op unbind –tid –user
delete the specific account having from specific target.
–control-port use control port
–help display this help and exit

Check if there are any targets exists already

# [root@gurkulsan ~]# tgtadm –lld iscsi –mode target –op show

Nothing returns, means no shared storage configured so far.

Configure the first Target with target id – 101

[root@gurkulsan ~]# tgtadm –lld iscsi –mode target –op new –tid 101 –targetname iqn.2013-04.com.unixadminshool:target1

Check the new Target Created

[root@gurkulsan ~]# tgtadm –lld iscsi –mode target –op show
Target 101: iqn.2013-04.com.unixadminschool:target1
System information:
Driver: iscsi
State: ready
I_T nexus information:
LUN information:
LUN: 0     <=== Lun 0 always refers to the target
Type: controller
SCSI ID: IET 00650000
SCSI SN: beaf1010
Size: 0 MB, Block size: 1
Online: Yes
Removable media: No
Prevent removal: No
Readonly: No
Backing store type: null
Backing store path: None
Backing store flags:
Account information:
ACL information:

Step 4: Attach Luns to the ISCSI Target

 

Decide the local disks that you want to use for the shared luns creation.

[root@gurkulsan ~]# fdisk -l|grep -i Disk
Disk /dev/sda: 17.2 GB, 17179869184 bytes
Disk identifier: 0x000ae2a8
Disk /dev/sdc: 2147 MB, 2147483648 bytes   <==  I want to use this disk for lun-1
Disk identifier: 0x00000000
Disk /dev/sdb: 2147 MB, 2147483648 bytes  <==  I want to use this disk for lun-2
Disk identifier: 0xaed24ed6
Disk /dev/mapper/vg_gurkulrhel2-lv_root: 12.4 GB, 12423528448 bytes
Disk identifier: 0x00000000
Disk /dev/mapper/vg_gurkulrhel2-lv_swap: 4227 MB, 4227858432 bytes
Disk identifier: 0x00000000
[root@gurkulsan ~]#

Make sure no partitions and data exists on /dev/sdb and /dev/sdc

 

[root@gurkulsan ~]# fdisk -l /dev/sdb

Disk /dev/sdb: 2147 MB, 2147483648 bytes
255 heads, 63 sectors/track, 261 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00000000

[root@gurkulsan ~]# fdisk -l /dev/sdc

Disk /dev/sdc: 2147 MB, 2147483648 bytes
255 heads, 63 sectors/track, 261 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00000000

 

Create LUNS using the disks /dev/sdb ( i.e. lun-1 ) and /dev/sdc ( i.e  lun-2 )as backing-stores

[root@gurkulsan ~]# tgtadm –lld iscsi –mode logicalunit –op new –tid 101 –lun 1 –backing-store /dev/sdb

[root@gurkulsan ~]# tgtadm –lld iscsi –mode logicalunit –op new –tid 101 –lun 2 –backing-store /dev/sdc

 

[root@gurkulsan ~]# tgtadm –lld iscsi –mode target –op show
Target 101: iqn.2013-04.com.unixadminschool:target1
System information:
Driver: iscsi
State: ready
I_T nexus information:
LUN information:
LUN: 0
Type: controller
SCSI ID: IET 00650000
SCSI SN: beaf1010
Size: 0 MB, Block size: 1
Online: Yes
Removable media: No
Prevent removal: No
Readonly: No
Backing store type: null
Backing store path: None
Backing store flags:
LUN: 1         <== Lun1 created with /dev/sdb
Type: disk
SCSI ID: IET 00650001
SCSI SN: beaf1011
Size: 2147 MB, Block size: 512
Online: Yes
Removable media: No
Prevent removal: No
Readonly: No
Backing store type: rdwr
Backing store path: /dev/sdb
Backing store flags:
LUN: 2     <== Lun2 created with /dev/sdc
Type: disk
SCSI ID: IET 00650002
SCSI SN: beaf1012
Size: 2147 MB, Block size: 512
Online: Yes
Removable media: No
Prevent removal: No
Readonly: No
Backing store type: rdwr
Backing store path: /dev/sdc
Backing store flags:
Account information:
ACL information:

 

Step 5: Share the ISCSI Target to specific Client Machines

 

[root@gurkulsan ~]# tgtadm –lld iscsi –mode target –op bind –tid 101 –initiator-address 192.168.1.34

[root@gurkulsan ~]# tgtadm –lld iscsi –mode target –op show
Target 101: iqn.2013-04.com.unixadminschool:target1
System information:
Driver: iscsi
State: ready
I_T nexus information:
LUN information:
LUN: 0
Type: controller
SCSI ID: IET 00650000
SCSI SN: beaf1010
Size: 0 MB, Block size: 1
Online: Yes
Removable media: No
Prevent removal: No
Readonly: No
Backing store type: null
Backing store path: None
Backing store flags:
LUN: 1
Type: disk
SCSI ID: IET 00650001
SCSI SN: beaf1011
Size: 2147 MB, Block size: 512
Online: Yes
Removable media: No
Prevent removal: No
Readonly: No
Backing store type: rdwr
Backing store path: /dev/sdb
Backing store flags:
LUN: 2
Type: disk
SCSI ID: IET 00650002
SCSI SN: beaf1012
Size: 2147 MB, Block size: 512
Online: Yes
Removable media: No
Prevent removal: No
Readonly: No
Backing store type: rdwr
Backing store path: /dev/sdc
Backing store flags:
Account information:
ACL information:
192.168.1.34  <==  Client IP Address added here

 

Step 6: Enable CHAP Authentication to the target

Create a User named  sanclient with the password mypassword

[root@gurkulsan ~]# tgtadm –lld iscsi –mode account –op new –user sanclient –password mypassword

Attach the user sanclient to the target 101  ( i.e. target1) 

[root@gurkulsan ~]# tgtadm –lld iscsi –mode account –op bind –tid 101 –user sanclient

Check the User was attached to target-1 (  i.e. tid – 101 )

[root@gurkulsan ~]# tgtadm –lld iscsi –mode account –op show
Account list:
sanclient
[root@gurkulsan ~]# tgtadm –lld iscsi –mode target –op show
Target 101: iqn.2013-04.com.unixadminschool:target1
System information:
Driver: iscsi
State: ready
I_T nexus information:
LUN information:
LUN: 0
Type: controller
SCSI ID: IET 00650000
SCSI SN: beaf1010
Size: 0 MB, Block size: 1
Online: Yes
Removable media: No
Prevent removal: No
Readonly: No
Backing store type: null
Backing store path: None
Backing store flags:
LUN: 1
Type: disk
SCSI ID: IET 00650001
SCSI SN: beaf1011
Size: 2147 MB, Block size: 512
Online: Yes
Removable media: No
Prevent removal: No
Readonly: No
Backing store type: rdwr
Backing store path: /dev/sdb
Backing store flags:
LUN: 2
Type: disk
SCSI ID: IET 00650002
SCSI SN: beaf1012
Size: 2147 MB, Block size: 512
Online: Yes
Removable media: No
Prevent removal: No
Readonly: No
Backing store type: rdwr
Backing store path: /dev/sdc
Backing store flags:
Account information:
sanclient            <== Authentication user name appears here
ACL information:
192.168.1.34

 

Step 7. Save the configuration to /etc/tgt/targets.conf , so that configuration won’t last after reboot

Take the backup of original file

[root@gurkulsan ~]# cp /etc/tgt/targets.conf /etc/tgt/targets.conf.orig

Get the current configuration dump using the command

[root@gurkulsan ~]# tgt-admin –dump
default-driver iscsi

backing-store /dev/sdb
backing-store /dev/sdc
incominguser sanclient PLEASE_CORRECT_THE_PASSWORD
initiator-address 192.168.1.34
initiator-address 192.168.1.35

 

Copy  and paste the output of  “tgtadmin –dump” to the end of the file /etc/tgt/targets.conf, so that the configuration exists after reboot. Modified file will have following differences after modification

 

[root@gurkulsan ~]# sdiff -s /etc/tgt/targets.conf /etc/tgt/targets.conf.orig
                                                              <
             <
backing-store /dev/sdb                                        <
backing-store /dev/sdc                                        <
incominguser sanclient mypassword                             <
initiator-address 192.168.1.34                                <
initiator-address 192.168.1.35                                <
                                                    <
                                                              <

 

Check configuration existing after service restart

 

[root@gurkulsan ~]# /etc/init.d/tgtd restart
Stopping SCSI target daemon: [ OK ]
Starting SCSI target daemon: [ OK ]

 

[root@gurkulsan ~]# tgtadm –lld iscsi –mode target –op show
Target 101: iqn.2013-04.com.unixadminschool:target1
System information:
Driver: iscsi
State: ready
I_T nexus information:
LUN information:
LUN: 0
Type: controller
SCSI ID: IET 00650000
SCSI SN: beaf1010
Size: 0 MB, Block size: 1
Online: Yes
Removable media: No
Prevent removal: No
Readonly: No
Backing store type: null
Backing store path: None
Backing store flags:
LUN: 1
Type: disk
SCSI ID: IET 00650001
SCSI SN: beaf1011
Size: 2147 MB, Block size: 512
Online: Yes
Removable media: No
Prevent removal: No
Readonly: No
Backing store type: rdwr
Backing store path: /dev/sdb
Backing store flags:
LUN: 2
Type: disk
SCSI ID: IET 00650002
SCSI SN: beaf1012
Size: 2147 MB, Block size: 512
Online: Yes
Removable media: No
Prevent removal: No
Readonly: No
Backing store type: rdwr
Backing store path: /dev/sdc
Backing store flags:
Account information:
sanclient
ACL information:
192.168.1.34

Check the current ports used by tgtd daemon

[root@gurkulsan ~]# netstat -pantl|grep tgt
tcp 0 0 0.0.0.0:3260 0.0.0.0:* LISTEN 4516/tgtd
tcp 0 0 :::3260 :::* LISTEN 4516/tgtd

Note: netstat -pantl — used to check all the ports which are open and listening by process wise

 

Step 8: Add rules for IPTABLES to accept connections from iscsi clients

 

Check the current rules, and there is no rule exists for port 3260

[root@gurkulsan ~]# iptables -L -n
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT udp — 0.0.0.0/0 0.0.0.0/0 udp dpt:53
ACCEPT tcp — 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
ACCEPT udp — 0.0.0.0/0 0.0.0.0/0 udp dpt:67
ACCEPT tcp — 0.0.0.0/0 0.0.0.0/0 tcp dpt:67

Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all — 0.0.0.0/0 192.168.122.0/24 state RELATED,ESTABLISHED
ACCEPT all — 192.168.122.0/24 0.0.0.0/0
ACCEPT all — 0.0.0.0/0 0.0.0.0/0
REJECT all — 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT all — 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

 

[root@gurkulsan ~]# iptables -I INPUT -p tcp –dport 3260 -j ACCEPT
[root@gurkulsan ~]# service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]

[root@gurkulsan ~]# iptables -L -n
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp — 0.0.0.0/0 0.0.0.0/0 tcp dpt:3260  <==  New rule added
ACCEPT udp — 0.0.0.0/0 0.0.0.0/0 udp dpt:53
ACCEPT tcp — 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
ACCEPT udp — 0.0.0.0/0 0.0.0.0/0 udp dpt:67
ACCEPT tcp — 0.0.0.0/0 0.0.0.0/0 tcp dpt:67

Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all — 0.0.0.0/0 192.168.122.0/24 state RELATED,ESTABLISHED
ACCEPT all — 192.168.122.0/24 0.0.0.0/0
ACCEPT all — 0.0.0.0/0 0.0.0.0/0
REJECT all — 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
REJECT all — 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

 

 

 

 ISCSI Client Configuration for RHEL6.3

 

 

Overall Steps :

Step 1: Install the ISCSI  Client Utilities rpm i.e. iscsi-initiator-utils

Step 2 : Enables the services for Aut0-start, and start the services

Step 3: Discovery the targets available from the ISCSI target server and bind to the target

Step 4: Configure the iscsi client configuration file, in case if the CHAP authentication enabled to access the Targets

Step 5:  Check the new iscsi storage visible in the server, partition and use them

 

 

Step 1: Install the ISCSI  Client Utilities rpm i.e. iscsi-initiator-utils

 

Install the RPM

[root@gurkulrhel4 ~]# yum install iscsi-initiator-utils
Loaded plugins: product-id, refresh-packagekit, security, subscription-manager
Updating certificate-based repositories.
Unable to read consumer identity
ol6_UEK_latest | 1.2 kB 00:00
ol6_latest | 1.4 kB 00:00
rhel-debuginfo | 1.2 kB 00:00 …
rpmforge | 1.9 kB 00:00
Setting up Install Process
Resolving Dependencies
–> Running transaction check
—> Package iscsi-initiator-utils.x86_64 0:6.2.0.872-41.el6 will be updated
—> Package iscsi-initiator-utils.x86_64 0:6.2.0.873-2.0.1.el6 will be an update
–> Finished Dependency Resolution

Dependencies Resolved

==========================================================================================
Package Arch Version Repository Size
==========================================================================================
Updating:
iscsi-initiator-utils x86_64 6.2.0.873-2.0.1.el6 ol6_latest 655 k

Transaction Summary
==========================================================================================
Upgrade 1 Package(s)

Total download size: 655 k
Is this ok [y/N]: y
Downloading Packages:
iscsi-initiator-utils-6.2.0.873-2.0.1.el6.x86_64.rpm | 655 kB 00:03
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Updating : iscsi-initiator-utils-6.2.0.873-2.0.1.el6.x86_64 1/2
Cleanup : iscsi-initiator-utils-6.2.0.872-41.el6.x86_64 2/2
Installed products updated.
Verifying : iscsi-initiator-utils-6.2.0.873-2.0.1.el6.x86_64 1/2
Verifying : iscsi-initiator-utils-6.2.0.872-41.el6.x86_64 2/2

Updated:
iscsi-initiator-utils.x86_64 0:6.2.0.873-2.0.1.el6

Complete!

 

Check the files installed alond with the RPM

[root@gurkulrhel4 ~]# rpm -ql iscsi-initiator-utils
/etc/NetworkManager
/etc/NetworkManager/dispatcher.d
/etc/NetworkManager/dispatcher.d/04-iscsi
/etc/iscsi
/etc/iscsi/iscsid.conf
/etc/logrotate.d/iscsiuiolog
/etc/rc.d/init.d/iscsi
/etc/rc.d/init.d/iscsid
/sbin/brcm_iscsiuio
/sbin/iscsi-iname
/sbin/iscsiadm
/sbin/iscsid
/sbin/iscsistart
/sbin/iscsiuio
/usr/lib64/libiscsi.so.0
/usr/lib64/python2.6/site-packages/libiscsimodule.so
/usr/share/doc/iscsi-initiator-utils-6.2.0.873
/usr/share/doc/iscsi-initiator-utils-6.2.0.873/README
/usr/share/man/man8/iscsi-iname.8.gz
/usr/share/man/man8/iscsiadm.8.gz
/usr/share/man/man8/iscsid.8.gz
/usr/share/man/man8/iscsistart.8.gz
/usr/share/man/man8/iscsiuio.8.gz
/var/lib/iscsi
/var/lib/iscsi/ifaces
/var/lib/iscsi/isns
/var/lib/iscsi/nodes
/var/lib/iscsi/send_targets
/var/lib/iscsi/slp
/var/lib/iscsi/static
/var/lock/iscsi

 

Step 2 : Enables the services for Aut0-start, and start the services

 

 

Start the iscsid Service

[root@gurkulrhel4 ~]# service iscsid restart
Stopping iscsid:
[root@gurkulrhel4 ~]# service iscsid force-start
Starting iscsid: [ OK ]

 

Enable the Service for Auto-startup during boot

[root@gurkulrhel4 ~]# chkconfig iscsid on
[root@gurkulrhel4 ~]# chkconfig –list iscsid
iscsid 0:off 1:off 2:on 3:on 4:on 5:on 6:off

 

Step 3: Discovery the targets available from the ISCSI target server and bind to the target

 

Run the iscsiadm command in discoverydb mode to get the information of available targets from the iscsi server 192.168.1.30 ( i.e. gurkusan)

[root@gurkulrhel4 ~]# iscsiadm –mode discoverydb –type sendtargets –portal 192.168.1.30 –discover
192.168.1.30:3260,1 iqn.2013-04.com.unixadminschool:target1

 

Once the target discovered, bind to the target

[root@gurkulrhel4 ~]# iscsiadm –mode node –targetname iqn.2013-04.com.unixadminschool:target1 –portal 192.168.1.30 –login
Logging in to [iface: default, target: iqn.2013-04.com.unixadminschool:target1, portal: 192.168.1.30,3260] (multiple)
iscsiadm: Could not login to [iface: default, target: iqn.2013-04.com.unixadminschool:target1, portal: 192.168.1.30,3260].
iscsiadm: initiator reported error (24 – iSCSI login failed due to authorization failure)
iscsiadm: Could not log into all portals

above faults appears because the targets were secured by CHAP authentication. We need to provide the authenitcated username and password to bind to the target

Step 4: Configure the iscsi client configuration file, in case if the CHAP authentication enabled to access the Targets

Add following details to the file /etc/iscsi/iscsid.conf

node.session.auth.authmethod = CHAP
node.session.auth.username = sanclient
node.session.auth.password = mypassword

 

And then rediscover the ISCSI targets

[root@gurkulrhel4 ~]# iscsiadm –mode discoverydb –type sendtargets –portal 192.168.1.30 –discover
192.168.1.30:3260,1 iqn.2013-04.com.unixadminschool:target1

Whenever iscsid discovers new target, it will add corresponding information in the following directory

[root@gurkulrhel4 ~]# ls -lR /var/lib/iscsi/nodes/
/var/lib/iscsi/nodes/:
total 4
drw——- 3 root root 4096 Apr 14 13:01 iqn.2013-04.com.unixadminschool:target1

/var/lib/iscsi/nodes/iqn.2013-04.com.unixadminschool:target1:
total 4
drw——- 2 root root 4096 Apr 14 13:01 192.168.1.30,3260,1

/var/lib/iscsi/nodes/iqn.2013-04.com.unixadminschool:target1/192.168.1.30,3260,1:
total 4
-rw——- 1 root root 1902 Apr 14 13:01 default

 

And the following file will have all the related information about the discovered target

Note :  you can find our CHAP user and password information in highlights

[root@gurkulrhel4 ~]# cat /var/lib/iscsi/nodes/iqn.2013-04.com.unixadminschool:target1/192.168.1.30,3260,1/default
# BEGIN RECORD 6.2.0-873.2.el6
node.name = iqn.2013-04.com.unixadminschool:target1
node.tpgt = 1
node.startup = automatic
node.leading_login = No
iface.iscsi_ifacename = default
iface.transport_name = tcp
iface.vlan_id = 0
iface.vlan_priority = 0
iface.iface_num = 0
iface.mtu = 0
iface.port = 0
node.discovery_address = 192.168.1.30
node.discovery_port = 3260
node.discovery_type = send_targets
node.session.initial_cmdsn = 0
node.session.initial_login_retry_max = 8
node.session.xmit_thread_priority = -20
node.session.cmds_max = 128
node.session.queue_depth = 32
node.session.nr_sessions = 1
node.session.auth.authmethod = CHAP
node.session.auth.username = sanclient
node.session.auth.password = mypassword
node.session.timeo.replacement_timeout = 120
node.session.err_timeo.abort_timeout = 15
node.session.err_timeo.lu_reset_timeout = 30
node.session.err_timeo.tgt_reset_timeout = 30
node.session.err_timeo.host_reset_timeout = 60
node.session.iscsi.FastAbort = Yes
node.session.iscsi.InitialR2T = No
node.session.iscsi.ImmediateData = Yes
node.session.iscsi.FirstBurstLength = 262144
node.session.iscsi.MaxBurstLength = 16776192
node.session.iscsi.DefaultTime2Retain = 0
node.session.iscsi.DefaultTime2Wait = 2
node.session.iscsi.MaxConnections = 1
node.session.iscsi.MaxOutstandingR2T = 1
node.session.iscsi.ERL = 0
node.conn[0].address = 192.168.1.30
node.conn[0].port = 3260
node.conn[0].startup = manual
node.conn[0].tcp.window_size = 524288
node.conn[0].tcp.type_of_service = 0
node.conn[0].timeo.logout_timeout = 15
node.conn[0].timeo.login_timeout = 15
node.conn[0].timeo.auth_timeout = 45
node.conn[0].timeo.noop_out_interval = 5
node.conn[0].timeo.noop_out_timeout = 5
node.conn[0].iscsi.MaxXmitDataSegmentLength = 0
node.conn[0].iscsi.MaxRecvDataSegmentLength = 262144
node.conn[0].iscsi.HeaderDigest = None
node.conn[0].iscsi.IFMarker = No
node.conn[0].iscsi.OFMarker = No
# END RECORD
[root@gurkulrhel4 ~]#

 

Step 5:  Check the new iscsi storage visible in the server, partition and use them

 

[root@gurkulrhel4 ~]# fdisk -l|grep Disk
Disk /dev/sda: 17.2 GB, 17179869184 bytes
Disk identifier: 0x000ae2a8
Disk /dev/sdb: 2147 MB, 2147483648 bytes
Disk identifier: 0x00000000
Disk /dev/sdc: 2147 MB, 2147483648 bytes
Disk identifier: 0x00000000
Disk /dev/mapper/vg_gurkulrhel2-lv_root: 12.4 GB, 12423528448 bytes
Disk identifier: 0x00000000
Disk /dev/mapper/vg_gurkulrhel2-lv_swap: 4227 MB, 4227858432 bytes
Disk identifier: 0x00000000
Disk /dev/mapper/vg_gurkulrhel2-data1: 2147 MB, 2147483648 bytes
Disk identifier: 0x00000000
Disk /dev/mapper/vg_gurkulrhel2-data2: 1073 MB, 1073741824 bytes
Disk identifier: 0x00000000
Disk /dev/mapper/vg_gurkulrhel2-data3: 524 MB, 524288000 bytes
Disk identifier: 0x00000000
Disk /dev/sdd: 2147 MB, 2147483648 bytes     <==  New disks added Here 
Disk identifier: 0x00000000
Disk /dev/sde: 2147 MB, 2147483648 bytes    <==  New disks added Here 
Disk identifier: 0x00000000

 

if you want to remove the discovered luns, simply logout from the target

[root@gurkulrhel4 ~]# iscsiadm –mode node –targetname iqn.2013-04.com.unixadminschool:target1 –portal 192.168.1.30 –logout
Logging out of session [sid: 2, target: iqn.2013-04.com.unixadminschool:target1, portal: 192.168.1.30,3260]
Logout of [sid: 2, target: iqn.2013-04.com.unixadminschool:target1, portal: 192.168.1.30,3260] successful.

 

Check the available disks, and you will notice new disks disappeared

[root@gurkulrhel4 ~]# fdisk -l|grep Disk
Disk /dev/sda: 17.2 GB, 17179869184 bytes
Disk identifier: 0x000ae2a8
Disk /dev/sdb: 2147 MB, 2147483648 bytes
Disk identifier: 0x00000000
Disk /dev/sdc: 2147 MB, 2147483648 bytes
Disk identifier: 0x00000000
Disk /dev/mapper/vg_gurkulrhel2-lv_root: 12.4 GB, 12423528448 bytes
Disk identifier: 0x00000000
Disk /dev/mapper/vg_gurkulrhel2-lv_swap: 4227 MB, 4227858432 bytes
Disk identifier: 0x00000000
Disk /dev/mapper/vg_gurkulrhel2-data1: 2147 MB, 2147483648 bytes
Disk identifier: 0x00000000
Disk /dev/mapper/vg_gurkulrhel2-data2: 1073 MB, 1073741824 bytes
Disk identifier: 0x00000000
Disk /dev/mapper/vg_gurkulrhel2-data3: 524 MB, 524288000 bytes
Disk identifier: 0x00000000

Login ( bind) back to the target to make iscsi disks available

[root@gurkulrhel4 ~]# iscsiadm –mode node –targetname iqn.2013-04.com.unixadminschool:target1 –portal 192.168.1.30 –login
Logging in to [iface: default, target: iqn.2013-04.com.unixadminschool:target1, portal: 192.168.1.30,3260] (multiple)
Login to [iface: default, target: iqn.2013-04.com.unixadminschool:target1, portal: 192.168.1.30,3260] successful.
[root@gurkulrhel4 ~]# fdisk -l|grep Disk
Disk /dev/sda: 17.2 GB, 17179869184 bytes
Disk identifier: 0x000ae2a8
Disk /dev/sdb: 2147 MB, 2147483648 bytes
Disk identifier: 0x00000000
Disk /dev/sdc: 2147 MB, 2147483648 bytes
Disk identifier: 0x00000000
Disk /dev/mapper/vg_gurkulrhel2-lv_root: 12.4 GB, 12423528448 bytes
Disk identifier: 0x00000000
Disk /dev/mapper/vg_gurkulrhel2-lv_swap: 4227 MB, 4227858432 bytes
Disk identifier: 0x00000000
Disk /dev/mapper/vg_gurkulrhel2-data1: 2147 MB, 2147483648 bytes
Disk identifier: 0x00000000
Disk /dev/mapper/vg_gurkulrhel2-data2: 1073 MB, 1073741824 bytes
Disk identifier: 0x00000000
Disk /dev/mapper/vg_gurkulrhel2-data3: 524 MB, 524288000 bytes
Disk identifier: 0x00000000
Disk /dev/sdd: 2147 MB, 2147483648 bytes
Disk identifier: 0x00000000
Disk /dev/sde: 2147 MB, 2147483648 bytes
Disk identifier: 0x00000000

 

Create partition in the New disks 

 

[root@gurkulrhel4 ~]# fdisk /dev/sdd
Device contains neither a valid DOS partition table, nor Sun, SGI or OSF disklabel
Building a new DOS disklabel with disk identifier 0xaed24ed6.
Changes will remain in memory only, until you decide to write them.
After that, of course, the previous content won’t be recoverable.

Warning: invalid flag 0x0000 of partition table 4 will be corrected by w(rite)

WARNING: DOS-compatible mode is deprecated. It’s strongly recommended to
switch off the mode (command ‘c’) and change display units to
sectors (command ‘u’).

Command (m for help): p

Disk /dev/sdd: 2147 MB, 2147483648 bytes
67 heads, 62 sectors/track, 1009 cylinders
Units = cylinders of 4154 * 512 = 2126848 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0xaed24ed6

Device Boot Start End Blocks Id System

Command (m for help): n
Command action
e extended
p primary partition (1-4)
p
Partition number (1-4): 1
First cylinder (1-1009, default 1):
Using default value 1
Last cylinder, +cylinders or +size{K,M,G} (1-1009, default 1009):
Using default value 1009

Command (m for help): w
The partition table has been altered!

Calling ioctl() to re-read partition table.
Syncing disks.

[root@gurkulrhel4 ~]#
[root@gurkulrhel4 ~]# fdisk -l /dev/sdd

Disk /dev/sdd: 2147 MB, 2147483648 bytes
67 heads, 62 sectors/track, 1009 cylinders
Units = cylinders of 4154 * 512 = 2126848 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0xaed24ed6

Device Boot Start End Blocks Id System
/dev/sdd1 1 1009 2095662 83 Linux

 

[root@gurkulrhel4 ~]# mkfs.ext4 /dev/sdd1

mke2fs 1.41.12 (17-May-2010)
Filesystem label=
OS type: Linux
Block size=4096 (log=2)
Fragment size=4096 (log=2)
Stride=0 blocks, Stripe width=0 blocks
131072 inodes, 523915 blocks
26195 blocks (5.00%) reserved for the super user
First data block=0
Maximum filesystem blocks=536870912
16 block groups
32768 blocks per group, 32768 fragments per group
8192 inodes per group
Superblock backups stored on blocks:
32768, 98304, 163840, 229376, 294912

Writing inode tables: done
Creating journal (8192 blocks): done
Writing superblocks and filesystem accounting information: done

This filesystem will be automatically checked every 29 mounts or
180 days, whichever comes first. Use tune2fs -c or -i to override.

 

[root@gurkulrhel4 ~]# mkdir /shared-data

 

Add entry to /etc/fstab to mount new filesystem during the boot

 

[root@gurkulrhel4 ~]# cat /etc/fstab
#
# /etc/fstab
# Created by anaconda on Fri Sep 28 07:39:26 2012
#
# Accessible filesystems, by reference, are maintained under ‘/dev/disk’
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
/dev/mapper/vg_gurkulrhel2-lv_root / ext4 defaults 1 1
UUID=5e925634-5366-455d-b337-eed668f7b2e6 /boot ext4 defaults 1 2
/dev/mapper/vg_gurkulrhel2-lv_swap swap swap defaults 0 0
tmpfs /dev/shm tmpfs defaults 0 0
devpts /dev/pts devpts gid=5,mode=620 0 0
sysfs /sys sysfs defaults 0 0
proc /proc proc defaults 0 0
### below entry will mount /dev/sd1 on /shared/data
### the option _netdev option says to mount /shared-data only after the network available
/dev/sdd1 /shared-data ext4 defaults,_netdev 0 0

[root@gurkulrhel4 ~]#

 

Reboot the Host , and  check the filesystem getting mounted automatically after the reboot

 

[root@gurkulrhel4 ~]# reboot

Broadcast message from root@gurkulrhel4
(/dev/pts/0) at 13:10 …

The system is going down for reboot NOW!

 

After the reboot

[root@gurkulrhel4 ~]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/vg_gurkulrhel2-lv_root
12G 7.1G 3.8G 66% /
tmpfs 1003M 88K 1003M 1% /dev/shm
/dev/sda1 485M 37M 423M 9% /boot
/dev/sdd1 2.0G 35M 1.9G 2% /shared-data

 

 

We will be discussing about the iscsi configuration for shared storage for Cluster environment  in the next post . Please feel to add your questions and comments to the post

 

How to Stay Connected to Us ?

You can simply subscribe for our free email posts from here . 

We have very active community to answer your questions at any time – Join our Just Facebook’s just-UNIX-no-noise group  or Linked in  Enterprise UNIX administration  group

Join our  Professional network with 2000+ Unix Engineers – LinkedIn

It’s easy to get our updates with our  twitter and Google + social networks

 

 

 

Ramdev

Ramdev

I have started unixadminschool.com ( aka gurkulindia.com) in 2009 as my own personal reference blog, and later sometime i have realized that my leanings might be helpful for other unixadmins if I manage my knowledge-base in more user friendly format. And the result is today's' unixadminschool.com. You can connect me at - https://www.linkedin.com/in/unixadminschool/

22 Responses

  1. sreenath says:

    Nice Sir,Keep it Up!

  2. Elumalai M says:

    Thanks for sharing this article. 

    In the client side If I want to remove the one LUN (one mapped new disk). What action to be done in client and server ? Thanks in advance for clarification…

    • Ramdev Ramdev says:

      Hi Elumalai, storage on iscsi individual luns are quite buggy in real time world. And normally we do work with the strategy “one lun – one target relation”, so that it is to manage things like access control and Lun maintenance without reboots. I will be covering some of the tasks in my continuation post.

  3. Elumalai M says:

    Hi Ramdev,

    ok… Thanks for your explanation…

  4. Santhosh Kumar Reddy says:

    A Very good documentation.

  5. krishgudd says:

    Hi Ramdev,

    Inside the /var/lib/iscsi/nodes directory we will get the node information right.What happens if I delete that .

    In one our server when I execute iscsiadm -m node its showing nothing and nothing inside /var/lib/iscsi/node directory . but Iam using lun which is coming from that target.

  6. chetan Panchal says:

    Hi

    May i requested to you Please share Redhat cluster suite for RHEL6?

  7. Animesh Singha says:

    after reboot , shared drive not shown ..missing..

    please help me urgently

  8. Ramdev Ramdev says:

    Animesh, please folllow the step3 ( as mentioned below) to redetect the luns.. you need to use the your iscsi server ip instead of 192.168.1.30.   Then you will see the shared iscsi luns at the client.

    Step 3: Discovery the targets available from the ISCSI target server and bind to the target

    Run the iscsiadm command in discoverydb mode to get the information of available targets from the iscsi server 192.168.1.30 ( i.e. gurkusan)

    [root@gurkulrhel4 ~]# iscsiadm –mode discoverydb –type sendtargets –portal 192.168.1.30 –discover
    192.168.1.30:3260,1 iqn.2013-04.com.unixadminschool:target1

    Once the target discovered, bind to the target 

    [root@gurkulrhel4 ~]# iscsiadm –mode node –targetname iqn.2013-04.com.unixadminschool:target1 –portal 192.168.1.30 –login
    Logging in to [iface: default, target: iqn.2013-04.com.unixadminschool:target1, portal: 192.168.1.30,3260] (multiple)
    iscsiadm: Could not login to [iface: default, target: iqn.2013-04.com.unixadminschool:target1, portal: 192.168.1.30,3260].
    iscsiadm: initiator reported error (24 – iSCSI login failed due to authorization failure)
    iscsiadm: Could not log into all portals

    above faults appears because the targets were secured by CHAP authentication. We need to provide the authenitcated username and password to bind to the target

  9. kevin says:

    hi,

    Can you show me how to do multi-path for iSCSI ? thanks

  10. Ramdev Ramdev says:

    Hi Kevin, Sure. I will make a procedure for the ISCSI multipath and will post it soon.

    • Praneeth says:

      Hi Ramdev,

      We have configured iscsi in RHEL 6.7 without multipathing & working fine.But with multipathing we are facing problem.Can u provide iscsi multipathing configuration.

      While creating file system we are getting below error.

      sd 12:0:0:1: SCSI error: return code = 0x06000000
      end_request: I/O error, dev sdatk, sector 2109640
      Aborting journal on device dm-785.
      __journal_remove_journal_head: freeing b_committed_data
      journal commit I/O error
      ext3_abort called.
      EXT3-fs error (device dm-785): ext3_journal_start_sb: Detected aborted journal
      Remounting filesystem read-only
      ext3_abort called.
      EXT3-fs error (device dm-785): ext3_put_super: Couldn’t clean up the journal

  11. anand says:

    Hi,
    By default, iSCSI logging done in “/var/log/messages” in RHEL. Is there a way to configure logging in some other file?

  12. Raj says:

    Hi Ramdev and Team,

    Can you please assist on how to resolve the avc {read write} denail issue in SELinux permissions. the server OS version is OEL 6.3 and SELinux must be in Enforcing mode. Can any one pls guide on this issue.

    Thx in advance

    Regards,

    Raj

  13. John says:

    Hi Ram, Thanks for the wonderful explanation. I’m having some trouble in the Client part. I used the CHAP authentication and added that information to /etc/iscsi/iscsid.conf; however, when i try to discover am getting the iqn, but, when i try to login , i get the below error, please advice.

    [root@clusternode2 ~]# iscsiadm –mode node –targetname iqn.2013-04.com.clusterdomain:target1 –portal 192.168.117.171 –login
    Logging in to [iface: default, target: iqn.2013-04.com.clusterdomain:target1, portal: 192.168.117.171,3260] (multiple)
    iscsiadm: Could not login to [iface: default, target: iqn.2013-04.com.clusterdomain:target1, portal: 192.168.117.171,3260].
    iscsiadm: initiator reported error (24 – iSCSI login failed due to authorization failure)
    iscsiadm: Could not log into all portals

    • John says:

      You’ve mentioned as ” faults appears because the targets were secured by CHAP authentication. We need to provide the authenticated username and password to bind to the target”, how do I do this?

      • unixadmschool says:

        Hi John, please check the section”And the following file will have all the related information about the discovered target” in step-4.

  14. ravi says:

    Hi,

    My iscsi is never started..am getting error like iscsi is stopped.
    please help
    Thanks in Advance,
    Ravi

  1. September 17, 2015

    […] Read – Configuring ISCSI Server and Client RHEL6 […]

  2. September 18, 2015

    […] Read – Configuring ISCSI Server and Client in RHEL6 […]

What is in your mind, about this post ? Leave a Reply

Close
  Our next learning article is ready, subscribe it in your email

What is your Learning Goal for Next Six Months ? Talk to us