iSCSI配置

本文部分转自https://www.linuxprobe.com/chapter-17.html

角色 ip
iSCSI 服务端 192.168.197.148
iSCSI 客户端 192.168.197.142

 

 

 

 

服务端添加两块10G的硬盘,用于共享存储

[root@localhost ~]# fdisk -l

Disk /dev/sdb: 10.7 GB, 10737418240 bytes, 20971520 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes


Disk /dev/sda: 85.9 GB, 85899345920 bytes, 167772160 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk label type: dos
Disk identifier: 0x000ad3bc

   Device Boot      Start         End      Blocks   Id  System
/dev/sda1   *        2048     1026047      512000   83  Linux
/dev/sda2         1026048   167772159    83373056   8e  Linux LVM

Disk /dev/sdc: 10.7 GB, 10737418240 bytes, 20971520 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes


Disk /dev/mapper/centos-root: 76.8 GB, 76780929024 bytes, 149962752 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes


Disk /dev/mapper/centos-swap: 8589 MB, 8589934592 bytes, 16777216 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes

服务端配置

第1步:配置好Yum软件仓库后安装iSCSI服务端程序以及配置命令工具。

yum -y install targetd targetcli

安装完成后启动iSCSI的服务端程序targetd,然后把这个服务程序加入到开机启动项中,以便下次在服务器重启后依然能够为用户提供iSCSI共享存储资源服务:

systemctl start targetd
systemctl enable targetd

第2步:配置iSCSI服务端共享资源。targetcli是用于管理iSCSI服务端存储资源的专用配置命令,它能够提供类似于fdisk命令的交互式配置功能,将iSCSI共享资源的配置内容抽象成“目录”的形式,我们只需将各类配置信息填入到相应的“目录”中即可。这里的难点主要在于认识每个“参数目录”的作用。当把配置参数正确地填写到“目录”中后,iSCSI服务端也可以提供共享资源服务了。

在执行targetcli命令后就能看到交互式的配置界面了。在该界面中可以使用很多Linux命令,比如利用ls查看目录参数的结构,使用cd切换到不同的目录中。/backstores/block是iSCSI服务端配置共享设备的位置。我们需要把刚刚添加的两块10G盘加入到配置共享设备的“资源池”中,并将该文件分别命名为storage01和storage02,这样用户就不会知道是由服务器中的哪块硬盘来提供共享存储资源,而只会看到两个个名为storage01和storage02的存储设备。

[root@localhost ~]# targetcli
Warning: Could not load preferences file /root/.targetcli/prefs.bin.
targetcli shell version 2.1.fb46
Copyright 2011-2013 by Datera, Inc and others.
For help on commands, type 'help'.

/> ls
o- / ......................................................................................................................... [...]
  o- backstores .............................................................................................................. [...]
  | o- block .................................................................................................. [Storage Objects: 0]
  | o- fileio ................................................................................................. [Storage Objects: 0]
  | o- pscsi .................................................................................................. [Storage Objects: 0]
  | o- ramdisk ................................................................................................ [Storage Objects: 0]
  o- iscsi ............................................................................................................ [Targets: 0]
  o- loopback ......................................................................................................... [Targets: 0]
/> cd /backstores/block
/backstores/block> ls
o- block ...................................................................................................... [Storage Objects: 0]
/backstores/block> create storage01 /dev/sdb
Created block storage object storage01 using /dev/sdb.
/backstores/block> create storage02 /dev/sdc
Created block storage object storage02 using /dev/sdc.
/backstores/block> cd /
/> ls
o- / ......................................................................................................................... [...]
  o- backstores .............................................................................................................. [...]
  | o- block .................................................................................................. [Storage Objects: 2]
  | | o- storage01 ..................................................................... [/dev/sdb (10.0GiB) write-thru deactivated]
  | | | o- alua ................................................................................................... [ALUA Groups: 1]
  | | |   o- default_tg_pt_gp ....................................................................... [ALUA state: Active/optimized]
  | | o- storage02 ..................................................................... [/dev/sdc (10.0GiB) write-thru deactivated]
  | |   o- alua ................................................................................................... [ALUA Groups: 1]
  | |     o- default_tg_pt_gp ....................................................................... [ALUA state: Active/optimized]
  | o- fileio ................................................................................................. [Storage Objects: 0]
  | o- pscsi .................................................................................................. [Storage Objects: 0]
  | o- ramdisk ................................................................................................ [Storage Objects: 0]
  o- iscsi ............................................................................................................ [Targets: 0]
  o- loopback ......................................................................................................... [Targets: 0]
/> 

第3步:创建iSCSI target名称及配置共享资源。iSCSI target名称是由系统自动生成的,这是一串用于描述共享资源的唯一字符串。稍后用户在扫描iSCSI服务端时即可看到这个字符串,因此我们不需要记住它。系统在生成这个target名称后,还会在/iscsi参数目录中创建一个与其字符串同名的新“目录”用来存放共享资源。我们需要把前面加入到iSCSI共享资源池中的硬盘设备添加到这个新目录中,这样用户在登录iSCSI服务端后,即可默认使用这硬盘设备提供的共享存储资源了。

/> cd iscsi
/iscsi> create
Created target iqn.2003-01.org.linux-iscsi.localhost.x8664:sn.1903640455de.
Created TPG 1.
Global pref auto_add_default_portal=true
Created default portal listening on all IPs (0.0.0.0), port 3260.
/iscsi> cd iqn.2003-01.org.linux-iscsi.localhost.x8664:sn.1903640455de/
/iscsi/iqn.20....1903640455de> ls
o- iqn.2003-01.org.linux-iscsi.localhost.x8664:sn.1903640455de ........................................................... [TPGs: 1]
  o- tpg1 ................................................................................................... [no-gen-acls, no-auth]
    o- acls .............................................................................................................. [ACLs: 0]
    o- luns .............................................................................................................. [LUNs: 0]
    o- portals ........................................................................................................ [Portals: 1]
      o- 0.0.0.0:3260 ......................................................................................................... [OK]
/iscsi/iqn.20....1903640455de> cd tpg1/luns
/iscsi/iqn.20...5de/tpg1/luns> ls
o- luns .................................................................................................................. [LUNs: 0]
/iscsi/iqn.20...5de/tpg1/luns> create /backstores/block/storage01
Created LUN 0.
/iscsi/iqn.20...5de/tpg1/luns> create /backstores/block/storage02
Created LUN 1.
/iscsi/iqn.20...5de/tpg1/luns>

第4步:设置访问控制列表(ACL)。iSCSI协议是通过客户端名称进行验证的,也就是说,用户在访问存储共享资源时不需要输入密码,只要iSCSI客户端的名称与服务端中设置的访问控制列表中某一名称条目一致即可,因此需要在iSCSI服务端的配置文件中写入一串能够验证用户信息的名称。acls参数目录用于存放能够访问iSCSI服务端共享存储资源的客户端名称。刘遄老师推荐在刚刚系统生成的iSCSI target后面追加上类似于:client的参数,这样既能保证客户端的名称具有唯一性,又非常便于管理和阅读:

/iscsi/iqn.20...5de/tpg1/luns> cd /iscsi/iqn.2003-01.org.linux-iscsi.localhost.x8664:sn.1903640455de/tpg1/acls 
/iscsi/iqn.20...5de/tpg1/acls> ls
o- acls .................................................................................................................. [ACLs: 0]
/iscsi/iqn.20...5de/tpg1/acls> create iqn.2003-01.org.linux-iscsi.localhost.x8664:sn.1903640455de:acl
Created Node ACL for iqn.2003-01.org.linux-iscsi.localhost.x8664:sn.1903640455de:acl
Created mapped LUN 1.
Created mapped LUN 0.

第5步:(这步可以不操作)设置iSCSI服务端的监听IP地址和端口号。位于生产环境中的服务器上可能有多块网卡,那么到底是由哪个网卡或IP地址对外提供共享存储资源呢?这就需要我们在配置文件中手动定义iSCSI服务端的信息,即在portals参数目录中写上服务器的IP地址。接下来将由系统自动开启服务器192.168.10.10的3260端口将向外提供iSCSI共享存储资源服务:

/iscsi/iqn.20...5de/tpg1/acls> cd /iscsi/iqn.2003-01.org.linux-iscsi.localhost.x8664:sn.1903640455de/tpg1/portals/
/iscsi/iqn.20.../tpg1/portals> ls
o- portals ............................................................................................................ [Portals: 1]
  o- 0.0.0.0:3260 ............................................................................................................. [OK]
/iscsi/iqn.20.../tpg1/portals> create 192.168.197.148 ip_port=3260
Using default IP port 3260

第6步:配置妥当后检查配置信息,重启iSCSI服务端程序并配置防火墙策略。在参数文件配置妥当后,可以浏览刚刚配置的信息,确保与下面的信息基本一致。在确认信息无误后输入exit命令来退出配置。注意,千万不要习惯性地按Ctrl + C组合键结束进程,这样不会保存配置文件,我们的工作也就白费了。最后重启iSCSI服务端程序

/iscsi/iqn.20.../tpg1/portals> cd /

/> ls /
o- / ......................................................................................................................... [...]
  o- backstores .............................................................................................................. [...]
  | o- block .................................................................................................. [Storage Objects: 2]
  | | o- storage01 ....................................................................... [/dev/sdb (10.0GiB) write-thru activated]
  | | | o- alua ................................................................................................... [ALUA Groups: 1]
  | | |   o- default_tg_pt_gp ....................................................................... [ALUA state: Active/optimized]
  | | o- storage02 ....................................................................... [/dev/sdc (10.0GiB) write-thru activated]
  | |   o- alua ................................................................................................... [ALUA Groups: 1]
  | |     o- default_tg_pt_gp ....................................................................... [ALUA state: Active/optimized]
  | o- fileio ................................................................................................. [Storage Objects: 0]
  | o- pscsi .................................................................................................. [Storage Objects: 0]
  | o- ramdisk ................................................................................................ [Storage Objects: 0]
  o- iscsi ............................................................................................................ [Targets: 1]
  | o- iqn.2003-01.org.linux-iscsi.localhost.x8664:sn.1903640455de ....................................................... [TPGs: 1]
  |   o- tpg1 ............................................................................................... [no-gen-acls, no-auth]
  |     o- acls .......................................................................................................... [ACLs: 1]
  |     | o- iqn.2003-01.org.linux-iscsi.localhost.x8664:sn.1903640455de:acl ...................................... [Mapped LUNs: 2]
  |     |   o- mapped_lun0 ............................................................................. [lun0 block/storage01 (rw)]
  |     |   o- mapped_lun1 ............................................................................. [lun1 block/storage02 (rw)]
  |     o- luns .......................................................................................................... [LUNs: 2]
  |     | o- lun0 .................................................................. [block/storage01 (/dev/sdb) (default_tg_pt_gp)]
  |     | o- lun1 .................................................................. [block/storage02 (/dev/sdc) (default_tg_pt_gp)]
  |     o- portals .................................................................................................... [Portals: 1]
  |       o- 0.0.0.0:3260 ..................................................................................................... [OK]
  o- loopback ......................................................................................................... [Targets: 0]
/> exit

重启服务

systemctl restart targetd

记住服务端的acl标识:iqn.2003-01.org.linux-iscsi.localhost.x8664:sn.1903640455de:acl

 

 

 

客户端配置

在RHEL 7系统中,已经默认安装了iSCSI客户端服务程序initiator。如果您的系统没有安装的话,可以使用Yum软件仓库手动安装。

yum install -y iscsi-initiator-utils

前面讲到,iSCSI协议是通过客户端的名称来进行验证,而该名称也是iSCSI客户端的唯一标识,而且必须与服务端配置文件中访问控制列表中的信息一致,否则客户端在尝试访问存储共享设备时,系统会弹出验证失败的保存信息。

下面我们编辑iSCSI客户端中的initiator名称文件,把服务端的访问控制列表名称填写进来,然后重启客户端iscsid服务程序并将其加入到开机启动项中:

[root@client ~]# cat /etc/iscsi/initiatorname.iscsi
InitiatorName=iqn.2003-01.org.linux-iscsi.localhost.x8664:sn.1903640455de:acl
systemctl restart iscsid
systemctl enable iscsid

iSCSI客户端访问并使用共享存储资源的步骤很简单,只需要记住刘遄老师的一个小口诀“先发现,再登录,最后挂载并使用”。iscsiadm是用于管理、查询、插入、更新或删除iSCSI数据库配置文件的命令行工具,用户需要先使用这个工具扫描发现远程iSCSI服务端,然后查看找到的服务端上有哪些可用的共享存储资源。其中,-m discovery参数的目的是扫描并发现可用的存储资源,-t st参数为执行扫描操作的类型,-p 192.168.197.148参数为iSCSI服务端的IP地址:

[root@client ~]# iscsiadm -m discovery -t st -p 192.168.197.148
192.168.197.148:3260,1 iqn.2003-01.org.linux-iscsi.localhost.x8664:sn.1903640455de

在使用iscsiadm命令发现了远程服务器上可用的存储资源后,接下来准备登录iSCSI服务端。其中,-m node参数为将客户端所在主机作为一台节点服务器,-T  iqn.2003-01. org.linux-iscsi.linuxprobe.x8664:sn.d497c356ad80参数为要使用的存储资源(大家可以直接复制前面命令中扫描发现的结果,以免录入错误),-p 192.168.10.10参数依然为对方iSCSI服务端的IP地址。最后使用--login或-l参数进行登录验证。

[root@client ~]# iscsiadm -m node -T iqn.2003-01.org.linux-iscsi.localhost.x8664:sn.1903640455de -p 192.168.197.148 --login
Logging in to [iface: default, target: iqn.2003-01.org.linux-iscsi.localhost.x8664:sn.1903640455de, portal: 192.168.197.148,3260] (multiple)
Login to [iface: default, target: iqn.2003-01.org.linux-iscsi.localhost.x8664:sn.1903640455de, portal: 192.168.197.148,3260] successful.

在iSCSI客户端成功登录之后,会在客户端主机上多出两块名为/dev/sdb和/dev/sdc的设备文件。udev服务在命名硬盘名称时,与硬盘插槽是没有关系的。接下来可以像使用本地主机上的硬盘那样来操作这个设备文件了。

[root@client ~]# parted -l 
Model: VMware, VMware Virtual S (scsi)
Disk /dev/sda: 85.9GB
Sector size (logical/physical): 512B/512B
Partition Table: msdos
Disk Flags: 

Number  Start   End     Size    Type     File system  Flags
 1      1049kB  525MB   524MB   primary  xfs          boot
 2      525MB   85.9GB  85.4GB  primary               lvm


Error: /dev/sdb: unrecognised disk label
Model: LIO-ORG storage01 (scsi)                                           
Disk /dev/sdb: 10.7GB
Sector size (logical/physical): 512B/512B
Partition Table: unknown
Disk Flags: 

Error: /dev/sdc: unrecognised disk label
Model: LIO-ORG storage02 (scsi)                                           
Disk /dev/sdc: 10.7GB
Sector size (logical/physical): 512B/512B
Partition Table: unknown
Disk Flags: 

Model: Linux device-mapper (linear) (dm)
Disk /dev/mapper/centos-swap: 8590MB
Sector size (logical/physical): 512B/512B
Partition Table: loop
Disk Flags: 

Number  Start  End     Size    File system     Flags
 1      0.00B  8590MB  8590MB  linux-swap(v1)


Model: Linux device-mapper (linear) (dm)
Disk /dev/mapper/centos-root: 76.8GB
Sector size (logical/physical): 512B/512B
Partition Table: loop
Disk Flags: 

Number  Start  End     Size    File system  Flags
 1      0.00B  76.8GB  76.8GB  xfs

格式化并挂载

mkfs -t xfs /dev/sdb
mkfs -t xfs /dev/sdc
mkdir -p /storage01
mkdir -p /storage02
mount -t xfs /dev/sdb /storage01
mount -t xfs /dev/sdc /storage02

开机自动挂载

[root@client ~]# blkid | grep /dev/sdb
/dev/sdb: UUID="af1e1e7b-7777-4e96-8845-505a922f1fa2" TYPE="xfs"
#  查看UUID

由于/dev/sdb是一块网络存储设备,而iSCSI协议是基于TCP/IP网络传输数据的,因此必须在/etc/fstab配置文件中添加上_netdev参数,表示当系统联网后再进行挂载操作,以免系统开机时间过长或开机失败,编辑/etc/fstab文件:


#
# /etc/fstab
# Created by anaconda on Thu Apr 23 12:54:34 2020
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
/dev/mapper/centos-root / xfs defaults 0 0
UUID=44bc377f-6caa-41c0-8229-aa53a5c317c4 /boot xfs defaults 0 0
/dev/mapper/centos-swap swap swap defaults 0 0
UUID=af1e1e7b-7777-4e96-8845-505a922f1fa2 /storage01 xfs defaults,_netdev 0 0
UUID=2372f16d-f25b-48c9-a28a-ae2908177ab1 /storage02 xfs defaults,_netdev 0 0

自动挂载

[root@client ~]# mount -a
[root@client ~]# df -hT
Filesystem              Type      Size  Used Avail Use% Mounted on
/dev/mapper/centos-root xfs        72G   13G   59G  18% /
devtmpfs                devtmpfs  2.3G     0  2.3G   0% /dev
tmpfs                   tmpfs     2.3G     0  2.3G   0% /dev/shm
tmpfs                   tmpfs     2.3G   20M  2.3G   1% /run
tmpfs                   tmpfs     2.3G     0  2.3G   0% /sys/fs/cgroup
/dev/sda1               xfs       497M  139M  359M  28% /boot
tmpfs                   tmpfs     471M     0  471M   0% /run/user/0
/dev/loop0              iso9660    11G   11G     0 100% /var/www/html/centos76/base
/dev/sdb                xfs        10G   33M   10G   1% /storage01
/dev/sdc                xfs        10G   33M   10G   1% /storage02

可以看到已经挂载上去了

如果我们不再需要使用iSCSI共享设备资源了,可以用iscsiadm命令的-u参数将其设备卸载:

[root@server ~]# iscsiadm -m node -T iqn.2003-01.org.linux-iscsi.localhost.x8664:sn.1903640455de -u 
Logging out of session [sid: 2, target: iqn.2003-01.org.linux-iscsi.localhost.x8664:sn.1903640455de, portal: 192.168.197.148,3260]
Logout of [sid: 2, target: iqn.2003-01.org.linux-iscsi.localhost.x8664:sn.1903640455de, portal: 192.168.197.148,3260] successful.

 

posted @ 2020-06-15 15:10  士官长  阅读(731)  评论(0编辑  收藏  举报