CentOS下ISCSI共享存储配置

ISCSI共享存储

​ ISCSI,小型计算机系统接口,又称为IP-SAN,是一种基于因特网及SCSI-3协议下的存储技术,它可以共享镜像文件(*.img)、分区(partition)、物理硬盘和逻辑卷等。现在使用ISCSI技术实现局域网内共享物理磁盘磁盘分区

1. 环境准备

1.1硬件环境

  • 两台CentOS7.6的机器,一台额外安装2个硬盘的机器,用作存储设备。
  • 两台机器均可访问Internet

1.2 软件环境

​ 对额外挂载两个磁盘的机器,中的一个磁盘做分区操作

  • 磁盘分区

    [root@server ~]# fdisk /dev/sdc
    Welcome to fdisk (util-linux 2.23.2).
    
    Changes will remain in memory only, until you decide to write them.
    Be careful before using the write command.
    
    Device does not contain a recognized partition table
    Building a new DOS disklabel with disk identifier 0xf9c6e7e6.
    
    Command (m for help): m
    Command action
       a   toggle a bootable flag
       b   edit bsd disklabel
       c   toggle the dos compatibility flag
       d   delete a partition
       g   create a new empty GPT partition table
       G   create an IRIX (SGI) partition table
       l   list known partition types
       m   print this menu
       n   add a new partition
       o   create a new empty DOS partition table
       p   print the partition table
       q   quit without saving changes
       s   create a new empty Sun disklabel
       t   change a partition's system id
       u   change display/entry units
       v   verify the partition table
       w   write table to disk and exit
       x   extra functionality (experts only)
    
    Command (m for help): n
    Partition type:
       p   primary (0 primary, 0 extended, 4 free)
       e   extended
    Select (default p): p
    Partition number (1-4, default 1): 
    First sector (2048-20971519, default 2048): 
    Using default value 2048
    Last sector, +sectors or +size{K,M,G} (2048-20971519, default 20971519): 
    Using default value 20971519
    Partition 1 of type Linux and of size 10 GiB is set
    
    Command (m for help): w
    The partition table has been altered!
    
    Calling ioctl() to re-read partition table.
    Syncing disks.
    [root@server ~]# 
    

2.ISCSI配置

2.1 服务器端配置

  • 安装scsi-target-utils和scsi-target-utils

    [root@server ~]# yum -y install epel-release
    [root@server ~]# yum -y install scsi-target-utils
    [root@server ~]# chkconfig tgtd on
    Note: Forwarding request to 'systemctl enable tgtd.service'.
    Created symlink from /etc/systemd/system/multi-user.target.wants/tgtd.service to /usr/lib/systemd/system/tgtd.service.
    [root@server ~]# service tgtd start
    Redirecting to /bin/systemctl start tgtd.service
    [root@server ~]# ss -tunlp | grep tgt
    tcp    LISTEN     0      128       *:3260                  *:*                   users:(("tgtd",pid=12504,fd=6))
    tcp    LISTEN     0      128      :::3260                 :::*                   users:(("tgtd",pid=12504,fd=7))
    [root@server ~]# 
    
  • 编辑/etc/tgt/targets.conf

    追加以下内容

    <target iqn.2022.04.com.rac:iscsi.disk>
            backing-store /dev/sdb
            backing-store /dev/sdc1
            incominguser iscsiuser iscsiuser
            initiator-address 192.168.100.0/24
    </target>
    

    backiing-store:共享的存储路径

    incominguser:该target的账密

    initiator-address:可以登录该target的IP或者IP段

    target命名规则:iqn.年份-月份.域名反写.设备识别

  • 关闭防火墙

    [root@server ~]# systemctl disable firewalld.service
    

    编辑/etc/selinux/config,把enforce更改成disabled

    [root@server ~]# vim /etc/selinux/config 
    
    # This file controls the state of SELinux on the system.
    # SELINUX= can take one of these three values:
    #     enforcing - SELinux security policy is enforced.
    #     permissive - SELinux prints warnings instead of enforcing.
    #     disabled - No SELinux policy is loaded.
    SELINUX=disabled
    # SELINUXTYPE= can take one of three values:
    #     targeted - Targeted processes are protected,
    #     minimum - Modification of targeted policy. Only selected processes are protected. 
    #     mls - Multi Level Security protection.
    SELINUXTYPE=targeted
    
    

2.2 客户端配置

  • 安装iscsi-initiator-utils

    [root@node1 ~]# yum -y install iscsi-initiator-utils
    
  • 设置开机自启动

    [root@node1 ~]# chkconfig iscsi on
    [root@node1 ~]# chkconfig iscsid on
    
  • 配置initiator文件

    vim /etc/iscsi/initiatorname.iscsi
    
    InitiatorName=iqn.2022.04.com.rac:iscsi.disk
    
  • 配置iscsid.conf文件:

    [root@node1 ~]# vim /etc/iscsi/iscsid.conf
    

    把以下配置项的注释取消掉,并填入用户名和密码

    # To enable CHAP authentication set node.session.auth.authmethod
    # to CHAP. The default is None.
    node.session.auth.authmethod = CHAP
    
    # To configure which CHAP algorithms to enable set
    # node.session.auth.chap_algs to a comma seperated list.
    # The algorithms should be listen with most prefered first.
    # Valid values are MD5, SHA1, SHA256
    # The default is MD5.
    #node.session.auth.chap_algs = SHA256,SHA1,MD5
    
    # To set a CHAP username and password for initiator
    # authentication by the target(s), uncomment the following lines:
    node.session.auth.username = iscsiuser
    node.session.auth.password = iscsiuser
    
  • 启动客户端服务

    [root@node1 ~]# service iscsi start
    [root@node1 ~]# service iscsid start
    
  • 设置开机自连接

    开机启动iscsi服务

    [root@node1 ~]# chkconfig iscsid on
    

    查找target,如果查找失败,重启服务器端

    [root@node1 ~]# iscsiadm -m discovery -t st -p 192.168.100.188
    192.168.100.188:3260,1 iqn.2022.04.com.rac:iscsi.disk
    

    手动登录到共享的ISCSI存储

    [root@node1 ~]# iscsiadm -m node -T iqn.2022.04.com.rac:iscsi.disk -p 192.168.100.188 -l
    Logging in to [iface: default, target: iqn.2022.04.com.rac:iscsi.disk, portal: 192.168.100.188,3260] (multiple)
    Login to [iface: default, target: iqn.2022.04.com.rac:iscsi.disk, portal: 192.168.100.188,3260] successful.
    [root@node1 ~]# 
    

    设置开机自启动连接target

    [root@node1 ~]# iscsiadm -m node -T iqn.2022.04.com.rac:iscsi.disk -p 192.168.100.188 --op update -n node.startup -v automatic
    

3.问题记录

3.1共享存储变动

​ 共享的存储发生变化,但是客户端却没有发生相应变化,可以采取重启target的服务,然后清理客户端缓存,重启相应服务,等待几分钟重新查找,登录即可。

  • 重启服务器端服务

    [root@server ~]# service tgtd start
    
  • 清理客户端缓存

    [root@server ~]# rm -rf /var/lib/iscsi/nodes/*
    [root@server ~]# rm -rf /var/lib/iscsi/send_targets/*
    

    注:如果只清理缓存,却没登出和删除发现target记录,就直接登录,会报以下错误

    root@node1 ~]# iscsiadm -m node -T iqn.2022.04.com.rac:iscsi.disk -p 192.168.100.188 -l
    iscsiadm: No records found
    
  • 登出target

    [root@node1 ~]# iscsiadm -m node -T iqn.2022.04.com.rac:iscsi.disk -p 192.168.100.188 -u
    
  • 删除发现target记录

    [root@node1 ~]# iscsiadm -m node -T iqn.2022.04.com.rac:iscsi.disk -p 192.168.100.188 -o delete
    
  • 重启客户端服务

    [root@node1 ~]# systemctl restart iscsid
    [root@node1 ~]# systemctl restart iscsi
    
  • 重新查找target

    [root@node1 ~]# iscsiadm -m discovery -t st -p 192.168.100.188
    192.168.100.188:3260,1 iqn.2022.04.com.rac:iscsi.disk
    

    现在,共享的存储可以像本地磁盘一样使用了!

posted @ 2022-04-17 23:23  何以卿卿  阅读(397)  评论(0编辑  收藏  举报