iscsi使用教程(中)
服务端管理命令
### tgtadm 是一个模式化的命令,其使用格式如下:
# tgtadm --lld [driver] --op [operation] --mode [mode] [OPTION]
其中模式(mode)和操作(operation)对应关系如下:
- 模式:
- 操作:
- target模式:
- new:创建一个新的目标
- show:显示目标
- delete:删除目标
- update:更新模板
- bind:IP地址控制
- unbind:解除IP地址控制
- logicalunit模式:
- new:创建一个新的LUN
- delete:删除一个LUN
- account模式(控制发现/登入目标时的客户端用户名):
- new:创建账户
- delete:删除账户
- bind:绑定账户到目标
- unbind:解除目标的绑定账户
用法示例如下:
### 创建一个ID为[id],名称为[name]的目标
# tgtadm --lld iscsi --op new --mode target --tid [id] --targetname [name]
### 显示所有或ID为[id]的目标
# tgtadm --lld iscsi --op show --mode target [--tid [id]]
### 向ID为[id]的目标上添加一个新的编号为[lun]的LUN,其后端存储对应的块设备路径为[path](LUN:0是系统预留编号)
# tgtadm --lld iscsi --op new --mode logicalunit --tid [id] --lun [lun] --backing-store [path]
### 删除ID为[id]的目标
# tgtadm --lld iscsi --op delete --mode target --tid=[id]
### 删除ID为[id]的目标上编号为[lun]的LUN
# tgtadm -lld iscsi --op delete --mode logicalunit --tid=[id] --lun [lun]
### 定义ID为[id]的目标的访问控制列表,[address]为允许访问的客户端地址
# tgtadm --lld iscsi --op bind --mode target --tid [id] --initiator-address [address]
### 移除ID为[id]的目标的访问控制列表
# tgtadm --lld iscsi --op unbind --mode target --tid [id] --initiator-address [address]
常用命令示例如下:
### 获取目标信息
# tgtadm --lld iscsi --op show --mode target
### 创建目标
# tgtadm --lld iscsi --mode target --op new --tid 1 --targetname iqn.2010-10.org.openstack:vol
### 创建LUN
# tgtadm --lld iscsi --op new --mode logicalunit --tid 1 --lun 1 --bsoflags="sync" --backing-store=/dev/cinder-volumes/vol
### 配置访问控制
# tgtadm --lld iscsi --op bind --mode target --tid 1 --initiator-address ALL
### 添加CHAP认证:创建账户
# tgtadm --lld iscsi --op new --mode account --user fwdssg --password fwdssg
### 添加CHAP认证:绑定目标
# tgtadm --lld iscsi --op bind --mode account --user fwdssg --tid 1
### 使用配置文件完成以上等价操作
# cat /etc/tgt/conf.d/vol.conf
<target iqn.2010-10.org.openstack:vol>
backing-store /dev/cinder-volumes/vol
driver iscsi
incominguser fwdssg fwdssg
write-cache on
</target>
# tgt-admin --update iqn.2010-10.org.openstack:vol
客户端管理命令
### iscsiadm是个模式化的工具,其模式可通过-m或--mode选项指定,常见的模式有(如果没有额外指定其它选项discovery和node会显示其相关的所有记录):
### session:用于显示所有的活动会话和连接
### fw:显示所有的启动固件值
### host:显示所有的iSCSI主机
### iface:显示/var/lib/iscsi/ifaces目录中的所有ifaces设定
### 其用法如下:
# iscsiadm -m discoverydb [ -hV ] [ -d debug_level ] [-P printlevel] [ -t type -p ip:port -I ifaceN ... [ -Dl ] ] | [ [ -p ip:port -t type] [ -o operation ] [ -n name ] [ -v value ] [ -lD ] ]
# iscsiadm -m discovery [ -hV ] [ -d debug_level ] [-P printlevel] [ -t type -p ip:port -I ifaceN ... [ -l ] ] | [ [ -p ip:port ] [ -l | -D ] ]
# iscsiadm -m node [ -hV ] [ -d debug_level ] [ -P printlevel ] [ -L all,manual,automatic ] [ -U all,manual,automatic ] [ -S ] [ [ -T targetname -p ip:port -I ifaceN ] [ -l | -u | -R | -s] ] [ [ -o operation ] [ -n name ] [ -v value ] ]
# iscsiadm -m session [ -hV ] [ -d debug_level ] [ -P printlevel] [ -r sessionid | sysfsdir [ -R | -u | -s ] [ -o operation ] [ -n name ] [ -v value ] ]
# iscsiadm -m iface [ -hV ] [ -d debug_level ] [ -P printlevel ] [ -I ifacename | -H hostno|MAC ] [ [ -o operation ] [ -n name ] [ -v value ] ] [ -C ping [ -a ip ] [ -b packetsize ] [ -c count ] [ -i interval ] ]
# iscsiadm -m fw [ -d debug_level ] [ -l ]
# iscsiadm -m host [ -P printlevel ] [ -H hostno|MAC ] [ [ -C chap [ -x chap_tbl_idx ] ] | [ -C flashnode [ -A portal_type ] [ -x flashnode_idx ] ] | [ -C stats ] ] [ [ -o operation ] [ -n name ] [ -v value ] ]
# iscsiadm -k priority
常用参数说明如下:
-d, --debug=debug_level 显示debug信息,级别为0-8
-l, --login 连接目标
-t, --type=type 可用的类型有(此选项仅用于discovery模式):sendtargets(可简写为st)、slp、fw和isns
-p, --portal=ip[:port] 指定目标服务的IP和端口;
-m, --mode op 可用的模式有discovery、node、fw、host、iface和session
-T, --targetname=targetname 用于指定目标的名字
-u, --logout 断开同目标的连接
-o, --op=OPEARTION 指定针对discoverydb数据库的操作,可用操作有:new、delete、update、show和nonpersistent
-I, --interface=[iface] 指定执行操作的iSCSI接口,这些接口定义在/var/lib/iscsi/ifaces中
常见用法示例:
### 发现目标
# iscsiadm -m discovery -t sendtargets -p 92.0.0.12
### 连接目标
# iscsiadm -m node -T iqn.2010-10.org.openstack:volume-ea0ec392-92dd-4d95-bbc8-277c7f881bbf -p 92.0.0.12 -l
### 删除目标
# iscsiadm -m node -o delete -T iqn.2010-10.org.openstack:vol -p 92.0.0.14
### 查询连接会话
# iscsiadm -m session
使用LIO/TCM管理服务端
检测内核是否支持LIO/TCM
# find /lib/modules/$(uname -r) -iname *target*
/lib/modules/3.10.0-327.el7.x86_64/kernel/drivers/target
/lib/modules/3.10.0-327.el7.x86_64/kernel/drivers/target/iscsi/iscsi_target_mod.ko
/lib/modules/3.10.0-327.el7.x86_64/kernel/drivers/target/target_core_file.ko
/lib/modules/3.10.0-327.el7.x86_64/kernel/drivers/target/target_core_iblock.ko
/lib/modules/3.10.0-327.el7.x86_64/kernel/drivers/target/target_core_mod.ko
/lib/modules/3.10.0-327.el7.x86_64/kernel/drivers/target/target_core_pscsi.ko
# grep 'TARGET_CORE\|TCM' /boot/config-$(uname -r)
# CONFIG_TCM_QLA2XXX is not set
CONFIG_TARGET_CORE=m
CONFIG_TCM_IBLOCK=m
CONFIG_TCM_FILEIO=m
CONFIG_TCM_PSCSI=m
# CONFIG_TCM_USER is not set
CONFIG_TCM_FC=m
安装管理软件
### 有了这个就可以不用安装scsi-target-utils.x86_64了,两者对应的服务分别为tgtd和target
# yum install targetcli -y
启动并打印帮助
# targetcli
Warning: Could not load preferences file /root/.targetcli/prefs.bin.
targetcli shell version 2.1.fb46
Copyright 2011-2013 by Datera, Inc and others.
For help on commands, type 'help'.
/> help
GENERALITIES
============
This is a shell in which you can create, delete and configure
configuration objects.
The available commands depend on the current path or target
path you want to run a command in: different path have
different sets of available commands, i.e. a path pointing at
an iscsi target will not have the same availaible commands as,
say, a path pointing at a storage object.
The prompt that starts each command line indicates your
current path. Alternatively (useful if the prompt displays
an abbreviated path to save space), you can run the
pwd command to display the complete current path.
Navigating the tree is done using the cd command. Without
any argument, cd will present you with the full objects
tree. Just use arrows to select the destination path, and
enter will get you there. Please try help cd for navigation
tips.
COMMAND SYNTAX
==============
Commands are built using the following syntax:
[TARGET_PATH] COMMAND_NAME [OPTIONS]
The TARGET_PATH indicates the path to run the command from.
If ommited, the command will be run from your current path.
The OPTIONS depend on the command. Please use help
COMMAND to get more information.
AVAILABLE COMMANDS
==================
The following commands are available in the
current path:
- bookmarks action [bookmark]
- cd [path]
- clearconfig [confirm]
- exit
- get [group] [parameter...]
- help [topic]
- ls [path] [depth]
- pwd
- refresh
- restoreconfig [savefile] [clear_existing]
- saveconfig [savefile]
- sessions [action] [sid]
- set [group] [parameter=value...]
- status
- version
/>
创建backstore(在此之前,我们要创建一个路径为/dev/cinder-volumes/vfwd的lv)
/> ls
o- / ......................................................................................................................... [...]
o- backstores .............................................................................................................. [...]
| o- block .................................................................................................. [Storage Objects: 0]
| o- fileio ................................................................................................. [Storage Objects: 0]
| o- pscsi .................................................................................................. [Storage Objects: 0]
| o- ramdisk ................................................................................................ [Storage Objects: 0]
o- iscsi ............................................................................................................ [Targets: 0]
o- loopback ......................................................................................................... [Targets: 0]
/> cd backstores/block
/backstores/block> create vol-fwd /dev/cinder-volumes/vfwd
Created block storage object vol-fwd using /dev/cinder-volumes/vfwd.
创建iscsi目标
/backstores/block> cd /iscsi
/iscsi> create iqn.2010-10.org.openstack:vol-fwd
Created target iqn.2010-10.org.openstack:vol-fwd.
Created TPG 1.
Global pref auto_add_default_portal=true
Created default portal listening on all IPs (0.0.0.0), port 3260.
创建LUN
/iscsi> ls
o- iscsi .............................................................................................................. [Targets: 1]
o- iqn.2010-10.org.openstack:vol-fwd ................................................................................... [TPGs: 1]
o- tpg1 ................................................................................................. [no-gen-acls, no-auth]
o- acls ............................................................................................................ [ACLs: 0]
o- luns ............................................................................................................ [LUNs: 0]
o- portals ...................................................................................................... [Portals: 1]
o- 0.0.0.0:3260 ....................................................................................................... [OK]
/iscsi> cd iqn.2010-10.org.openstack:vol-fwd/tpg1/luns
/iscsi/iqn.20...fwd/tpg1/luns> create /backstores/block/vol-fwd
Created LUN 0.
创建ACL访问规则
/iscsi/iqn.20...fwd/tpg1/luns> cd ..
/iscsi/iqn.20...:vol-fwd/tpg1> cd acls
/iscsi/iqn.20...fwd/tpg1/acls> create iqn.2010-10.org.openstack:vol-fwd
Created Node ACL for iqn.2010-10.org.openstack:vol-fwd
Created mapped LUN 0.
/iscsi/iqn.20...fwd/tpg1/acls> ls
o- acls .................................................................................................................. [ACLs: 1]
o- iqn.2010-10.org.openstack:vol-fwd ............................................................................ [Mapped LUNs: 1]
o- mapped_lun0 ....................................................................................... [lun0 block/vol-fwd (rw)]
/iscsi/iqn.20...fwd/tpg1/acls> cd iqn.2010-10.org.openstack:vol-fwd/
/iscsi/iqn.20...stack:vol-fwd> set auth userid=fwdssg
Parameter userid is now 'fwdssg'.
/iscsi/iqn.20...stack:vol-fwd> set auth password=fwdssg
Parameter password is now 'fwdssg'.
创建监听端口用于客户端连接
### 默认存在一个监听地址0.0.0.0:3260
/iscsi/iqn.20...stack:vol-fwd> cd /
/> cd iscsi/iqn.2010-10.org.openstack:vol-fwd/tpg1/portals/
/iscsi/iqn.20.../tpg1/portals> create 0.0.0.0 3261
Binding to INADDR_ANY (0.0.0.0)
Created network portal 0.0.0.0:3261.
/iscsi/iqn.20.../tpg1/portals> ls
o- portals ............................................................................................................ [Portals: 2]
o- 0.0.0.0:3260 ............................................................................................................. [OK]
o- 0.0.0.0:3261 ............................................................................................................. [OK]
/iscsi/iqn.20.../tpg1/portals> delete 0.0.0.0 3261
Deleted network portal 0.0.0.0:3261
最后保存配置
/> saveconfig
Last 10 configs saved in /etc/target/backup.
Configuration saved to /etc/target/saveconfig.json
其他技巧
### 1. 在不同的目录下下面打印help显示的指令都是不同的
/iscsi/iqn.20...ode/tpg1/acls> help
AVAILABLE COMMANDS
==================
The following commands are available in the
current path:
- bookmarks action [bookmark]
- cd [path]
- create wwn [add_mapped_luns]
- delete wwn
- exit
- get [group] [parameter...]
- help [topic]
- ls [path] [depth]
- pwd
- refresh
- set [group] [parameter=value...]
- status
- tag wwn_or_tag new_tag
- untag wwn_or_tag
### 2. 每个目录都有属性值,通过get命令可以获取目录下面所有的属性值,使用set可以设置这些属性值,使用tab键可以自动补齐命令
/iscsi/iqn.20...ys:anode/tpg1> get
AVAILABLE CONFIGURATION GROUPS
==============================
attribute global parameter auth
/iscsi/iqn.20...ys:anode/tpg1> get attribute
ATTRIBUTE CONFIG GROUP
======================
authentication=0
----------------
If set to 1, enforce authentication for this TPG.
/iscsi/iqn.20...ys:anode/tpg1> set attribute authentication=1
Parameter authentication is now '1'.
### 3. 目录如果有属性被设置,使用ls命令后,在目录右边的[]内可以看到
/iscsi/iqn.20....nocsys:anode> ls
o- iqn.2010-10.org.nocsys:anode .......................................................................................... [TPGs: 1]
o- tpg1 ......................................................................................... [gen-acls, tpg-auth, 1-way auth]
o- acls .............................................................................................................. [ACLs: 0]
o- luns .............................................................................................................. [LUNs: 1]
| o- lun0 ............................................................ [block/anode (/dev/ceph-volume/anode) (default_tg_pt_gp)]
o- portals ........................................................................................................ [Portals: 1]
o- 0.0.0.0:3260 ......................................................................................................... [OK]
参考文档
鸟哥私房菜
使用Linux的tgtd提供iscsi服务
创建 iscsi target 服务器和 iscsi initiator 客户端连接
ISCSI网络存储
ISCSI Target (简体中文)
官方手册
