How to Configure iSCSI Target & Initiator in CentOS/RHEL 7

This post will explain how to configure iSCSI target and Initiator configuration in CentOS/RHEL 7. iSCSI is an Internet Protocol-based storage networking standard for linking data storage facilities. By carrying SCSI commands over IP networks, iSCSI can facilitate data transfers over local area networks (LANs), wide area networks (WANs), or the Internet. Through iSCSI, the space on the storage server will be regarded as local disks by the client’s operating system. But in reality, all data transferred to the disk are actually transferred over the network to the storage server.

The protocol allows clients (called initiators) to send SCSI commands (CDBs) to SCSI storage devices (targets) on remote servers. It is a storage area network (SAN) protocol, allowing organizations to consolidate storage into data center storage arrays while providing hosts (such as database and web servers) with the illusion of locally-attached disks.

iSCSI Component Terminology:

Term Description
Initiator An iSCSI client,typically available as a software but also implemented as iSCSI HBA. Initiators must be given unique names (IQN)
Target An iSCSI Storage resource, configured for connection from an iSCSI server.Target must be given an unique names. A target provide one or more block devices called Luns.
ACL An Access control list , an access restriction using the node iQN to validate access permission for an initiator
Discovery querying target server to list configured target.
IQN An iSCSI Qualified Name, A world wide unique name used to identify both initiator and target. Format : iqn.YYYY-MM.com.reserved.domain[:optional string]
login Authenticating to a target or LUN to begin client block device use.
LUN A Logical Unit Number, numbered block devices attached to and available through target.
node Any iSCSI initiator or target, identified by its iQN
portal An IP address and port on target or initiator used to establish connections.
TPG Target Portal Group, the set of interface IP address and TCP ports to which a specific iSCSI target will listen.

iSCSI Target Configuration

1. Create a backstore device using LVM.

# pvcreate /dev/sdb
# vgcreate vgiscsi /dev/sdd
# lvcreate -l 100%FREE –n lviscsi vgiscsi

Here I am using lviscsi as my backstore device for iSCSI target.

2. Install targetcli package

# yum install targetcli –y

3. Now run targetcli command.

# targetcli
targetcli shell version 2.1.fb34
Copyright 2011-2013 by Datera, Inc and others.
For help on commands, type 'help'.
/>

4. Now just run ls command you could see the target stack objects are grouped into a hierarchical tree.

/> ls
o- / ..................................................................... [...]
  o- backstores .......................................................... [...]
  | o- block .............................................. [Storage Objects: 0]
  | o- fileio ............................................. [Storage Objects: 0]
  | o- pscsi .............................................. [Storage Objects: 0]
  | o- ramdisk ............................................ [Storage Objects: 0]
  o- iscsi ........................................................ [Targets: 0]
  o- loopback ..................................................... [Targets: 0]
/>

5. Add the backstore device into iSCSI stack.

/> cd backstores/block
/backstores/block> create disk1 /dev/vgiscsi/lviscsi

6. Now let us add a fileio device to iSCSI stack:

/backstores/block> cd /backstores/fileio/
/backstores/fileio>

Create a 100MB file using the following command. This file can be used as a iscsi disk in iSCSI client.

/backstores/fileio> create disk2 /root/disk2 100MB

7. Now configure iscsi parameter in the target server.

/backstores/fileio> cd /iscsi
/iscsi> create iqn.2014-11.com.geek:server àiQN for target.

Verify the iQN, just run ls command.


/iscsi> ls
o- iscsi .......................................................... [Targets: 1]
  o- iqn.2014-11.com.geek:server.................................... [TPGs: 1]
    o- tpg1 ............................................. [no-gen-acls, no-auth]
      o- acls ........................................................ [ACLs: 0]
      o- luns ........................................................ [LUNs: 0]
      o- portals .................................................. [Portals: 0]
/iscsi>

8. Create an ACL entry for the Client.

/iscsi> cd iqn.2014-11.com.geek:server/tpg1/
/iscsi/iqn.20...l:server/tpg1>cd acls
/iscsi/iqn.20...ver/tpg1/acls> create iqn.2014-11.com.geek:client

9. Add LUNs to this target.

/iscsi/iqn.20...ver/tpg1/acls> cd ../luns
/iscsi/iqn.20...ver/tpg1/luns> create /backstores/block/disk1
/iscsi/iqn.20...ver/tpg1/luns> create /backstores/fileio/disk2

10. Now create the portal.

/iscsi/iqn.20...ver/tpg1/luns> cd ../portals
/iscsi/iqn.20.../tpg1/portals> create 192.168.1.4

And exit this will save the configurations into /etc/target/saveconfig.json

/iscsi/iqn.20.../tpg1/portals> exit
Global pref auto_save_on_exit=true
Last 10 configs saved in /etc/target/backup.
Configuration saved to /etc/target/saveconfig.json

11. Enable the target service persistence across reboot.

# systemctl enable target

12. Add rules in the firewall for iscsi:

# firewall-cmd --add-port=3260/tcp --permanent
# firewall-cmd --reload

iSCSI initiator Configuration

1. Install scsi-initiator-utils:

# yum install iscsi-initiator-utils –y

2. Edit the /etc/iscsi/initiatorname.iscsi and add the initiator name in this file. The initiator name should be same as the name given in the ACL.

InitiatorName=iqn.2014-11.com.geek:client

3. Restart the iscsi and iscsid service.

# systemctl restart iscsid
# systemctl restart iscsi

4. Now discover the target from the initiator using the following command.

# iscsiadm -m discovery -t st -p 192.168.1.4:3260
192.168.1.4:3260,1 iqn.2014-11.com.geek:server

5. Login to this target using the following command.

# iscsiadm -m node -T iqn.2014-11.com.geek:server -p 192.168.1.4:3260 –l

6. Now you could see that the initiator is successfully logged into the target. You could see the 2 LUNs in the target will now available in the client. You can verify the LUNs using the following commands.

# lsblk
# tail /var/log/messages
Nov  6 02:48:21 server2 iscsiadm: Logging in to [iface: default, target: iqn.2014-11.com.geek:server, portal: 192.168.1.2,3260] (multiple)
Nov  6 02:48:21 server2 iscsiadm: Login to [iface: default, target: iqn.2014-11.com.geek:server, portal: 192.168.1.6,3260] successful.
Nov  6 02:48:21 server2 systemd: Started Login and scanning of iSCSI devices.
Nov  6 02:48:21 server2 kernel: scsi 33:0:0:1: alua: port group 00 state A non-preferred supports TOlUSNA
Nov  6 02:48:21 server2 kernel: scsi 33:0:0:1: alua: Attached
Nov  6 02:48:21 server2 kernel: sd 33:0:0:1: Attached scsi generic sg4 type 0
Nov  6 02:48:21 server2 kernel: sd 33:0:0:0: [sdc] Write Protect is off
Nov  6 02:48:21 server2 kernel: sd 33:0:0:1: [sdd] 204800 512-byte logical blocks: (104 MB/100 MiB)
Nov  6 02:48:21 server2 kernel: sd 33:0:0:0: [sdc] Write cache: disabled, read cache: enabled, doesn't support DPO or FUA
Nov  6 02:48:21 server2 kernel: sd 33:0:0:1: [sdd] Write Protect is off
Nov  6 02:48:21 server2 kernel: sd 33:0:0:1: [sdd] Write cache: enabled, read cache: enabled, supports DPO and FUA
Nov  6 02:48:21 server2 kernel: sdc: unknown partition table
Nov  6 02:48:21 server2 kernel: sdd: unknown partition table
Nov  6 02:48:21 server2 kernel: sd 33:0:0:0: [sdc] Attached SCSI disk
Nov  6 02:48:21 server2 kernel: sd 33:0:0:1: [sdd] Attached SCSI disk
# dmesg

7. Now you could create the partitions using fdisk or LVM and mount it.