需求:
配置 system1 提供一个 ISCSI 服务,磁盘名为iqn.2014-08.com.example.group8:system1 ; 服务端口为 3260 ; 使用 iscsi_store 作为后端逻辑卷名称,大小 3G ; 此服务只能被 system2 访问 ;
配置 system2 使其能连接在 system1 上提供的 iqn.2014-08.com.example.group8:system1; ISCSI 设备在系统启动期间自动加载; 块设备 ISCSI 上包含一个大小 2100M 的分区,格式化为 ext4 ; 此分区挂载在 /mnt/data 上,并自动挂载 ;
| system1 | 192.168.1.151 |
| system2 | 192.168.1.152 |
| os | rhel 7.2 |
[root@system1 ~]# yum install targetcli -y #安装iscsi服务端软件包
[root@system1 ~]# systemctl enable target #开机启动此服务
ln -s'/usr/lib/systemd/system/target.service''/etc/systemd/system/multi-user.target.wants/target.service'
[root@system1 ~]#systemctl start target
[root@system1~]# firewall-cmd --permanent --add-rich-rule'rule family="ipv4" source address="172.24.8.12/32" portport=3260 protocol=tcp accept'
#添加防火墙策略,允许system2访 问,访问端 口是3260
[root@system1 ~]#firewall-cmd --reload
success
[root@system1 ~]# lsblk #查看磁盘容量
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 20G 0 disk
├─sda1 8:1 0 9.8G 0 part /
└─sda2 8:2 0 3G 0 part [SWAP]
[root@system1 ~]#fdisk /dev/sda
Welcome to fdisk(util-linux 2.23.2).
Changes will remainin memory only, until you decide to write them.
Be careful beforeusing the write command.
Command (m forhelp): p
Disk /dev/sda: 21.5GB, 21474836480 bytes, 41943040 sectors
Units = sectors of 1* 512 = 512 bytes
Sector size(logical/physical): 512 bytes / 512 bytes
I/O size(minimum/optimal): 512 bytes / 512 bytes
Disk label type: dos
Disk identifier:0x000d9a10
Device Boot Start End Blocks Id System
/dev/sda1 * 2048 20482047 10240000 83 Linux
/dev/sda2 20482048 26626047 3072000 82 Linux swap / Solaris
Command (m forhelp): n
Partition type:
p primary (2 primary, 0 extended, 2 free)
e extended
Select (default p):p
Partition number(3,4, default 3):
First sector(26626048-41943039, default 26626048):
Using default value26626048
Last sector, +sectors or +size{K,M,G} (26626048-41943039, default41943039): +3G #分配一个3G的LVM空间
Partition 3 of typeLinux and of size 3 GiB is set
Command (m forhelp): p
Disk /dev/sda: 21.5GB, 21474836480 bytes, 41943040 sectors
Units = sectors of 1* 512 = 512 bytes
Sector size(logical/physical): 512 bytes / 512 bytes
I/O size(minimum/optimal): 512 bytes / 512 bytes
Disk label type: dos
Disk identifier:0x000d9a10
Device Boot Start End Blocks Id System
/dev/sda1 * 2048 20482047 10240000 83 Linux
/dev/sda2 20482048 26626047 3072000 82 Linux swap / Solaris
/dev/sda3 26626048 32917503 3145728 83 Linux
Command (m forhelp): t
Partition number(1-3, default 3): 3
Hex code (type L to list all codes): 8e #设置格式为lvm
Changed type ofpartition 'Linux' to 'Linux LVM'
Command (m forhelp): w
The partition tablehas been altered!
Calling ioctl() tore-read partition table.
WARNING: Re-readingthe partition table failed with error 16: Device or resource busy.
The kernel stilluses the old table. The new table will be used at
the next reboot orafter you run partprobe(8) or kpartx(8)
Syncing disks.
[root@system1 ~]# partprobe #格式化分区
[root@system1 ~]#lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 20G 0 disk
├─sda1 8:1 0 9.8G 0 part /
├─sda2 8:2 0 3G 0 part [SWAP]
└─sda3 8:3 0 3G 0 part
[root@system1 ~]# pvcreate /dev/sda3 #创建PV
Physical volume "/dev/sda3"successfully created
[root@system1 ~]# vgcreate iscsi_vg /dev/sda3 #创建名为iscsi_vg 的卷组
Volume group "iscsi_vg"successfully created
[root@system1 ~]# lvcreate -n iscsi_store -l 100%VG iscsi_vg #创建名为iscsi_store且iscsi_vg卷组所有空间都分配给此逻辑卷
Logical volume "iscsi_store"created
[root@system1 ~]# targetcli #配置iscsi
targetcli shellversion 2.1.fb41
Copyright 2011-2013by Datera, Inc and others.
For help oncommands, type 'help'.
/> ls
o- /......................................................................................[...]
o- backstores...........................................................................[...]
| o- block............................................................... [StorageObjects: 0]
| o- fileio.............................................................. [StorageObjects: 0]
| o- pscsi............................................................... [StorageObjects: 0]
| o- ramdisk............................................................. [Storage Objects:0]
o- iscsi.........................................................................[Targets: 0]
o- loopback......................................................................[Targets: 0]
/> backstores/block create name=iscsi_storedev=/dev/iscsi_vg/iscsi_store #先将本地逻辑卷加入iscsi
/> cd iscsi
/iscsi> create iqn.2014-08.com.example.group8:system1 #定义一个iscsi设备
Created targetiqn.2014-08.com.example.group8:system1.
Created TPG 1.
Global prefauto_add_default_portal=true
Created defaultportal listening on all IPs (0.0.0.0), port 3260.
/> cdiscsi/iqn.2014-08.com.example.group8:system1/tpg1/
/iscsi/iqn.20...:system1/tpg1> luns/ create/backstores/block/iscsi_store #将定义的iscsi设备 绑定本地逻辑卷
Created LUN 0.
/iscsi/iqn.20...:system1/tpg1> acls/ createiqn.2014-08.com.example.group8:system2 #允许名字为iqn.2014-08.com.example.group8:system2的 客户端访问设备
Created Node ACL foriqn.2014-08.com.example.group8:system2
Created mapped LUN0.
/iscsi/iqn.20...:system1/tpg1> portals/ create 172.24.8.11 3260 #定义iscsi 访问端口
Using default IPport 3260
Could not create NetworkPortal in configFS #此报错忽略,因某些版本已经建立了0.0.0.0的监听
/iscsi/iqn.20...:system1/tpg1> set attribute authentication=0 #关闭账号密码验证访问控制
Parameterauthentication is now '0'.
/iscsi/iqn.20...:system1/tpg1> set attribute generate_node_acls=0 #使用自定义的acl实现访问限制
Parametergenerate_node_acls is now '0'.
/iscsi/iqn.20...:system1/tpg1>cd /
/> saveconfig #保存配置
Last 10 configssaved in /etc/target/backup.
Configuration savedto /etc/target/saveconfig.json
/> ls
o- /......................................................................................[...]
o- backstores...........................................................................[...]
| o- block............................................................... [StorageObjects: 1]
| | o- iscsi_store ..................[/dev/iscsi_vg/iscsi_store (3.0GiB) write-thru activated]
| o- fileio.............................................................. [StorageObjects: 0]
| o- pscsi............................................................... [StorageObjects: 0]
| o- ramdisk............................................................. [Storage Objects:0]
o- iscsi.........................................................................[Targets: 1]
| o- iqn.2014-08.com.example.group8:system1......................................... [TPGs: 1]
| o-tpg1 ............................................................ [no-gen-acls,no-auth]
| o- acls....................................................................... [ACLs:1]
| |o- iqn.2014-08.com.example.group8:system2 ............................ [MappedLUNs: 1]
| | o- mapped_lun0........................................ [lun0 block/iscsi_store (rw)]
| o- luns....................................................................... [LUNs:1]
| |o- lun0 ............................... [block/iscsi_store(/dev/iscsi_vg/iscsi_store)]
| o- portals................................................................. [Portals: 1]
| o- 0.0.0.0:3260.................................................................. [OK]
o- loopback......................................................................[Targets: 0]
/>exit
[root@system2 ~]# yum install iscsi-initiator-utils -y #安装客户端软件包
[root@system2 ~]# vi /etc/iscsi/initiatorname.iscsi
InitiatorName=iqn.2014-08.com.example.group8:system2 #配置客户端名称
[root@system2 ~]# systemctl enable iscsi iscsid.service #服务开机启动
ln -s'/usr/lib/systemd/system/iscsid.service''/etc/systemd/system/multi-user.target.wants/iscsid.service'
[root@system2 ~]# systemctl start iscsi iscsid.service #启动服务
[root@system2 ~]# iscsiadm -m discovery -t st -p 172.24.8.11 #发现远端设备
172.24.8.11:3260,1iqn.2014-08.com.example.group8:system1
[root@system2 ~]# iscsiadm -m node -l #登陆
Logging in to[iface: default, target: iqn.2014-08.com.example.group8:system1, portal:172.24.8.11,3260] (multiple)
Login to [iface:default, target: iqn.2014-08.com.example.group8:system1, portal:172.24.8.11,3260] successful.
[root@system2 ~]#lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 20G 0 disk
├─sda1 8:1 0 9.8G 0 part /
└─sda2 8:2 0 2G 0 part [SWAP]
sdb 8:16 0 3G 0 disk #多了一块3G的盘
[root@system2 ~]# fdisk /dev/sdb #新创分区
Welcome to fdisk(util-linux 2.23.2).
Changes will remainin memory only, until you decide to write them.
Be careful beforeusing the write command.
Device does notcontain a recognized partition table
Building a new DOSdisklabel with disk identifier 0xc3c0951e.
Command (m forhelp): n
Partition type:
p primary (0 primary, 0 extended, 4 free)
e extended
Select (default p):p
Partition number(1-4, default 1):
First sector(8192-6283263, default 8192):
Using default value8192
Last sector, +sectors or +size{K,M,G} (8192-6283263, default6283263): +2100M #2100M
Partition 1 of typeLinux and of size 2.1 GiB is set
Command (m forhelp): w
The partition tablehas been altered!
Calling ioctl() tore-read partition table.
Syncing disks.
[root@system2 ~]# partprobe #内核重新读取分区表
[root@system2 ~]# mkfs.ext4 /dev/sdb1 #在新建分区上格式化对应文件系统
mke2fs 1.42.9(28-Dec-2013)
Filesystem label=
OS type: Linux
Block size=4096(log=2)
Fragment size=4096(log=2)
Stride=0 blocks,Stripe width=1024 blocks
134640 inodes,537600 blocks
26880 blocks (5.00%)reserved for the super user
First data block=0
Maximum filesystemblocks=551550976
17 block groups
32768 blocks pergroup, 32768 fragments per group
7920 inodes pergroup
Superblock backupsstored on blocks:
32768, 98304, 163840, 229376, 294912
Allocating grouptables: done
Writing inodetables: done
Creating journal(16384 blocks): done
Writing superblocksand filesystem accounting information: done
[root@system2 ~]# mkdir /mnt/data #创建挂载目录
[root@system2 ~]# blkid #查看设备ID
/dev/sda1:UUID="182dc058-fb2e-45ec-8285-38f150033822" TYPE="xfs"
/dev/sda2:UUID="ded4e9e7-b20f-405f-b88b-99e26dd67bd5" TYPE="swap"
/dev/sdb1:UUID="92c2403d-1694-4e3f-90b2-f423ade6ea33" TYPE="ext4"
[root@system2 ~]# vi/etc/fstab
# /etc/fstab
# Created byanaconda on Sun Jul 24 22:29:04 2016
#
# Accessiblefilesystems, by reference, are maintained under '/dev/disk'
# See man pagesfstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
UUID=182dc058-fb2e-45ec-8285-38f150033822/ xfs defaults 1 1
UUID=ded4e9e7-b20f-405f-b88b-99e26dd67bd5swap swap defaults 0 0
//172.24.8.11/devops/mnt/dev cifs defaults,multiuser,username=silene,password=redhat,sec=ntlmssp 00
system1:/public/mnt/nfsmount nfs defaults,sec=sys 0 0
system1:/protected/mnt/nfssecure nfs4 defaults,sec=krb5p 0 0
UUID=92c2403d-1694-4e3f-90b2-f423ade6ea33 /mnt/data ext4defaults,_netdev 0 0 #添加此信息
[root@system2 ~]#mount -a
[root@system2 ~]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/sda1 9.8G 3.1G 6.8G 32% /
devtmpfs 765M 0 765M 0% /dev
tmpfs 773M 0 773M 0% /dev/shm
tmpfs 773M 17M 757M 3% /run
tmpfs 773M 0 773M 0% /sys/fs/cgroup
//172.24.8.11/devops 9.8G 3.2G 6.7G 33% /mnt/dev
system1:/public 9.8G 3.2G 6.7G 33% /mnt/nfsmount
system1:/protected 9.8G 3.2G 6.7G 33% /mnt/nfssecure
/dev/sdb1 2.0G 6.2M 1.9G 1% /mnt/data
扫一扫
1993
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
