iscsi服务器介绍和搭建

iscsi服务器

当我们的系统需要大量的磁盘量，但是身边却没有足够的存储设备，此时，我们可以使用通过网络的scsi磁盘，即Internet scsi（iscsi）。iscsi主要是通过TCP/IP的技术，将存储设备端通过iscsi target功能，做成可以提供磁盘的服务器端，再通过iscsi initiator（iscsi初始化用户）功能，做成能够挂载使用iscsi target的客户端，这样就能够通过iscsi协议来进行磁盘的应用了。
iscsi架构主要将存储设备与使用的主机分为两个部分，分别是：
iscsi target：就是存储设备端，存放磁盘设备。目的在于提供其他主机使用的磁盘。
iscsi initiator：就是能够使用target的客户端，通常是服务器。也就是说，想要连接到iscsi target的服务器，也必须要安装iscsi initiator的相关功能后才能使用iscsi target提供的磁盘。

iscsi服务端需要使用的软件为targetcli
iscsi客户端需要的软件为iscsi-initiator-utils

安装软件
[root@localhost ~]# yum install targetcli -y

配置iscsi服务端共享资源
targetcli是用于管理iscsi服务端存储资源的专用配置命令，它能够提供类似于fdisk命令的交互式配置功能，将iscsi共享资源的配置内容抽象成“目录”的形式，我们只需要将各类配置信息填入到相应的“目录”中即可。

[root@localhost ~]# targetcli
/> ls /
o- / ..................................................... [...]
  o- backstores .......................................... [...]可用于iscsi的服务存储类型有四种
  | o- block .............................. [Storage Objects: 0]块设备，磁盘驱动器，磁盘分区，逻辑卷，以及服务器上定义的任何b类型的设备文件
  | o- fileio ............................. [Storage Objects: 0]在服务器上生成的一个指定大小的文件
  | o- pscsi .............................. [Storage Objects: 0]物理scsi，通常不用
  | o- ramdisk ............................ [Storage Objects: 0]内存盘，其中存储的数据在服务器重启后将全部丢失
  o- iscsi ........................................ [Targets: 0]
  o- loopback ..................................... [Targets: 0]

实验

服务端：
一、基本环境
1、首先准备好iscsi共享的磁盘，iscsi可以通过（大型文件、单一分区、单一设备来进行共享）。
首先在虚拟机上添加二块磁盘

（1）建立一个500M左右大小的文件

[root@localhost data]# dd if=/dev/zero of=/data/iscsi bs=1024 count=512
512+0 records in
512+0 records out
524288 bytes (524 kB, 512 KiB) copied, 0.000719401 s, 729 MB/s
[root@localhost data]# 

（2）创建一个新分区

[root@localhost ~]# fdisk /dev/nvme0n2

Welcome to fdisk (util-linux 2.32.1).
Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.

Device does not contain a recognized partition table.
Created a new DOS disklabel with disk identifier 0xe6c99ae6.       
Command (m for help): p

Disk /dev/nvme0n2: 2 GiB, 2147483648 bytes, 4194304 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0xe6c99ae6

Command (m for help): n
Partition type
   p   primary (0 primary, 0 extended, 4 free)
   e   extended (container for logical partitions)
Select (default p): p
Partition number (1-4, default 1): 
First sector (2048-4194303, default 2048): 
Last sector, +sectors or +size{K,M,G,T,P} (2048-4194303, default 4194303): 1000M  
Value out of range.
Last sector, +sectors or +size{K,M,G,T,P} (2048-4194303, default 4194303): 500M 
Value out of range.
Last sector, +sectors or +size{K,M,G,T,P} (2048-4194303, default 4194303): +1000M

Created a new partition 1 of type 'Linux' and of size 1000 MiB.

Command (m for help): p
Disk /dev/nvme0n2: 2 GiB, 2147483648 bytes, 4194304 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0xe6c99ae6

Device         Boot Start     End Sectors  Size Id Type
/dev/nvme0n2p1       2048 2050047 2048000 1000M 83 Linux

Command (m for help): w
The partition table has been altered.
Calling ioctl() to re-read partition table.
Syncing disks.

（3）准备一个空磁盘nvme0n3

(4) 安装iscsi服务端：targetd、targetcli

  [root@localhost ~]# yum install targetd targetcli -y

二、调用targetcli命令进行设置

1、创建iscsi磁盘

[root@localhost ~]# targetcli
Warning: Could not load preferences file /root/.targetcli/prefs.bin.
targetcli shell version 2.1.51
Copyright 2011-2013 by Datera, Inc and others.
For help on commands, type 'help'.

/> cd backstores/block 
/backstores/block> create dev=/dev/nvme0n2p1 name=lun0
Created block storage object lun0 using /dev/nvme0n2p1.
/backstores/block> create dev=/dev/nvme0n3 name=lun1
Created block storage object lun1 using /dev/nvme0n3.
/backstores/block> cd /backstores/fileio 
/backstores/fileio> create file_or_dev=/data/iscsi lun2
Created fileio lun2 with size 524288
/backstores/fileio> ls /backstores/

2、创建服务端程序

/> cd iscsi 
/iscsi> ls
o- iscsi ............................................................................................ [Targets: 0]
/iscsi> create iqn.2022-10.com.rhce:server
Created target iqn.2022-10.com.rhce:server.
Created TPG 1.
Global pref auto_add_default_portal=true
Created default portal listening on all IPs (0.0.0.0), port 3260.
/iscsi> ls
o- iscsi ............................................................................................ [Targets: 1]
  o- iqn.2022-10.com.rhce:server ....................................................................... [TPGs: 1]
    o- tpg1 ............................................................................... [no-gen-acls, no-auth]
      o- acls .......................................................................................... [ACLs: 0]
      o- luns .......................................................................................... [LUNs: 0]
      o- portals .................................................................................... [Portals: 1]
        o- 0.0.0.0:3260 ..................................................................................... [OK]

3、创建服务卷luns

/iscsi> cd iqn.2022-10.com.rhce:server/tpg1/luns 
/iscsi/iqn.20...ver/tpg1/luns> create /backstores/block/lun0
Created LUN 0.
/iscsi/iqn.20...ver/tpg1/luns> create /backstores/block/lun1
Created LUN 1.
/iscsi/iqn.20...ver/tpg1/luns> create /backstores/fileio/lun2 
Created LUN 2.
/iscsi/iqn.20...ver/tpg1/luns> ls
o- luns ................................................................................................ [LUNs: 3]
  o- lun0 ......................................................... [block/lun0 (/dev/nvme0n2) (default_tg_pt_gp)]
  o- lun1 ......................................................... [block/lun1 (/dev/nvme0n3) (default_tg_pt_gp)]
  o- lun2 ......................................................... [fileio/lun2 (/data/iscsi) (default_tg_pt_gp)]
/iscsi/iqn.20...ver/tpg1/luns> 

4、创建客户端连接器

/iscsi/iqn.20...e:server/tpg1> cd acls 
/iscsi/iqn.20...ver/tpg1/acls> create iqn.2022-10.com.rhce:client
Created Node ACL for iqn.2022-10.com.rhce:client
Created mapped LUN 2.
Created mapped LUN 1.
Created mapped LUN 0.
/iscsi/iqn.20...ver/tpg1/acls> 
/iscsi/iqn.20...ver/tpg1/acls> exit
Global pref auto_save_on_exit=true
Configuration saved to /etc/target/saveconfig.json
[root@localhost ~]# 

5、启动targetd服务并设置防火墙

[root@localhost ~]#systemctl restart targetd targetcli
[root@localhost ~]#firewall-cmd --permanent --add-port=3260/tcp
[root@localhost ~]#firewall-cmd --reload

6、客户端配置

[root@localhost ~]# yum install iscsi-initiator-utils -y
[root@localhost ~]#vim /etc/iscsi/initiatorname.iscsi 
InitiatorName=iqn.2022-10.com.rhce:client
[root@localhost ~]#systemctl restart iscsi iscsid
#登入
[root@localhost data]# iscsiadm -m discovery -t sendtargets -p 192.168.10.100
192.168.10.100:3260,1 iqn.2022-10.com.rhce:server
[root@localhost data]# iscsiadm -m node -l
Logging in to [iface: default, target: iqn.2022-10.com.rhce:server, portal: 192.168.10.100,3260]
Login to [iface: default, target: iqn.2022-10.com.rhce:server, portal: 192.168.10.100,3260] successful.
[root@localhost data]# lsblk
NAME        MAJ:MIN RM  SIZE RO TYPE MOUNTPOINT
sda           8:0    0    2G  0 disk    #三块
└─sda1        8:1    0 1000M  0 part 
sdb           8:16   0  512K  0 disk 
sdc           8:32   0    2G  0 disk 
sr0          11:0    1  7.9G  0 rom  /mnt
nvme0n1     259:0    0   20G  0 disk 
├─nvme0n1p1 259:1    0  953M  0 part /boot
├─nvme0n1p2 259:2    0   14G  0 part /
└─nvme0n1p3 259:3    0  1.9G  0 part [SWAP]
#登出
[root@localhost data]#  iscsiadm -m node -u    
Logging out of session [sid: 1, target: iqn.2022-10.com.rhce:server, portal: 192.168.10.100,3260]
Logout of [sid: 1, target: iqn.2022-10.com.rhce:server, portal: 192.168.10.100,3260] successful.
[root@localhost data]# lsblk 
NAME        MAJ:MIN RM  SIZE RO TYPE MOUNTPOINT
sr0          11:0    1  7.9G  0 rom  /mnt
nvme0n1     259:0    0   20G  0 disk 
├─nvme0n1p1 259:1    0  953M  0 part /boot
├─nvme0n1p2 259:2    0   14G  0 part /
└─nvme0n1p3 259:3    0  1.9G  0 part [SWAP]

后面就可以可以对磁盘进行管理

三、如果要使用账户密码登录（上面配置不变）

1、进入到客户端的目录

[root@localhost ~]# targetcli
cd /iscsi/iqn.2022-10.com.rhce:server/tpg1/acls/iqn.2022-10.com.rhce:client
/iscsi/iqn.20...m.rhce:client> set auth userid=iscsi
Parameter userid is now 'iscsi'.
/iscsi/iqn.20...m.rhce:client> set auth password=11223344556677（Windows服务端密码位数需要12-16位）
Parameter password is now '11223344556677'.

2、开启我们认证开关

/iscsi/iqn.20...ver/tpg1/acls> cd iqn.2022-10.com.rhce:client/
/iscsi/iqn.20...m.rhce:client> ll
Command not found ll
/iscsi/iqn.20...m.rhce:client> ls
o- iqn.2022-10.com.rhce:client .................................................................. [Mapped LUNs: 3]
  o- mapped_lun0 .......................................................................... [lun0 block/lun0 (rw)]
  o- mapped_lun1 .......................................................................... [lun1 block/lun1 (rw)]
  o- mapped_lun2 ......................................................................... [lun2 fileio/lun2 (rw)]
/iscsi/iqn.20...m.rhce:client> set auth userid=iscsi
Parameter userid is now 'iscsi'.
/iscsi/iqn.20...m.rhce:client> set auth password=11223344556677
Parameter password is now '11223344556677'.
/iscsi/iqn.20...m.rhce:client> cd /iscsi/iqn.2022-10.com.rhce:server/tpg1/
/iscsi/iqn.20...e:server/tpg1> set attribute authentication=1
Parameter authentication is now '1'.
/iscsi/iqn.20...e:server/tpg1> exit
Global pref auto_save_on_exit=true
Last 10 configs saved in /etc/target/backup/.
Configuration saved to /etc/target/saveconfig.json
[root@localhost iscsi]# systemctl restart target

3、客户端重新登录失败

[root@localhost iscsi]# iscsiadm -m node -l
Logging in to [iface: default, target: iqn.2022-10.com.rhce:server, portal: 192.168.10.100,3260]
iscsiadm: Could not login to [iface: default, target: iqn.2022-10.com.rhce:server, portal: 192.168.10.100,3260].
iscsiadm: initiator reported error (24 - iSCSI login failed due to authorization failure)
iscsiadm: Could not log into all portals
[root@localhost iscsi]# 

4、在客户端设置：客户端设置认证的方式，以及用户名和密码

[root@localhost /]# cd /etc/iscsi/
[root@localhost iscsi]# ll
total 20
-rw-r--r--. 1 root root    42 Feb 10 19:46 initiatorname.iscsi
-rw-------. 1 root root 13186 Mar 31  2020 iscsid.conf
[root@localhost iscsi]# vim iscsid.conf 
#修改如下内容
node.session.auth.authmethod = CHAP
node.session.auth.username = iscsi
node.session.auth.password = 11223344556677
[root@localhost iscsi]# systemctl restart iscsi iscsid

5、重新登录

[root@localhost iscsi]# iscsiadm -m discovery -t st -p 192.168.10.100:3260
192.168.10.100:3260,1 iqn.2022-10.com.rhce:server
[root@localhost iscsi]# iscsiadm -m node -l
Logging in to [iface: default, target: iqn.2022-10.com.rhce:server, portal: 192.168.10.100,3260]
Login to [iface: default, target: iqn.2022-10.com.rhce:server, portal: 192.168.10.100,3260] successful.
[root@localhost iscsi]# lsblk 
NAME        MAJ:MIN RM  SIZE RO TYPE MOUNTPOINT
sda           8:0    0    2G  0 disk 
└─sda1        8:1    0 1000M  0 part 
sdb           8:16   0    2G  0 disk 
sdc           8:32   0  512K  0 disk 
sr0          11:0    1  7.9G  0 rom  /mnt
nvme0n1     259:0    0   20G  0 disk 
├─nvme0n1p1 259:1    0  953M  0 part /boot
├─nvme0n1p2 259:2    0   14G  0 part /
└─nvme0n1p3 259:3    0  1.9G  0 part [SWAP]
[root@localhost iscsi]#