002.iSCSI服务端配置

2019-07-26 10:50:15 浏览数 (2)

一 iSCSI target的磁盘种类

  • 大型文件
  • 单一分区(partition)
  1. 磁盘
  2. 数组
  3. RAID
  4. LVM

二 iSCSI创建步骤

  1. 建立用于共享的磁盘设备(分区/磁盘/文件)
  2. 创建后备磁盘
  3. 创建相应的IQN
  4. 创建相应的规则 #(可选)
  5. 为后备磁盘创建LUN
  6. 指定侦听的IP和端口 #(可选)
  7. 检查并保存配置
  8. 防火墙规则开放
  9. 服务(开机)启动

三 建立所需磁盘设备

3.1 建立一个3GB大小的/dev/sdc1作为共享

代码语言:javascript复制
  1    Device Boot      Start         End      Blocks   Id  System
  2 /dev/sdc1            2048     6293503     3145728   83  Linux

3.2 建立一个2GB大小的/dev/server/iscsi01LV作为共享

使用fdisk创建一个用于共享的LVM分区disk1_lv。

代码语言:javascript复制
  1    Device Boot      Start         End      Blocks   Id  System
  2 /dev/sdb1            2048     4196351     2097152   8e  Linux LVM
  3 /dev/sdb2         4196352     8390655     2097152   8e  Linux LVM
  4 [root@system1 ~]# pvcreate /dev/sdb1
  5 [root@system1 ~]# pvcreate /dev/sdb2
  6 [root@system1 ~]# vgcreate iSCSI -s 16M /dev/sdb1 /dev/sdb2
  7   Volume group "iSCSI" successfully created
  8 [root@system1 ~]# lvcreate -n disk1_lv -L 2G iSCSI

3.3 建立一个1GB大小的文件disk1_file作为共享

代码语言:javascript复制
  1 [root@system1 ~]# dd if=/dev/zero of=/root/disk1_file bs=1M count=1024

四 创建后备存储

4.1 安装相关软件

代码语言:javascript复制
  1 [root@system1 ~]# yum -y install targetcli

4.2 相关设置-交互模式

代码语言:javascript复制
  1 [root@system1 ~]# targetcli	#进入targetcli交互配置视图
  2 block:定义的块设备,磁盘驱动器、磁盘分区、LVM等
  3 fileio:创建的指定大小的文件,如dd if=/dev/zero of=……所创建
  4 pscsi:物理SCSI,通常不采用此类型
  5 ramdisk:在内存中创建的一个指定大小ramdisk设备
  6 /> cd /backstores/
  7 /backstores> block/ create block1 /dev/iSCSI/disk1_lv	#创建名为block1的lvm的后备存储
  8 Created block storage object block1 using /dev/iSCSI/disk1_lv.
  9 /backstores> block/ create block2 /dev/sdc1		#创建名为block2的磁盘分区后备存储
 10 Created block storage object block2 using /dev/sdc1.
 11 /backstores> fileio/ create file1 /root/disk1_file	#创建名为file1的大型文件后备存储
 12 Created fileio file1 with size 1073741824
 13 /backstores> ls						#查看创建情况
 14 o- backstores ....................................................................................... [...]
 15   o- block ........................................................................... [Storage Objects: 2]
 16   | o- block1 ....................................... [/dev/iSCSI/disk1_lv (2.0GiB) write-thru deactivated]
 17   | o- block2 ................................................. [/dev/sdc1 (3.0GiB) write-thru deactivated]
 18   o- fileio .......................................................................... [Storage Objects: 1]
 19   | o- file1 ........................................... [/root/disk1_file (1.0GiB) write-back deactivated]
 20   o- pscsi ........................................................................... [Storage Objects: 0]
 21   o- ramdisk ......................................................................... [Storage Objects: 0]

五 创建相应的IQN

代码语言:javascript复制
  1 /backstores> cd /iscsi
  2 /iscsi> create iqn.2016-09.com.example:remotedisk1	#创建符合名称的IQN名称
  3 /iscsi> ls
  4 o- iscsi ..................................................................................... [Targets: 2]
  5   o- iqn.2003-01.org.linux-iscsi.system1.x8664:sn.5792c2787dd8 .................................. [TPGs: 1]
  6   | o- tpg1 ........................................................................ [no-gen-acls, no-auth]
  7   |   o- acls ................................................................................... [ACLs: 0]
  8   |   o- luns ................................................................................... [LUNs: 0]
  9   |   o- portals ............................................................................. [Portals: 0]
 10   o- iqn.2016-09.com.example:remotedisk1 ........................................................ [TPGs: 1]
 11     o- tpg1 ........................................................................ [no-gen-acls, no-auth]
 12       o- acls ................................................................................... [ACLs: 0]
 13       o- luns ................................................................................... [LUNs: 0]
 14       o- portals ............................................................................. [Portals: 0]

六 创建相应的ACL规则

代码语言:javascript复制
  1 /iscsi> cd iqn.2016-09.com.example:remotedisk1/tpg1/
  2 /iscsi/iqn.20...otedisk1/tpg1> acls/ create iqn.2016-09.com.example:desktop0
  3 #只允许 iqn.2016-09.com.example:desktop0客户端使用此iSCSI提供磁盘服务
  4 /iscsi/iqn.20...otedisk1/tpg1> ls
  5 o- tpg1 ............................................................................ [no-gen-acls, no-auth]
  6   o- acls ....................................................................................... [ACLs: 1]
  7   | o- iqn.2016-09.com.example:desktop0 .................................................. [Mapped LUNs: 0]
  8   o- luns ....................................................................................... [LUNs: 0]
  9   o- portals ................................................................................. [Portals: 0]

七 为后备存储创建LUN

注意:

1 之前创建的ACL将分配到每个LUN。

2 创建LUN必须在TPG下

代码语言:javascript复制
  1 /iscsi/iqn.20...otedisk1/tpg1> luns/ create /backstores/block/block1
  2 #将之前创建的后备磁盘block1创建一个LUN
  3 Created LUN 0.
  4 Created LUN 0->0 mapping in node ACL iqn.2016-09.com.example:desktop0
  5 /iscsi/iqn.20...otedisk1/tpg1> luns/ create /backstores/block/block2	#将之前创建的后备磁盘block2创建一个LUN
  6 Created LUN 1.
  7 Created LUN 1->1 mapping in node ACL iqn.2016-09.com.example:desktop0
  8 /iscsi/iqn.20...otedisk1/tpg1> luns/ create /backstores/fileio/file1	#将之前创建的后备磁盘file1创建一个LUN
  9 Created LUN 2.
 10 Created LUN 2->2 mapping in node ACL iqn.2016-09.com.example:desktop0
 11 /iscsi/iqn.20...otedisk1/tpg1> ls					#查看所有信息
 12 o- tpg1 ............................................................................ [no-gen-acls, no-auth]
 13   o- acls ....................................................................................... [ACLs: 1]								#ACL规则1条均分配在三个LUN中
 14   | o- iqn.2016-09.com.example:desktop0 .................................................. [Mapped LUNs: 3]
 15   |   o- mapped_lun0 ............................................................. [lun0 block/block1 (rw)]
 16   |   o- mapped_lun1 ............................................................. [lun1 block/block2 (rw)]
 17   |   o- mapped_lun2 ............................................................. [lun2 fileio/file1 (rw)]
 18   o- luns ....................................................................................... [LUNs: 3]								#三个LUN均对应后备磁盘
 19   | o- lun0 .......................................................... [block/block1 (/dev/iSCSI/disk1_lv)]
 20   | o- lun1 .................................................................... [block/block2 (/dev/sdc1)]
 21   | o- lun2 ............................................................. [fileio/file1 (/root/disk1_file)]
 22   o- portals ................................................................................. [Portals: 0]
 23 /iscsi/iqn.20...otedisk1/tpg1>

八 指定侦听IP地址和端口

注意:

1 若不指定端口将采用默认端口3260

2 若不指定IP,将允许服务器上定义的所有网络接口上的连接

3 创建LUN必须在TPG下

代码语言:javascript复制
  1 /iscsi/iqn.20...otedisk1/tpg1> portals/ create 172.24.8.11	#指定本地用于侦听客户端连接的IP
  2 Using default IP port 3260
  3 Created network portal 172.24.8.0:3260.

九 检查并保存退出

最后检查ls一遍,然后保存退出

代码语言:javascript复制
  1 /iscsi> cd /
  2 /> ls
  3 o- / ................................................................................................ [...]
  4   o- backstores ..................................................................................... [...]
  5   | o- block ......................................................................... [Storage Objects: 2]
  6   | | o- block1 ....................................... [/dev/iSCSI/disk1_lv (2.0GiB) write-thru activated]
  7   | | o- block2 ................................................. [/dev/sdc1 (3.0GiB) write-thru activated]
  8   | o- fileio ........................................................................ [Storage Objects: 1]
  9   | | o- file1 ........................................... [/root/disk1_file (1.0GiB) write-back activated]
 10   | o- pscsi ......................................................................... [Storage Objects: 0]
 11   | o- ramdisk ....................................................................... [Storage Objects: 0]
 12   o- iscsi ................................................................................... [Targets: 1]
 13   | o- iqn.2016-09.com.example:remotedisk1 ...................................................... [TPGs: 1]
 14   |   o- tpg1 ...................................................................... [no-gen-acls, no-auth]
 15   |     o- acls ................................................................................. [ACLs: 1]
 16   |     | o- iqn.2016-09.com.example:desktop0 ............................................ [Mapped LUNs: 3]
 17   |     |   o- mapped_lun0 ....................................................... [lun0 block/block1 (rw)]
 18   |     |   o- mapped_lun1 ....................................................... [lun1 block/block2 (rw)]
 19   |     |   o- mapped_lun2 ....................................................... [lun2 fileio/file1 (rw)]
 20   |     o- luns ................................................................................. [LUNs: 3]
 21   |     | o- lun0 .................................................... [block/block1 (/dev/iSCSI/disk1_lv)]
 22   |     | o- lun1 .............................................................. [block/block2 (/dev/sdc1)]
 23   |     | o- lun2 ....................................................... [fileio/file1 (/root/disk1_file)]
 24   |     o- portals ........................................................................... [Portals: 1]
 25   |       o- 172.24.8.0:3260 ......................................................................... [OK]
 26   o- loopback ................................................................................ [Targets: 0]
 27 /> exit

十 防火墙开放

代码语言:javascript复制
  1 [root@system1 ~]# firewall-cmd --add-port=3260/tcp		#防火墙添加iSCSI的端口
  2 Warning: ALREADY_ENABLED
  3 [root@system1 ~]# firewall-cmd --add-port=3260/tcp --permanent	#防火墙开放此端口
  4 success

十一 开启服务

代码语言:javascript复制
  1 [root@system1 ~]# systemctl start target
  2 [root@system1 ~]# systemctl enable target

0 人点赞