一.概述
本实验要搭建一个linux 系统下的iscsi 共享磁盘存储系统,实验一共用到三台机器,其中一个作为target端的存储服务器,另外两个作为client端,用来验证共享存储服务设置是否正确。本实验用的操作系统是Red Hat Enterprise Linux 5.7 (64位),三台机器用虚拟机创建,虚拟机用的软件是VMware workstation 7.1.0 build-261024。存储服务器target端用的软件是redhat自带scsi-target-utils-1.0.14-1.el5.x86_64,client端用到软件也是系统自带的iscsi-initiator-utils-6.2.0.872-10.el5.x86_64。
二.搭建实验环境
在虚拟机里创建包含三台机器的虚拟组,组成员在同一网段。机器名分别为:
target ip:192.168.71.133
clienta ip: 192.168.71.134
clinetb ip: 192.168.71.135
target端另外多挂载了两个硬盘,分别为sdb和sdc。sdb大小20G,sdc大小10G,
sdb共享给clienta使用,sdc共享给chientb使用。
在target机器安装scsi-target-utils-1.0.14-1.el5.x86_64
# yum -y install scsi-target-utils
# service tgtd start
# chconfig tgtd on
# netstat –anltp|grep 3260
client端软件iscsi-initiator-utils-6.2.0.872-10.el5.x86_64默认系统已经安装好了,不用安装了。
三.命令行方式搭建
1. 搭建基于iP的访问控制共享磁盘
● target端:
# tgtadm -L iscsi -o new -m target -t 1 -T iqn.2013-12.com.redhat:sdb
# tgtadm -L iscsi -o new -m target -t 2 -T iqn.2013-12.com.redhat:sdc
# tgtadm -L iscsi -o new -m logicalunit -t 1 -l 1 -b /dev/sdb
# tgtadm -L iscsi -o new -m logicalunit -t 2 -l 1 -b /dev/sdc
# tgtadm –L iscsi –o show –m target //查看target配置信息
绑定ip
# tgtadm -L iscsi -o bind -m target -t 1 -I 192.168.71.134
# tgtadm -L iscsi -o bind -m target -t 2 -I 192.168.71.135
# tgtadm –L iscsi –o show –m target //查看target ip 绑定信息。
● clienta端:
# iscsiadm -m discovery -t sendtargets -p 192.168.71.133 //查看共享磁盘信息
192.168.71.133:3260,1 iqn.2013-12.com.redhat:sdb
# iscsiadm -m discovery -t sendtargets -p 192.168.71.133 -l //使用共享磁盘
192.168.71.133:3260,1 iqn.2013-12.com.redhat:sdb
Logging in to [iface: default, target: iqn.2013-12.com.redhat:sdb, portal: 192.168.71.133,3260]
Login to [iface: default, target: iqn.2013-12.com.redhat:sdb, portal: 192.168.71.133,3260] successful.
# fdisk –l
Disk /dev/sda: 64.4 GB, 64424509440 bytes
255 heads, 63 sectors/track, 7832 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Device Boot Start End Blocks Id System
/dev/sda1 * 1 1958 15727603+ 83 Linux
/dev/sda2 1959 2219 2096482+ 82 Linux swap / Solaris
/dev/sda3 2220 7832 45086422+ 83 Linux
Disk /dev/sdb: 21.4 GB, 21474836480 bytes
64 heads, 32 sectors/track, 20480 cylinders
Units = cylinders of 2048 * 512 = 1048576 bytes
Disk /dev/sdb doesn't contain a valid partition table
# parted /dev/sdb
GNU Parted 1.8.1
使用 /dev/sdb
Welcome to GNU Parted! Type 'help' to view a list of commands.
(parted) mklabel msdos
(parted) mkpart extended 0 100%
(parted) mkpart logical 0 100%
(parted) quit
信息: 如果必要,不要忘记更新 /etc/fstab。
# mkfs.ext3 /dev/sdb5
# tune2fs -c -1 -i 0 /dev/sdb5
# tune2fs -l /dev/sdb5
。。。。。。
Filesystem UUID: fac126e1-b65d-4052-acd0-e6ac718a014c
。。。。。。
# mkdir /storage
# vi /etc/fstab
LABEL=/ / ext3 defaults 1 1
LABEL=/usr /usr ext3 defaults 1 2
tmpfs /dev/shm tmpfs defaults 0 0
devpts /dev/pts devpts gid=5,mode=620 0 0
sysfs /sys sysfs defaults 0 0
proc /proc proc defaults 0 0
LABEL=swap-sda2 swap swap defaults 0 0
UUID=fac126e1-b65d-4052-acd0-e6ac718a014c /storage ext3 _netdev 0 0
# mount -a
● clientb端:
# iscsiadm -m discovery -t sendtargets -p 192.168.71.133 //查看共享磁盘信息
192.168.71.133:3260,1 iqn.2013-12.com.redhat:sdc
# iscsiadm -m discovery -t sendtargets -p 192.168.71.133 -l //使用共享磁盘
192.168.71.133:3260,1 iqn.2013-12.com.redhat:sdc
Logging in to [iface: default, target: iqn.2013-12.com.redhat:sdb, portal: 192.168.71.133,3260]
Login to [iface: default, target: iqn.2013-12.com.redhat:sdb, portal: 192.168.71.133,3260] successful.
# fdisk –l
Disk /dev/sda: 64.4 GB, 64424509440 bytes
255 heads, 63 sectors/track, 7832 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Device Boot Start End Blocks Id System
/dev/sda1 * 1 1958 15727603+ 83 Linux
/dev/sda2 1959 2219 2096482+ 82 Linux swap / Solaris
/dev/sda3 2220 7832 45086422+ 83 Linux
Disk /dev/sdb: 10.7 GB, 10737418240 bytes
64 heads, 32 sectors/track, 10240 cylinders
Units = cylinders of 2048 * 512 = 1048576 bytes
Disk /dev/sdb doesn't contain a valid partition table
# parted /dev/sdb
GNU Parted 1.8.1
使用 /dev/sdb
Welcome to GNU Parted! Type 'help' to view a list of commands.
(parted) mklabel msdos
(parted) mkpart extended 0 100%
(parted) mkpart logical 0 100%
(parted) quit
信息: 如果必要,不要忘记更新 /etc/fstab。
# mkfs.ext3 /dev/sdb5
# tune2fs -c -1 -i 0 /dev/sdb5
# tune2fs -l /dev/sdb5
。。。。。。
Filesystem UUID: 350d9dcb-0655-40f2-9633-bfdb456a0030
。。。。。。
# mkdir /storage
# vi /etc/fstab
LABEL=/ / ext3 defaults 1 1
LABEL=/usr /usr ext3 defaults 1 2
tmpfs /dev/shm tmpfs defaults 0 0
devpts /dev/pts devpts gid=5,mode=620 0 0
sysfs /sys sysfs defaults 0 0
proc /proc proc defaults 0 0
LABEL=swap-sda2 swap swap defaults 0 0
UUID=350d9dcb-0655-40f2-9633-bfdb456a0030 /storage ext3 _netdev 0 0
# mount -a
2. 搭建用户验证方式的共享盘
● clienta端退出共享盘的使用:
# umount /storage
# iscsiadm -m node -T iqn.2013-12.com.redhat:sdb -p 192.168.71.133 -u
Logging out of session [sid: 1, target: iqn.2013-12.com.redhat:sdb, portal: 192.168.71.133,3260]
Logout of [sid: 1, target: iqn.2013-12.com.redhat:sdb, portal: 192.168.71.133,3260] successful.
● clientb端退出共享盘的使用:
# umount /storage
# iscsiadm -m node -T iqn.2013-12.com.redhat:sdc -p 192.168.71.133 -u
Logging out of session [sid: 2, target: iqn.2013-12.com.redhat:sdc, portal: 192.168.71.133,3260]
Logout of [sid: 2, target: iqn.2013-12.com.redhat:sdc, portal: 192.168.71.133,3260] successful.
● Target端取消ip地址访问控制
# tgtadm -L iscsi -o unbind -m target -t 1 -I 192.168.71.134
# tgtadm -L iscsi -o unbind -m target -t 2 -I 192.168.71.135
# tgtadm -L iscsi -o bind -m target -t 1 -I ALL
# tgtadm -L iscsi -o bind -m target -t 2 -I ALL
● Target端创建用户
# tgtadm -L iscsi -o new -m account -u clienta -p saroot
# tgtadm -L iscsi -o new -m account -u clientb -p saroot
# tgtadm -L iscsi -o show -m account
Account list:
clientb
clienta
● Target端绑定用户
# tgtadm -L iscsi -o bind -m account -t 1 -u clienta
# tgtadm -L iscsi -o bind -m account -t 2 -u clientb
● clienta端使用共享盘
# vi /etc/iscsi/iscsid.conf
node.session.auth.authmethod = CHAP
node.session.auth.username = clienta
node.session.auth.password = saroot
# iscsiadm -m discovery -t sendtargets -p 192.168.71.133 -l
192.168.71.133:3260,1 iqn.2013-12.com.redhat:sdb
192.168.71.133:3260,1 iqn.2013-12.com.redhat:sdc
Logging in to [iface: default, target: iqn.2013-12.com.redhat:sdb, portal: 192.168.71.133,3260]
Logging in to [iface: default, target: iqn.2013-12.com.redhat:sdc, portal: 192.168.71.133,3260]
Login to [iface: default, target: iqn.2013-12.com.redhat:sdb, portal: 192.168.71.133,3260] successful.
iscsiadm: Could not login to [iface: default, target: iqn.2013-12.com.redhat:sdc, portal: 192.168.71.133,3260].
iscsiadm: initiator reported error (24 - iSCSI login failed due to authorization failure)
# fdisk -l
Disk /dev/sda: 64.4 GB, 64424509440 bytes
255 heads, 63 sectors/track, 7832 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Device Boot Start End Blocks Id System
/dev/sda1 * 1 1958 15727603+ 83 Linux
/dev/sda2 1959 2219 2096482+ 82 Linux swap / Solaris
/dev/sda3 2220 7832 45086422+ 83 Linux
Disk /dev/sdb: 21.4 GB, 21474836480 bytes
255 heads, 63 sectors/track, 2610 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Device Boot Start End Blocks Id System
/dev/sdb1 1 2610 20964793+ f W95 Ext'd (LBA)
/dev/sdb5 1 2610 20964762 83 Linux
● clientb端使用共享盘
# vi /etc/iscsi/iscsid.conf
node.session.auth.authmethod = CHAP
node.session.auth.username = clientb
node.session.auth.password = saroot
# iscsiadm -m discovery -t sendtargets -p 192.168.71.133 -l
192.168.71.133:3260,1 iqn.2013-12.com.redhat:sdb
192.168.71.133:3260,1 iqn.2013-12.com.redhat:sdc
Logging in to [iface: default, target: iqn.2013-12.com.redhat:sdb, portal: 192.168.71.133,3260]
Logging in to [iface: default, target: iqn.2013-12.com.redhat:sdc, portal: 192.168.71.133,3260]
iscsiadm: Could not login to [iface: default, target: iqn.2013-12.com.redhat:sdb, portal: 192.168.71.133,3260].
iscsiadm: initiator reported error (24 - iSCSI login failed due to authorization failure)
Login to [iface: default, target: iqn.2013-12.com.redhat:sdc, portal: 192.168.71.133,3260] successful.
# fdisk -l
Disk /dev/sda: 64.4 GB, 64424509440 bytes
255 heads, 63 sectors/track, 7832 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Device Boot Start End Blocks Id System
/dev/sda1 * 1 1958 15727603+ 83 Linux
/dev/sda2 1959 2219 2096482+ 82 Linux swap / Solaris
/dev/sda3 2220 7832 45086422+ 83 Linux
Disk /dev/sdb: 10.7 GB, 10737418240 bytes
255 heads, 63 sectors/track, 1305 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Device Boot Start End Blocks Id System
/dev/sdb1 1 1305 10482381 f W95 Ext'd (LBA)
/dev/sdb5 1 1305 10482349+ 83 Linux
3. 删除lun
# tgtadm -L iscsi -o delete -m logicalunit -t 1 -l 1
# tgtadm -L iscsi -o delete -m logicalunit -t 2 -l 1
4. 删除target
● clienta端退出共享磁盘的使用:
# umount /storage
# iscsiadm -m node -T iqn.2013-12.com.redhat:sdb -p 192.168.71.133 -u
Logging out of session [sid: 1, target: iqn.2013-12.com.redhat:sdb, portal: 192.168.71.133,3260]
Logout of [sid: 1, target: iqn.2013-12.com.redhat:sdb, portal: 192.168.71.133,3260] successful.
● clientb端退出共享磁盘的使用:
# umount /storage
# iscsiadm -m node -T iqn.2013-12.com.redhat:sdc -p 192.168.71.133 -u
Logging out of session [sid: 2, target: iqn.2013-12.com.redhat:sdc, portal: 192.168.71.133,3260]
Logout of [sid: 2, target: iqn.2013-12.com.redhat:sdc, portal: 192.168.71.133,3260] successful.
● 删除target
# tgtadm -L iscsi -o delete -m target -t 1
# tgtadm -L iscsi -o delete -m target -t 2
● 注意事项
备注:删target时,客户端必须用iscsiadm -m node -T iqn.2013-12.com.redhat:sdc -p 192.168.71.133 -u命令退出共享磁盘访问后才可删除。否则删除提示tgtadm: this target is still active
5. 警告
命令行方式搭建的共享存储服务,在tgtd服务重启时,所有设置信息会丢失。所以在用命令行方式配置时不能重启tgtd 服务。
四.修改配置文件方式搭建
1. 搭建iP地址过滤共享盘
● Target端修改配置文件
# vi /etc/tgt/targets.conf
文件末尾添加如下内容
backing-store /dev/sdb
initiator-address 192.168.71.134
backing-store /dev/sdc
initiator-address 192.168.71.135
# pkill -9 tgtd
# service tgtd start
● clienta端操作:
# iscsiadm -m discovery -t sendtargets -p 192.168.71.133 -l
192.168.71.133:3260,1 iqn.2013-11.com.example:sdb
Logging in to [iface: default, target: iqn.2013-11.com.example:sdb, portal: 192.168.71.133,3260]
Login to [iface: default, target: iqn.2013-11.com.example:sdb, portal: 192.168.71.133,3260] successful.
● clientb端操作:
# iscsiadm -m discovery -t sendtargets -p 192.168.71.133 -l
192.168.71.133:3260,1 iqn.2013-11.com.example:sdc
Logging in to [iface: default, target: iqn.2013-11.com.example:sdc, portal: 192.168.71.133,3260]
Login to [iface: default, target: iqn.2013-11.com.example:sdc, portal: 192.168.71.133,3260] successful.
2. 搭建用户验证方式的共享盘
● Target端修改配置文件
# vi /etc/tgt/targets.conf
文件末尾添加如下内容
backing-store /dev/sdb
incominguser clienta saroot
backing-store /dev/sdc
incominguser clientb saroot
● clienta端操作:
1. 修改配置文件
# vi /etc/iscsi/iscsid.conf
在文件末尾添加如下内容:
node.session.auth.authmethod = CHAP
node.session.auth.username = clienta
node.session.auth.password = saroot
2. 使用共享磁盘
# iscsiadm -m discovery -t sendtargets -p 192.168.71.133 -l
192.168.71.133:3260,1 iqn.2013-11.com.example:sdb
192.168.71.133:3260,1 iqn.2013-11.com.example:sdc
Logging in to [iface: default, target: iqn.2013-11.com.example:sdb, portal: 192.168.71.133,3260]
Logging in to [iface: default, target: iqn.2013-11.com.example:sdc, portal: 192.168.71.133,3260]