iSCSI is an abbreviation of “Internet Small Computer System Interface“. It can be defined as a transport layer that describes how SCSI packets are transmitted over TCP/IP networks. This concept was developed by IBM in 1998, and the first draft was presented to the Internet Engineering Task Force (IETF) in 2000.
iSCSI works on top of the Transport Control Protocol (TCP) and allows one to send and receive SCSI commands over the network. Packets are normally sent using a point-to-point connection and dissembled on arrival. Once dissembled, the system reads the commands and you will be able to see the shared storage as if it is locally mounted. The shared block storage can be LVM partitions, HDD/SSD partitions, or other block files.
iSCSI uses the client-server model consisting of:
- iSCSI target – which is set up on the server that hosts the storage resources and allows access using one or multiple NICs, HBAs, or iSOEs.
- iSCSI initiator – this is the client software that allows sending and receiving data from the iSCSI target or iSCSI-based storage array.
The below diagram can be used to understand the iSCSI architecture
iSCSI has several use cases, the most common scenario is in failover clustering where all the nodes need to access the cluster shared volume, and using directly attached storage cannot work. iSCSI comes in to provide an easy way to configure the shared volume so that all the nodes on the cluster can access it.
Another use case in disaster recovery where organizations replicate their storage either on a remote data center or in the cloud.
This guide provides a detailed demonstration of how to configure iSCSI Target and Initiator on Rocky Linux 8 | AlmaLinux 8.
Before You Begin
For this guide, you need to have the following:
- 2 or more Rocky Linux 8 | AlmaLinux 8 servers
- Static IP Address configured
- A root password set
- An externally attached HDD(if you want to configure the block backstory)
Also, ensure that the system is updated.
sudo dnf update#1. Install iSCSI Target on Rocky Linux 8 | AlmaLinux 8
The iSCSI administration tool is provided in the default Rocky Linux 8 | AlmaLinux 8 repositories and can be installed using the command:
sudo dnf install targetcliDependency tree:
Dependencies resolved.
============================================================================================================================================
Package Architecture Version Repository Size
============================================================================================================================================
Installing:
targetcli noarch 2.1.53-2.el8 appstream 79 k
Installing dependencies:
python3-configshell noarch 1:1.1.28-1.el8 baseos 71 k
python3-kmod x86_64 0.9-20.el8 baseos 89 k
python3-pyparsing noarch 2.1.10-7.el8 baseos 140 k
python3-rtslib noarch 2.1.74-1.el8 baseos 101 k
python3-urwid x86_64 1.3.1-4.el8 baseos 782 k
target-restore noarch 2.1.74-1.el8 baseos 23 k
Transaction Summary
============================================================================================================================================
Install 7 Packages
Total download size: 1.3 M
Installed size: 4.7 M
Is this ok [y/N]: y
#2. Configure iSCSI Target on Rocky Linux 8|AlmaLinux 8
Once installed, you can configure the iSCSI Target through the below procedure:
Create iSCSI Backstore
Begin by creating the shared storage. There are several supported iSCSI Backstores.
Backstores define different methods of storing and exporting LUN’s data on the local system. They include:
- block: creates storage using logical/local block device
- fileio: allows one to create storage using regular files as disk images.
- ramdisk: used when creating a temporary RAM-backed device
- pscsi: used if the storage object supports direct pass-through of SCSI commands
This guide demonstrates how these backstores can be created and accessed on Rocky Linux 8 | AlmaLinux 8
Option 1 – Creating a fileio storage object
This storage object supports the write_back and write_thru operations. The write_back operation enables local file system cache which improves performance but increases risks of data loss. It is therefore recommended that you use the write_back=false to disable write_back and favor the write_thru operation.
The below steps can be used to configure a fileio storage object on Rocky Linux 8 | AlmaLinux 8.
Create the disk image under the directory below and set it as a SCSI device.
sudo su -
mkdir /var/lib/iscsi_disksAccess the admin console
# targetcli
Warning: Could not load preferences file /root/.targetcli/prefs.bin.
targetcli shell version 2.1.53
Copyright 2011-2013 by Datera, Inc and others.
For help on commands, type 'help'.
/> Navigate to the backstores/fileio directory:
/> cd backstores/fileio
Create the shared storage and assign it a size. For example here, we will create storage named “disk1” on /var/lib/iscsi_disks/disk1.img with 5GB capacity
/backstores/fileio> create disk1 /var/lib/iscsi_disks/disk1.img 5G
Created fileio disk1 with size 5368709120Once created, verify with the command:
/backstores/fileio> ls
o- fileio ................................................. [Storage Objects: 1]
o- disk1 .... [/var/lib/iscsi_disks/disk1.img (5.0GiB) write-back deactivated]
o- alua ................................................... [ALUA Groups: 1]
o- default_tg_pt_gp ....................... [ALUA state: Active/optimized]Option 2 – Creating a block storage object
This requires once to have a secondary storage device attached to the system. This can be any block device appearing in the /sys/block/ directory. This includes HDDs/SSDs, CDs, and DVDs, and logical devices such as LVM volumes and software or hardware RAID volumes.
Identify the attached storage:
# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 40G 0 disk
├─sda1 8:1 0 1G 0 part /boot
└─sda2 8:2 0 39G 0 part
├─rl-root 253:0 0 35G 0 lvm /
└─rl-swap 253:1 0 4G 0 lvm [SWAP]
sdb 8:16 0 15G 0 disk The attached device here is sdb with a 15 GB capacity.
Access the admin console:
# targetcli
targetcli shell version 2.1.51
Copyright 2011-2013 by Datera, Inc and others.
For help on commands, type 'help'.
/> Navigate to the backstores/block/ directory with the command:
/> cd /backstores/block/Now create a block backstore using the attached device:
/backstores/block> create name=block_backend dev=/dev/sdb
Created block storage object block_backend using /dev/sdb.We have assigned a name block_backend to the block backstory created. Verify the creation with the command:
/backstores/block> ls
o- block .................................................. [Storage Objects: 1]
o- block_backend ................. [/dev/sdb (15.0GiB) write-thru deactivated]
o- alua ................................................... [ALUA Groups: 1]
o- default_tg_pt_gp ....................... [ALUA state: Active/optimized]Option 3 – Creating a ramdisk storage object
ramdisk (Memory Copy RAM disk) normally provide RAM disks with full SCSI emulation. This provides multi-session capabilities and is often used for fast and volatile mass storage for production purposes.
To create a ramdisk, launch the admin console:
# targetcli
targetcli shell version 2.1.51
Copyright 2011-2013 by Datera, Inc and others.
For help on commands, type 'help'.
/> Navigate to the backstores/ramdisk/ directory:
/> cd /backstores/ramdisk/Createa 1GB RAM ramdisk storage object using the command:
/backstores/ramdisk> create name=rd_backend size=1GB
Created ramdisk rd_backend with size 1GB.Verify the creation:
/backstores/ramdisk> ls
o- ramdisk ................................................ [Storage Objects: 1]
o- rd_backend ......................................... [(1.0GiB) deactivated]
o- alua ................................................... [ALUA Groups: 1]
o- default_tg_pt_gp ....................... [ALUA state: Active/optimized]Option 4 – Creating a pscsi storage object
This can be configured on any storage object that supports direct pass-through of SCSI commands without SCSI emulation. SCSI-3 and higher are supported with this subsystem.
Remember, pscsi should only be used by advanced users. It consists of advanced commands such as Asymmetric Logical Unit Assignment (ALUAs) or Persistent Reservations. They are not occasionally implemented in the device firmware since they can cause malfunctions or crashes. If not sure about this, it is recommended that you use the block backstore for production setups instead.
To create a pscsi storage object, use the steps below:
First access the console and navigate to the /backstores/pscsi/ directory
# targetcli
/> cd /backstores/pscsi/Once here, create the pscsi backstore for a physical SCSI device, say a TYPE_ROM device /dev/sr0 as used in this example:
/backstores/pscsi> create name=pscsi_backend dev=/dev/sr0Once created, verify this with the command:
/backstores/pscsi> lsCreate an iSCSI target
The iSCSI target allows the iSCSI initiator to access the created storage backstores. To create a target, navigate to the iSCSI directory.
/> cd /iscsi/There are two options on how to create an iSCSI target:
- iSCSI target using the default target name
/iscsi> create
Created target iqn.2003-01.org.linux-iscsi.neveropen.x8664:sn.fb061d04c3be.
Created TPG 1.
Global pref auto_add_default_portal=true
Created default portal listening on all IPs (0.0.0.0), port 3260.- iSCSI target using a specific name
/iscsi> create iqn.2022-06.neveropen.example:dlp.target01
Created target iqn.2022-06.neveropen.example:dlp.target01.
Created TPG 1.
Global pref auto_add_default_portal=true
Created default portal listening on all IPs (0.0.0.0), port 3260.Verify the creation.
/iscsi> ls
o- iscsi .......................................................... [Targets: 1]
o- iqn.2022-06.neveropen.example:dlp.target01 .............. [TPGs: 1]
o- tpg1 ............................................. [no-gen-acls, no-auth]
o- acls ........................................................ [ACLs: 0]
o- luns ........................................................ [LUNs: 0]
o- portals .................................................. [Portals: 1]
o- 0.0.0.0:3260 ................................................... [OK]Create an iSCSI portal
The iSCSI portal adds an IP address and port to the created target. Once a target has been created, an iSCSI portal that listens to all IP addresses and the default port is created.
This can be verified using the command:
/> cd /iscsi/iqn.2022-06.neveropen.example:dlp.target01/tpg1/portals
/iscsi/iqn.20...target01/tpg1/portals> ls
o- portals ........................................................ [Portals: 1]
o- 0.0.0.0:3260 ......................................................... [OK]Alternatively, you can create a new portal with a specific IP Address using the commands below:
/iscsi/iqn.20...target01/tpg1/portals> delete ip_address=0.0.0.0 ip_port=3260
Deleted network portal 0.0.0.0:3260
/iscsi/iqn.20...target01/tpg1/portals> create 192.168.205.2
Using default IP port 3260
Created network portal 192.168.205.2:3260.Verify the creation:
/iscsi/iqn.20.../tpg1/portals> ls
o- portals ........................................................ [Portals: 1]
o- 192.168.205.2:3260 ................................................... [OK]Create an iSCSI LUN
LUN stands for Logical unit number. It is defined as a physical device backed by the iSCSI backstory. Create LUNs of the existing storage objects using the commands below:
cd /iscsi/iqn.2022-06.neveropen.example:dlp.target01/tpg1/lunsCreate the LUNs for the backstores using the commands:
##For Block device
/iscsi/iqn.20...t01/tpg1/luns> create /backstores/block/block_backend
Created LUN 0.
##For fileio
/iscsi/iqn.20...t01/tpg1/luns> create /backstores/fileio/disk1
Created LUN 1.
##For ramdisk
/iscsi/iqn.20...t01/tpg1/luns> create /backstores/ramdisk/rd_backend
Created LUN 2.
##For pscsi
/iscsi/iqn.20...t01/tpg1/luns> create /backstores/pscsi/pscsi_backend
Created LUN 3.Verify the creation.
/iscsi/iqn.20...t01/tpg1/luns> ls
o- luns .............................................................. [LUNs: 3]
o- lun0 .................. [block/block_backend (/dev/sdb) (default_tg_pt_gp)]
o- lun1 ... [fileio/disk1 (/var/lib/iscsi_disks/disk1.img) (default_tg_pt_gp)]
o- lun2 .............................. [ramdisk/rd_backend (default_tg_pt_gp)]Create an iSCSI ACL
The ACLs(Access Control Lists) define the access rules of the initiator to the created LUNs. This allows only known initiators to connect to the target.
This can be created using the targetcli as shown:
cd ../acls Create the ACL using the command:
/iscsi/iqn.20...t01/tpg1/acls> create iqn.2022-06.neveropen.example:node01.initiator01
Created Node ACL for iqn.2022-06.neveropen.example:node01.initiator01
Created mapped LUN 2.
Created mapped LUN 1.
Created mapped LUN 0.Verify the creation.
/iscsi/iqn.20...t01/tpg1/luns> ls
o- acls .............................................................. [ACLs: 1]
o- iqn.2022-06.neveropen.example:node01.initiator01 . [Mapped LUNs: 3]
o- mapped_lun0 ............................. [lun0 block/block_backend (rw)]
o- mapped_lun1 .................................... [lun1 fileio/disk1 (rw)]
o- mapped_lun2 .............................. [lun2 ramdisk/rd_backend (rw)]You can now set the UserID and Password to be used to authenticate the initiator.
/iscsi/iqn.20...t01/tpg1/luns> cd iqn.2022-06.neveropen.example:node01.initiator01Create a preferred username and password:
/iscsi/iqn.20...w.initiator01> set auth userid=neveropen
Parameter userid is now 'neveropen'.
/iscsi/iqn.20...w.initiator01> set auth password=StrongPassword
Parameter password is now 'StrongPassword!'.Exit the console:
/iscsi/iqn.20...1.initiator01> exit
Global pref auto_save_on_exit=true
Last 10 configs saved in /etc/target/backup/.
Configuration saved to /etc/target/saveconfig.json#3. Start and Enable the iSCSI Target Service
Once the desired configurations have been made, start and enable the iSCSI Target Service on Rocky Linux 8 | AlmaLinux 8
systemctl start target
systemctl enable targetVerify that the service is running:
# systemctl status target
● target.service - Restore LIO kernel target configuration
Loaded: loaded (/usr/lib/systemd/system/target.service; enabled; vendor preset: disabled)
Active: active (exited) since Mon 2022-07-04 07:51:54 EDT; 13s ago
Main PID: 2652 (code=exited, status=0/SUCCESS)
Tasks: 0 (limit: 23682)
Memory: 0B
CGroup: /system.slice/target.service
Jul 04 07:51:53 neveropen.target systemd[1]: Starting Restore LIO kernel target configuration...Allow the service through the firewall
firewall-cmd --add-service=iscsi-target --permanent
firewall-cmd --reload#4. Configure the iSCSI Initiator on Rocky Linux 8 | AlmaLinux 8
Once the iSCSI Target is configured appropriately, we can now install the iSCSI Initiator on another Rocky Linux 8 | AlmaLinux 8 server and configure it to access the created backstory.
Begin by installing the Initiator package:
sudo dnf -y install iscsi-initiator-utilsOnce installed, configure the iSCSI Initiator by editing the below file:
sudo vim /etc/iscsi/initiatorname.iscsi In this file, you need to provide the initiator name as set when creating the iSCSI target ACL.
InitiatorName=iqn.2022-06.neveropen.example:node01.initiator01To allow the initiator to connect to the target, we need to provide the create authentication credentials.
sudo vim /etc/iscsi/iscsid.conf Provide the details as shown;
# *************
# CHAP Settings
# *************
......
node.session.auth.authmethod = CHAP
.....
node.session.auth.username = neveropen
node.session.auth.password = StrongPassword
....save the changes and test if the target can be discovered
$ sudo iscsiadm -m discovery -t sendtargets -p 192.168.205.2
192.168.205.2:3260,1 iqn.2022-06.neveropen.example:dlp.target01Replace 192.168.205.2 with the IP Address of the iSCSI target.
Confirm the status:
sudo iscsiadm -m node -o show Sample Output:
#5. Access the Shared Backstore
Now from the iSCSI Initiator, you can access the shared backstores. Login to the iSCSI Target by executing the command:
$ sudo iscsiadm -m node --login
Logging in to [iface: default, target: iqn.2022-06.neveropen.example:dlp.target01, portal: 192.168.205.2,3260]
Login to [iface: default, target: iqn.2022-06.neveropen.example:dlp.target01, portal: 192.168.205.2,3260] successful.Verify the connection:
$ sudo iscsiadm -m session -o show
tcp: [1] 192.168.205.2:3260,1 iqn.2022-06.neveropen.example:dlp.target01 (non-flash)#6. Create a File System on Shared Backstore
Identify if the shared backstore is available:
lsblkFor this demonstration, we have several shared backstores sda(block storage), sdb(ramdisk), sdc(fileio)
To be able to use the desired backstore, create a partition on it. For example, with sda(block storage), proceed as shown.
sudo parted --script /dev/sda "mklabel gpt"
sudo parted --script /dev/sda "mkpart primary 0% 100%"Format the partition to EXT4.
sudo mkfs.ext4 /dev/sda1Mount the disk.
sudo mkdir /mnt/block_device
sudo mount /dev/sda1 /mnt/block_deviceVerify the disk mounting:
df -hTSample Output:
Try creating a new file on the mounted disk.
sudo touch /mnt/block_device/new.txtThe end!
That marks the end of this detailed guide on how to configure the iSCSI Target and Initiator on Rocky Linux 8 | AlmaLinux 8. I hope this was informative.
See more on this page:
Configure iSCSI Target and Initiator on CentOS 8 / RHEL 8
How To Configure iSCSI Initiator on CentOS 8 / RHEL 8
Install and Configure iSCSI Target on Windows Server 2019
Creating VM and Storage Logical Networks in oVirt/RHEV
