1 ISCSI简介
iSCSI:Internet 小型计算机系统接口 (iSCSI:Internet Small Computer System Interface)。
iSCSI又称为IP-SAN,是一种基于因特网及SCSI-3协议下的存储技术,由IETF提出,并于2003年2月11日成为正式的标准。与传统的SCSI技术比较起来,iSCSI技术有以下三个革命性的变化:
1.把原来只用于本机的SCSI协义透过TCP/IP网络传送,使连接距离可作无限的地域延伸;
2.连接的服务器数量无限(原来的SCSI-3的上限是15);
3.由于是服务器架构,因此也可以实现在线扩容以至动态部署。
iSCSI利用了TCP/IP的port 860 和 3260 作为沟通的渠道。透过两部计算机之间利用iSCSI的协议来交换SCSI命令,让计算机可以透过高速的局域网集线来把SAN模拟成为本地的储存装置。
2 ISCSI TARGET模拟
2.1 ISCSI TARGET简介
由于暂时没有专用的iSCSI存储设备,采用在另一台Linux机器上通过安装部署iSCSI服务端(target)软件模拟一台支持iSCSI协议的存储设备,客户端通过访问这台设备来体验iSCSI,如果有真实target,即物理共享存储,该节内容可忽略不看。
对于每个target来说,主机ID是唯一的,存储块设备的LUN ID是由iSCSI target来分配的。iSCSI驱动器为SCSI请求和回应提供了一个通过IP网络传输的渠道。
2.2 ISCSI TARGET安装
目标机器:操作系统为CentOS release 6.5 ,IP为192.168.37.146
安装ISCSI target(server)软件
[[email protected] ~]# yum -y install scsi-target-utils
配置ISCSI共享磁盘
ISCSI的共享磁盘可以是镜像文件(.img)、LVM分区、物理磁盘、或其它分区,我们在虚拟机上新建一个2G的分区模拟共享磁盘,分区块设备为/dev/sdb1
2.3 ISCSI TARGET配置
2.3.1 修改ISCSI target配置文件
[[email protected] /]# vi /etc/tgt/targets.conf
……
<target iqn.2014-07-27.com.example:server.target1>
backing-store /dev/sdb
write-cache off
#initiator-address 192.168.37.147 initiator-address:如果你想要限制能够使用这个target的用户端来源,才需要填写这个(默认全部允许)。
</target>
……
注:也可使用块儿设备模拟物理磁盘,如:dd if=/dev/zero of=/opt/iscsi-disk1/disk1.img bs=1M count=1000
配置文件相应修改为:backing-store /opt/iscsi-disk1/disk1.img
2.3.2 修改对象(文件)的安全上下文。比如:用户:角色:类型:安全级别。-R,递归地修改对象的安全上下文。-v,显示冗长的信息。
[[email protected] ~]# chcon -Rv -t tgtd_var_lib_t /dev/sdb
changing security context of `/dev/sdb'
若报错:
[[email protected] ~]# chcon -Rv -t tgtd_var_lib_t /dev/sdb
changing security context of `/dev/sdb'
chcon: can't apply partial context to unlabeled file `/dev/sdb'
更改selinux相关配置(更改SELINUX=disabled为enforcing)
vi /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - SELinux is fully disabled.
SELINUX=disabled
# SELINUXTYPE= type of policy in use. Possible values are:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
SELINUXTYPE=targeted
重启操作系统,问题解决 (该报错不影响使用,不做修改也可以)。
----------------------------------
2.3.3 启动ISCSI target服务
[[email protected] ~]# /etc/init.d/tgtd start
Starting SCSI target daemon: [ OK ]
tgtadm: invalid request
Command:
tgtadm -C 0 --lld iscsi --op new --mode logicalunit --tid 1 --lun 1 -b /dev/sdb
exited with code: 22.
2.3.4 将target 服务加入开机启动
[[email protected] /]# chkconfig tgtd on
[[email protected] /]# chkconfig --list tgtd
2.3.5 显示target节点信息
[[email protected] ~]# tgt-admin --show
Target 1: iqn.2014-07-27.com.example:server.target1
System information:
Driver: iscsi
State: ready
I_T nexus information:
I_T nexus: 1
Initiator: iqn.1994-05.com.redhat:9c2e5e5d371d
Connection: 0
IP Address: 192.168.37.146
LUN information:
LUN: 0
Type: controller
SCSI ID: IET 00010000
SCSI SN: beaf10
Size: 0 MB, Block size: 1
Online: Yes
Removable media: No
Prevent removal: No
Readonly: No
Backing store type: null
Backing store path: None
Backing store flags:
LUN: 1
Type: disk
SCSI ID: IET 00010001
SCSI SN: beaf11
Size: 2147 MB, Block size: 512
Online: Yes
Removable media: No
Prevent removal: No
Readonly: No
Backing store type: rdwr
Backing store path: /dev/sdb
Backing store flags:
Account information:
ACL information:
ALL
调整防火墙 策略,开放3260端口。或关闭防火墙,让外部机器可以访问到target。
[[email protected] ~]# service iptables stop
3 ISCSI initiator的 安装配置
3.1 ISCSI initiator简介
在Linux 2.6内核中提供了iscsi驱动,iSCSI 驱动(driver)使主机拥有了通过IP网络访问存储的能力,驱动在主机(Initiator)和服务端(Target)间使用iSCSI协议在TCP/IP网上传输SCSI请求和响应,在构建上,iSCSI驱动与TCP/IP栈、网络驱动和网络接口卡(NIC)结合,其等同于SCSI或光纤通道卡适配器驱动对主机总线卡(HBA)的作用。驱动采用采用模块的方式,具体模块包括iscsi_tcp, libiscsi, libiscsi_tcp。
在具体使用时,Linux用户空间组件初始化iSCSI驱动,具体的文档和例子可在http://open-iscsi.org网站上获取。本文即采用open-iscsi提供的iscsi-initiator-utils工具作为iSCSI用户空间组件,此软件作为iSCSI连接的发起端,实现主机与存储基于iSCSI协议的访问。
3.2 ISCSI initiator安装
目标机器:操作系统为CentOS release 6.5 ,IP为192.168.37.147
安装ISCSI initiatior(client)软件
[[email protected] ~]# yum -y install iscsi-initiator-utils
[[email protected] ~]# service iscsid start
3.3 ISCSI initiator访问target
发现网络中可用的target:
[[email protected] ~]# iscsiadm -m discovery -t sendtargets -p 192.168.37.146
192.168.37.146:3260,1 iqn.2014-07-27.com.example:server.target1
发现后,后续可以直接查看
[[email protected] ~]# iscsiadm -m node
192.168.37.146:3260,1 iqn.2014-07-27.com.example:server.target1
查看节点信息(N=0,1)iscsiadm-m node -P N
[[email protected] ~]# iscsiadm -m node -P 0
192.168.37.146:3260,1 iqn.2014-07-27.com.example:server.target1
[[email protected] ~]# iscsiadm -m node -P 1
Target: iqn.2014-07-27.com.example:server.target1
Portal: 192.168.37.146:3260,1
Iface Name: default
查看discovery信息(N=0,1), iscsiadm -m discovery -P N
[[email protected] ~]# iscsiadm -m discovery -P 0
192.168.37.146:3260 via sendtargets
192.168.37.144:3260 via sendtargets
[[email protected] ~]# iscsiadm -m discovery -P 1
SENDTARGETS:
DiscoveryAddress: 192.168.37.146,3260
Target: iqn.2014-07-27.com.example:server.target1
Portal: 192.168.37.146:3260,1
Iface Name: default
DiscoveryAddress: 192.168.37.144,3260
iSNS:
No targets found.
STATIC:
No targets found.
FIRMWARE:
No targets found.
登入target
方式1:
[[email protected] ~]# iscsiadm -m node -T iqn.2014-07-27.com.example:server.target1 -p 192.168.37.146:3260 -l
Logging in to [iface: default, target: iqn.2014-07-27.com.example:server.target1, portal: 192.168.37.146,3260] (multiple)
Login to [iface: default, target: iqn.2014-07-27.com.example:server.target1, portal: 192.168.37.146,3260] successful.
方式2:
[[email protected] ~]# iscsiadm -m node -T iqn.2014-07-27.com.example:server.target1 --login
Logging in to [iface: default, target: iqn.2014-07-27.com.example:server.target1, portal: 192.168.37.146,3260] (multiple)
Login to [iface: default, target: iqn.2014-07-27.com.example:server.target1, portal: 192.168.37.146,3260] successful.
查看共享盘信息
[[email protected] ~]# fdisk -l
......
Disk /dev/sdb: 2147 MB, 2147483648 bytes
255 heads, 63 sectors/track, 261 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0xafb9c266
Device Boot Start End Blocks Id System
/dev/sdb1 1 261 2096451 83 Linux
查看iscsi的会话信息(N=0-3)iscsiadm -msession -P N
[[email protected] ~]# iscsiadm -m session -P 0
tcp: [2] 192.168.37.146:3260,1 iqn.2014-07-27.com.example:server.target1
[[email protected] ~]# iscsiadm -m session -P 1
Target: iqn.2014-07-27.com.example:server.target1
Current Portal: 192.168.37.146:3260,1
Persistent Portal: 192.168.37.146:3260,1
**********
Interface:
**********
Iface Name: default
Iface Transport: tcp
Iface Initiatorname: iqn.1994-05.com.redhat:7ae671fe19b0
Iface IPaddress: 192.168.37.147
Iface HWaddress: <empty>
Iface Netdev: <empty>
SID: 2
iSCSI Connection State: LOGGED IN
iSCSI Session State: LOGGED_IN
Internal iscsid Session State: NO CHANGE
[[email protected] ~]# iscsiadm -m session -P 2
Target: iqn.2014-07-27.com.example:server.target1
Current Portal: 192.168.37.146:3260,1
Persistent Portal: 192.168.37.146:3260,1
**********
Interface:
**********
Iface Name: default
Iface Transport: tcp
Iface Initiatorname: iqn.1994-05.com.redhat:7ae671fe19b0
Iface IPaddress: 192.168.37.147
Iface HWaddress: <empty>
Iface Netdev: <empty>
SID: 2
iSCSI Connection State: LOGGED IN
iSCSI Session State: LOGGED_IN
Internal iscsid Session State: NO CHANGE
*********
Timeouts:
*********
Recovery Timeout: 120
Target Reset Timeout: 30
LUN Reset Timeout: 30
Abort Timeout: 15
*****
CHAP:
*****
username: <empty>
password: ********
username_in: <empty>
password_in: ********
************************
Negotiated iSCSI params:
************************
HeaderDigest: None
DataDigest: None
MaxRecvDataSegmentLength: 262144
MaxXmitDataSegmentLength: 8192
FirstBurstLength: 65536
MaxBurstLength: 262144
ImmediateData: Yes
InitialR2T: Yes
MaxOutstandingR2T: 1
[[email protected] ~]# iscsiadm -m session -P 3
iSCSI Transport Class version 2.0-870
version 6.2.0-873.10.el6
Target: iqn.2014-07-27.com.example:server.target1
Current Portal: 192.168.37.146:3260,1
Persistent Portal: 192.168.37.146:3260,1
**********
Interface:
**********
Iface Name: default
Iface Transport: tcp
Iface Initiatorname: iqn.1994-05.com.redhat:7ae671fe19b0
Iface IPaddress: 192.168.37.147
Iface HWaddress: <empty>
Iface Netdev: <empty>
SID: 2
iSCSI Connection State: LOGGED IN
iSCSI Session State: LOGGED_IN
Internal iscsid Session State: NO CHANGE
*********
Timeouts:
*********
Recovery Timeout: 120
Target Reset Timeout: 30
LUN Reset Timeout: 30
Abort Timeout: 15
*****
CHAP:
*****
username: <empty>
password: ********
username_in: <empty>
password_in: ********
************************
Negotiated iSCSI params:
************************
HeaderDigest: None
DataDigest: None
MaxRecvDataSegmentLength: 262144
MaxXmitDataSegmentLength: 8192
FirstBurstLength: 65536
MaxBurstLength: 262144
ImmediateData: Yes
InitialR2T: Yes
MaxOutstandingR2T: 1
************************
Attached SCSI devices:
************************
Host Number: 4 State: running
scsi4 Channel 00 Id 0 Lun: 0
scsi4 Channel 00 Id 0 Lun: 1
Attached scsi disk sdb State: running
格式化共享盘sdb1(第一次使用最好进行格式化操作)
[[email protected] /]# mkfs.ext4 /dev/sdb1
挂载共享盘sdb1
[[email protected] /]# mount -t ext4 /dev/sdb1 /iscsi/
[[email protected] /]# cd iscsi/
[[email protected] iscsi]# ls
lost+found
登出target
方式1:
[[email protected] ~]# iscsiadm -m node -T iqn.2014-07-27.com.example:server.target1 -p 192.168.37.146:3260 -u
方式2:
[[email protected] iscsi]# iscsiadm -m node -T iqn.2014-07-27.com.example:server.target1 --logout
Logging out of session [sid: 3, target: iqn.2014-07-27.com.example:server.target1, portal: 192.168.37.146,3260]
Logout of [sid: 3, target: iqn.2014-07-27.com.example:server.target1, portal: 192.168.37.146,3260] successful.
删除target条目的记录(删除后要重新发现)
[[email protected] ~]# iscsiadm -m node -o delete -T iqn.2014-07-27.com.example:server.target1 -p 192.168.37.146:3260
在客户端删除了之前discovery发现的可用的target条目,则重启或重启服务后将不会自动进行重连接(需要重新discover)。
****************************************************************************************
原文地址: http://blog.csdn.net/jesseyoung/article/details/38352155
博客主页: http://blog.csdn.net/jesseyoung
****************************************************************************************