Introduction

iSCSI or Internet Small Computer System is a block-level storage solution shares the disks over the network. It depends on the network and strictly recommend to use high throughput interfaces. In iSCSI, we can create various types of iSCSI devices as a fileio or using block devices and logical volumes then present them as targets.

In a small production environment, we are good to use with software iSCSI. However, in critical environment with high load required physical HBA card which will provide high performance. In this guide, we are about to perform installing and configuring software iSCSI server and client on top of Red Hat Enterprise Linux 8.

  • IQN is a unique name to identify the SCSI targets.
  • Target is the server side setup available for Initiator.
  • LUN – Logical unit number

Let start to configure the iSCSI server and client setup in a test environment for demonstration purpose.

iSCSI Storage Target Setup

Server IP       : 192.168.107.225
Server Hostname : linuxsysadmins-iSCSI-srv
Server IQN : iqn.2019-04.com.linuxsysadmins.com:tgt0
Port No required: 3260

Installing iSCSI Package

Search for iSCSI server package to start the installation. The targetcli package coming from AppStream repository in Red Hat Enterprise Linux 8 to know how to use and work with AppStream clik here to read.

# dnf search targetcli
# yum search targetcli

Install iSCSI server package “targetcli” using dnf or yum.

# dnf install targetcli -y
# yum install targetcli -y

The output of installation will be similar to below by resolving all required dependencies.

[root@linuxsysadmins-iSCSI-srv ~]# dnf install targetcli -y
Updating Subscription Management repositories.
Last metadata expiration check: 0:10:40 ago on Tue 02 Apr 2019 10:57:50 PM +04.
Dependencies resolved.
Package Arch Version Repository Size
Installing:
targetcli noarch 2.1.fb49-1.el8 AppStream 73 k
Installing dependencies:
cairo x86_64 1.15.12-2.el8 AppStream 721 k
cairo-gobject x86_64 1.15.12-2.el8 AppStream 33 k
libX11 x86_64 1.6.7-1.el8 AppStream 612 k
libX11-common noarch 1.6.7-1.el8 AppStream 157 k
libXau x86_64 1.0.8-13.el8 AppStream 36 k
libXext x86_64 1.3.3-9.el8 AppStream 45 k
libXrender x86_64 0.9.10-7.el8 AppStream 33 k
libxcb x86_64 1.13-5.el8 AppStream 230 k
pixman x86_64 0.34.0-9.el8 AppStream 256 k
python3-cairo x86_64 1.16.3-6.el8 AppStream 90 k
python3-gobject x86_64 3.28.3-1.el8 AppStream 25 k
dejavu-fonts-common noarch 2.35-6.el8 BaseOS 74 k
dejavu-sans-fonts noarch 2.35-6.el8 BaseOS 1.5 M
fontconfig x86_64 2.13.1-2.el8 BaseOS 274 k
fontpackages-filesystem noarch 1.44-22.el8 BaseOS 16 k
python3-configshell noarch 1:1.1.fb25-1.el8 BaseOS 74 k
python3-kmod x86_64 0.9-20.el8 BaseOS 90 k
python3-rtslib noarch 2.1.fb69-2.el8 BaseOS 100 k
python3-urwid x86_64 1.3.1-4.el8 BaseOS 783 k
target-restore noarch 2.1.fb69-2.el8 BaseOS 23 k
Transaction Summary
Install 21 Packages
Total size: 5.1 M
Installed size: 17 M
Running scriptlet: targetcli-2.1.fb49-1.el8.noarch 21/21
Running scriptlet: fontconfig-2.13.1-2.el8.x86_64 21/21
Verifying : cairo-1.15.12-2.el8.x86_64 1/21
Verifying : cairo-gobject-1.15.12-2.el8.x86_64 2/21
Verifying : libX11-1.6.7-1.el8.x86_64 3/21
Verifying : libX11-common-1.6.7-1.el8.noarch 4/21
Verifying : libXau-1.0.8-13.el8.x86_64 5/21
Verifying : libXext-1.3.3-9.el8.x86_64 6/21
Verifying : libXrender-0.9.10-7.el8.x86_64 7/21
Verifying : libxcb-1.13-5.el8.x86_64 8/21
Verifying : pixman-0.34.0-9.el8.x86_64 9/21
Verifying : python3-cairo-1.16.3-6.el8.x86_64 10/21
Verifying : python3-gobject-3.28.3-1.el8.x86_64 11/21
Verifying : targetcli-2.1.fb49-1.el8.noarch 12/21
Verifying : dejavu-fonts-common-2.35-6.el8.noarch 13/21
Verifying : dejavu-sans-fonts-2.35-6.el8.noarch 14/21
Verifying : fontconfig-2.13.1-2.el8.x86_64 15/21
Verifying : fontpackages-filesystem-1.44-22.el8.noarch 16/21
Verifying : python3-configshell-1:1.1.fb25-1.el8.noarch 17/21
Verifying : python3-kmod-0.9-20.el8.x86_64 18/21
Verifying : python3-rtslib-2.1.fb69-2.el8.noarch 19/21
Verifying : python3-urwid-1.3.1-4.el8.x86_64 20/21
Verifying : target-restore-2.1.fb69-2.el8.noarch 21/21
Installed:
targetcli-2.1.fb49-1.el8.noarch cairo-1.15.12-2.el8.x86_64
cairo-gobject-1.15.12-2.el8.x86_64 libX11-1.6.7-1.el8.x86_64
libX11-common-1.6.7-1.el8.noarch libXau-1.0.8-13.el8.x86_64
libXext-1.3.3-9.el8.x86_64 libXrender-0.9.10-7.el8.x86_64
libxcb-1.13-5.el8.x86_64 pixman-0.34.0-9.el8.x86_64
python3-cairo-1.16.3-6.el8.x86_64 python3-gobject-3.28.3-1.el8.x86_64
dejavu-fonts-common-2.35-6.el8.noarch dejavu-sans-fonts-2.35-6.el8.noarch
fontconfig-2.13.1-2.el8.x86_64 fontpackages-filesystem-1.44-22.el8.noarch
python3-configshell-1:1.1.fb25-1.el8.noarch python3-kmod-0.9-20.el8.x86_64
python3-rtslib-2.1.fb69-2.el8.noarch python3-urwid-1.3.1-4.el8.x86_64
target-restore-2.1.fb69-2.el8.noarch
Complete!
[root@linuxsysadmins-iSCSI-srv ~]#

Adding Firewall Rule

From RHEL 7.x all the RHEL based operating systems will come with iSCSI-target firewallD service. Instead of adding a port we required to add the service.

# cat /usr/lib/firewalld/services/iscsi-target.xml

A simple XML format firewall service will make our life more easier.

[root@linuxsysadmins-iSCSI-srv ~]# cat /usr/lib/firewalld/services/iscsi-target.xml 
<?xml version="1.0" encoding="utf-8"?>
<service>
  <short>iSCSI target;/short>>
  <description>Internet SCSI target is a storage resource located on an iSCSI server.</description>
  <port protocol="tcp" port="3260"/>
  <port protocol="udp" port="3260"/>
</service>
[root@linuxsysadmins-iSCSI-srv ~]#

Let’s add the required service, so that we will be good with opening the required ports.

# firewall-cmd --add-service=iscsi-target --permanent
# firewall-cmd --reload
# firewall-cmd --list-all

To make sure the firewall in place verify as shown below. Once the iSCSI service started we need to list the port and check whether it’s listening.

[root@linuxsysadmins-iSCSI-srv ~]# firewall-cmd --add-service=iscsi-target --permanent
success
[root@linuxsysadmins-iSCSI-srv ~]# firewall-cmd --reload
success
[root@linuxsysadmins-iSCSI-srv ~]# firewall-cmd --list-all
public
target: default
icmp-block-inversion: no
interfaces:
sources:
services: cockpit dhcpv6-client iscsi-target ssh
ports:
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
[root@linuxsysadmins-iSCSI-srv ~]#

Start the “target” service

# systemctl start target
# systemctl enable target
# systemctl status target

Verify target service status by running above command.

[root@linuxsysadmins-iSCSI-srv ~]# systemctl start target
[root@linuxsysadmins-iSCSI-srv ~]#
[root@linuxsysadmins-iSCSI-srv ~]# systemctl enable target
Created symlink /etc/systemd/system/multi-user.target.wants/target.service → /usr/lib/systemd/system/target.service.
[root@linuxsysadmins-iSCSI-srv ~]# systemctl status target
● target.service - Restore LIO kernel target configuration
Loaded: loaded (/usr/lib/systemd/system/target.service; enabled; vendor preset: disabled)
Active: active (exited) since Tue 2019-04-02 23:10:04 +04; 1min 20s ago
Main PID: 9908 (code=exited, status=0/SUCCESS)
Tasks: 0 (limit: 11368)
Memory: 0B
CGroup: /system.slice/target.service
Apr 02 23:10:04 linuxsysadmins-iSCSI-srv systemd[1]: Starting Restore LIO kernel target configuration…
Apr 02 23:10:04 linuxsysadmins-iSCSI-srv target[9908]: No saved config file at /etc/target/saveconfig.json, ok,>
Apr 02 23:10:04 linuxsysadmins-iSCSI-srv systemd[1]: Started Restore LIO kernel target configuration.
[root@linuxsysadmins-iSCSI-srv ~]#

At last, let us verify the port using “netstat or “ss” command before moving forward.

# netstat -tnlp | grep 3260
# ss -napt | grep 3260

The enabled port for target is Up and we are good to continue with setup.

[root@linuxsysadmins-iSCSI-srv ~]# netstat -tnlp | grep 3260
tcp 0 0 0.0.0.0:3260 0.0.0.0:* LISTEN -
[root@linuxsysadmins-iSCSI-srv ~]#
[root@linuxsysadmins-iSCSI-srv ~]# ss -napt | grep 3260
LISTEN 0 256 0.0.0.0:3260 0.0.0.0:*
[root@linuxsysadmins-iSCSI-srv ~]#

Start Configuring iSCSI Target

To start the iSCSI target configuration we need to run the “targetcli” command from privileged account.

# targetcli

Let’s go through each step, Once we log-in to the target command line press TAB key twice to know all the available commands and options in the targetcli.

Navigate to backstores/block and start to create the backstore using our 2 TB physical disk /dev/sdb.

/backstores/block> create name=LUN0 dev=/dev/sdb

Incase, if we required to create a 1GB of fileio backstore, use below command

cd ../fileio/ create file01 /data/disk1 1G

Then back to / directory of targetcli or navigate to iscsi path using cd ../../iscsi.

cd ../../iscsi

Create an IQN for the target, When we are creating the IQN it will manage to create the TPG under this IQN.

create iqn.2019-04.com.linuxsysadmins.com:tgt0

From created IQN navigate to LUNs and map it.

cd iqn.2019-04.com.linuxsysadmins.com:tgt0/tpg1/luns

Create the LUN

create /backstores/block/LUN0

Navigate to ACL under target and create one for the client nodes.

cd ../acls

Allow the client machine by creating an ACL.

create iqn.2019-04.com.linuxsysadmins:client01

Navigate to created ACL and set and username and password for CHAP authentication

cd iqn.2019-04.com.linuxsysadmins:client01/

Choose any username and password

set auth userid=linuxsysadmins
set auth password=sysadmins@123

Creating portal will be automatically done while we create with IQN.

To make all changes persistent navigate to root directory of targetcli and run the command “saveconfig to save the configuration in json format. And type “exit” to come out of targetcli.

cd ../../../../
saveconfig
exit

Output from Terminal

The RAW output from command line is below for your reference.

[root@linuxsysadmins-iSCSI-srv ~]# targetcli
targetcli shell version 2.1.fb49
Copyright 2011-2013 by Datera, Inc and others.
For help on commands, type 'help'.
/>
/> ls
o- / …………………………………………………………………………………………………………. […]
o- backstores ……………………………………………………………………………………………….. […]
| o- block …………………………………………………………………………………….. [Storage Objects: 0]
| o- fileio ……………………………………………………………………………………. [Storage Objects: 0]
| o- pscsi …………………………………………………………………………………….. [Storage Objects: 0]
| o- ramdisk …………………………………………………………………………………… [Storage Objects: 0]
o- iscsi ……………………………………………………………………………………………… [Targets: 0]
o- loopback …………………………………………………………………………………………… [Targets: 0]
/>
/> cd backstores/block
/backstores/block>
/backstores/block> create name=LUN0 dev=/dev/sdb
Created block storage object LUN0 using /dev/sdb.
/backstores/block>
/backstores/block> ls
o- block ………………………………………………………………………………………… [Storage Objects: 1]
o- LUN0 ……………………………………………………………………. [/dev/sdb (2.0TiB) write-thru deactivated]
o- alua …………………………………………………………………………………………. [ALUA Groups: 1]
o- default_tg_pt_gp ………………………………………………………………… [ALUA state: Active/optimized]
/backstores/block>
/backstores/block> cd ../..
/>
/> cd iscsi
/iscsi>
/iscsi> create iqn.2019-04.com.linuxsysadmins.com:tgt0
Created target iqn.2019-04.com.linuxsysadmins.com:tgt0.
Created TPG 1.
Global pref auto_add_default_portal=true
Created default portal listening on all IPs (0.0.0.0), port 3260.
/iscsi>
/iscsi> ls
o- iscsi ……………………………………………………………………………………………….. [Targets: 1]
o- iqn.2019-04.com.linuxsysadmins.com:tgt0 ………………………………………………………………….. [TPGs: 1]
o- tpg1 ……………………………………………………………………………………. [no-gen-acls, no-auth]
o- acls ……………………………………………………………………………………………… [ACLs: 0]
o- luns ……………………………………………………………………………………………… [LUNs: 0]
o- portals ………………………………………………………………………………………… [Portals: 1]
o- 0.0.0.0:3260 …………………………………………………………………………………………. [OK]
/iscsi>
/iscsi> cd iqn.2019-04.com.linuxsysadmins.com:tgt0/tpg1/luns
/iscsi/iqn.20…gt0/tpg1/luns> ls
o- luns …………………………………………………………………………………………………… [LUNs: 0]
/iscsi/iqn.20…gt0/tpg1/luns> create /backstores/block/LUN0
Created LUN 0.
/iscsi/iqn.20…gt0/tpg1/luns> ls
o- luns …………………………………………………………………………………………………… [LUNs: 1]
o- lun0 ……………………………………………………………………. [block/LUN0 (/dev/sdb) (default_tg_pt_gp)]
/iscsi/iqn.20…gt0/tpg1/luns> cd ../acls
/iscsi/iqn.20…gt0/tpg1/acls>
/iscsi/iqn.20…gt0/tpg1/acls> create iqn.2019-04.com.linuxsysadmins:client01
Created Node ACL for iqn.2019-04.com.linuxsysadmins:client01
Created mapped LUN 0.
/iscsi/iqn.20…gt0/tpg1/acls> ls
o- acls …………………………………………………………………………………………………… [ACLs: 1]
o- iqn.2019-04.com.linuxsysadmins:client01 ………………………………………………………… [Mapped LUNs: 1]
o- mapped_lun0 ……………………………………………………………………………… [lun0 block/LUN0 (rw)]
/iscsi/iqn.20…gt0/tpg1/acls> cd iqn.2019-04.com.linuxsysadmins:client01/
/iscsi/iqn.20….com:client01>
/iscsi/iqn.20….com:client01> ls
o- iqn.2019-04.com.linuxsysadmins:client01 ………………………………………………………….. [Mapped LUNs: 1]
o- mapped_lun0 ……………………………………………………………………………….. [lun0 block/LUN0 (rw)]
/iscsi/iqn.20….:client01> set auth userid=linuxsysadmins
Parameter userid is now 'linuxsysadmins'.
/iscsi/iqn.20….:client01> set auth password=sysadmins@123
Parameter password is now 'sysadmins@123'.
/iscsi/iqn.20….:client01>
/iscsi/iqn.20….:client01> cd ../../../../
/iscsi> cd ..
/> saveconfig
Configuration saved to /etc/target/saveconfig.json
/>
/>
/> ls
o- / …………………………………………………………………………………………………………. […]
o- backstores ……………………………………………………………………………………………….. […]
| o- block …………………………………………………………………………………….. [Storage Objects: 1]
| | o- LUN0 ………………………………………………………………….. [/dev/sdb (2.0TiB) write-thru activated]
| | o- alua ……………………………………………………………………………………… [ALUA Groups: 1]
| | o- default_tg_pt_gp …………………………………………………………….. [ALUA state: Active/optimized]
| o- fileio ……………………………………………………………………………………. [Storage Objects: 0]
| o- pscsi …………………………………………………………………………………….. [Storage Objects: 0]
| o- ramdisk …………………………………………………………………………………… [Storage Objects: 0]
o- iscsi ……………………………………………………………………………………………… [Targets: 1]
| o- iqn.2019-04.com.linuxsysadmins.com:tgt0 ………………………………………………………………… [TPGs: 1]
| o- tpg1 ………………………………………………………………………………….. [no-gen-acls, no-auth]
| o- acls ……………………………………………………………………………………………. [ACLs: 1]
| | o- iqn.2019-04.com.linuxsysadmins:client01 …………………………………………………. [Mapped LUNs: 1]
| | o- mapped_lun0 ………………………………………………………………………. [lun0 block/LUN0 (rw)]
| o- luns ……………………………………………………………………………………………. [LUNs: 1]
| | o- lun0 …………………………………………………………….. [block/LUN0 (/dev/sdb) (default_tg_pt_gp)]
| o- portals ………………………………………………………………………………………. [Portals: 1]
| o- 0.0.0.0:3260 ……………………………………………………………………………………….. [OK]
o- loopback …………………………………………………………………………………………… [Targets: 0]
/>
/> exit
Global pref auto_save_on_exit=true
Last 10 configs saved in /etc/target/backup/.
Configuration saved to /etc/target/saveconfig.json
iSCSI after creating LUN
Listing a created iSCSI LUN

That’s it we have completed with configuring iSCSI Target in RHEL 8 server. The same steps are applied for RHEL 7.x servers as-well.

Continue setup iSCSI client by clicking on NEXT or clicking on Configuring iSCSI Client side setup

LEAVE A REPLY

Please enter your comment!
Please enter your name here