ISCSI
Target
targetcli-fb
All major Linux distributions switched to LIO now and should have the targetcli-fb package available.[1]
apt-get install targetcli-fb # Debian, Ubuntu dnf install targetcli # Fedora emerge sys-block/? # Gentoo
The targetcli
utility must can be used to create and configure our target in an interactive dialog.[2][3] Once configured, the actual configuration file is then saved to /etc/target
(resp. /etc/rtslib-fb-target
in Debian), which can be looked at, but shoud not be edited.
Let's create a simple target:
/> cd backstores/fileio /backstores/fileio> create disk0 /var/tmp/disk0.img Created fileio disk0 with size 1073741824
/backstores/fileio> cd /iscsi /iscsi> create iqn.2023-10.org.example:0 # iSCSI Qualified Name according to RFC 3720 Created target iqn.2023-10.org.example:0. Created TPG 1. Global pref auto_add_default_portal=true Created default portal listening on all IPs (0.0.0.0), port 3260.
Adjust the portal address if needed:
/iscsi> cd iqn.2023-10.org.example:0/tpg1/portals/ /iscsi/iqn.20.../tpg1/portals> delete 0.0.0.0 3260 Deleted network portal 0.0.0.0:3260 /iscsi/iqn.20.../tpg1/portals> create ip_address=127.0.0.1 ip_port=3260 Using default IP port 3260 Created network portal 127.0.0.1:3260.
Create a LUN:
/iscsi/iqn.20...xample:0/tpg1> cd ../luns /iscsi/iqn.20...e:0/tpg1/luns> create /backstores/fileio/disk0 Created LUN 0.
Create a default ACL, for the initiator from /etc/iscsi/initiatorname.iscsi:
/iscsi/iqn.20...e:0/tpg1/luns> cd ../acls /iscsi/iqn.20...e:0/tpg1/acls> create iqn.1994-05.com.redhat:8249dc99df3 Created Node ACL for iqn.1994-05.com.redhat:8249dc99df3 Created mapped LUN 0.
Exiting the configuration tool will save the configuration. Once an initiator is connected, we can see its session too:
/> sessions alias: fedora sid: 1 type: Normal session-state: LOGGED_IN
Adding (and removing) new disks can be summarized as:
/> /backstores/fileio/ create disk3 /var/tmp/disk3.img /> /iscsi create iqn.2023-10.org.foobar:0 /> /iscsi/iqn.2023-10.org.foobar:0/tpg1/portals delete 0.0.0.0 3260 # Only if needed! /> /iscsi/iqn.2023-10.org.foobar:0/tpg1/portals create ip_address=127.0.0.1 ip_port=3260 # Only if needed! /> /iscsi/iqn.2023-10.org.foobar:0/tpg1/luns create /backstores/fileio/disk3 /> /iscsi/iqn.2023-10.org.foobar:0/tpg1/acls create iqn.1994-05.com.suse:1234567
tgt
Contrary to targetcli-fb above, tgt can be used to set up an iSCSI target in user space.
TBD
iscsi-target
NetBSD has iscsi-target that can be configured[4] as follows.
TBD
Initiator
open-iscsi
The initiator has been implemented via the open-iscsi tools in Linux - install as needed:
apt-get install open-iscsi # Debian, Ubuntu dnf install iscsi-initiator-utils # Fedora
Our own InitiatorName[5][6] can be obtained via:
$ grep ^I /etc/iscsi/initiatorname.iscsi InitiatorName=iqn.1993-08.org.example:01:4997abfcc187
Or generated via:
$ iscsi-iname -p iqn.$(date +%Y-%m).org.$(uname -n) iqn.2023-10.org.example:ba54addae6a8
The syntax for iscsiadm is quite complicated, so let's show a few examples.
Discover existing targets via the portal
interface:
$ iscsiadm -m discovery -t sendtargets -p localhost 127.0.0.1:3260,1 iqn.2023-10.org.example:0
Once discovered, it will show up via discoverydb
:
$ iscsiadm -m discoverydb -o show localhost:3260 via sendtargets
Login to the target discovered above:
$ iscsiadm -m node -T iqn.2023-10.org.example:0 --login Logging in to [iface: default, target: iqn.2023-10.org.example:0, portal: 127.0.0.1,3260] (multiple) Login to [iface: default, target: iqn.2023-10.org.example:0, portal: 127.0.0.1,3260] successful.
With that a new device should be present on our machine:
lsblk --scsi NAME HCTL TYPE VENDOR MODEL REV TRAN sdb 1:0:0:0 disk LIO-ORG disk0 4.0 iscsi
$ dmesg -t | tail iscsi: registered transport (iser) scsi host7: iSCSI Initiator over TCP/IP scsi 7:0:0:0: Direct-Access LIO-ORG disk0 4.0 PQ: 0 ANSI: 5 sd 7:0:0:0: Attached scsi generic sg1 type 0 sd 7:0:0:0: [sda] 3906521088 512-byte logical blocks: (2.00 TB/1.82 TiB) sd 7:0:0:0: [sda] Write Protect is off sd 7:0:0:0: [sda] Mode Sense: 43 00 10 08 sd 7:0:0:0: [sda] Write cache: enabled, read cache: enabled, supports DPO and FUA sd 7:0:0:0: [sda] Optimal transfer size 2048 logical blocks > dev_max (256 logical blocks) sd 7:0:0:0: [sda] Attached SCSI disk
List active session
entries:
$ iscsiadm -m session tcp: [3] 127.0.0.1:3260,1 iqn.2023-10.org.example:0 (non-flash)
Logout from a particular node
:
$ iscsiadm -m node -T iqn.2023-10.org.example:0 --logout Logging out of session [sid: 3, target: iqn.2023-10.org.example:0, portal: 127.0.0.1,3260] Logout of [sid: 3, target: iqn.2023-10.org.example:0, portal: 127.0.0.1,3260] successful.
While the session has been logged out from, it can still be found in discoverydb
:
$ iscsiadm -m discoverydb localhost:3260 via sendtargets
To remove this entry:
iscsiadm -m discoverydb -t sendtargets -p localhost:3260 -o delete
iscsictl
NetBSD
On NetBSD the initiator can be configured via iscsictl.
Enable the initiator and start it:
$ grep iscsi /etc/rc.conf iscsid=YES $ /etc/rc.d/iscsid start
Add a target:
$ iscsictl add_send_target -a localhost:3260 Added Send Target 1
List targets:
$ iscsictl refresh_targets OK $ iscsictl list_targets 1: iqn.2023-10.org.example:0 2: 127.0.0.1:3260,1
Login to the target:
$ iscsictl login -P 1 iscsictl: login: The login failed
We haven't created an ACL on the target yet:
kernel: iSCSI Initiator Node: iqn.1994-04.org.netbsd:iscsi.alice:0 is not authorized to access iSCSI target portal group: 1. kernel: iSCSI Login negotiation failed.
Once the ACL has been configured, we can try again:
$ iscsictl login -P 1 Created Session 3, Connection 1 $ dmesg scsibus0 at iscsi0: 1 target, 16 luns per target sd0 at scsibus0 target 0 lun 0: <LIO-ORG, disk0, 4.0> disk fixed sd0: fabricating a geometry sd0: 1024 MB, 1024 cyl, 64 head, 32 sec, 512 bytes/sect x 2097152 sectors sd0: fabricating a geometry sd0: async, 8-bit transfers, tagged queueing
List sessions:
$ iscsictl list_sessions Session 3: Target iqn.2023-10.org.example:0
And logout again:
$ iscsictl logout -I 3 OK $ iscsictl list_sessions iscsictl: list_sessions: The list is empty
FreeBSD
FreeBSD carries iscsictl
as well, albeit with a different syntax:
iscsictl -A -p 10.0.0.3:3260 -t iqn.2023-10.org.example:0
Our own InitiatorName
is still set to its default, but we can simplify our initiator setup with iscsi.conf:
$ cat /etc/iscsi.conf foobar { targetaddress = 10.0.0.3; targetname = "iqn.2023-10.org.example:0"; initiatorname = "iqn.2023-10.org.freebsd:0"; }
Login with:
$ iscsictl -A -n foobar $ iscsictl -L Target name Target portal State iqn.2023-10.org.example:0 10.0.0.3 Connected: da0 da1 da2 da3
OpenBSD
TBD
iscsicpl.exe
Newer Windows versions can configure initiators via %systemroot%\System32\iscsicpl.exe
.[7]
Links
- Mass Storage over IP Networks: iSCSI
- globalSAN – The iSCSI Initiator for macOS/OS X
- Setting Up Solaris iSCSI Targets and Initiators