ISCSI

From Segfault
Jump to: navigation, search

Target

targetcli-fb

All major Linux distributions switched to LIO now and should have the targetcli-fb package available.[1]

apt-get install targetcli-fb                                                               # Debian, Ubuntu
dnf install targetcli                                                                      # Fedora
emerge sys-block/?                                                                         # Gentoo

The targetcli utility must can be used to create and configure our target in an interactive dialog.[2][3] Once configured, the actual configuration file is then saved to /etc/target (resp. /etc/rtslib-fb-target in Debian), which can be looked at, but shoud not be edited.

Let's create a simple target:

/> cd backstores/fileio
/backstores/fileio> create disk0 /var/tmp/disk0.img
Created fileio disk0 with size 1073741824
/backstores/fileio> cd /iscsi
/iscsi> create iqn.2019-08.org.example:0                             # iSCSI Qualified Name according to RFC 3720
Created target iqn.2019-08.org.example:0.
Created TPG 1.
Global pref auto_add_default_portal=true
Created default portal listening on all IPs (0.0.0.0), port 3260.

Adjust the portal address if needed:

/iscsi> cd iqn.2019-08.org.example:0/tpg1/portals/
/iscsi/iqn.20.../tpg1/portals> delete 0.0.0.0 3260 
Deleted network portal 0.0.0.0:3260

/iscsi/iqn.20.../tpg1/portals> create ip_address=127.0.0.1 ip_port=3260
Using default IP port 3260
Created network portal 127.0.0.1:3260.

Create a LUN:

/iscsi/iqn.20...xample:0/tpg1> cd ../luns
/iscsi/iqn.20...e:0/tpg1/luns> create /backstores/fileio/disk0
Created LUN 0.

Create a default ACL, for the initiator from /etc/iscsi/initiatorname.iscsi:

/iscsi/iqn.20...e:0/tpg1/luns> cd ../acls
/iscsi/iqn.20...e:0/tpg1/acls> create iqn.1994-05.com.redhat:8249dc99df3
Created Node ACL for iqn.1994-05.com.redhat:8249dc99df3
Created mapped LUN 0.

Exiting the configuration tool will save the configuration. Once an initiator is connected, we can see its session too:

/> sessions
alias: fedora    sid: 1 type: Normal session-state: LOGGED_IN

Adding (and removing) new disks can be summarized as:

/> /backstores/fileio/ create disk3 /var/tmp/disk3.img
/> /iscsi create iqn.2019-08.org.foobar:0

/> /iscsi/iqn.2019-08.org.foobar:0/tpg1/portals delete 0.0.0.0 3260                        # Only if needed!
/> /iscsi/iqn.2019-08.org.foobar:0/tpg1/portals create ip_address=127.0.0.1 ip_port=3260   # Only if needed!

/> /iscsi/iqn.2019-08.org.foobar:0/tpg1/luns create /backstores/fileio/disk3

/> /iscsi/iqn.2019-08.org.foobar:0/tpg1/acls create iqn.1994-05.com.suse:1234567

tgt

Contrary to targetcli-fb above, tgt can be used to set up an iSCSI target in user space.

TBD

iscsi-target

NetBSD has iscsi-target that can be configured[4] as follows.

TBD

Initiator

open-iscsi

The initiator has been implemented via the open-iscsi tools in Linux - install as needed:

apt-get install open-iscsi                                                                 # Debian, Ubuntu
dnf install iscsi-initiator-utils                                                          # Fedora

The syntax for iscsiadm is quite complicated, so let's show a few examples.

Discover existing targets via the portal interface:

$ iscsiadm -m discovery -t sendtargets -p localhost
127.0.0.1:3260,1 iqn.2019-08.org.example:0

Once discovered, it will show up via discoverydb:

$ iscsiadm -m discoverydb -o show
localhost:3260 via sendtargets

Login to the target discovered above:

$ iscsiadm -m node -T iqn.2019-08.org.example:0 --login
Logging in to [iface: default, target: iqn.2019-08.org.example:0, portal: 127.0.0.1,3260] (multiple)
Login to      [iface: default, target: iqn.2019-08.org.example:0, portal: 127.0.0.1,3260] successful.

With that a new device should be present on our machine:

lsblk --scsi
NAME HCTL       TYPE VENDOR   MODEL             REV TRAN
sdb  1:0:0:0    disk LIO-ORG  disk0            4.0  iscsi

List active session entries:

$ iscsiadm -m session 
tcp: [3] 127.0.0.1:3260,1 iqn.2019-08.org.example:0 (non-flash)

Logout from a particular node:

$ iscsiadm -m node -T iqn.2019-08.org.example:0 --logout
Logging out of session [sid: 3, target: iqn.2019-08.org.example:0, portal: 127.0.0.1,3260]
Logout of              [sid: 3, target: iqn.2019-08.org.example:0, portal: 127.0.0.1,3260] successful.

While the session has been logged out from, it can still be found in discoverydb:

$ iscsiadm -m discoverydb
localhost:3260 via sendtargets

To remove this entry:

iscsiadm -m discoverydb -t sendtargets -p localhost:3260 -o delete

iscsictl

On NetBSD and FreeBSD the initiator can be configured via iscsictl.

Enable the initiator and start it:

$ grep iscsi /etc/rc.conf
iscsid=YES

$ /etc/rc.d/iscsid start

Add a target:

$ iscsictl add_send_target -a localhost:3260
Added Send Target 1

List targets:

$ iscsictl refresh_targets
OK

$ iscsictl list_targets
    1: iqn.2019-08.org.example:0
       2: 127.0.0.1:3260,1

Login to the target:

$ iscsictl login -P 1
iscsictl: login: The login failed

We haven't created an ACL on the target yet:

kernel: iSCSI Initiator Node: iqn.1994-04.org.netbsd:iscsi.alice:0 is not authorized to access iSCSI target portal group: 1.
kernel: iSCSI Login negotiation failed.

Once the ACL has been configured, we can try again:

$ iscsictl login -P 1
Created Session 3, Connection 1

$ dmesg
scsibus0 at iscsi0: 1 target, 16 luns per target
sd0 at scsibus0 target 0 lun 0: <LIO-ORG, disk0, 4.0> disk fixed
sd0: fabricating a geometry
sd0: 1024 MB, 1024 cyl, 64 head, 32 sec, 512 bytes/sect x 2097152 sectors
sd0: fabricating a geometry
sd0: async, 8-bit transfers, tagged queueing

List sessions:

$ iscsictl list_sessions
Session 3: Target iqn.2019-08.org.example:0

And logout again:

$ iscsictl logout -I 3
OK

$ iscsictl list_sessions
iscsictl: list_sessions: The list is empty

On another machine, the same procedure failed:[5]

$ iscsictl login -P 1
iscsictl: login: Mapping the LUNs failed

iscsi-initiator doesn't get much further:

$ iscsi-initiator -D localhost
Targets available from host netbsd:
iqn.2019-08.org.example:0 at 127.0.0.1:3260,1

 $ iscsi-initiator -h localhost -t iqn.2019-08.org.example:0 /mnt     
 pid 1455:/usr/src/external/bsd/iscsi/lib/../dist/src/lib/protocol.c:1465: ***ERROR*** Bytes 8-15
 pid 1455:/usr/src/external/bsd/iscsi/lib/../dist/src/lib/initiator.c:3435: ***ERROR*** iscsi_scsi_rsp_decap() failed
 pid 1455:/usr/src/external/bsd/iscsi/lib/../dist/src/lib/initiator.c:1714: ***ERROR*** rx_worker[0]: scsi_read_data_i() failed

iscsicpl.exe

Newer Windows versions can configure initiators via %systemroot%\System32\iscsicpl.exe.

Links


References