CentOS下ISCSI共享存储配置

ISCSI共享存储

​ ISCSI,小型计算机系统接口,又称为IP-SAN,是一种基于因特网及SCSI-3协议下的存储技术,它可以共享镜像文件(*.img)、分区(partition)、物理硬盘和逻辑卷等。现在使用ISCSI技术实现局域网内共享物理磁盘磁盘分区

1. 环境准备

1.1硬件环境

  • 两台CentOS7.6的机器,一台额外安装2个硬盘的机器,用作存储设备。
  • 两台机器均可访问Internet

1.2 软件环境

​ 对额外挂载两个磁盘的机器,中的一个磁盘做分区操作

  • 磁盘分区

    [root@server ~]# fdisk /dev/sdc Welcome to fdisk (util-linux 2.23.2).  Changes will remain in memory only, until you decide to write them. Be careful before using the write command.  Device does not contain a recognized partition table Building a new DOS disklabel with disk identifier 0xf9c6e7e6.  Command (m for help): m Command action    a   toggle a bootable flag    b   edit bsd disklabel    c   toggle the dos compatibility flag    d   delete a partition    g   create a new empty GPT partition table    G   create an IRIX (SGI) partition table    l   list known partition types    m   print this menu    n   add a new partition    o   create a new empty DOS partition table    p   print the partition table    q   quit without saving changes    s   create a new empty Sun disklabel    t   change a partition's system id    u   change display/entry units    v   verify the partition table    w   write table to disk and exit    x   extra functionality (experts only)  Command (m for help): n Partition type:    p   primary (0 primary, 0 extended, 4 free)    e   extended Select (default p): p Partition number (1-4, default 1):  First sector (2048-20971519, default 2048):  Using default value 2048 Last sector, +sectors or +size{K,M,G} (2048-20971519, default 20971519):  Using default value 20971519 Partition 1 of type Linux and of size 10 GiB is set  Command (m for help): w The partition table has been altered!  Calling ioctl() to re-read partition table. Syncing disks. [root@server ~]#

2.ISCSI配置

2.1 服务器端配置

  • 安装scsi-target-utils和scsi-target-utils

    [root@server ~]# yum -y install epel-release [root@server ~]# yum -y install scsi-target-utils [root@server ~]# chkconfig tgtd on Note: Forwarding request to 'systemctl enable tgtd.service'. Created symlink from /etc/systemd/system/multi-user.target.wants/tgtd.service to /usr/lib/systemd/system/tgtd.service. [root@server ~]# service tgtd start Redirecting to /bin/systemctl start tgtd.service [root@server ~]# ss -tunlp | grep tgt tcp    LISTEN     0      128       *:3260                  *:*                   users:((tgtd,pid=12504,fd=6)) tcp    LISTEN     0      128      :::3260                 :::*                   users:((tgtd,pid=12504,fd=7)) [root@server ~]#

  • 编辑/etc/tgt/targets.conf

    追加以下内容

    <target iqn.2022.04.com.rac:iscsi.disk>         backing-store /dev/sdb         backing-store /dev/sdc1         incominguser iscsiuser iscsiuser         initiator-address 192.168.100.0/24 </target>

    backiing-store:共享的存储路径

    incominguser:该target的账密

    initiator-address:可以登录该target的IP或者IP段

    target命名规则:iqn.年份-月份.域名反写.设备识别

  • 关闭防火墙

    [root@server ~]# systemctl disable firewalld.service

    编辑/etc/selinux/config,把enforce更改成disabled

    [root@server ~]# vim /etc/selinux/config  
    # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: #     enforcing - SELinux security policy is enforced. #     permissive - SELinux prints warnings instead of enforcing. #     disabled - No SELinux policy is loaded. SELINUX=disabled # SELINUXTYPE= can take one of three values: #     targeted - Targeted processes are protected, #     minimum - Modification of targeted policy. Only selected processes are protected.  #     mls - Multi Level Security protection. SELINUXTYPE=targeted

2.2 客户端配置

  • 安装iscsi-initiator-utils

    [root@node1 ~]# yum -y install iscsi-initiator-utils

  • 设置开机自启动

    [root@node1 ~]# chkconfig iscsi on [root@node1 ~]# chkconfig iscsid on

  • 配置initiator文件

    vim /etc/iscsi/initiatorname.iscsi 
    InitiatorName=iqn.2022.04.com.rac:iscsi.disk

  • 配置iscsid.conf文件:

    [root@node1 ~]# vim /etc/iscsi/iscsid.conf

    把以下配置项的注释取消掉,并填入用户名和密码

    # To enable CHAP authentication set node.session.auth.authmethod # to CHAP. The default is None. node.session.auth.authmethod = CHAP  # To configure which CHAP algorithms to enable set # node.session.auth.chap_algs to a comma seperated list. # The algorithms should be listen with most prefered first. # Valid values are MD5, SHA1, SHA256 # The default is MD5. #node.session.auth.chap_algs = SHA256,SHA1,MD5  # To set a CHAP username and password for initiator # authentication by the target(s), uncomment the following lines: node.session.auth.username = iscsiuser node.session.auth.password = iscsiuser

  • 启动客户端服务

    [root@node1 ~]# service iscsi start [root@node1 ~]# service iscsid start

  • 设置开机自连接

    开机启动iscsi服务

    [root@node1 ~]# chkconfig iscsid on

    查找target,如果查找失败,重启服务器端

    [root@node1 ~]# iscsiadm -m discovery -t st -p 192.168.100.188 192.168.100.188:3260,1 iqn.2022.04.com.rac:iscsi.disk

    手动登录到共享的ISCSI存储

    [root@node1 ~]# iscsiadm -m node -T iqn.2022.04.com.rac:iscsi.disk -p 192.168.100.188 -l Logging in to [iface: default, target: iqn.2022.04.com.rac:iscsi.disk, portal: 192.168.100.188,3260] (multiple) Login to [iface: default, target: iqn.2022.04.com.rac:iscsi.disk, portal: 192.168.100.188,3260] successful. [root@node1 ~]#

    设置开机自启动连接target

    [root@node1 ~]# iscsiadm -m node -T iqn.2022.04.com.rac:iscsi.disk -p 192.168.100.188 --op update -n node.startup -v automatic=

    现在,共享的存储可以像本地磁盘一样使用了!