Use iSCSI Target to create centralized security storage (1)
ISCSI is a block-level protocol used to share original storage devices through TCP/IP networks, you can use an existing IP address and ethernet address, such as a nic, vswitch, or vro, to share and access storage through the iSCSI protocol. ISCSI target is a remote hard disk provided by the remote iSCSI server (target.
Install iSCSI Target in Linux
We can provide stable connections and performance for clients without occupying a large amount of resources. The iSCSI server is called the Target, which provides storage sharing on the server. The iSCSI client is called an Initiator, which accesses the storage shared by the target. ISCSI adapters sold in the market for large-scale storage services such as SAN.
Why should we use iSCSI adapters in large storage sectors?
An Ethernet adapter (NIC) is designed to transmit grouped data between systems, servers, and storage devices, such as NAS, and is not suitable for transmitting block-level data over the Internet.
ISCSI Target functions
- Several iSCSI targets can be run on one machine.
- One machine can provide multiple iSCSI target devices for iSCSI SAN access
- A target is a piece of storage, and can be accessed by the initiating Program (client) through the network.
- The storage is aggregated so that they can access the iSCSI LUN (logical unit number) in the network)
- ISCSI supports multiple connections in the same session
- The iSCSI initiator finds the target in the network and then authenticates and logs on with the LUN, so that the remote storage can be accessed locally.
- We can install any operating system on the locally mounted LUN, just like installing our local operating system.
Why iSCSI?
In virtualization, we need high storage redundancy and stability. iSCSI provides these features at a low cost. Compared with a fiber-channel SAN, we can use existing devices such as NIC and Ethernet switches to build a low-cost SAN.
Now I start to use the iSCSI target to install and configure Secure storage. In this article, we follow the steps below:
- We need to isolate a system to set the iSCSI target and the initiator (client ).
- You can add multiple hard disks in a large storage environment, but here we only use one additional drive apart from the basic installation disk.
- Here we only use two hard disks, one for basic Server installation and the other for storage (LUN), which will be described in the second article in this series.
Master server settings
- Operating System-CentOS 6.5 (Final)
- ISCSI Destination IP-192.168.0.200
- Port used: TCP 860,326 0
- Configuration File:/etc/tgt/targets. conf
Install iSCSI Target
Open the terminal and use the yum command to search for the package name to be installed on the iscsi target.
- # Yum search iscsi
Output example
- ======================================== N/S matched: iscsi ====================================
- Iscsi-initiator-utils.x86_64: iSCSI daemon and utility programs
- Iscsi-initiator-utils-devel.x86_64: Development files for iscsi-initiator-utils
- Lsscsi. x86_64: List SCSI devices (or hosts) and associated information
- Scsi-target-utils.x86_64: The SCSI target daemon and utility programs
You will go to the above results and select the Target package for installation.
- # Yum install scsi-target-utils-y
Install the iSCSI Tool
List the content in the installed package to learn about the default configuration, service, and man page location.
- # Rpm-ql scsi-target-utils.x86_64.
List all files in the iSCSI package
Let's start the iSCSI service and check the service running status. The iSCSI service name is tgtd.
- #/Etc/init. d/tgtd start
- #/Etc/init. d/tgtd status
Start the iSCSI service
Now we need to configure automatic start upon startup.
- # Chkconfig tgtd on
Verify that the running level of the tgtd service is correctly configured.
- # Chkconfig -- list tgtd
Start iSCSI
Now we use tgtadm to list which targets and Luns have been configured on our servers.
- # Tgtadm -- mode target -- op show
Tgtd is installed and running, but the above command is not output because we have not defined the LUN on the Target server. To view the manual, run the 'man 'command.
- # Man tgtadm
ISCSI Man page
If your target has an iptable, we need to add an iptable rule for iSCSI. First, use the netstat command to find the port number Of The iscsi target. The target always listens to TCP port 3260.
- # Netstat-tulnp | grep tgtd
Find the iSCSI Port
Add the following rules to allow the iptable to broadcast the iSCSI target to discover packets.
- # Iptables-a input-I eth0-p tcp -- dport 860-m state -- state NEW, ESTABLISHED-j ACCEPT
- # Iptables-a input-I eth0-p tcp -- dport 3260-m state -- state NEW, ESTABLISHED-j ACCEPT
Open the iSCSI Port
Add iSCSI port to iptable
Note: rules may vary depending on your default chain policy. Save the iptable and restart the service.
- # Iptables-save
- #/Etc/init. d/iptables restart
Restart iptable
Now we have deployed a target server to share the LUN with the initiator program that has passed TCP/IP authentication. This is also suitable for small to large scale production environments.
In my next article, I will show you how to use LVM in the target machine to create a LUN and share the LUN in the client. Don't forget to leave valuable comments.
-------------------------------------- Split line --------------------------------------
Web Service shared storage cluster architecture based on RHCS + iSCSI + CLVM
Configure iSCSI storage and multi-path functions in Linux
Build an ip san-based iSCSI Storage System
ISCSI connection failure Solution
Install CentOS 6.0 and configure the iSCSI service in Citrix XenServer
CentOS 5.3 mounts storage cabinets with iSCSI
Takes you three steps to quickly learn how to build iSCSI
-------------------------------------- Split line --------------------------------------
This article permanently updates the link address: