linux_config_iscsi

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
linux_config_iscsi [2019/10/30 13:32] andonovjlinux_config_iscsi [2019/11/07 00:25] (current) – external edit 127.0.0.1
Line 3: Line 3:
  
 ======iSCSI Configuration====== ======iSCSI Configuration======
- 
- 
 The configure iSCSI you have to configure the following components: The configure iSCSI you have to configure the following components:
  
Line 43: Line 41:
  
 So the connection will be initiated by the iSCSI initiator (on the client machine) -> iSCSI Target (on the server machine, over Internet) -> LUN (at the storage level) So the connection will be initiated by the iSCSI initiator (on the client machine) -> iSCSI Target (on the server machine, over Internet) -> LUN (at the storage level)
 +
 +
 +====Windows====
 +In Windows server, you can create it via the wizzard in the Server Manager and it should be something like this at the end:
 +
 +{{ :iscsitargerwindows.jpg?400 |}}
 +
 +
 +
  
 =====iSCSI Initiator===== =====iSCSI Initiator=====
Line 90: Line 97:
  
  
 +===CHAP===
 +Chap protection might or might not be enabled on the target server. If CHAP is configured on the iSCSI target, we have to configure it in the initiator.
  
 +**BE CAREFUL TO CONFIGURE ONLY THE INITIATOR PART OR YOU WILL HAVE this error: "The challenge was incorrect."
 +**
  
 +The configuration is done in the:
 +
 +/etc/iscsi/iscsid.conf
 +
 +<sxh bash>
 +# *************
 +# CHAP Settings
 +# *************
 +
 +# To enable CHAP authentication set node.session.auth.authmethod
 +# to CHAP. The default is None.
 +node.session.auth.authmethod = CHAP
 +
 +# To set a CHAP username and password for initiator
 +# authentication by the target(s), uncomment the following lines:
 +node.session.auth.username = username
 +node.session.auth.password = pass
 +
 +# To set a CHAP username and password for target(s)
 +# authentication by the initiator, uncomment the following lines:
 +#node.session.auth.username_in = username
 +#node.session.auth.password_in = pass
 +
 +# To enable CHAP authentication for a discovery session to the target
 +# set discovery.sendtargets.auth.authmethod to CHAP. The default is None.
 +#discovery.sendtargets.auth.authmethod = CHAP
 +
 +# To set a discovery session CHAP username and password for the initiator
 +# authentication by the target(s), uncomment the following lines:
 +#discovery.sendtargets.auth.username = username
 +#discovery.sendtargets.auth.password = pass
 +
 +# To set a discovery session CHAP username and password for target(s)
 +# authentication by the initiator, uncomment the following lines:
 +#discovery.sendtargets.auth.username_in = username
 +#discovery.sendtargets.auth.password_in = pass
 +</sxh>
 +
 +Restart the iscsi deamon:
 +
 +<sxh bash>
 +[root@matar /]# service iscsid restart
 +Redirecting to /bin/systemctl restart  iscsid.service
 +[root@matar /]#
 +</sxh>
 +
 +===Login===
 +We can login to the iSCSI target and start a session as follows:
 +
 +<sxh bash>
 +[root@client_host /]#  iscsiadm --mode node --targetname iqn.1991-05.com.microsoft:taurus-taurus-orabackup-target --portal 10.200.15.30:3260 --login
 +Logging in to [iface: default, target: iqn.1991-05.com.microsoft:taurus-taurus-orabackup-target, portal: IP,3260] (multiple)
 +Login to [iface: default, target: iqn.1991-05.com.microsoft:taurus-taurus-orabackup-target, portal: IP,3260] successful.
 +</sxh>
 +
 +You can also list the current setting for the initiator and target as follows:
 +
 +<sxh bash>
 +[root@client_host /]#  iscsiadm --mode node --targetname iqn.1991-05.com.microsoft:taurus-taurus-orabackup-target --portal iscsi_target_server_ip:3260
 +# BEGIN RECORD 6.2.0.873-30
 +node.name = iqn.1991-05.com.microsoft:taurus-taurus-orabackup-target
 +node.tpgt = 1
 +node.startup = automatic
 +node.leading_login = No
 +iface.hwaddress = <empty>
 +iface.ipaddress = <empty>
 +iface.iscsi_ifacename = default
 +iface.net_ifacename = <empty>
 +iface.transport_name = tcp
 +iface.initiatorname = <empty>
 +iface.state = <empty>
 +iface.vlan_id = 0
 +iface.vlan_priority = 0
 +iface.vlan_state = <empty>
 +iface.iface_num = 0
 +iface.mtu = 0
 +iface.port = 0
 +iface.bootproto = <empty>
 +iface.subnet_mask = <empty>
 +iface.gateway = <empty>
 +iface.dhcp_alt_client_id_state = <empty>
 +iface.dhcp_alt_client_id = <empty>
 +iface.dhcp_dns = <empty>
 +iface.dhcp_learn_iqn = <empty>
 +iface.dhcp_req_vendor_id_state = <empty>
 +iface.dhcp_vendor_id_state = <empty>
 +iface.dhcp_vendor_id = <empty>
 +iface.dhcp_slp_da = <empty>
 +iface.fragmentation = <empty>
 +iface.gratuitous_arp = <empty>
 +iface.incoming_forwarding = <empty>
 +iface.tos_state = <empty>
 +iface.tos = 0
 +iface.ttl = 0
 +iface.delayed_ack = <empty>
 +iface.tcp_nagle = <empty>
 +iface.tcp_wsf_state = <empty>
 +iface.tcp_wsf = 0
 +iface.tcp_timer_scale = 0
 +iface.tcp_timestamp = <empty>
 +iface.redirect = <empty>
 +iface.def_task_mgmt_timeout = 0
 +iface.header_digest = <empty>
 +iface.data_digest = <empty>
 +iface.immediate_data = <empty>
 +iface.initial_r2t = <empty>
 +iface.data_seq_inorder = <empty>
 +iface.data_pdu_inorder = <empty>
 +iface.erl = 0
 +iface.max_receive_data_len = 0
 +iface.first_burst_len = 0
 +iface.max_outstanding_r2t = 0
 +iface.max_burst_len = 0
 +iface.chap_auth = <empty>
 +iface.bidi_chap = <empty>
 +iface.strict_login_compliance = <empty>
 +iface.discovery_auth = <empty>
 +iface.discovery_logout = <empty>
 +node.discovery_address = iscsi_target_server_ip
 +node.discovery_port = 3260
 +node.discovery_type = send_targets
 +node.session.initial_cmdsn = 0
 +node.session.initial_login_retry_max = 8
 +node.session.xmit_thread_priority = -20
 +node.session.cmds_max = 128
 +node.session.queue_depth = 32
 +node.session.nr_sessions = 1
 +node.session.auth.authmethod = CHAP
 +node.session.auth.username = izoladbbackup
 +node.session.auth.password = ********
 +node.session.auth.username_in = <empty>
 +node.session.auth.password_in = <empty>
 +node.session.timeo.replacement_timeout = 120
 +node.session.err_timeo.abort_timeout = 15
 +node.session.err_timeo.lu_reset_timeout = 30
 +node.session.err_timeo.tgt_reset_timeout = 30
 +node.session.err_timeo.host_reset_timeout = 60
 +node.session.iscsi.FastAbort = Yes
 +node.session.iscsi.InitialR2T = No
 +node.session.iscsi.ImmediateData = Yes
 +node.session.iscsi.FirstBurstLength = 262144
 +node.session.iscsi.MaxBurstLength = 16776192
 +node.session.iscsi.DefaultTime2Retain = 0
 +node.session.iscsi.DefaultTime2Wait = 2
 +node.session.iscsi.MaxConnections = 1
 +node.session.iscsi.MaxOutstandingR2T = 1
 +node.session.iscsi.ERL = 0
 +node.conn[0].address = iscsi_target_server_ip
 +node.conn[0].port = 3260
 +node.conn[0].startup = manual
 +node.conn[0].tcp.window_size = 524288
 +node.conn[0].tcp.type_of_service = 0
 +node.conn[0].timeo.logout_timeout = 15
 +node.conn[0].timeo.login_timeout = 15
 +node.conn[0].timeo.auth_timeout = 45
 +node.conn[0].timeo.noop_out_interval = 5
 +node.conn[0].timeo.noop_out_timeout = 5
 +node.conn[0].iscsi.MaxXmitDataSegmentLength = 0
 +node.conn[0].iscsi.MaxRecvDataSegmentLength = 262144
 +node.conn[0].iscsi.HeaderDigest = None
 +node.conn[0].iscsi.IFMarker = No
 +node.conn[0].iscsi.OFMarker = No
 +# END RECORD
 +</sxh>
 +
 +That information is also available on:
 +/var/lib/iscsi/nodes/iqn
 +
 +<sxh bash>
 +[root@matar 10.200.15.30,3260,1]# pwd
 +/var/lib/iscsi/nodes/iqn.1991-05.com.microsoft:taurus-taurus-orabackup-target/10.200.15.30,3260,1
 +[root@matar 10.200.15.30,3260,1]# ls -lart
 +total 4
 +-rw------- 1 root root 2155 Nov  1 12:40 default
 +drw------- 3 root root   32 Nov  1 12:40 ..
 +drw------- 2 root root   20 Nov  1 12:40 .
 +[root@matar 10.200.15.30,3260,1]#
 +</sxh>
 +
 +Once the Login was successfully, we can check where the OS mounted the device:
 +<sxh bash>
 +[root@matar 10.200.15.30,3260,1]# lsblk --scsi|grep LIO
 +sdf  3:0:0:   disk LIO-ORG  block1   4.0  iscsi
 +</sxh>
 +
 +Or you can just grep in the /var/log/messages
 +
 +<sxh bash>
 +[root@oraback log]# grep " Attached scsi disk" /var/log/messages
 +Nov  6 16:49:22 oraback kernel: sd 4:0:0:0: Attached scsi disk sdf
 +[root@oraback log]#
 +</sxh>
 +
 +Then we can create the file system:
 +
 +<sxh bash>
 +[root@matar 10.200.15.30,3260,1]# mkfs.ext4 -m0 /dev/sdf
 +[root@matar 10.200.15.30,3260,1]# blkid | grep sdf
 +/dev/sdf: UUID="6a1c44d0-3e2f-49fc-85ba-ced3e44bb5b0" TYPE="ext4"
 +</sxh>
 +
 +Add the following to the /etc/fstab:
 +
 +<sxh bash>
 +[root@matar 10.200.15.30,3260,1]# mkdir -p /mnt/block1
 +[root@matar 10.200.15.30,3260,1]# echo "UUID=6a1c44d0-3e2f-49fc-85ba-ced3e44bb5b0 /mnt/block1 ext4 _netdev 0 0" >> /etc/fstab
 +</sxh>
 +
 +And then we can mount the file system:
 +
 +<sxh bash>
 +[root@matar 10.200.15.30,3260,1]# mount /mnt/block1
 +[root@matar 10.200.15.30,3260,1]# df -h | grep block1
 +UUID=6a1c44d0-3e2f-49fc-85ba-ced3e44bb5b0   10.0G  9.9G  0.1G  1% /mnt/block1
 +</sxh>
 +
 +===Logout===
 +You can decide to abort a session and disconnect as follows:
 +
 +<sxh bash>
 +[root@matar dev]# iscsiadm --mode node --targetname iqn.1991-05.com.microsoft:taurus-taurus-orabackup-target --portal 10.200.15.30:3260 --logout
 +Logging out of session [sid: 16, target: iqn.1991-05.com.microsoft:taurus-taurus-orabackup-target, portal: iscsi_target_server_ip,3260]
 +Logout of [sid: 16, target: iqn.1991-05.com.microsoft:taurus-taurus-orabackup-target, portal: iscsi_target_server_ip,3260] successful.
 +</sxh>
 +
 +
 +
 +===Delete configuration===
 +To deleting a configuration, we need to:
 +
 +  - Disconnect/Logout
 +  - Ensure that the driver won't try to re-connect
 +
 +==Logout==
 +<sxh bash>
 +[root@matar ~]# iscsiadm --mode node --targetname iqn.1991-05.com.microsoft:taurus-taurus-orabackup-target --portal 10.200.15.30:3260 --logout
 +Logging out of session [sid: 20, target: iqn.1991-05.com.microsoft:taurus-taurus-orabackup-target, portal: 10.200.15.30,3260]
 +</sxh>
 +
 +==Delete==
 +<sxh bash>
 +[root@matar ~]# iscsiadm -m node -o delete -T iqn.1991-05.com.microsoft:taurus-taurus-orabackup-target
 +[root@matar ~]# iscsiadm -m session
 +iscsiadm: No active sessions.
 +</sxh>
 +
 +=====Performance=====
 +I've found that iSCSI isn't particulary fast. I've found that my environment isn't so much loaded. That can be because the clients aren't using Jumbo frames so that might be the reson.
 +
 +<sxh bash>
 +[root@server Logs]# ip link show | grep mtu
 +1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT
 +2: eno16780032: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT qlen 1000
 +3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT
 +4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN mode DEFAULT qlen 500
 +[root@server Logs]# ls -lart
 +</sxh>
  
 +Here is a good article of how to speed up the performance of the iSCSI:
  
 +https://www.monperrus.net/martin/performance+of+read-write+throughput+with+iscsi
  • linux_config_iscsi.1572442326.txt.gz
  • Last modified: 2019/10/30 21:32
  • (external edit)