iSCSI is a TCP/IP protocol that allows the use of iSCSI disks on a network. The Internet Small Computer System Interface (iSCSI) is a server-based target and client initiator. When installed, the initiator is part of the Linux kernel. The iSCSI driver starts a connection between the client and the target.
The disks can be any Logical Volume (LVM) on a Linux system. In our example, we will use ‘sdb12’, if you have been following along with the articles. If you have not been following along, then just replace your partition with the ‘sdb12’ partition I mention.
Keep in mind that sharing a network drive allows remote access to files at the file level. The share on an iSCSI drive is at a block level since the accessed partition or drive acts as if the drive were local and not remote.
Install iSCSI
Installation is easy on both CentOS and Ubuntu.
For CentOS, the command is:
In Ubuntu, there is only one package:
Start and enable the service (targetd or tgt).
Remember that you need to update the system and get the repositories and packages updated before you run the above command for your distro.
Setting Up the Firewall
You may not have a firewall enabled on your server if it is not being accessed from the Internet. If you do, you need to open Port 3260 for iSCSI.
NOTE: After a clean install, CentOS installs the firewall and Ubuntu does not. For Ubuntu, use the command ‘sudo apt install firewalld’. Then start and enable the ‘firewalld’ service or restart the system.
To verify installation, you can use the command:
The response on either distro should be ‘ssh dhcpv6-client’. These are the ports that are open by the firewall.
So, we need to open the iSCSI port (3260) so the client (initiator) can access the server (target). The following command adds the entry in the firewall configuration:
NOTE: If any errors occur, be sure you enable all the services and start both the iSCSI and Firewall (if needed).
You can force the reload of the new configuration with the command:
Once the system loads the configuration changes, you can list the services again and see that the ‘iscsi-arget’ is now present on the list.
Create LVM for iSCSI
To set up an iSCSI connection between two systems, we need a Logical Volume to use as the iSCSI drive. We covered Logical Volumes in ‘LFCS – Logical Volumes’. I will still cover the basic commands with fewer details of the commands since you can just look over that article.
We can create the Physical Volume for ‘sdb12’ with the command:
You may need to verify the addition of the partition to ‘vgroup’, just answer ‘y’.
We can add the Volume Group and extend the Logical Volume with the following command:
We should have extended the volume by half a terabyte. So we can now create an iSCSI drive. Even though we have the space, we will just allocate 256MB of space for it.
Before we set it up, we need some network information, since this is a TCP/IP protocol.
For my CentOS system, the following is the IP configuration:
Hostname: Server1
FQDN: Server1.centos.linux.org
IP: 192.168.1.104
For Ubuntu, the following is the IP configuration:
Hostname: Server1
FQDN: Server1.ubuntu.linux.org
IP: 192.168.1.101
For CentOS, we will create an iSCSI drive named ‘c-scsi’ and for Ubuntu, it will be ‘u-scsi’.
We need to enter the command interface for iscsi by entering on a CentOS system:
You should see the output of the starting program that shows the version number. At the prompt, you can get a listing of the iSCSI system by entering ‘ls’.
In ‘backstores/block’ we will create the block device in the iSCSI system:
If an error occurs, unmount the logical volume:
If you perform ‘ls’, see the iSCSI device ‘c-scsi’ listed in ‘backstores’.
The command is:
It should now listen on Port 3260, which the command ‘netstat -lnt’ shows. Performing the ‘ls’ command now shows the ‘iscsi’ device.
We can now enter the device we created with:
Now, we can create the Logical Unit Number (LUN) as used in actual SCSI devices.
It should create ‘LUN 0’. Performing an ‘ls’ will show ‘lun0’ in ‘luns’.
Enter the command to go back one level:
There should be the ‘acls’ folder listed here that we can use to set permissions. To set up the permissions for ‘Server2’ for the iSCSI block drive:
You should be back at a normal terminal prompt, and the program saves the information.
We need to look at Server2 to make sure it is on the same network and in the same domain. The information is for the CentOS Server2:
Hostname: Server2
FQDN: Server2.centos.linux.org
IP: 192.168.1.126
NOTE: If your FQDN is not the same as the other system, go into and add the line for your system in ‘/etc/hosts’ and make sure the format is ‘IP FQDN HOSTNAME’. There is no need to restart the system. You can ping each system from the other one to verify connectivity. If you are using VirtualBox, you can change each system to a Bridged Network Interface.
For Ubuntu, the configuration is different. You need to edit the file ‘/etc/tgt/conf.d/iscsi.conf’ and place the following into it:
Save the file and restart the service:
Setting up the Initiator
On Server2, we need to install the client side software to connect to the iSCSI target.
On CentOS, perform the command:
After you install the packages, you need to edit the file ‘/etc/iscsi/initiator-iscsi’ and change the line to match your FQDN for Server2.
Save the file and run:
If you get any errors, check the case of the alphabetic characters in the two commands since it is case-sensitive. It should connect and if you run ‘lsblk’, then you should have a new drive, which is the iSCSI drive on Server1.
For Ubuntu, perform the following on Server2:
Now that the editor opens, enter the following line:
Save the file and run the command to configure more settings:
Be sure to change the IP Address as needed for Server1 and add the following lines to the ‘default’ file at the end:
Save the file then restart the ‘iscsi’ service by:
Back at the terminal, you can enter the following and you should see the result of the name for Server1 and the LUN:
This should connect to the iSCSI drive, but on Ubuntu there seem to be kernel issues to get this to work, and it causes ‘Segmentation Faults’. If you perform the commands after running ‘sudo su’, there aren’t errors, but no connection is made.
Unfortunately, I have not tried this with a newer kernel.
Conclusion
Using iSCSI as a block device is faster than using a share at file level.
Give this a try, but use CentOS since it works and is a little easier to manage.
The disks can be any Logical Volume (LVM) on a Linux system. In our example, we will use ‘sdb12’, if you have been following along with the articles. If you have not been following along, then just replace your partition with the ‘sdb12’ partition I mention.
Keep in mind that sharing a network drive allows remote access to files at the file level. The share on an iSCSI drive is at a block level since the accessed partition or drive acts as if the drive were local and not remote.
Install iSCSI
Installation is easy on both CentOS and Ubuntu.
For CentOS, the command is:
Code:
sudo yum install targetd targetcli
In Ubuntu, there is only one package:
Code:
sudo apt install tgt
Start and enable the service (targetd or tgt).
Remember that you need to update the system and get the repositories and packages updated before you run the above command for your distro.
Setting Up the Firewall
You may not have a firewall enabled on your server if it is not being accessed from the Internet. If you do, you need to open Port 3260 for iSCSI.
NOTE: After a clean install, CentOS installs the firewall and Ubuntu does not. For Ubuntu, use the command ‘sudo apt install firewalld’. Then start and enable the ‘firewalld’ service or restart the system.
To verify installation, you can use the command:
Code:
sudo firewall-cmd --list-services
The response on either distro should be ‘ssh dhcpv6-client’. These are the ports that are open by the firewall.
So, we need to open the iSCSI port (3260) so the client (initiator) can access the server (target). The following command adds the entry in the firewall configuration:
Code:
sudo firewall-cmd --add-service=iscsi-target --permanent
NOTE: If any errors occur, be sure you enable all the services and start both the iSCSI and Firewall (if needed).
You can force the reload of the new configuration with the command:
Code:
firewall-cmd --reload
Once the system loads the configuration changes, you can list the services again and see that the ‘iscsi-arget’ is now present on the list.
Create LVM for iSCSI
To set up an iSCSI connection between two systems, we need a Logical Volume to use as the iSCSI drive. We covered Logical Volumes in ‘LFCS – Logical Volumes’. I will still cover the basic commands with fewer details of the commands since you can just look over that article.
We can create the Physical Volume for ‘sdb12’ with the command:
Code:
sudo pvcreate /dev/sdb12
You may need to verify the addition of the partition to ‘vgroup’, just answer ‘y’.
We can add the Volume Group and extend the Logical Volume with the following command:
Code:
sudo pvcreate /dev/sdb12
sudo vgextend vgroup /dev/sdb12
sudo lvextend -L +500m /dev/vgroup/logvol
We should have extended the volume by half a terabyte. So we can now create an iSCSI drive. Even though we have the space, we will just allocate 256MB of space for it.
Before we set it up, we need some network information, since this is a TCP/IP protocol.
For my CentOS system, the following is the IP configuration:
Hostname: Server1
FQDN: Server1.centos.linux.org
IP: 192.168.1.104
For Ubuntu, the following is the IP configuration:
Hostname: Server1
FQDN: Server1.ubuntu.linux.org
IP: 192.168.1.101
For CentOS, we will create an iSCSI drive named ‘c-scsi’ and for Ubuntu, it will be ‘u-scsi’.
We need to enter the command interface for iscsi by entering on a CentOS system:
Code:
target-cli
You should see the output of the starting program that shows the version number. At the prompt, you can get a listing of the iSCSI system by entering ‘ls’.
In ‘backstores/block’ we will create the block device in the iSCSI system:
Code:
backstores/block create c-scsi /dev/vgroup/logvol
If an error occurs, unmount the logical volume:
Code:
sudo umount /dev/vgroup/logvol
If you perform ‘ls’, see the iSCSI device ‘c-scsi’ listed in ‘backstores’.
The command is:
Code:
iscsi/ create iqn.2024-10.org.linux.centos.server1:c-scsi
It should now listen on Port 3260, which the command ‘netstat -lnt’ shows. Performing the ‘ls’ command now shows the ‘iscsi’ device.
We can now enter the device we created with:
Code:
cd iscsi/iqn.2024-10.org.linux.centos.server1:c-scsi/tpg1/luns
Now, we can create the Logical Unit Number (LUN) as used in actual SCSI devices.
Code:
create /backstores/block/c-scsi
It should create ‘LUN 0’. Performing an ‘ls’ will show ‘lun0’ in ‘luns’.
Enter the command to go back one level:
Code:
cd ..
There should be the ‘acls’ folder listed here that we can use to set permissions. To set up the permissions for ‘Server2’ for the iSCSI block drive:
Code:
cd acls
create iqn.2024-10.org.linux.centos.Server2:c-scsi
exit
You should be back at a normal terminal prompt, and the program saves the information.
We need to look at Server2 to make sure it is on the same network and in the same domain. The information is for the CentOS Server2:
Hostname: Server2
FQDN: Server2.centos.linux.org
IP: 192.168.1.126
NOTE: If your FQDN is not the same as the other system, go into and add the line for your system in ‘/etc/hosts’ and make sure the format is ‘IP FQDN HOSTNAME’. There is no need to restart the system. You can ping each system from the other one to verify connectivity. If you are using VirtualBox, you can change each system to a Bridged Network Interface.
For Ubuntu, the configuration is different. You need to edit the file ‘/etc/tgt/conf.d/iscsi.conf’ and place the following into it:
Code:
<target iqn.2024-10.server1.ubuntu.linux.org:lun0>
backing-store /dev/vgroup/logvol
initiator-address 192.168.1.205
incominguser iscsi-user password
outgoinguser iscsi-target secretpass
</target>
Save the file and restart the service:
Code:
systemctl restart tgt
Setting up the Initiator
On Server2, we need to install the client side software to connect to the iSCSI target.
On CentOS, perform the command:
Code:
sudo yum install iscsi-initiator-utils
After you install the packages, you need to edit the file ‘/etc/iscsi/initiator-iscsi’ and change the line to match your FQDN for Server2.
Code:
InitiatorName=iqn.2024-10.org.linux.centos.Server2:c-scsi
Save the file and run:
Code:
iscsiadm --mode discovery --type sendtargets --portal server1.centos.linux.org:c-scsi –discover
iscsiadm --mode node --targetname iqn.2024-10.org.linux.centos.server1:c-scsi --portal server1.centos.linux.org --login
If you get any errors, check the case of the alphabetic characters in the two commands since it is case-sensitive. It should connect and if you run ‘lsblk’, then you should have a new drive, which is the iSCSI drive on Server1.
For Ubuntu, perform the following on Server2:
Code:
sudo apt install open-iscsi
sudo iscsiadm -m discovery -t st -p 192.168.1.101
nano /etc/iscsi/initiatorname.iscsi
Now that the editor opens, enter the following line:
Code:
InitiatorName=iqn.2024-10.org.linux.ubuntu.server1:u-scsi
Save the file and run the command to configure more settings:
Code:
cd /etc/iscsi/nodes/iqn.2024-10.server1.ubuntu.linux.org:lun0/192.168.1.101,3260,1
nano default
Be sure to change the IP Address as needed for Server1 and add the following lines to the ‘default’ file at the end:
Code:
node.session.auth.authmethod = CHAP
node.session.auth.username = iscsi-user
node.session.auth.password = password
node.session.auth.username_in = iscsi-target
node.session.auth.password_in = secretpass
node.startup = automatic
Save the file then restart the ‘iscsi’ service by:
Code:
sudo systemctl restart open-iscsi iscsid
Back at the terminal, you can enter the following and you should see the result of the name for Server1 and the LUN:
Code:
iscsiadm -m session -o show
This should connect to the iSCSI drive, but on Ubuntu there seem to be kernel issues to get this to work, and it causes ‘Segmentation Faults’. If you perform the commands after running ‘sudo su’, there aren’t errors, but no connection is made.
Unfortunately, I have not tried this with a newer kernel.
Conclusion
Using iSCSI as a block device is faster than using a share at file level.
Give this a try, but use CentOS since it works and is a little easier to manage.