利用iSCSI服务部署IP SAN网络存储服务

1688red2024-02-21 15:59

一、配置环境(Vmware WorkStation虚拟环境)

服务端与客户端OS:openEuler 22.03-LTS

CPU:1U1C

内存:2G

硬盘:5个SCSI磁盘,其中一个作为系统盘,另外四个配置为RAID5阵列

服务器IP:192.168.17.200

二、详细配置过程

1、配置RAID5

bash 复制代码 
mdadm -Cv /dev/md0 -n 3 -l 5 -x 1 /dev/sdb /dev/sdc /dev/sdd /dev/sde

其中,-Cv参数为创建阵列并显示过程,/dev/md0为生成的阵列组名称,-n 3参数为创建RAID 5磁盘阵列所需的硬盘个数,-l 5参数为RAID磁盘阵列的级别,-x 1参数为磁盘阵列的备份盘个数。

执行以下命令查看RAID5阵列详情

bash 复制代码 
mdadm -D /dev/md0

2、配置iSCSI服务端

(1)在服务器上安装iSCSI服务软件包

bash 复制代码 
dnf install -y targetcli

(2)配置iSCSI服务端共享资源

  • 查看iSCSI服务端共享资源
bash 复制代码 
[root@ipsan ~]# targetcli
targetcli shell version 2.1.54
Copyright 2011-2013 by Datera, Inc and others.
For help on commands, type 'help'.

/> ls
o- / ............................................................................................................. [...]
  o- backstores .................................................................................................. [...]
  | o- block ...................................................................................... [Storage Objects: 0]
  | o- fileio ..................................................................................... [Storage Objects: 0]
  | o- pscsi ...................................................................................... [Storage Objects: 0]
  | o- ramdisk .................................................................................... [Storage Objects: 0]
  o- iscsi ................................................................................................ [Targets: 0]
  o- loopback ............................................................................................. [Targets: 0]
  o- vhost ................................................................................................ [Targets: 0]
  o- xen-pvscsi ........................................................................................... [Targets: 0]
  • 将前面创建的RAID 5磁盘阵列md0作为iSCSI共享设备
bash 复制代码 
/> cd /backstores/block
/backstores/block> create disk0 /dev/md0
Created block storage object disk0 using /dev/md0.
/backstores/block> cd /
/> ls
o- / ............................................................................................................. [...]
  o- backstores .................................................................................................. [...]
  | o- block ...................................................................................... [Storage Objects: 1]
  | | o- disk0 ............................................................. [/dev/md0 (40.0GiB) write-thru deactivated]
  | |   o- alua ....................................................................................... [ALUA Groups: 1]
  | |     o- default_tg_pt_gp ........................................................... [ALUA state: Active/optimized]
  | o- fileio ..................................................................................... [Storage Objects: 0]
  | o- pscsi ...................................................................................... [Storage Objects: 0]
  | o- ramdisk .................................................................................... [Storage Objects: 0]
  o- iscsi ................................................................................................ [Targets: 0]
  o- loopback ............................................................................................. [Targets: 0]
  o- vhost ................................................................................................ [Targets: 0]
  o- xen-pvscsi ........................................................................................... [Targets: 0]
  • 创建iSCSI target名称及配置共享资源
bash 复制代码 
/> cd iscsi 
/iscsi> create 
Created target iqn.2003-01.org.linux-iscsi.ipsan.x8664:sn.a54ce739d195.
Created TPG 1.
Global pref auto_add_default_portal=true
Created default portal listening on all IPs (0.0.0.0), port 3260.
/iscsi> ls
o- iscsi .................................................................................................. [Targets: 1]
  o- iqn.2003-01.org.linux-iscsi.ipsan.x8664:sn.a54ce739d195 ................................................. [TPGs: 1]
    o- tpg1 ..................................................................................... [no-gen-acls, no-auth]
      o- acls ................................................................................................ [ACLs: 0]
      o- luns ................................................................................................ [LUNs: 0]
      o- portals .......................................................................................... [Portals: 1]
        o- 0.0.0.0:3260 ........................................................................................... [OK]
/iscsi> cd iqn.2003-01.org.linux-iscsi.ipsan.x8664:sn.a54ce739d195/
/iscsi/iqn.20....a54ce739d195> cd tpg1/luns
/iscsi/iqn.20...195/tpg1/luns> create /backstores/block/disk0
Created LUN 0.
  • 设置访问控制列表(ACL)

iSCSI协议通过客户端名称进行验证的。即iSCSI客户端的名称与服务端中设置的访问控制列表中某一名称条目一致即可。acls参数目录用于存放能够访问iSCSI服务端共享存储资源的客户端名称,推荐在前面系统生成的iSCSI target后面追加上类似于:client的参数,这样既能保证客户端的名称具有唯一性,又非常便于管理和阅读。

bash 复制代码 
/iscsi/iqn.20...195/tpg1/luns> cd ../acls 
/iscsi/iqn.20...195/tpg1/acls> create iqn.2003-01.org.linux-iscsi.ipsan.x8664:sn.a54ce739d195:client
Created Node ACL for iqn.2003-01.org.linux-iscsi.ipsan.x8664:sn.a54ce739d195:client
Created mapped LUN 0.
  • 设置iSCSI服务端的监听IP地址和端口号

默认情况下,iSCSI允许所有网卡提供iSCSI服务,但这种配置存在安全隐患,可以删除默认配置,然后指定服务接口IP地址。

bash 复制代码 
/iscsi/iqn.20...195/tpg1/acls> cd ../portals/
/iscsi/iqn.20.../tpg1/portals> ls
o- portals ................................................................................................ [Portals: 1]
  o- 0.0.0.0:3260 ................................................................................................. [OK]
/iscsi/iqn.20.../tpg1/portals> delete 0.0.0.0 3260
Deleted network portal 0.0.0.0:3260
/iscsi/iqn.20.../tpg1/portals> create 192.168.17.200
Using default IP port 3260
Created network portal 192.168.17.200:3260.
  • 查看并确认配置
bash 复制代码 
/iscsi/iqn.20.../tpg1/portals> cd /
/> ls
o- / ............................................................................................................. [...]
  o- backstores .................................................................................................. [...]
  | o- block ...................................................................................... [Storage Objects: 1]
  | | o- disk0 ............................................................... [/dev/md0 (40.0GiB) write-thru activated]
  | |   o- alua ....................................................................................... [ALUA Groups: 1]
  | |     o- default_tg_pt_gp ........................................................... [ALUA state: Active/optimized]
  | o- fileio ..................................................................................... [Storage Objects: 0]
  | o- pscsi ...................................................................................... [Storage Objects: 0]
  | o- ramdisk .................................................................................... [Storage Objects: 0]
  o- iscsi ................................................................................................ [Targets: 1]
  | o- iqn.2003-01.org.linux-iscsi.ipsan.x8664:sn.a54ce739d195 ............................................... [TPGs: 1]
  |   o- tpg1 ................................................................................... [no-gen-acls, no-auth]
  |     o- acls .............................................................................................. [ACLs: 1]
  |     | o- iqn.2003-01.org.linux-iscsi.ipsan.x8664:sn.a54ce739d195:client ........................... [Mapped LUNs: 1]
  |     |   o- mapped_lun0 ..................................................................... [lun0 block/disk0 (rw)]
  |     o- luns .............................................................................................. [LUNs: 1]
  |     | o- lun0 .......................................................... [block/disk0 (/dev/md0) (default_tg_pt_gp)]
  |     o- portals ........................................................................................ [Portals: 1]
  |       o- 192.168.17.200:3260 .................................................................................. [OK]
  o- loopback ............................................................................................. [Targets: 0]
  o- vhost ................................................................................................ [Targets: 0]
  o- xen-pvscsi ........................................................................................... [Targets: 0]
  • 保存配置
bash 复制代码 
/> exit
Global pref auto_save_on_exit=true
Last 10 configs saved in /etc/target/backup/.
Configuration saved to /etc/target/saveconfig.json

3、配置防火墙,放行iSCSI服务

bash 复制代码 
[root@ipsan ~]# firewall-cmd --permanent --zone=public --add-port=3260/tcp
[root@ipsan ~]# firewall-cmd --reload

4、配置iSCSI客户端

以下操作在iSCSI客户端完成

(1)安装iSCSI客户端服务程序initiator

bash 复制代码 
dnf install iscsi-initiator-utils

(2)编辑iSCSI客户端配置文件

bash 复制代码 
CNA01:~ # vi /etc/iscsi/initiatorname.iscsi 

InitiatorName=iqn.2003-01.org.linux-iscsi.ipsan.x8664:sn.a54ce739d195:client

(3)重启iSCSI服务

bash 复制代码 
systemctl restart iscsid
systemctl enable  iscsid

(3)扫描发现远程iSCSI服务端

bash 复制代码 
iscsiadm -m discovery -t st -p 192.168.17.200

其中,-m discovery参数的目的是扫描并发现可用的存储资源,-t st参数为执行扫描操作的类型,-p 192.168.17.200参数为iSCSI服务端的IP地址

(4)登录iSCSI服务端

bash 复制代码 
CNA01:~ # iscsiadm -m node -T iqn.2003-01.org.linux-iscsi.ipsan.x8664:sn.a54ce739d195 -p 192.168.17.200 --login
Logging in to [iface: default, target: iqn.2003-01.org.linux-iscsi.ipsan.x8664:sn.a54ce739d195, portal: 192.168.17.200,3260] (multiple)
Login to [iface: default, target: iqn.2003-01.org.linux-iscsi.ipsan.x8664:sn.a54ce739d195, portal: 192.168.17.200,3260] successful.

其中,-m node参数为将客户端所在主机作为一台节点服务器,-T参数为要使用的存储资源,-p 192.168.17.200参数为iSCSI服务端的IP地址,--login或-l参数表示登录。

(4)查看共享设备

在iSCSI客户端成功登录之后,会在客户端主机上多出一块名为/dev/sdb的设备文件。

bash 复制代码 
CNA01:~ #  ls -l /dev/sdb
brw-rw---- 1 root disk 8, 16 Feb 21 05:19 /dev/sdb
CNA01:~ # file /dev/sdb 
/dev/sdb: block special (8/16)

(5)格式化共享设备

bash 复制代码 
CNA01:~ # mkfs.ext4 /dev/sdb
mke2fs 1.45.0 (6-Mar-2019)
/dev/sdb is apparently in use by the system; will not make a filesystem here!

若出现上述错误,则执行以下命令解决问题

bash 复制代码 
CNA01:~ # dmsetup remove_all
CNA01:~ # dmsetup status

正常格式化共享设备的输出信息如下

bash 复制代码 
CNA01:~ # mkfs.ext4 /dev/sdb
mke2fs 1.45.0 (6-Mar-2019)
Creating filesystem with 10477056 4k blocks and 2621440 inodes
Filesystem UUID: f012928f-9e69-4631-b0bc-1d97e75a305b
Superblock backups stored on blocks: 
	32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208, 
	4096000, 7962624

Allocating group tables: done                            
Writing inode tables: done                            
Creating journal (65536 blocks): done
Writing superblocks and filesystem accounting information: done

(6)编辑/etc/fstab配置文件

因是网络共享设备,通常采用UUID进行挂载,且挂载选项中选用_netdev参数。

bash 复制代码 
CNA01:~ # blkid | grep /dev/sdb
/dev/sdb: UUID="f012928f-9e69-4631-b0bc-1d97e75a305b" TYPE="ext4" 

CNA01:~ # vi /etc/fstab
......在文件末尾添加以下挂载信息......
UUID="f012928f-9e69-4631-b0bc-1d97e75a305b" /iscsi      ext4    defaults,_netdev 0 0

(7)挂载共享设备

bash 复制代码 
CNA01:~ # mkdir /iscsi
CNA01:~ # mount -a

注:如果不再需要使用iSCSI共享设备资源了,可以用iscsiadm命令的-u参数将其设备卸载,命令如下:

bash 复制代码 
iscsiadm -m node -T iqn.2003-01.org.linux-iscsi.ipsan.x8664:sn.a54ce739d195 -u
相关推荐
斗转星移32 小时前
Ubuntu20.04 中使用vscode中编辑查看PlantUML
linux·vscode·uml·plantuml
正经教主3 小时前
【问题】解决docker的方式安装n8n,找不到docker.n8n.io/n8nio/n8n:latest镜像的问题
运维·docker·容器·n8n
sukida1003 小时前
BIOS主板(非UEFI)安装fedora42的方法
linux·windows·fedora
●^●3 小时前
Linux 权限修改详解:chmod 命令与权限数字的秘密
linux
唯独失去了从容3 小时前
WebRTC服务器Coturn服务器中的通信协议
运维·服务器·webrtc
光而不耀@lgy4 小时前
C++初登门槛
linux·开发语言·网络·c++·后端
joker_zsl4 小时前
docker的安装和简单使用(ubuntu环境)
运维·docker·容器
偶尔微微一笑4 小时前
AI网络渗透kali应用(gptshell)
linux·人工智能·python·自然语言处理·编辑器
Run1.5 小时前
深入解析 Linux 中动静态库的加载机制:从原理到实践
linux·运维·服务器
VI8664956I265 小时前
全链路自动化AIGC内容工厂:构建企业级智能内容生产系统
运维·自动化·aigc
热门推荐
01KGG转MP3工具|非KGM文件|解密音频02从零安装 LLaMA-Factory 微调 Qwen 大模型成功及所有的坑03我决定放弃搞 Java 了04YOLOv5改进 | 添加CA注意力机制 + 增加预测层 + 更换损失函数之GIoU05YOLOv8入门 | 重要性能衡量指标、训练结果评价及分析及影响mAP的因素【发论文关注的指标】06DeepSeek各版本说明与优缺点分析07西电B测-计算机网络综合实验(含验收问题)08yolov8,yolo11,yolo12 服务器训练到部署全流程 笔记09苍穹外卖面试总结10最新 Kubernetes 集群部署 + flannel 网络插件(保姆级教程,最新 K8S 版本)