iSCSI服务器
文章目录
iSCSI 服务
(Internet Small Computer System Interface,Internet 小型计算机系统接口),又称为IP-SAN,是IBM公司研究开发的IP SAN技术,该技术是将现有SCSI接口与以太网络(Ethernet)技术结合,基于TCP/IP的协议连接iSCSI服务端(Target)和客户端(Initiator),使得封装后的SCSI数据包可以在互联网传输,最终实现iSCSI服务端提供存储给客户端。
配置 iSCSI Targets
- targetd,服务端软件。
- targetcli,targetd服务配置工具
共享块设备
server端
bash
#添加一块 200G 硬盘
[root@server ~ 13:33:24]# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 200G 0 disk
├─sda1 8:1 0 1G 0 part /boot
└─sda2 8:2 0 199G 0 part
├─centos-root 253:0 0 50G 0 lvm /
├─centos-swap 253:1 0 3.9G 0 lvm [SWAP]
└─centos-home 253:2 0 145.1G 0 lvm /home
sdb 8:16 0 200G 0 disk
sr0 11:0 1 4.4G 0 rom
[root@server ~ 13:39:47]# yum install -y targetcli targetd
[root@server ~ 13:42:58]# systemctl enable target
Created symlink from /etc/systemd/system/multi-user.target.wants/target.service to /usr/lib/systemd/system/target.service.
[root@server ~ 13:44:04]# systemctl enable target --now
[root@server ~ 13:44:19]# systemctl status firewalld.service
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
Active: inactive (dead)
Docs: man:firewalld(1)
[root@server ~ 13:45:16]# targetcli
Warning: Could not load preferences file /root/.targetcli/prefs.bin.
targetcli shell version 2.1.53
Copyright 2011-2013 by Datera, Inc and others.
For help on commands, type 'help'.
/> ls
o- / ................................................................................. [...]
o- backstores ...................................................................... [...]
| o- block .......................................................... [Storage Objects: 0]
| o- fileio ......................................................... [Storage Objects: 0]
| o- pscsi .......................................................... [Storage Objects: 0]
| o- ramdisk ........................................................ [Storage Objects: 0]
o- iscsi .................................................................... [Targets: 0]
o- loopback ................................................................. [Targets: 0]
/> exit
Global pref auto_save_on_exit=true
Configuration saved to /etc/target/saveconfig.json
# 共享逻辑卷
[root@server ~ 13:47:04]# vgcreate webapp /dev/sdb
Physical volume "/dev/sdb" successfully created.
Volume group "webapp" successfully created
[root@server ~ 13:47:22]# lvcreate -n webapp01 -L 50G webapp
Logical volume "webapp01" created.
[root@server ~ 13:47:57]# ls -l /dev/webapp/webapp01 /dev/mapper/webapp-webapp01
lrwxrwxrwx 1 root root 7 Nov 21 13:47 /dev/mapper/webapp-webapp01 -> ../dm-3
lrwxrwxrwx 1 root root 7 Nov 21 13:47 /dev/webapp/webapp01 -> ../dm-3
[root@server ~ 13:48:31]# targetcli
targetcli shell version 2.1.53
Copyright 2011-2013 by Datera, Inc and others.
For help on commands, type 'help'.
/> ls
o- / ................................................................................. [...]
o- backstores ...................................................................... [...]
| o- block .......................................................... [Storage Objects: 0]
| o- fileio ......................................................... [Storage Objects: 0]
| o- pscsi .......................................................... [Storage Objects: 0]
| o- ramdisk ........................................................ [Storage Objects: 0]
o- iscsi .................................................................... [Targets: 0]
o- loopback ................................................................. [Targets: 0]
/> cd /backstores/block
/backstores/block> help
......
The following commands are available in the
current path:
- bookmarks action [bookmark]
- cd [path]
- create name dev [readonly] [wwn]
- delete name [save]
- exit
- get [group] [parameter...]
- help [topic]
- ls [path] [depth]
- pwd
- refresh
- set [group] [parameter=value...]
- status
.......
/backstores/block> create webapp01 /dev/webapp/webapp01
Created block storage object webapp01 using /dev/webapp/webapp01.
/backstores/block> ls
o- block .............................................................. [Storage Objects: 1]
o- webapp01 ...................... [/dev/webapp/webapp01 (50.0GiB) write-thru deactivated]
o- alua ............................................................... [ALUA Groups: 1]
o- default_tg_pt_gp ................................... [ALUA state: Active/optimized]
/backstores/block> cd /
/> ls
o- / ................................................................................. [...]
o- backstores ...................................................................... [...]
| o- block .......................................................... [Storage Objects: 1]
| | o- webapp01 .................. [/dev/webapp/webapp01 (50.0GiB) write-thru deactivated]
| | o- alua ........................................................... [ALUA Groups: 1]
| | o- default_tg_pt_gp ............................... [ALUA state: Active/optimized]
| o- fileio ......................................................... [Storage Objects: 0]
| o- pscsi .......................................................... [Storage Objects: 0]
| o- ramdisk ........................................................ [Storage Objects: 0]
o- iscsi .................................................................... [Targets: 0]
o- loopback ................................................................. [Targets: 0]
/> cd /iscsi
# 创建一个示例
/iscsi> create
Created target iqn.2003-01.org.linux-iscsi.server.x8664:sn.51495a344c0d.
Created TPG 1.
Global pref auto_add_default_portal=true
Created default portal listening on all IPs (0.0.0.0), port 3260.
/iscsi> ls
o- iscsi ...................................................................... [Targets: 1]
o- iqn.2003-01.org.linux-iscsi.server.x8664:sn.51495a344c0d .................... [TPGs: 1]
o- tpg1 ......................................................... [no-gen-acls, no-auth]
o- acls .................................................................... [ACLs: 0]
o- luns .................................................................... [LUNs: 0]
o- portals .............................................................. [Portals: 1]
o- 0.0.0.0:3260 ............................................................... [OK]
# 创建自己的IQN
/iscsi> create iqn.2025-11.cloud.demo.server.x8664:webapp
Created target iqn.2025-11.cloud.demo.server.x8664:webapp.
Created TPG 1.
Global pref auto_add_default_portal=true
Created default portal listening on all IPs (0.0.0.0), port 3260.
/iscsi> delete iqn.2003-01.org.linux-iscsi.server.x8664:sn.51495a344c0d
Deleted Target iqn.2003-01.org.linux-iscsi.server.x8664:sn.51495a344c0d.
/iscsi> ls
o- iscsi ...................................................................... [Targets: 1]
o- iqn.2025-11.cloud.demo.server.x8664:webapp .................................. [TPGs: 1]
o- tpg1 ......................................................... [no-gen-acls, no-auth]
o- acls .................................................................... [ACLs: 0]
o- luns .................................................................... [LUNs: 0]
o- portals .............................................................. [Portals: 1]
o- 0.0.0.0:3260 ............................................................... [OK]
/iscsi> cd /iscsi/iqn.2025-11.cloud.demo.server.x8664:webapp//tpg1/
# 设置具备特定iqn的客户端可以访问
/iscsi/iqn.20...4:webapp/tpg1> acls/ create iqn.2025-11.cloud.demo.server.x8664:client
Created Node ACL for iqn.2025-11.cloud.demo.server.x8664:client
/iscsi/iqn.20...4:webapp/tpg1> ls
o- tpg1 ............................................................. [no-gen-acls, no-auth]
o- acls ........................................................................ [ACLs: 1]
| o- iqn.2025-11.cloud.demo.server.x8664:client ......................... [Mapped LUNs: 0]
o- luns ........................................................................ [LUNs: 0]
o- portals .................................................................. [Portals: 1]
o- 0.0.0.0:3260 ................................................................... [OK]
# 设置可以访问的设备
/iscsi/iqn.20...4:webapp/tpg1> luns/ create /backstores/block/webapp01
Created LUN 0.
Created LUN 0->0 mapping in node ACL iqn.2025-11.cloud.demo.server.x8664:client
# 删除默认的portals
/iscsi/iqn.20...4:webapp/tpg1> portals/ delete 0.0.0.0
3260 ip_port=
/iscsi/iqn.20...4:webapp/tpg1> portals/ delete 0.0.0.0 3260
Deleted network portal 0.0.0.0:3260
# 设置只允许通过10.1.8.10:3260
/iscsi/iqn.20...4:webapp/tpg1> portals/ create 10.1.8.10 3260
Using default IP port 3260
Created network portal 10.1.8.10:3260.
/iscsi/iqn.20...4:webapp/tpg1> ls
o- tpg1 ............................................................. [no-gen-acls, no-auth]
o- acls ........................................................................ [ACLs: 1]
| o- iqn.2025-11.cloud.demo.server.x8664:client ......................... [Mapped LUNs: 1]
| o- mapped_lun0 ............................................ [lun0 block/webapp01 (rw)]
o- luns ........................................................................ [LUNs: 1]
| o- lun0 ..................... [block/webapp01 (/dev/webapp/webapp01) (default_tg_pt_gp)]
o- portals .................................................................. [Portals: 1]
o- 10.1.8.10:3260 ................................................................. [OK]
# exit退出,自动保存
/iscsi/iqn.20...4:webapp/tpg1> exit
Global pref auto_save_on_exit=true
Last 10 configs saved in /etc/target/backup/.
Configuration saved to /etc/target/saveconfig.json
# 也可以手动save
/iscsi/iqn.20...4:webapp/tpg1> cd /
/> saveconfig 非交互式管理 Targets
bash
#清理
/> /iscsi/ delete iqn.2025-11.cloud.demo.server.x8664:webapp
/> /backstores/block/ delete webapp01
/> exit
Global pref auto_save_on_exit=true
Configuration saved to /etc/target/saveconfig.json
#非交互方式
targetcli /backstores/block create webapp01 /dev/webapp/webapp01
targetcli /iscsi create iqn.2025-11.cloud.demo.server.x8664:webapp
targetcli /iscsi/iqn.2025-11.cloud.demo.server.x8664:webapp/tpg1/acls/ \
create iqn.2025-11.cloud.demo.server.x8664:nginx
targetcli /iscsi/iqn.2025-11.cloud.demo.server.x8664:webapp/tpg1/luns/ \
create /backstores/block/webapp01
targetcli /iscsi/iqn.2025-11.cloud.demo.server.x8664:webapp/tpg1/portals/ \
delete 0.0.0.0 3260
targetcli /iscsi/iqn.2025-11.cloud.demo.server.x8664:webapp/tpg1/portals/ \
create 10.1.8.10 3260
targetcli saveconfigclient端
bash
# 配置客户端 nginx 服务访问存储
[root@client ~ 13:33:23]# yum list iscsi*
[root@client ~ 14:46:07]# yum install -y iscsi-initiator-utils
# 确保iscsi 服务开机启动,iscsi默认已设置开机启动
[root@client ~ 14:46:34]# systemctl enable iscsi
[root@client ~ 14:48:29]# iscsiadm --help
[root@client ~ 14:49:47]# cat /etc/iscsi/initiatorname.iscsi
InitiatorName=iqn.1994-05.com.redhat:bbd2d241e2
# 设置客户端iqn,这里的iqn是storage的acl中条目
[root@client ~ 14:50:43]# echo InitiatorName=iqn.2025-11.cloud.demo.server.x8664:client > /etc/iscsi/initiatorname.iscsi
[root@client ~ 14:52:36]# cat /etc/iscsi/initiatorname.iscsi
InitiatorName=iqn.2025-11.cloud.demo.server.x8664:client
# 发现设备
[root@client ~ 14:52:38]# iscsiadm -m discovery -t st -p 10.1.8.10
10.1.8.10:3260,1 iqn.2025-11.cloud.demo.server.x8664:webapp
[root@client ~ 14:53:52]# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 200G 0 disk
├─sda1 8:1 0 1G 0 part /boot
└─sda2 8:2 0 199G 0 part
├─centos-root 253:0 0 50G 0 lvm /
├─centos-swap 253:1 0 3.9G 0 lvm [SWAP]
└─centos-home 253:2 0 145.1G 0 lvm /home
sr0 11:0 1 4.4G 0 rom
# 登录设备
[root@client ~ 14:53:59]# iscsiadm -m node -T iqn.2025-11.cloud.demo.server.x8664:webapp -l
Logging in to [iface: default, target: iqn.2025-11.cloud.demo.server.x8664:webapp, portal: 10.1.8.10,3260] (multiple)
Login to [iface: default, target: iqn.2025-11.cloud.demo.server.x8664:webapp, portal: 10.1.8.10,3260] successful.
[root@client ~ 14:55:10]# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 200G 0 disk
├─sda1 8:1 0 1G 0 part /boot
└─sda2 8:2 0 199G 0 part
├─centos-root 253:0 0 50G 0 lvm /
├─centos-swap 253:1 0 3.9G 0 lvm [SWAP]
└─centos-home 253:2 0 145.1G 0 lvm /home
sdb 8:16 0 50G 0 disk
sr0 11:0 1 4.4G 0 rom
[root@client ~ 14:55:21]# lsblk /dev/sdb
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sdb 8:16 0 50G 0 disk
#故障处理
systemctl restart iscsid测试
bash
[root@client ~ 14:55:34]# umount /usr/share/nginx/html
[root@client ~ 15:13:06]# vim /etc/fstab
[root@client ~ 15:13:13]# mkfs.xfs /dev/sdb
[root@client ~ 15:13:41]# mount /dev/sdb /usr/share/nginx/html/
[root@client ~ 15:13:58]# echo hello wolrd from iscsi >/usr/share/nginx/html/index.html
[root@server ~ 13:33:24]# curl http://10.1.8.11
hello wolrd from iscsi持久化挂载测试
bash
vim /etc/fstab
#最后一行添加
/dev/sdb /usr/share/nginx/html xfs _netdev 0 0配置多路径
多路径是指服务器和存储阵列存在多个物理连接方式使用虚拟设备,这种方式可以提供更加弹性的存储连接(一个路径down掉不会影响连接性),也可以聚合存储带宽提供性能。
实验环境
bash
#cs两端各添加一块vmnet1网卡
10.1.8.10 10.1.1.10
10.1.8.11 10.1.1.11server端
bash
# 在 server 端添加 portals
[root@server ~ 16:12:13]# targetcli /iscsi/iqn.2025-11.cloud.demo.server.x8664:webapp/tpg1/portals/ create 10.1.1.10 3260
Using default IP port 3260
Created network portal 10.1.1.10:3260.
[root@server ~ 16:28:15]# targetcli saveconfig
Last 10 configs saved in /etc/target/backup/.
Configuration saved to /etc/target/saveconfig.json
[root@server ~ 16:28:18]# targetcli / ls
[root@server ~ 17:09:26]# curl http://10.1.8.11/
hello wolrd from iscsi
[root@server ~ 17:08:46]# nmcli device connect ens34
Device 'ens34' successfully activated with 'fa320293-34fb-41f4-91cd-abd31a58857c'.client端
bash
#重新发现并登录
[root@client ~ 16:31:57]# iscsiadm -m discovery -t st -p 10.1.1.10
10.1.8.10:3260,1 iqn.2025-11.cloud.demo.server.x8664:webapp
10.1.1.10:3260,1 iqn.2025-11.cloud.demo.server.x8664:webapp
[root@client ~ 16:33:21]# iscsiadm -m node -T iqn.2025-11.cloud.demo.server.x8664:webapp -l
Logging in to [iface: default, target: iqn.2025-11.cloud.demo.server.x8664:webapp, portal: 10.1.1.10,3260] (multiple)
Login to [iface: default, target: iqn.2025-11.cloud.demo.server.x8664:webapp, portal: 10.1.1.10,3260] successful.
#通过设备编号wwn确保sdb和sdc是同一设备
[root@client ~ 16:33:34]# /usr/lib/udev/scsi_id -g -u /dev/sdb
36001405cd2366c7aee446a39b4380fee
[root@client ~ 16:35:51]# /usr/lib/udev/scsi_id -g -u /dev/sdc
36001405cd2366c7aee446a39b4380fee
#安装软件包
[root@client ~ 16:37:25]# yum install -y device-mapper-multipath
#生成配置文件
[root@client ~ 16:38:11]# mpathconf --enable
[root@client ~ 16:39:25]# ls /etc/multipath.conf
/etc/multipath.conf
# 启动服务
[root@client ~ 16:42:16]# systemctl enable multipathd.service --now
[root@client ~ 16:42:33]# umount /dev/sdb
[root@client ~ 16:43:15]# systemctl restart multipathd.service
# 查看多路径设备
# 多路径设备识别有问题,需要重启系统再挂载
[root@client ~ 16:43:30]# multipath -ll
mpatha (36001405cd2366c7aee446a39b4380fee) dm-3 LIO-ORG ,webapp01
size=50G features='0' hwhandler='0' wp=rw
|-+- policy='service-time 0' prio=1 status=active
| `- 3:0:0:0 sdb 8:16 active ready running
`-+- policy='service-time 0' prio=1 status=enabled
`- 4:0:0:0 sdc 8:32 active ready running
# 文件末尾添加
multipaths {
multipath {
wwid 36001405cd2366c7aee446a39b4380fee
alias webapp
path_grouping_policy failover
}
}
[root@client ~ 16:51:07]# lsblk /dev/mapper/mpatha
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
mpatha 253:3 0 50G 0 mpath
#重启后
[root@client ~ 17:04:52]# mount /dev/mapper/mpatha /usr/share/nginx/html/
[root@client ~ 17:04:57]# df /usr/share/nginx/html
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/mapper/mpatha 52403200 32996 52370204 1% /usr/share/nginx/html
[root@client ~ 17:05:01]# cat /usr/share/nginx/html/index.html
hello wolrd from iscsi
[root@client ~ 17:05:11]# umount /usr/share/nginx/html/
[root@client ~ 17:05:32]# vim /etc/multipath.conf
# 文件末尾添加
multipaths {
multipath {
wwid 36001405cd2366c7aee446a39b4380fee
alias webapp
path_grouping_policy failover
}
}
[root@client ~ 17:06:49]# vim /etc/fstab
#最后一行改设备名称
/dev/mapper/webapp /usr/share/nginx/html xfs _netdev 0 0
[root@client ~ 17:07:31]# systemctl restart multipathd.service
[root@client ~ 17:07:48]# mount -a
#监测过程
[root@client ~ 17:08:03]# multipath -ll
webapp (36001405cd2366c7aee446a39b4380fee) dm-3 LIO-ORG ,webapp01
size=50G features='0' hwhandler='0' wp=rw
|-+- policy='service-time 0' prio=1 status=active
| `- 3:0:0:0 sdb 8:16 active ready running
`-+- policy='service-time 0' prio=1 status=enabled
`- 4:0:0:0 sdc 8:32 active ready running
[root@client ~ 17:08:13]# watch multipath -ll
webapp (36001405cd2366c7aee446a39b4380fee) dm-3 LIO-ORG ,webapp01
size=50G features='0' hwhandler='0' wp=rw
|-+- policy='service-time 0' prio=1 status=active
| `- 3:0:0:0 sdb 8:16 active ready running
`-+- policy='service-time 0' prio=0 status=enabled
`- 4:0:0:0 sdc 8:32 failed faulty running
[root@client ~ 17:08:13]# watch multipath -ll
webapp (36001405cd2366c7aee446a39b4380fee) dm-3 LIO-ORG ,webapp01
size=50G features='0' hwhandler='0' wp=rw
|-+- policy='service-time 0' prio=1 status=active
| `- 3:0:0:0 sdb 8:16 active ready running
`-+- policy='service-time 0' prio=1 status=enabled
`- 4:0:0:0 sdc 8:32 active ready runningtatus=active
| - 3:0:0:0 sdb 8:16 active ready running -± policy='service-time 0' prio=0 status=enabled
`- 4:0:0:0 sdc 8:32 failed faulty running
root@client \~ 17:08:13\]# watch multipath -ll webapp (36001405cd2366c7aee446a39b4380fee) dm-3 LIO-ORG ,webapp01 size=50G features='0' hwhandler='0' wp=rw \|-± policy='service-time 0' prio=1 status=active \| \`- 3:0:0:0 sdb 8:16 active ready running \`-± policy='service-time 0' prio=1 status=enabled \`- 4:0:0:0 sdc 8:32 active ready running ``` ```