ISCSI (Internet Small Computer System Interface) is a transport layer protocol that describes how Small Computer System Interface (SCSI) packets should be transported over a TCP/IP network. (source : http://searchstorage.techtarget.com/definition/iSCSI)
Definisi ISCSI
ISCSI adalah Internet Small Computer Systems Interface. sebuah penyimpanan berbasis IP selain itu ISCSI berperan untuk mengangkut data pada block level antara iscsi inisiator pada mesin klient dengan iscsi target pada mesin penyimpanan pada server.
Environtment:
Server : 192.168.122.120 (server.alanprastyo.net)
Client : 192.168.122.121 (client.alanprastyo.net)
Berikut adalah Topologi labnya:
pada tutorial kali ini saya akan membuat sebuah partisi LVM dengan kapasitas 10GB pada target server yang nantinya akan digunakan di gunakan oleh client sebagai inisiator. cek terlebih dahulu disk pada server
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 |
[root@server ~]# fdisk -l Disk /dev/vda: 53.7 GB, 53687091200 bytes, 104857600 sectors Units = sectors of 1 * 512 = 512 bytes ...... Device Boot Start End Blocks Id System /dev/vda1 * 2048 2099199 1048576 83 Linux /dev/vda2 2099200 104857599 51379200 8e Linux LVM ...... Disk /dev/vdb: 16.1 GB, 16106127360 bytes, 31457280 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes |
dari output diatas terdapat disk yang akan dijadikan sebagai iscsi target dari sisi server (/dev/vdb). sekarang kita akan membuat partisi LVM dengan ukuran 10GB pada /dev/vdb/
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 |
[root@server ~]# fdisk /dev/vdb Welcome to fdisk (util-linux 2.23.2). Changes will remain in memory only, until you decide to write them. Be careful before using the write command. Device does not contain a recognized partition table Building a new DOS disklabel with disk identifier 0xf7038250. Command (m for help): n Partition type: p primary (0 primary, 0 extended, 4 free) e extended Select (default p): p Partition number (1-4, default 1): --> enter First sector (2048-31457279, default 2048): --> enter Using default value 2048 Last sector, +sectors or +size{K,M,G} (2048-31457279, default 31457279): +10G Partition 1 of type Linux and of size 10 GiB is set Command (m for help): t Selected partition 1 Hex code (type L to list all codes): 8e Changed type of partition 'Linux' to 'Linux LVM' Command (m for help): w The partition table has been altered! Calling ioctl() to re-read partition table. Syncing disks. |
biasanya setelah membuat partisi baru harus merestart os terlebih dahulu, namun untuk mengatasi itu kita bisa mengunakan perintah partprobe supaya tidak perlu merestart os.
|
1 |
[root@server ~]# partprobe |
setelah itu buat LVM di partisi /dev/vdb1
|
1 2 3 4 5 6 |
[root@server ~]# pvcreate /dev/vdb1 Physical volume "/dev/vdb1" successfully created. [root@server ~]# vgcreate vg_iscsi /dev/vdb1 Volume group "vg_iscsi" successfully created [root@server ~]# lvcreate -l 100%FREE -n lv_iscsi vg_iscsi Logical volume "lv_iscsi" created. |
Membuat ISCSI Target
untuk membuat iscsi target ada 2 opsi yaitu dengan autentikasi dan non autentikasi, pada tutorial kali ini saya akan mencoba yang autentikasi
- Install package targetcli
|
1 |
[root@server ~]# yum install targetcli -y |
sekarang buat tipe block dengan nama scsi_disk_server1 dengan memanfaatkan volume group yang sudah dibuat sebelumnya
|
1 2 3 4 5 6 7 8 9 |
[root@server ~]# targetcli Warning: Could not load preferences file /root/.targetcli/prefs.bin. targetcli shell version 2.1.fb46 Copyright 2011-2013 by Datera, Inc and others. For help on commands, type 'help'. /> cd backstores/block /backstores/block> create scsi_disk1_server /dev/vg_iscsi/lv_iscsi Created block storage object scsi_disk1_server using /dev/vg_iscsi/lv_iscsi. |
setelah itu membuat target
|
1 2 3 4 5 6 |
/backstores/block> cd /iscsi iscsi> create iqn.2017-10.server.alanprastyo.net:disk1 Created target iqn.2017-10.server.alanprastyo.net:disk1. Created TPG 1. Global pref auto_add_default_portal=true Created default portal listening on all IPs (0.0.0.0), port 3260. |
buat acl untuk client dimana iqn digunakan client untuk koneksi ke server
|
1 2 3 |
/> cd /iscsi/iqn.2017-10.server.alanprastyo.net:disk1/tpg1/acls iscsi/iqn.20...sk1/tpg1/acls> create iqn.2017-10.server.alanprastyo.net:node1node2 Created Node ACL for iqn.2017-10.server.alanprastyo.net:node1node2 |
setelah itu set CHAP Auth
|
1 2 3 4 5 |
/iscsi/iqn.20...sk1/tpg1/acls> cd iqn.2017-10.server.alanprastyo.net:node1node2 /iscsi/iqn.20...et:node1node2> set auth userid=alan Parameter userid is now 'alan'. /iscsi/iqn.20...et:node1node2> set auth password=rahasia Parameter password is now 'rahasia'. |
setelah itu buat LUN dibawah target iscsi. sebelumnya LUN harus diarahkan pada “scsi_disk1_server”
|
1 2 3 4 |
/iscsi/iqn.20...et:node1node2> cd /iscsi/iqn.2017-10.server.alanprastyo.net:disk1/tpg1/luns /iscsi/iqn.20...sk1/tpg1/luns> create /backstores/block/scsi_disk1_server Created LUN 0. Created LUN 0->0 mapping in node ACL iqn.2017-10.server.alanprastyo.net:node1node2 |
setelah itu coba verifikasi konfigurasi
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 |
/> cd / /> ls o- / ..................................................................... [...] o- backstores .......................................................... [...] | o- block .............................................. [Storage Objects: 1] | | o- scsi_disk1_server [/dev/vg_iscsi/lv_iscsi (10.0GiB) write-thru activated] | | o- alua ............................................... [ALUA Groups: 1] | | o- default_tg_pt_gp ................... [ALUA state: Active/optimized] | o- fileio ............................................. [Storage Objects: 0] | o- pscsi .............................................. [Storage Objects: 0] | o- ramdisk ............................................ [Storage Objects: 0] o- iscsi ........................................................ [Targets: 1] | o- iqn.2017-10.server.alanprastyo.net:disk1 ...................... [TPGs: 1] | o- tpg1 ........................................... [no-gen-acls, no-auth] | o- acls ...................................................... [ACLs: 1] | | o- iqn.2017-10.server.alanprastyo.net:node1node2 .... [Mapped LUNs: 1] | | o- mapped_lun0 ................. [lun0 block/scsi_disk1_server (rw)] | o- luns ...................................................... [LUNs: 1] | | o- lun0 [block/scsi_disk1_server (/dev/vg_iscsi/lv_iscsi) (default_tg_pt_gp)] | o- portals ................................................ [Portals: 1] | o- 0.0.0.0:3260 ................................................. [OK] o- loopback ..................................................... [Targets: 0] |
setelah konfigurasi dirasa sudah sesuai, maka selanjutnya adalah save config dan exit
|
1 2 3 4 5 6 7 |
/> saveconfig Last 10 configs saved in /etc/target/backup. Configuration saved to /etc/target/saveconfig.json /> exit Global pref auto_save_on_exit=true Last 10 configs saved in /etc/target/backup. Configuration saved to /etc/target/saveconfig.json |
setelah itu restart service target dan allow port 3260 pada firewall
|
1 2 3 4 5 6 |
[root@server ~]# systemctl enable target.service [root@server ~]# systemctl restart target.service [root@server ~]# firewall-cmd --permanent --add-port=3260/tcp success [root@server ~]# firewall-cmd --reload success |
Membuat ISCSI Initiator dengan CHAP Auth pada client
sekarang waktunya untuk konfigruasi iscsi initiator dari sisi client dengan menginstall package berikut
|
1 |
[root@client ~]# yum install iscsi-initiator-utils -y |
edit file dibawah ini dan set nama initiatornya
|
1 2 |
[root@client ~]# vi /etc/iscsi/initiatorname.iscsi InitiatorName=iqn.2017-10.server.alanprastyo.net:node1node2 |
setelah itu lakukan discovery target mengunakan perintah iscsiadm
|
1 2 |
[root@client ~]# iscsiadm -m discovery -t st -p 192.168.122.120 192.168.122.120:3260,1 iqn.2017-10.server.alanprastyo.net:disk1 |
setting chap auth untuk menyesuaikan settingan chap pada server target
|
1 2 3 4 5 6 7 8 |
# To enable CHAP authentication set node.session.auth.authmethod # to CHAP. The default is None. node.session.auth.authmethod = CHAP # To set a CHAP username and password for initiator # authentication by the target(s), uncomment the following lines: node.session.auth.username = alan node.session.auth.password = rahasia |
restart service iscsi
|
1 2 |
[root@client ~]# systemctl restart iscsi [root@client ~]# systemctl enable iscsi |
kemudian login discovery target
|
1 |
iscsiadm -m node -T iqn.2017-10.server.alanprastyo.net:disk1 -p 192.168.122.120 -l |
setelah itu cek pada log /var/log/messages
|
1 2 3 4 5 6 |
[root@client ~]# tail -f /var/log/messages Nov 5 04:41:29 localhost kernel: sd 2:0:0:0: [sda] Write Protect is off Nov 5 04:41:29 localhost kernel: sd 2:0:0:0: [sda] Write cache: enabled, read cache: enabled, supports DPO and FUA Nov 5 04:41:29 localhost kernel: sd 2:0:0:0: [sda] Attached SCSI disk Nov 5 04:41:30 localhost iscsid: Could not set session1 priority. READ/WRITE throughout and latency could be affected. Nov 5 04:41:30 localhost iscsid: Connection1:0 to [target: iqn.2017-10.server.alanprastyo.net:disk1, portal: 192.168.122.120,3260] through [iface: default] is operational now |
selain itu kita bisa melihat list partisi hardisk
|
1 2 3 4 5 6 7 8 9 10 |
[root@client ~]# cat /proc/partitions major minor #blocks name 252 0 52428800 vda 252 1 1048576 vda1 252 2 51379200 vda2 11 0 1048575 sr0 253 0 46133248 dm-0 253 1 5242880 dm-1 8 0 10481664 sda |
setelah itu format disk /dev/sda supaya bisa di mounting ke folder
|
1 2 3 4 5 6 7 8 9 10 |
[root@client ~]# mkfs.xfs /dev/sda meta-data=/dev/sda isize=512 agcount=4, agsize=655104 blks = sectsz=512 attr=2, projid32bit=1 = crc=1 finobt=0, sparse=0 data = bsize=4096 blocks=2620416, imaxpct=25 = sunit=0 swidth=0 blks naming =version 2 bsize=4096 ascii-ci=0 ftype=1 log =internal log bsize=4096 blocks=2560, version=2 = sectsz=512 sunit=0 blks, lazy-count=1 realtime =none extsz=4096 blocks=0, rtextents=0 |
kemudian mounting /dev/sda ke folder /mnt
|
1 |
[root@client ~]# mount /dev/sda /mnt/ |
kemudian verifikasi disk yang sudah termounting
|
1 2 3 4 5 6 7 8 9 10 |
[root@client ~]# df -h Filesystem Size Used Avail Use% Mounted on /dev/mapper/cl-root 44G 1011M 43G 3% / devtmpfs 910M 0 910M 0% /dev tmpfs 920M 0 920M 0% /dev/shm tmpfs 920M 8,5M 912M 1% /run tmpfs 920M 0 920M 0% /sys/fs/cgroup /dev/vda1 1014M 139M 876M 14% /boot tmpfs 184M 0 184M 0% /run/user/0 /dev/sda 10G 33M 10G 1% /mnt |
sudah berhasil disk dari server sudah bisa diakses oleh client sebagai block storage mengunakan protocol iscsi. namun jika anda ingin mengembalikan disk yang ada pada client ke server bisa lakukan cara berikut ini
|
1 2 |
[root@client ~]# umount /mnt/ [root@client ~]# iscsiadm -m node -T iqn.2017-10.server.alanprastyo.net:disk1 -p 192.168.122.120 -u |
selanjutnya bisa diverifikasi dengan fdisk -l
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 |
[root@client ~]# fdisk -l Disk /dev/vda: 53.7 GB, 53687091200 bytes, 104857600 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk label type: dos Disk identifier: 0x000c3dc6 Device Boot Start End Blocks Id System /dev/vda1 * 2048 2099199 1048576 83 Linux /dev/vda2 2099200 104857599 51379200 8e Linux LVM Disk /dev/mapper/cl-root: 47.2 GB, 47240445952 bytes, 92266496 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk /dev/mapper/cl-swap: 5368 MB, 5368709120 bytes, 10485760 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes |
sekarang sudah tidak ada disk /dev/sda, karena sudah di release ke server.
Cukup sekian tutorial kali ini semoga bermanfaat, wassalamualaikum 🙂
Ref : http://www.itzgeek.com/how-tos/linux/centos-how-tos/configure-iscsi-target-initiator-on-centos-7-rhel7.html#fscreate
Komentar