一、背景说明
生产环境中,常见的架构是前端计算节点提供计算资源,后端共享存储提供块设备,用于存放虚机磁盘镜像。本章就通过1台linux主机安装target软件,模拟后端共享存储,计算节点与存储节点之间通过iscsi协议通信。
Linux-IO Target在Linux内核中(linux 2.6.38后),用软件实现各种SCSI Target,其支持的SAN技术中所有流行的存储协议包括Fibre Channel(Qlogic,linux3.5)、FCoE(linux3.0)、iSCSI(linux 3.1)、iSER (Mellanox InfiniBand,linux3.10), SRP (Mellanox InfiniBand,linux3.3), USB等,同时还能为本机生成模拟的SCSI设备,以及为虚拟机提供基于virtio的SCSI设备。Linux-IO Target使用户能够使用相对廉价的Linux系统实现SCSI、SAN的各种功能,而不用购买昂贵的专业设备。
二、操作步骤
1.安装target软件
由于Linux-IO Target在2.6.38版本之后就被收录进内核,所以在存储节点上只需要安装targetcli工具即可,这一点在该工具的描述信息中也能看到
[root@storage ~]# yum info targetcli.noarch
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
Available Packages
Name : targetcli
Arch : noarch
Version : 2.1.53
Release : 1.el7_9
Size : 75 k
Repo : updates/7/x86_64
Summary : An administration shell for storage targets
URL : https://github.com/open-iscsi/targetcli-fb
License : ASL 2.0
Description : An administration shell for configuring iSCSI, FCoE, and other
: SCSI targets, using the TCM/LIO kernel target subsystem. FCoE
: users will also need to install and use fcoe-utils.
[root@storage ~]# yum install -y targetcli.noarch
targetcli工具为了便于使用,整体设计接近linux文件系统层级,也有cd、ls等命令,可以在每个层级下使用help进行帮助,也支持tab命令补齐。
[root@storage ~]# targetcli
Warning: Could not load preferences file /root/.targetcli/prefs.bin.
targetcli shell version 2.1.53
Copyright 2011-2013 by Datera, Inc and others.
For help on commands, type 'help'.
/> ls
o- / .................................................................................................. [...]
o- backstores ....................................................................................... [...]
| o- block ........................................................................... [Storage Objects: 0]
| o- fileio .......................................................................... [Storage Objects: 0]
| o- pscsi ........................................................................... [Storage Objects: 0]
| o- ramdisk ......................................................................... [Storage Objects: 0]
o- iscsi ..................................................................................... [Targets: 0]
o- loopback .................................................................................. [Targets: 0]
2.创建后端存储连接
- 首先,我们在存储节点上准备一个块设备,加入backstores,backstores可以支持4种存储类型。本次我们已块设备为例说明
/backstores/block> create hdd1 /dev/sda4
Created block storage object hdd1 using /dev/sda4.
/backstores/block> ls
o- block ............................................................................... [Storage Objects: 1]
o- hdd1 ...................................................... [/dev/sda4 (93.1GiB) write-thru deactivated]
o- alua ................................................................................ [ALUA Groups: 1]
o- default_tg_pt_gp .................................................... [ALUA state: Active/optimized]
- 在iscsi目录下创建一个target,可以看到创建完target之后,会自动生成一个tpg1(target policy group),针对这个target的策略与lun都在该层级下
/iscsi> create iqn.1986-08.com.arkling:storage.target00
Created target iqn.1986-08.com.arkling:storage.target00.
Created TPG 1.
Global pref auto_add_default_portal=true
Created default portal listening on all IPs (0.0.0.0), port 3260.
/iscsi> ls
o- iscsi ....................................................................................... [Targets: 1]
o- iqn.1986-08.com.arkling:storage.target00 ..................................................... [TPGs: 1]
o- tpg1 .......................................................................... [no-gen-acls, no-auth]
o- acls ..................................................................................... [ACLs: 0]
o- luns ..................................................................................... [LUNs: 0]
o- portals ............................................................................... [Portals: 1]
o- 0.0.0.0:3260 ................................................................................ [OK]
- 将backstores下的块设备与lun建立关联
/iscsi/iqn.19...t00/tpg1/luns> create /backstores/block/hdd1
Created LUN 0.
/iscsi/iqn.19...t00/tpg1/luns> ls
o- luns ........................................................................................... [LUNs: 1]
o- lun0 ....................................................... [block/hdd1 (/dev/sda4) (default_tg_pt_gp)]
- 默认target服务侦听在所有ip的3260端口,如果做最小化权限,可以更改target侦听ip
/iscsi/iqn.19.../tpg1/portals> ls
o- portals ..................................................................................... [Portals: 1]
o- 0.0.0.0:3260 ...................................................................................... [OK]
/iscsi/iqn.19.../tpg1/portals> delete 0.0.0.0 3260
Deleted network portal 0.0.0.0:3260
/iscsi/iqn.19.../tpg1/portals> create 10.0.0.36 3260
Using default IP port 3260
Created network portal 10.0.0.36:3260.
/iscsi/iqn.19.../tpg1/portals> ls
o- portals ..................................................................................... [Portals: 1]
o- 10.0.0.36:3260 .................................................................................... [OK]
- 同时,我们可以在acl下设置允许访问此target的计算节点,计算节点的wwn(initiatorname)可以修改为便于识别的标记(此步骤在计算节点上操作)
[root@node4 ~]# cat /etc/iscsi/initiatorname.iscsi
InitiatorName=iqn.1994-05.com.redhat:5ea3658239a4
[root@node4 ~]# echo InitiatorName=iqn.1994-05.com.redhat:node4 > /etc/iscsi/initiatorname.iscsi
[root@node4 ~]# cat /etc/iscsi/initiatorname.iscsi
InitiatorName=iqn.1994-05.com.redhat:node4
- 在acl下设置允许访问该target的客户端
/iscsi/iqn.19...t00/tpg1/acls> create iqn.1994-05.com.redhat:node4
Created Node ACL for iqn.1994-05.com.redhat:node4
Created mapped LUN 0.
/iscsi/iqn.19...t00/tpg1/acls> create iqn.1994-05.com.redhat:node5
Created Node ACL for iqn.1994-05.com.redhat:node5
Created mapped LUN 0.
- 检查无误后,保存配置,并启动服务
/iscsi/iqn.19...t00/tpg1/acls> cd /
/> ls
o- / .................................................................................................. [...]
o- backstores ....................................................................................... [...]
| o- block ........................................................................... [Storage Objects: 1]
| | o- hdd1 .................................................... [/dev/sda4 (93.1GiB) write-thru activated]
| | o- alua ............................................................................ [ALUA Groups: 1]
| | o- default_tg_pt_gp ................................................ [ALUA state: Active/optimized]
| o- fileio .......................................................................... [Storage Objects: 0]
| o- pscsi ........................................................................... [Storage Objects: 0]
| o- ramdisk ......................................................................... [Storage Objects: 0]
o- iscsi ..................................................................................... [Targets: 1]
| o- iqn.1986-08.com.arkling:storage.target00 ................................................... [TPGs: 1]
| o- tpg1 ........................................................................ [no-gen-acls, no-auth]
| o- acls ................................................................................... [ACLs: 2]
| | o- iqn.1994-05.com.redhat:node4 .................................................. [Mapped LUNs: 1]
| | | o- mapped_lun0 ........................................................... [lun0 block/hdd1 (rw)]
| | o- iqn.1994-05.com.redhat:node5 .................................................. [Mapped LUNs: 1]
| | o- mapped_lun0 ........................................................... [lun0 block/hdd1 (rw)]
| o- luns ................................................................................... [LUNs: 1]
| | o- lun0 ............................................... [block/hdd1 (/dev/sda4) (default_tg_pt_gp)]
| o- portals ............................................................................. [Portals: 1]
| o- 10.0.0.36:3260 ............................................................................ [OK]
o- loopback .................................................................................. [Targets: 0]
/> saveconfig
Last 10 configs saved in /etc/target/backup/.
Configuration saved to /etc/target/saveconfig.json
/> exit
Global pref auto_save_on_exit=true
Last 10 configs saved in /etc/target/backup/.
Configuration saved to /etc/target/saveconfig.json
[root@storage ~]# systemctl enable --now target.service
Created symlink from /etc/systemd/system/multi-user.target.wants/target.service to /usr/lib/systemd/system/target.service.
3.客户端验证
- 在计算节点发现target后并登录,确认session会话已经正常建立
[root@node4 ~]# iscsiadm -m discovery -t st -p 10.0.0.36:3260
10.0.0.36:3260,1 iqn.1986-08.com.arkling:storage.target00
[root@node4 ~]#
[root@node4 ~]# iscsiadm -m node -T iqn.1986-08.com.arkling:storage.target00 -p 10.0.0.36:3260 -l
Logging in to [iface: default, target: iqn.1986-08.com.arkling:storage.target00, portal: 10.0.0.36,3260] (multiple)
Login to [iface: default, target: iqn.1986-08.com.arkling:storage.target00, portal: 10.0.0.36,3260] successful.
[root@node4 ~]#
[root@node4 ~]# iscsiadm -m session
tcp: [1] 10.0.0.36:3260,1 iqn.1986-08.com.arkling:storage.target00 (non-flash)
- 此时再通过lsblk命令能发现,可以看到计算节点多了一块sdb磁盘
[root@node4 ~]# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 100G 0 disk
├─sda1 8:1 0 2G 0 part /boot
└─sda2 8:2 0 98G 0 part
├─centos-root 253:0 0 90G 0 lvm /
└─centos-swap 253:1 0 8G 0 lvm [SWAP]
sdb 8:16 0 93.1G 0 disk
sr0 11:0 1 1024M 0 rom
- 为了让计算节点重启后可以自动连接存储,可以将连接会话写入rc.local文件
iscsiadm -m discovery -t st -p 10.0.0.36:3260
iscsiadm -m node --loginall=all #--loginall=all等价于-L