案例說明:
在CentOS 7環境下,配置iscsi共享儲存。
作業系統版本:
[root@node201 KingbaseHA]# cat /etc/centos-release
CentOS Linux release 7.9.2009 (Core)
叢集架構:
如下所示,node1和node2為叢集節點:
節點資訊:
[root@node201 KingbaseHA]# vi /etc/hosts
192.168.1.201 node201
192.168.1.202 node202
192.168.1.203 node203 iscsi_Srv
叢集軟體:
[root@node201 data]# rpm -qa |egrep 'corosync|pacemaker'
corosynclib-2.4.5-7.el7_9.2.x86_64
pacemaker-1.1.23-1.el7_9.1.x86_64
pacemaker-libs-1.1.23-1.el7_9.1.x86_64
pacemaker-doc-1.1.23-1.el7_9.1.x86_64
corosync-qdevice-2.4.5-7.el7_9.2.x86_64
pacemaker-cluster-libs-1.1.23-1.el7_9.1.x86_64
pacemaker-cli-1.1.23-1.el7_9.1.x86_64
corosync-2.4.5-7.el7_9.2.x86_64
iSCSI簡介:
iSCSI(Internet Small Computer System Interface)是一種在IP網路上傳輸SCSI(Small Computer System Interface)命令和資料的儲存協議。它允許將遠端儲存裝置對映到本地主機,提供了一種基於網路的儲存解決方案。
iSCSI服務架構涉及以下元件:
- iSCSI Initiator(客戶端):iSCSI發起器是指主機或計算機系統,它透過iSCSI協議與遠端儲存裝置進行通訊。發起器透過網路傳送iSCSI命令和資料來訪問遠端儲存。
- iSCSI Target(服務端):iSCSI目標是遠端儲存裝置或儲存伺服器,它透過iSCSI協議接受發起器的請求。目標將接收到的iSCSI命令轉換為對儲存裝置的本地SCSI命令,並將資料傳輸回發起器。
- iSCSI Initiator 和 Target 之間的網路連線:iSCSI Initiator 和 Target 之間的通訊是透過TCP/IP網路實現的。通常使用乙太網作為傳輸介質,並使用標準的IP協議棧進行通訊。
- iSCSI Initiator 驅動程式(iscsid):iSCSI Initiator 驅動程式是在主機作業系統上執行的軟體元件,負責將iSCSI命令和資料傳遞給網路,並處理從網路接收到的響應。
- iSCSI Target 軟體(target.service,targetcli):iSCSI Target 軟體是在遠端儲存裝置上執行的軟體元件,用於接受和處理來自發起器的iSCSI請求,並將其轉換為本地儲存裝置的操作。
- 儲存裝置:儲存裝置可以是磁碟陣列、磁碟儲存系統或其他支援SCSI協議的儲存裝置,LVM 等。iSCSI目標透過本地儲存裝置提供儲存服務。
一、配置ISCSI共享
1、server端安裝軟體
[root@node201 ~]# yum install targetd targetcli -y
2、啟動target服務
[root@node201 ~]# systemctl start targetd
[root@node201 ~]# systemctl enable targetd
Created symlink from /etc/systemd/system/multi-user.target.wants/targetd.service to /usr/lib/systemd/system/targetd.service.
3、配置iscsi共享
如下所示,透過targetli工具配置iscsi的共享:
1)targetli幫助資訊
[root@node203 ~]# targetcli
AVAILABLE COMMANDS
==================
The following commands are available in the
current path:
- bookmarks action [bookmark]
- cd [path]
- clearconfig [confirm]
- exit
- get [group] [parameter...]
- help [topic]
- ls [path] [depth]
- pwd
- refresh
- restoreconfig [savefile] [clear_existing] [target] [storage_object]
- saveconfig [savefile]
- sessions [action] [sid]
- set [group] [parameter=value...]
- status
- version
/> exit
Global pref auto_save_on_exit=true
Configuration saved to /etc/target/saveconfig.json
2)建立iscsi磁碟
/> /backstores/block create idisk1 /dev/sdb
Created block storage object idisk1 using /dev/sdb.
/> /backstores/block create idisk2 /dev/sdc
Created block storage object idisk2 using /dev/sdc.
/> ls
o- / ........................................................................................... [...]
o- backstores ................................................................................ [...]
| o- block .................................................................... [Storage Objects: 2]
| | o- idisk1 .......................................... [/dev/sdb (10.7GiB) write-thru deactivated]
| | | o- alua ..................................................................... [ALUA Groups: 1]
| | | o- default_tg_pt_gp ......................................... [ALUA state: Active/optimized]
| | o- idisk2 ......................................... [/dev/sdc (512.0MiB) write-thru deactivated]
| | o- alua ..................................................................... [ALUA Groups: 1]
| | o- default_tg_pt_gp ......................................... [ALUA state: Active/optimized]
| o- fileio ................................................................... [Storage Objects: 0]
| o- pscsi .................................................................... [Storage Objects: 0]
| o- ramdisk .................................................................. [Storage Objects: 0]
o- iscsi .............................................................................. [Targets: 0]
o- loopback ........................................................................... [Targets: 0]
iSCSI 支援下面四種後端儲存型別:
block:它允許將塊裝置作為iSCSI後端儲存使用,例如硬碟驅動器或邏輯卷。
fileio:它允許使用檔案作為iSCSI後端儲存使用,即將檔案作為虛擬磁碟提供給iSCSI客戶端。
pscsi:pscsi代表"pass-through SCSI",允許將SCSI裝置直接公開給iSCSI客戶端,以便客戶端可以直接訪問SCSI命令。
ramdisk:它允許將RAM磁碟作為iSCSI後端儲存使用,即將記憶體中的一部分作為虛擬磁碟提供給iSCSI客戶端。
3)建立iSCSI服務端
/> iscsi/ create iqn.2024-08.pip.cc:server
Created target iqn.2024-08.pip.cc:server.
Created TPG 1.
Global pref auto_add_default_portal=true
Created default portal listening on all IPs (0.0.0.0), port 3260.
/> ls
o- / ........................................................................................... [...]
o- backstores ................................................................................ [...]
| o- block .................................................................... [Storage Objects: 2]
| | o- idisk1 .......................................... [/dev/sdb (10.7GiB) write-thru deactivated]
| | | o- alua ..................................................................... [ALUA Groups: 1]
| | | o- default_tg_pt_gp ......................................... [ALUA state: Active/optimized]
| | o- idisk2 ......................................... [/dev/sdc (512.0MiB) write-thru deactivated]
| | o- alua ..................................................................... [ALUA Groups: 1]
| | o- default_tg_pt_gp ......................................... [ALUA state: Active/optimized]
| o- fileio ................................................................... [Storage Objects: 0]
| o- pscsi .................................................................... [Storage Objects: 0]
| o- ramdisk .................................................................. [Storage Objects: 0]
o- iscsi .............................................................................. [Targets: 1]
| o- iqn.2024-08.pip.cc:server ........................................................... [TPGs: 1]
| o- tpg1 ................................................................. [no-gen-acls, no-auth]
| o- acls ............................................................................ [ACLs: 0]
| o- luns ............................................................................ [LUNs: 0]
| o- portals ...................................................................... [Portals: 1]
| o- 0.0.0.0:3260 ....................................................................... [OK]
o- loopback ........................................................................... [Targets: 0]
關於為 Target 建立 IQN,有以下幾點需要進行說明:
在為 Target 建立 IQN 時會在此 IQN 下面建立一個預設的 TPG。
IQN 即 iSCSI 限定名稱,一個全球唯一名稱,用於以強制命名格式來識別啟動器(initiator)和目標(target)。
通用格式:iqn.YYYY-MM.com.reversed.domain[:optional_string];
iqn:表示此名稱將使用域作為其識別符號;
YYYY-MM:擁有域名的第一個月;
com.reversed.domain:此 iSCSI 名稱的建立組織的逆向域名;
optional_string:以冒號為字首的可選字串。
管理員如果不指定要建立的 IQN,系統會自動生成一個 IQN。
4)建立lun(共享卷)
/> cd iscsi/iqn.2024-08.pip.cc:server/tpg1/
/iscsi/iqn.20...c:server/tpg1> luns/ create /backstores/block/idisk1
Created LUN 0.
/iscsi/iqn.20...c:server/tpg1> luns/ create /backstores/block/idisk2
Created LUN 1.
/iscsi/iqn.20...c:server/tpg1> ls
o- tpg1 ....................................................................... [no-gen-acls, no-auth]
o- acls .................................................................................. [ACLs: 0]
o- luns .................................................................................. [LUNs: 2]
| o- lun0 ............................................. [block/idisk1 (/dev/sdb) (default_tg_pt_gp)]
| o- lun1 ............................................. [block/idisk2 (/dev/sdc) (default_tg_pt_gp)]
o- portals ............................................................................ [Portals: 1]
o- 0.0.0.0:3260 ............................................................................. [OK]
5)建立客戶端認證(chap)
/iscsi/iqn.20...c:server/tpg1> acls/ create iqn.2024-08.pip.cc:client
Created Node ACL for iqn.2024-08.pip.cc:client
Created mapped LUN 1.
Created mapped LUN 0.
/iscsi/iqn.20...c:server/tpg1> cd acls/iqn.2024-08.pip.cc:client/
/iscsi/iqn.20...pip.cc:client> set auth userid=root
Parameter userid is now 'root'.
/iscsi/iqn.20...pip.cc:client> set auth password=123456
Parameter password is now '123456'.
/iscsi/iqn.20...pip.cc:client> info
chap_password: 123456
chap_userid: root
wwns:
iqn.2024-08.pip.cc:client
6)建立portal
管理員需要建立一個門戶配置以指定監聽 IP 地址和埠;如果未指定 IP 則預設使用 0.0.0.0 地址;如果未指定埠號則預設使用 3260 埠。
/> cd iscsi/iqn.2024-08.pip.cc:server/tpg1/
/iscsi/iqn.20...c:server/tpg1> ls
o- tpg1 ....................................................................... [no-gen-acls, no-auth]
o- acls .................................................................................. [ACLs: 1]
| o- iqn.2024-08.pip.cc:client .................................................... [Mapped LUNs: 2]
| o- mapped_lun0 ........................................................ [lun0 block/idisk1 (rw)]
| o- mapped_lun1 ........................................................ [lun1 block/idisk2 (rw)]
o- luns .................................................................................. [LUNs: 2]
| o- lun0 ............................................. [block/idisk1 (/dev/sdb) (default_tg_pt_gp)]
| o- lun1 ............................................. [block/idisk2 (/dev/sdc) (default_tg_pt_gp)]
o- portals ............................................................................ [Portals: 1]
o- 0.0.0.0:3260 ............................................................................. [OK]
/iscsi/iqn.20...c:server/tpg1> cd portals
/iscsi/iqn.20.../tpg1/portals> delete 0.0.0.0 3260
Deleted network portal 0.0.0.0:3260
/iscsi/iqn.20.../tpg1/portals> create 192.168.1.203 3260
Using default IP port 3260
Created network portal 192.168.1.203:3260.
/iscsi/iqn.20.../tpg1/portals> ls
o- portals .............................................................................. [Portals: 1]
o- 192.168.1.203:3260 ......................................................................... [OK]
7)檢視iscsi server配置
/iscsi/iqn.20...pip.cc:client> cd /
/> ls
o- / ........................................................................................... [...]
o- backstores ................................................................................ [...]
| o- block .................................................................... [Storage Objects: 2]
| | o- idisk1 ............................................ [/dev/sdb (10.7GiB) write-thru activated]
| | | o- alua ..................................................................... [ALUA Groups: 1]
| | | o- default_tg_pt_gp ......................................... [ALUA state: Active/optimized]
| | o- idisk2 ........................................... [/dev/sdc (512.0MiB) write-thru activated]
| | o- alua ..................................................................... [ALUA Groups: 1]
| | o- default_tg_pt_gp ......................................... [ALUA state: Active/optimized]
| o- fileio ................................................................... [Storage Objects: 0]
| o- pscsi .................................................................... [Storage Objects: 0]
| o- ramdisk .................................................................. [Storage Objects: 0]
o- iscsi .............................................................................. [Targets: 1]
| o- iqn.2024-08.pip.cc:server ........................................................... [TPGs: 1]
| o- tpg1 ................................................................. [no-gen-acls, no-auth]
| o- acls ............................................................................ [ACLs: 1]
| | o- iqn.2024-08.pip.cc:client .............................................. [Mapped LUNs: 2]
| | o- mapped_lun0 .................................................. [lun0 block/idisk1 (rw)]
| | o- mapped_lun1 .................................................. [lun1 block/idisk2 (rw)]
| o- luns ............................................................................ [LUNs: 2]
| | o- lun0 ....................................... [block/idisk1 (/dev/sdb) (default_tg_pt_gp)]
| | o- lun1 ....................................... [block/idisk2 (/dev/sdc) (default_tg_pt_gp)]
| o- portals ...................................................................... [Portals: 1]
| o- 192.168.1.203:3260 ................................................................. [OK]
o- loopback ........................................................................... [Targets: 0]
/> saveconfig
Last 10 configs saved in /etc/target/backup/.
Configuration saved to /etc/target/saveconfig.json
/> exit
Global pref auto_save_on_exit=true
Configuration saved to /etc/target/saveconfig.json
4、重啟target服務
[root@node203 ~]# systemctl restart target
[root@node203 ~]# systemctl status target
● target.service - Restore LIO kernel target configuration
Loaded: loaded (/usr/lib/systemd/system/target.service; disabled; vendor preset: disabled)
Active: active (exited) since Fri 2024-08-02 10:50:45 CST; 4s ago
Process: 18476 ExecStop=/usr/bin/targetctl clear (code=exited, status=0/SUCCESS)
.......
5、配置客戶端訪問iscsi共享(all nodes)
iscsi-initiator-utils 提供了 iSCSI 客戶端的工具和服務,用於管理和配置 iSCSI 連線。它包含了 iscsiadm 命令列工具和其他與 iSCSI 相關的元件。
主要功能和元件包括:
- iscsiadm 命令列工具:iscsi-initiator-utils 包含了 iscsiadm 命令列工具,用於管理和配置 iSCSI 連線。您可以使用該工具來發現 iSCSI 目標、建立會話、斷開連線、管理目標列表等。
- iSCSI 服務:iscsi-initiator-utils 包含了 iSCSI 服務(通常是 iscsid 守護程序),它在後臺執行並處理與 iSCSI 儲存目標的通訊。該服務負責管理 iSCSI 會話和裝置,並提供與 iSCSI 目標的互動介面。
- iSCSI 配置檔案:iscsi-initiator-utils 提供了用於配置 iSCSI 客戶端的配置檔案。這些配置檔案包含了 iSCSI 目標的資訊、認證設定、會話選項等。您可以編輯這些配置檔案來自定義 iSCSI 連線的行為。
1)客戶端安裝軟體
[root@node201 ~]# yum install iscsi-initiator-utils-iscsiuio -y
2)配置iscsi配置檔案
如下所示,在客戶端配置訪問server端認證檔案:
[root@node201 ~]# cat /etc/iscsi/initiatorname.iscsi
InitiatorName=iqn.2024-08.pip.cc:client
node.session.auth.authmethod = CHAP
node.session.auth.username = root
node.session.auth.password = 123456
啟動服務:
[root@node201 ~]# systemctl restart iscsid
[root@node201 ~]# systemctl enable iscsid
3)客戶端訪問iscsi共享
# 檢視iscsi共享
[root@node201 ~]# iscsiadm -m discovery -t st -p 192.168.1.203
192.168.1.203:3260,1 iqn.2024-08.pip.cc:server
# 建立到iscsi server的共享訪問
[root@node201 ~]# iscsiadm -m node -T iqn.2024-08.pip.cc:server -p 192.168.1.203 --login
Logging in to [iface: default, target: iqn.2024-08.pip.cc:server, portal: 192.168.1.203,3260] (multiple)
Login to [iface: default, target: iqn.2024-08.pip.cc:server, portal: 192.168.1.203,3260] successful.
# 檢視共享儲存資訊
[root@node201 ~]# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 102.9G 0 disk
├─sda1 8:1 0 500M 0 part /boot
└─sda2 8:2 0 102.4G 0 part
├─centos-root 253:0 0 50G 0 lvm /
├─centos-swap 253:1 0 3G 0 lvm [SWAP]
└─centos-home 253:2 0 49.3G 0 lvm /home
sdb 8:16 0 10.7G 0 disk
sdc 8:32 0 512M 0 disk
sr0 11:0 1 1024M 0 rom
# 如下所示,在客戶端可以看到共享儲存已作為本地磁碟訪問
[root@node202 iscsi]# fdisk -l
Disk /dev/sdb: 11.5 GB, 11499421696 bytes, 22459808 sectors
......
Disk /dev/sdc: 536 MB, 536870912 bytes, 1048576 sectors
......
# 至此,共享儲存配置完成。