The following procedure describes how to set up a basic iSCSI target on an Oracle Linux system by using block storage backends. Note that you can use other storage backend types to set up an iSCSI target.
When you use the targetcli command, it saves
the current configuration to the JSON-format file
/etc/target/saveconfig.json
. See the
targetcli(8)
manual page for additional
information.
To set up a basic iSCSI target on an Oracle Linux system by using block storage backends:
Run the targetcli interactive shell:
#
targetcli
targetcli shell version 2.1.fb31 Copyright 2011-2013 by Datera, Inc and others. For help on commands, type 'help'.List the object hierarchy, which is initially empty:
/>
ls
o- / ..................................................................... [...] o- backstores .......................................................... [...] | o- block .............................................. [Storage Objects: 0] | o- fileio ............................................. [Storage Objects: 0] | o- pscsi .............................................. [Storage Objects: 0] | o- ramdisk ............................................ [Storage Objects: 0] o- iscsi ........................................................ [Targets: 0] o- loopback ..................................................... [Targets: 0]Change to the
/backstores/block
directory and create a block storage object for the disk partitions that you want to provide as LUNs, for example:/>
cd /backstores/block
/backstores/block>create name=LUN_0 dev=/dev/sdb
Created block storage object LUN_0 using /dev/sdb. /backstores/block>create name=LUN_1 dev=/dev/sdc
Created block storage object LUN_1 using /dev/sdc.The names that you assign to the storage objects are arbitrary.
NoteThe device path varies, based on the Oracle Linux instance's disk configuration.
Change to the
/iscsi
directory and create an iSCSI target:/>
cd /iscsi
/iscsi>create
Created target iqn.2013-01.com.mydom.host01.x8664:sn.ef8e14f87344. Created TPG 1.List the target portal group (TPG) hierarchy, which is initially empty:
/iscsi>
ls
o- iscsi .......................................................... [Targets: 1] o- iqn.2013-01.com.mydom.host01.x8664:sn.ef8e14f87344 .............. [TPGs: 1] o- tpg1 ............................................. [no-gen-acls, no-auth] o- acls ........................................................ [ACLs: 0] o- luns ........................................................ [LUNs: 0] o- portals .................................................. [Portals: 0]Change to the
luns
subdirectory of the TPG directory hierarchy and add the LUNs to the target portal group:/iscsi>
cd iqn.2013-01.com.mydom.host01.x8664:sn.ef8e14f87344/tpg1/luns
/iscsi/iqn.20...344/tpg1/luns>create /backstores/block/LUN_0
Created LUN 0. /iscsi/iqn.20...344/tpg1/luns>create /backstores/block/LUN_1
Created LUN 1.Change to the
portals
subdirectory of the TPG directory hierarchy and specify the IP address and TCP port of the iSCSI endpoint:/iscsi/iqn.20...344/tpg1/luns>
cd ../portals
/iscsi/iqn.20.../tpg1/portals>create 10.150.30.72 3260
Using default IP port 3260 Created network portal 10.150.30.72:3260.If you omit the TCP port number, the default value is
3260
.NoteIf the portal creation fails, and a message similar to the following is displayed, it is most likely because a default portal was previously created:
Could not create NetworkPortal in configFS
In this case, first delete the default portal, then repeat Step 5 to create the new portal.
/iscsi/iqn.20.../tpg1/portals>
delete 0.0.0.0 ip_port=3260
Enable TCP port 3260 by running either of the following commands:
#
firewall-cmd --permanent --add-port=3260/tcp
#
firewall-cmd --permanent --add-service iscsi-target
List the object hierarchy, which now shows the configured block storage objects and TPG:
/iscsi/iqn.20.../tpg1/portals>
ls /
o- / ..................................................................... [...] o- backstores .......................................................... [...] | o- block .............................................. [Storage Objects: 1] | | o- LUN_0 ....................... [/dev/sdb (10.0GiB) write-thru activated] | | o- LUN_1 ....................... [/dev/sdc (10.0GiB) write-thru activated] | o- fileio ............................................. [Storage Objects: 0] | o- pscsi .............................................. [Storage Objects: 0] | o- ramdisk ............................................ [Storage Objects: 0] o- iscsi ........................................................ [Targets: 1] | o- iqn.2013-01.com.mydom.host01.x8664:sn.ef8e14f87344 ............ [TPGs: 1] | o- tpg1 ........................................... [no-gen-acls, no-auth] | o- acls ...................................................... [ACLs: 0] | o- luns ...................................................... [LUNs: 1] | | o- lun0 ..................................... [block/LUN_0 (/dev/sdb)] | | o- lun1 ..................................... [block/LUN_1 (/dev/sdc)] | o- portals ................................................ [Portals: 1] | o- 10.150.30.72:3260 ............................................ [OK] o- loopback ..................................................... [Targets: 0]Configure the access rights for logins by initiators. For example, to configure demonstration mode that does not require authentication, change to the TGP directory and set the values of the
authentication
anddemo_mode_write_protect
attributes to 0 andgenerate_node_acls
cache_dynamic_acls
to 1:/iscsi/iqn.20.../tpg1/portals>
cd ..
/iscsi/iqn.20...14f87344/tpg1>set attribute authentication=0 demo_mode_write_protect=0
generate_node_acls=1 cache_dynamic_acls=1
Parameter authentication is now '0'. Parameter demo_mode_write_protect is now '0'. Parameter generate_node_acls is now '1'. Parameter cache_dynamic_acls is now '1'.CautionDemonstration mode is inherently insecure. For information about configuring secure authentication modes, see http://linux-iscsi.org/wiki/ISCSI#Define_access_rights.
Change to the
root
directory and save the configuration./iscsi/iqn.20...14f87344/tpg1>
cd /
/>saveconfig
Last 10 configs saved in /etc/target/backup. Configuration saved to /etc/target/saveconfig.jsonEnable the target service.
#
systemctl enable target.service
Saving the configuration and enabling the target service ensures that the changes persist across system reboots. Note also that failure to run these commands can result in an empty configuration.