11.2 Configuring iSCSI Initiator
iSCSI initiator, also called client, can be used to connect to any
iSCSI target. This is not restricted to the iSCSI target solution
explained above. The configuration of iSCSI initiator involves two
major steps—the discovery of available iSCSI targets and the setup
of an iSCSI session. Both can be done with YaST.
11.2.1 Using YaST for the iSCSI Initiator Configuration
The configuration is divided into three tabs. The
tab may be used to enable the iSCSI
initiator at boot time. The tab gives an overview of the currently connected
iSCSI targets. Like the tab, it gives the option to add new targets to the
system. is the tab to start
with. It provides the possibility of discovering iSCSI targets in the
network.
-
Use to open the discovery dialog.
-
Enter the IP address and change the port if necessary.
-
If necessary, add the or
authentication.
-
Use to start the discovery.
After a successful discovery, use
to activate the target. You will be asked for authentication
information to use the selected iSCSI target.
finishes the configuration. If everything
went well, the target now appears in .
The virtual iSCSI device is now available. Find the actual device
with lsscsi:
lsscsi
[1:0:0:0] disk IET VIRTUAL-DISK 0 /dev/sda
11.2.2 Setting Up the iSCSI Initiator Manually
Both the discovery and the configuration of iSCSI connections
require a running iscsid. When running the discovery the first
time, the internal database of the iSCSI initiator is created in the
directory /var/lib/open-iscsi.
If your discovery is password protected, provide the
authentication information to iscsid. Because the internal
database does not exist when doing the first discovery, it cannot
be used at this time. Instead, the configuration file
/etc/iscsid.conf must be edited to provide
the information. To add your password information for the
discovery, add the following lines to the end of
/etc/iscsid.conf:
discovery.sendtargets.auth.authmethod = CHAP
discovery.sendtargets.auth.username = <username>
discovery.sendtargets.auth.password = <password>
The discovery stores all received values in an internal persistent
database. In addition, it displays all detected targets. Run this
discovery with the command iscsiadm -m discovery
--type=st --portal=<targetip>. The output
should look like:
[bd0ac2] 149.44.171.99:3260,1 iqn.2006-02.com.example.iserv:systems
For each target defined on the iSCSI target, one line
appears. In the previous example, the ID of the target is
bd0ac2. This ID is used to access the
target. Learn how to obtain more information about the stored data
in Section 11.2.3,
The iSCSI Client Databases. For now, just modify
the authentication credentials in this database to be able to
access target bd0ac2. Assume that you access a
target with incoming user <username>
and password <password>:
iscsiadm -m node --record=bd0ac2 --op=update \
--name=node.session.auth.authmethod --value=CHAP
iscsiadm -m node --record=bd0ac2 --op=update \
--name=node.session.auth.username --value=<username>
iscsiadm -m node --record=bd0ac2 --op=update \
--name=node.session.auth.password --value=<password>
Now, the initiator is prepared for its activation. The special
--login option of iscsiadm
creates all needed devices:
iscsiadm -m node --record=bd0ac2 --login
The newly generated devices show up in the output of
lsscsi and can now be accessed by mount.
11.2.3 The iSCSI Client Databases
All information that was discovered by the iSCSI initiator is stored
in two database files that reside in
/var/lib/open-iscsi. There is one database for
the discovery of targets and one for the discovered nodes.
When accessing a database, you first must select if you want to
get your data from the discovery or from the node database. Do this with the
-m discovery and -m node parameters of
iscsiadm. Using
iscsiadm just with one of these parameters gives
an overview of the stored records:
iscsiadm -m discovery
[bd0ac2] 149.44.171.99:3260,1 iqn.2006-02.com.example.iserv:systems
The record ID in this example is bd0ac2. This ID
is needed for all actions that relate to this special data set. To
examine the content of the data record with the ID
bd0c2, use the following command:
iscsiadm -m node --record=bd0ac2
node.name = iqn.2006-02.com.example.iserv:systems
node.transport_name = tcp
node.tpgt = 1
node.active_conn = 1
node.startup = manual
node.session.initial_cmdsn = 0
node.session.reopen_max = 32
node.session.auth.authmethod = CHAP
node.session.auth.username = joe
node.session.auth.password = ********
node.session.auth.username_in = <empty>
node.session.auth.password_in = <empty>
node.session.timeo.replacement_timeout = 0
node.session.err_timeo.abort_timeout = 10
node.session.err_timeo.reset_timeout = 30
node.session.iscsi.InitialR2T = No
node.session.iscsi.ImmediateData = Yes
....
To edit the value of one of these variables, use the
command iscsiadm with the update
operation. For example, if you
want iscsid to log in to the iSCSI target when it initializes,
set the variable node.startup to the value
automatic:
iscsiadm -m node --record=bd0ac2 --op=update --name=node.startup --value=automatic
Remove obsolete data sets with the operation delete. If
the record bd0ac2 is no longer a valid record, delete
this record with the command iscsiadm
-m node --record=bd0ac2 --op=delete.
Use caution because this deletes the record without any additional
confirmation prompt.
11.2.4 For More Information
The iSCSI protocol has been available for several years. There are
many reviews and additional documentation comparing iSCSI with SAN
solutions, doing performance benchmarks, or just describing hardware
solutions. Important pages for more information about open-iscsi
are:
-
https://www.open-iscsi.org/
-
https://www.open-iscsi.org/cgi-bin/wiki.pl
-
https://www.novell.com/coolsolutions/appnote/15394.html
There is also some online documentation available. See the
manual pages of iscsiadm, iscsid,
ietd.conf, and ietd and the example
configuration file /etc/iscsid.conf.