====== Configure A System As Either An Iscsi Target Or Initiator That Persistently Mounts An Iscsi Target ======

**General Information**

Creating iSCSI targets (storage on a server) and initiators (clients).

----

====== Lab Setup ======

The following virtual machines will be used:
  * server1.example.com (192.168.1.150) -> Client/initiator
  * server2.example.com (192.168.1.151) -> Server/target
    * **Add Disk**: Add a secondary disk to the Server/target that will be used as backend storage for the iSCSI target.

----

====== Help ======

Finding help in this section.
  * iSCSI target (server)<code bash>#tab completion in targetcli utility</code>
  * iSCSI initiator (client)<code bash>man iscsiadm</code>

----


====== iSCSI Targets (Storage Server) ======

The iSCSI targets are on the storage server and are the volumes that can be mounted by clients.

===== Create Back-end Storage =====

Create a back-end logical volume or partition that will be an iSCSI target.

Example:<code bash>
pvcreate /dev/sdb1
vgcreate vgsan /dev/sdb1
lvcreate --extents 100%PVS --name lvstor01 vgsan /dev/sdb1
</code>

----

===== Install and Enable =====

Install packages
<code bash>
yum install targetcli
</code>

\\
Enable the service
<code bash>
systemctl enable target
</code>

===== Configure the iSCSI Target =====

Start the targetcli interactive utility
<code bash>
targetcli
</code>

\\
The targetcli utility commands available depend upon your path. Navigation is done via cd, pwd, and ls just like you would expect in a shell.<code bash>/> ls
o- / ................................................................. [...]
  o- backstores ...................................................... [...]
  | o- block .......................................... [Storage Objects: 0]
  | o- fileio ......................................... [Storage Objects: 0]
  | o- pscsi .......................................... [Storage Objects: 0]
  | o- ramdisk ........................................ [Storage Objects: 0]
  o- iscsi .................................................... [Targets: 0]
  o- loopback ................................................. [Targets: 0]
/> pwd
/</code>
  * **Note:** Use tab for auto completion in paths and commands

\\
**Backing Storage:** Create a block storage object within the targetcli interactive prompt
<code bash>
/> backstores/block create name=block1 dev=/dev/vgsan/lvstor01
</code>
  * backstores/block -> In the backstores block path
  * create block1 -> Create a storage object named "block1"
  * /dev/vgsan/lvstor01 -> Use the logical volume /dev/vgsan/lvstor01

\\
**iSCSI Target**: Create an iSCSI Target IQN (Iscsi Qualified Name)
<code bash>
/> iscsi/ create wwn=iqn.2018-05.com.example.server2:target
</code>
  * iscsi/ -> In the iscsi path
  * create iqn.2018-05.com.example.server2:target -> Create the IQN named "iqn.2018-05.com.example.server2:target"
  * An IQN is how you refer to the target disk
    * All IQNs must start with "iqn"
    * Standard convention is to use the date (YYYY-MM) and reverse domain name
    * target is the target name
  * This creates an associated TPG (Target Portal Group)

\\
Change into the newly created IQN's TPG (Target Portal Group) and view the contents
<code bash>
/> cd iscsi/iqn.2018-05.com.example.server2:target/tpg1/
/iscsi/iqn.20...2:target/tpg1> ls
</code>
  * Objects listed:
    * acls (access control lists can restrict access)
    * luns (logical unit number or the exported resource)
    * portals (IP addresses:ports to reach the exported resource)
      * **Note:** In some earlier versions (RHEL 7.0-7.1), a portal is NOT automatically created. This may need to be created manually.

\\
**Create portal: RHEL 7.0 - 7.1 only**
<code bash>
/iscsi/iqn.20...2:target/tpg1> portals create 0.0.0.0 ip_port=3260
</code>

\\
**LUN to Storage Map:** Create a LUN within the target portal group
<code bash>
/iscsi/iqn.20...2:target/tpg1> luns/ create /backstores/block/block1
</code>
  * luns/ -> In the luns path
  * create /backstores/block/block1 -> Create a lun using "block1" as the backing storage

\\
**Client ACL:** Create an ACL for a client to be able to connect to the IQN in the future
<code bash>
/iscsi/iqn.20...2:target/tpg1> acls/ create iqn.2018-05.com.example:server1
</code>
  * acls/ -> In the acls path
  * create iqn.2018-05.com.example:server1 -> Create an ACL allowing this IQN
    * This is a combination of a new IQN (following a similar naming convention) and an identifier of your choosing. Together, this makes up the **client iscsi initiator name** that will be used.
    * iqn.2018-05.com.example -> IQN
    * :server1 -> an identifier of your choosing
  * **Alternatively:** Instead of making of an IQN for the client, [[#configure_initiator_and_iscsid|see here to retrieve it]].

\\
**OPTIONAL**: Create a CHAP Username/Password for client connections
<code bash>
/iscsi/iqn.20...2:target/tpg1> cd acls/iqn.2018-05.com.example:server1/
/iscsi/iqn.20...ample:server1> set auth userid=myuser password=mypassword
</code>

\\
Save and exit the targetcli utility
<code bash>/iscsi/iqn.20...ample:server1> cd /
/> saveconfig
/> exit
</code>

===== Firewall and Start Service =====

Firewall 
<code bash>
firewall-cmd --permanent --add-port=3260/tcp
firewall-cmd --reload

OR

firewall-cmd --permanent --add-service=iscsi-target
firewall-cmd --reload
</code>
  * iscsi-target service available as of **RHEL 7.2**

\\
Start the target
<code bash>
systemctl start target
</code>

----

====== iSCSI Initiator (Client) ======

Setting up an iSCSI initiator (client).

===== Install Package =====

Install initiator package
<code bash>
yum install iscsi-initiator-utils
</code>

===== Configure Initiator and iscsid =====

Edit initiator name and change to the name setup on the server
<code bash>
vim /etc/iscsi/initiatorname.iscsi

InitiatorName=iqn.2018-05.com.example:server1
</code>
  * Identifying client information needed to mount the disk
  * **Alternatively**, you could configure the server to the ISCSI initiator name given on the client by default.

\\
Edit authentication information if set (**optional**)
<code bash>
vim /etc/iscsi/iscsid.conf

node.session.auth.authmethod = CHAP
node.session.auth.username = myuser
node.session.auth.password = mypassword
</code>

\\
Enable and start the iscsi service
<code bash>
systemctl enable iscsi
systemctl start iscsi
</code>

===== Login to iSCSI Portal =====

**Note**: See 'EXAMPLES' in "man iscsiadm" if you don't remember the discovery and login commands.

\\
Use the iscsiadm command to discover IQN Information
<code bash>
iscsiadm --mode discovery --type sendtargets --portal 192.168.1.151
</code>
  * --mode discovery -> Find targets
  * --type sendtargets -> Tell portal to send all available targets
  * --portal <ip> -> server IP

\\
Login to the Target IQN (found during discovery)
<code bash>
iscsiadm --mode node --target iqn.2018-05.com.example.server2:target --portal 192.168.1.151 --login
</code>
  * Default port is 3260 if not specified

===== Configure iSCSI Disk =====

View iSCSI Disk
<code bash>
lsblk --scsi
</code>

\\
Create a partition
<code bash>
fdisk /dev/sdb
</code>

\\
Create file system
<code bash>
mkfs.xfs /dev/sdb1
</code>

\\
Get the disk UUID
<code bash>
blkid | grep sdb1
</code>

\\
Mount via fstab
<code bash>
vim /etc/fstab

#Mount iscsi device
UUID=<uuid-here>  /data/iscsi  xfs  _netdev  0 0
</code>
  * _netdev -> Wait for the network to be available before mounting

\\
View Connected ISCSI Target Information
<code bash>
iscsiadm -m session -P 3
</code>
  * -m session -> mode session
  * -P 3 -> Print level 3 (0-3 range of details)

----