How to configure iSCSI targets and initiators on CentOS 8 / RHEL 8

Introduction

How to set iSCSI Target on CentOS 8 / RHEL 8? With CentOS 8 now, it’s time to make the most of it to run valuable and valuable services in your organization or lab. Here we will install and configure iSCSI Target and Initiator on CentOS 8 / RHEL 8 Linux server. Set up one server as the target server and the other server as the initiator, as shown in the following figure. let us begin

Step 1: Update your CentOS / RHEL server

Make sure to make this setting on a newer CentOS / RHEL server.

$ sudo dnf update
 CentOS-8 - AppStream                                                                                                       588 kB/s | 6.3 MB     00:10    
 CentOS-8 - Base                                                                                                            578 kB/s | 7.9 MB     00:13    
 CentOS-8 - Extras                                                                                                          511  B/s | 2.1 kB     00:04    
 Dependencies resolved.
 =========================================================================================================================================================== Package                                       Arch                      Version                                           Repository                 Size 
 ===========================================================================================================================================================Installing:
  kernel                                        x86_64                    4.18.0-80.11.2.el8_0                              BaseOS                    424 k 
  kernel-core                                   x86_64                    4.18.0-80.11.2.el8_0                              BaseOS                     24 M 
  kernel-modules                                x86_64                    4.18.0-80.11.2.el8_0                              BaseOS                     20 M

Step 2: Make sure SELinux is in force mode:

Confirm your SELinux status

$ getenforce
Enforcing

Since this setting covers the configuration of SELinux, please make it run in forced mode.

Step 3: Install the targetcli package on CentOS 8 / RHEL 8

iSCSI Target’s software package is available as a targetcli in the CentOS 8 / RHEL 8 default AppStream repository. Install by running:

sudo dnf -y install targetcli

Step 4: Check the available space on the system

This is to ensure that there is sufficient disk space or blocks available for allocation. It is recommended to set up a different partition for this to make it easier to manage without disturbing the core CentOS files and system.

$ df -hT
 Filesystem          Type      Size  Used Avail Use% Mounted on
 devtmpfs            devtmpfs  365M     0  365M   0% /dev
 tmpfs               tmpfs     380M     0  380M   0% /dev/shm
 tmpfs               tmpfs     380M   10M  370M   3% /run
 tmpfs               tmpfs     380M     0  380M   0% /sys/fs/cgroup
 /dev/mapper/cl-root xfs        27G  1.6G   26G   6% /
 /dev/sda1           ext4      976M  159M  751M  18% /boot
 tmpfs               tmpfs      76M     0   76M   0% /run/user/1000

If you have a secondary disk on the server, we recommend that you use it.

Step 5: Configure iSCSI Target on CentOS 8 / RHEL 8

Create a folder on the disk you configured, such as / var / Or the mounting point of a secondary disk or RAID device.

sudo mkdir /var/targetdisk01

Let’s now enter the targetcli management console to create our target

$ sudo su -
# targetcli
targetcli shell version 2.1.fb49
Copyright 2011-2013 by Datera, Inc and others.
For help on commands, type 'help'.
/>

ls check its content

/> ls
 o- / …………………………………………………………………………………………………… […]
   o- backstores …………………………………………………………………………………………. […]
   | o- block ……………………………………………………………………………………………. [Storage Objects: 0]
   | o- fileio …………………………………………………………………………………………… [Storage Objects: 0]
   | o- pscsi ……………………………………………………………………………………………. [Storage Objects: 0]
   | o- ramdisk ………………………………………………………………………………………….. [Storage Objects: 0]
   o- iscsi ……………………………………………………………………………………………… [Targets: 0]
   o- loopback …………………………………………………………………………………………… [Targets: 0]

Everything is empty. Besides that, you will notice that the first thing in the content is background storage. The Backstore here helps to provide different ways to keep the data locally and later export that data or make it available to external systems such as the initiator. Backstore’s available options are block, fileio, pscsi, and ramdisk.

The block backing storage you can easily guess is a Linux block device such as a hard drive like / dev / sda. This option can be used if there are disks in the target. The fileio backstore, on the other hand, is a normal file on a file system that has been created with a predefined size. W will use this option in our settings. In general, the performance of block backing storage is better than a single file.

Let’s create a 5GB fileio background storage:

Navigate to backstores / fileio on the targetcli console and create the backstore.

/> cd backstores/fileio
/backstores/fileio> create targetdisk1 /var/targetdisk01/targetdisk1.img 5G                                                                                
Created fileio targetdisk1 with size 5368709120

Issue ls command to check if it has been created

/backstores/fileio> ls
 o- fileio ……………………………………………………………………………………….. [Storage Objects: 1]
   o- targetdisk1 …………………… [/var/targetdisk01/targetdisk1.img (5.0GiB) write-back deactivated]
     o- alua …………………………………………………………………………………………. [ALUA Groups: 1]
       o- default_tg_pt_gp ……………………………………………………. [ALUA state: Active/optimized]

Create iSCSI target

In order to create an iSCSI Target, we must enter the iSCSI path in the server.

/backstores/fileio> cd /iscsi
/iscsi>

Within the iscsi path, it is now possible to create iscsi targets with names. The naming convention is standard and it looks like this:

 [ iqn.(year)-(month).(reverse of domain name):(any name you prefer) ]. 

Our domain is computingforgeeks.com, so the opposite is com.computingforgeeks. Do the same for you. Let us continue to name the target.

iqn.2019-11.computingforgeeks.com:GeeksTarget1

Create target

/iscsi> create iqn.2019-11.computingforgeeks.com:GeeksTarget1
 Created target iqn.2019-11.computingforgeeks.com:geekstarget1.
 Created TPG 1.
 Global pref auto_add_default_portal=true
 Created default portal listening on all IPs (0.0.0.0), port 3260.

Issue the ls command to confirm the changes

/iscsi> ls
 o- iscsi ……………………………………………………………………………………………….. [Targets: 1]
 o- iqn.2019-11.computingforgeeks.com:geekstarget1 ………………………. [TPGs: 1]
 o- tpg1 ……………………………………………………………………………………. [no-gen-acls, no-auth]
 o- acls ……………………………………………………………………………………………… [ACLs: 0]
 o- luns ……………………………………………………………………………………………… [LUNs: 1]
 | o- lun0 …………………. [fileio/targetdisk1 (/var/targetdisk01/targetdisk1.img) (default_tg_pt_gp)]
  o- portals ………………………………………………………………………………………… [Portals: 1]
  o- 0.0.0.0:3260 …………………………………………………………………………………………. [OK]

Create a LUN

An iSCSI LUN is a logical unit of storage. The target can provide one or more LUNs to the iSCSI client, and the iSCSI client initiates a connection with the iSCSI server. Navigate to the target portal group (TPG) created in the previous command. Note ”Create TPG 1” from above.

/iscsi> cd iqn.2019-11.computingforgeeks.com:geekstarget1/tpg1/luns 
/iscsi/iqn.20…et1/tpg1/luns>

Then create a LUN from the previously created targetdisk1. Use yours in this step.

/iscsi/iqn.20…et1/tpg1/luns> create /backstores/fileio/targetdisk1 
Created LUN 0.

Issue ls command to check

/iscsi/iqn.20…et1/tpg1/luns> ls

o- luns …………………………………………………………………………………………………… [LUNs: 1]
  o- lun0 ………………………………………. [fileio/targetdisk1 (/var/targetdisk01/targetdisk1.img) (default_tg_pt_gp)]

Configure Access Control List (ACL)

The access control list will ensure that only known initiators can connect to our target. To this end, the /etc/iscsi/initiatorname.iscsi file on the client / initiator has a line as shown below. We will use it in the ACL. You can edit the name to suit your environment.

## This is file in your initiator
$ sudo vi /etc/iscsi/initiatorname.iscsi

InitiatorName=iqn.2019-11.com.computingforgeeks:initiator1 

On the same path as above, navigate to the ACL.

/iscsi/iqn.20…starget1/tpg1> cd acls
/iscsi/iqn.20…et1/tpg1/acls>

Then run the following command using the launcher’s iqn in the acls path

/iscsi/iqn.20…et1/tpg1/acls> create iqn.2019-11.com.computingforgeeks:initiator1
Created Node ACL for iqn.2019-11.com.computingforgeeks:initiator1
Created mapped LUN 0.

Set username and password

Navigate to the new iqn created in the ACL and set the “username” and “password” to authenticate the initiator when it sends a request to the target.

/iscsi/iqn.20…et1/tpg1/acls> cd iqn.2019-11.com.computingforgeeks:initiator1
/iscsi/iqn.20…ks:initiator1>
/iscsi/iqn.20…ks:initiator1> set auth userid=initiator1
 Parameter userid is now 'initiator1'.
/iscsi/iqn.20…ks:initiator1> set auth password=gai0daeNgu ##Use strong password here
 Parameter password is now 'gai0daeNgu'.
/iscsi/iqn.20…ks:initiator1>

Let’s navigate to / iscsi and confirm that all our settings are done, then save by exiting

/iscsi/iqn.20…ks:initiator1> cd /iscsi/
 /iscsi> ls
 o- iscsi ……………………………………………………………………………………………….. [Targets: 1]
 o- iqn.2019-11.computingforgeeks.com:geekstarget1 ………………………………………………. [TPGs: 1]
 o- tpg1 ……………………………………………………………………………………. [no-gen-acls, no-auth]
 o- acls ……………………………………………………………………………………………… [ACLs: 1]
 | o- iqn.2019-11.com.computingforgeeks:initiator1 ………………………………………………….. [Mapped LUNs: 1]
 | o- mapped_lun0 …………………………………………………………………. [lun0 fileio/targetdisk1 (rw)]
  o- luns ……………………………………………………………………………………………… [LUNs: 1]
 | o- lun0 …………………………………. [fileio/targetdisk1 (/var/targetdisk01/targetdisk1.img) (default_tg_pt_gp)]
 o- portals ………………………………………………………………………………………… [Portals: 1]
 o- 0.0.0.0:3260 …………………………………………………………………………………………. [OK]

You can prove that everything is fine. Save by exiting

/iscsi> exit
Global pref auto_save_on_exit=true
Last 10 configs saved in /etc/target/backup/.
Configuration saved to /etc/target/saveconfig.json

If the firewall is running, enable the target and set up firewall rules.

$ sudo systemctl enable target
Created symlink /etc/systemd/system/multi-user.target.wants/target.service → /usr/lib/systemd/system/target.service.
## Set the firewall rules as below
$ sudo firewall-cmd --add-service=iscsi-target --permanent
success
$ sudo firewall-cmd --reload
success

Step 6: Configure iSCSI initiator

And we are fine. The only thing left is to configure our launcher and consume these resources. Follow the guidelines below.

How to configure iSCSI Initiator on CentOS 8 / RHEL 8

in conclusion

Everything is now set in terms of our goals. The server is ready to service the initiators added in the ACL and start servicing your use cases. The next guide will address the issue of the sponsors so that everyone is happy.

We are glad you found the site suitable for you. Thank you for visiting. Don’t hesitate to check out CentOS 8 / RHEL 8 related guides outlined below.

Install Varnish Cache 6 for Apache / Nginx on CentOS 8 / RHEL 8

Install FreeRADIUS and Daloradius on CentOS 8 / RHEL 8

How to create a CentOS 8 local repository image using Rsync and Nginx

Setting up GlusterFS storage with Heketi on CentOS 8 / CentOS 7

How to sync CentOS 8 repository on Satellite / Katello / Foreman

How to create a CentOS 8 KVM image template on OpenStack

Install Apache Subversion (SVN) on CentOS 8 / RHEL 8

Install Apache OpenOffice on RHEL 8 / CentOS 8

How to join CentOS 8 / RHEL 8 system to Active Directory (AD) domain

Enable automatic software update on CentOS 8 / RHEL 8

Sidebar