Using iSCSI On Debian Lenny (Initiator And Target)

Version 1.0
Author: Falko Timme <ft [at] falkotimme [dot] com>
Last edited 02/24/2009

This guide explains how you can set up an iSCSI target and an iSCSI initiator (client), both running Debian Lenny. The iSCSI protocol is a storage area network (SAN) protocol which allows iSCSI initiators to use storage devices on the (remote) iSCSI target using normal ethernet cabling. To the iSCSI initiator, the remote storage looks like a normal, locally-attached hard drive.

I do not issue any guarantee that this will work for you!

1 Preliminary Note

I'm using two Debian Lenny servers here:

• server1.example.com (Initiator): IP address 192.168.0.100
• server2.example.com (Target): IP address 192.168.0.101

2 Setting Up The Target (server2)

server2:

First we set up the target (server2):

aptitude install iscsitarget iscsitarget-modules-`uname -r`

Open /etc/default/iscsitarget...

vi /etc/default/iscsitarget

... and set ISCSITARGET_ENABLE to true:

ISCSITARGET_ENABLE=true

We can use unused logical volumes, image files, hard drives (e.g. /dev/sdb), hard drive partitions (e.g. /dev/sdb1) or RAID devices (e.g. /dev/md0) for the storage. In this example I will create a logical volume of 20GB named storage_lun1 in the volume group vg0:

lvcreate -L20G -n storage_lun1 vg0

(If you want to use an image file, you can create it as follows:

mkdir /storage
dd if=/dev/zero of=/storage/lun1.img bs=1024k count=20000

This creates the image file /storage/lun1.img with a size of 20GB.

)

Next we edit /etc/ietd.conf...

vi /etc/ietd.conf

... and comment out everything in that file. At the end we add the following stanza:

[...]
Target iqn.2001-04.com.example:storage.lun1
        IncomingUser someuser secret
        OutgoingUser
        Lun 0 Path=/dev/vg0/storage_lun1,Type=fileio
        Alias LUN1
        #MaxConnections  6

The target name must be a globally unique name, the iSCSI standard defines the "iSCSI Qualified Name" as follows: iqn.yyyy-mm.<reversed domain name>[:identifier]; yyyy-mm is the date at which the domain is valid; the identifier is freely selectable. The IncomingUser line contains a username and a password so that only the initiators (clients) that provide this username and password can log in and use the storage device; if you don't need authentication, don't specify a username and password in the IncomingUser line. In the Lun line, we must specify the full path to the storage device (e.g. /dev/vg0/storage_lun1, /storage/lun1.img, /dev/sdb, etc.).

Now we tell the target that we want to allow connections to the device iqn.2001-04.com.example:storage.lun1 from the IP address 192.168.0.100 (server1.example.com)...

vi /etc/initiators.allow

[...]
iqn.2001-04.com.example:storage.lun1 192.168.0.100

... and start the target:

/etc/init.d/iscsitarget start

3 Setting Up The Initiator (server1)

server1:

On server1, we install the initiator:

aptitude install open-iscsi

Next we open /etc/iscsi/iscsid.conf...

vi /etc/iscsi/iscsid.conf

... and set node.startup to automatic:

[...]
node.startup = automatic
[...]

Then we restart the initiator:

/etc/init.d/open-iscsi restart

Now we connect to the target (server2) and check what storage devices it has to offer:

iscsiadm -m discovery -t st -p 192.168.0.101

server1:~# iscsiadm -m discovery -t st -p 192.168.0.101
192.168.0.101:3260,1 iqn.2001-04.com.example:storage.lun1
server1:~#

iscsiadm -m node

server1:~# iscsiadm -m node
192.168.0.101:3260,1 iqn.2001-04.com.example:storage.lun1
server1:~#

The settings for the storage device iqn.2001-04.com.example:storage.lun1 on 192.168.0.101:3260,1 are stored in the file /etc/iscsi/nodes/iqn.2001-04.com.example:storage.lun1/192.168.0.101,3260,1/default. We need to set the username and password for the target in that file; instead of editing that file manually, we can use the iscsiadm command to do this for us:

iscsiadm -m node --targetname "iqn.2001-04.com.example:storage.lun1" --portal "192.168.0.101:3260" --op=update --name node.session.auth.authmethod --value=CHAP
iscsiadm -m node --targetname "iqn.2001-04.com.example:storage.lun1" --portal "192.168.0.101:3260" --op=update --name node.session.auth.username --value=someuser
iscsiadm -m node --targetname "iqn.2001-04.com.example:storage.lun1" --portal "192.168.0.101:3260" --op=update --name node.session.auth.password --value=secret

Now we can log in, either by running...

iscsiadm -m node --targetname "iqn.2001-04.com.example:storage.lun1" --portal "192.168.0.101:3260" --login

server1:~# iscsiadm -m node --targetname "iqn.2001-04.com.example:storage.lun1" --portal "192.168.0.101:3260" --login
Logging in to [iface: default, target: iqn.2001-04.com.example:storage.lun1, portal: 192.168.0.101,3260]
Login to [iface: default, target: iqn.2001-04.com.example:storage.lun1, portal: 192.168.0.101,3260]: successful
server1:~#

... or by restarting the initiator:

/etc/init.d/open-iscsi restart

(If you want to log out, you can run

iscsiadm -m node --targetname "iqn.2001-04.com.example:storage.lun1" --portal "192.168.0.101:3260" --logout

)

In the output of

fdisk -l

you should now find a new hard drive (/dev/sdb in this example); that's our iSCSI storage device:

server1:~# fdisk -l

Disk /dev/sda: 32.2 GB, 32212254720 bytes
255 heads, 63 sectors/track, 3916 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Disk identifier: 0x00031334

   Device Boot      Start         End      Blocks   Id  System
/dev/sda1   *           1        3749    30113811   83  Linux
/dev/sda2            3750        3916     1341427+   5  Extended
/dev/sda5            3750        3916     1341396   82  Linux swap / Solaris

Disk /dev/sdb: 21.4 GB, 21474836480 bytes
64 heads, 32 sectors/track, 20480 cylinders
Units = cylinders of 2048 * 512 = 1048576 bytes
Disk identifier: 0x00000000

Disk /dev/sdb doesn't contain a valid partition table
server1:~#