任务描述：请采用 iscsi，搭建存储服务
为 linux8 添加 4 块磁盘，每块磁盘大小为 5G，创建 lvm 卷，卷组名称为 vg1，逻辑卷名称为 lv1，容量为全部空间，格式化为 ext4 格式。使用/dev/vg1/lv1 配置为 iSCSI 目标服务器，为 linux9 提供 iSCSI服务。iSCSI 目标端的 wwn 为 iqn.2008-01.lan.skills:server,iSCSI发起端的 wwn 为 iqn.2008-01.lan.skills:client1
配置 linux9 为 iSCSI 客户端，实现 discovery chap 和 session chap双向认证，Target 认证用户名为 IncomingUser，密码为 IncomingPass；Initiator 认证用户名为 OutgoingUser，密码为 OutgoingPass。修改/etc/rc.d/rc.local 文件开机自动挂载 iscsi 磁盘到/iscsi 目录。

创建lvm卷

创建物理卷

[root@linux8 ~]# pvcreate /dev/sd{b,c,d,e}
  Physical volume "/dev/sdb" successfully created.
  Physical volume "/dev/sdc" successfully created.
  Physical volume "/dev/sdd" successfully created.
  Physical volume "/dev/sde" successfully created.
[root@linux8 ~]#

创建卷组

[root@linux8 ~]# vgcreate vg1 /dev/sd{b,c,d,e}
  Volume group "vg1" successfully created
[root@linux8 ~]#

创建逻辑卷

[root@linux8 ~]# lvcreate -l 100%FREE -n lv1 vg1
  Logical volume "lv1" created.
[root@linux8 ~]#

格式化逻辑卷

[root@linux8 ~]# mkfs.ext4 /dev/vg1/lv1
mke2fs 1.46.5 (30-Dec-2021)
Creating filesystem with 5238784 4k blocks and 1310720 inodes
Filesystem UUID: a352b395-634f-4c83-b56e-ffe13c84a366
Superblock backups stored on blocks:
        32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208,
        4096000

Allocating group tables: done
Writing inode tables: done
Creating journal (32768 blocks): done
Writing superblocks and filesystem accounting information: done

[root@linux8 ~]#

安装iSCSI服务端

[root@linux8 ~]# yum install targetcli.noarch

配置iSCSI客户端

使用targetcli进行配置

[root@linux8 ~]# targetcli
Warning: Could not load preferences file /root/.targetcli/prefs.bin.
targetcli shell version 2.1.53
Copyright 2011-2013 by Datera, Inc and others.
For help on commands, type 'help'.

/>

创建iSCSI磁盘

/> /backstores/block create lv1 /dev/vg1/lv1
Created block storage object lv1 using /dev/vg1/lv1.
/>

创建服务器wwn

/> /iscsi create iqn.2008-01.lan.skills:server
Created target iqn.2008-01.lan.skills:server.
Created TPG 1.
Global pref auto_add_default_portal=true
Created default portal listening on all IPs (0.0.0.0), port 3260.
/>

创建客户端wwn

/> /iscsi/iqn.2008-01.lan.skills:server/tpg1/acls create  iqn.2008-01.lan.skills:client1
Created Node ACL for iqn.2008-01.lan.skills:client1
/>

添加磁盘到服务器wwn

/> /iscsi/iqn.2008-01.lan.skills:server/tpg1/luns create /backstores/block/lv1
Created LUN 0.
Created LUN 0->0 mapping in node ACL iqn.2008-01.lan.skills:client1
/>

设置CHAP认证

/> /iscsi/ set discovery_auth enable=1 userid=IncomingUser password=IncomingPass mutual_userid=OutgoingUser mutual_password=OutgoingPass
Parameter enable is now 'True'.
Parameter userid is now 'IncomingUser'.
Parameter password is now 'IncomingPass'.
Parameter mutual_userid is now 'OutgoingUser'.
Parameter mutual_password is now 'OutgoingPass'.
/>

设置init认证

/> /iscsi/iqn.2008-01.lan.skills:server/tpg1/acls/iqn.2008-01.lan.skills:client1/ set auth userid=IncomingUser password=IncomingPass mutual_userid=OutgoingUser mutual_password=OutgoingPass
Parameter userid is now 'IncomingUser'.
Parameter password is now 'IncomingPass'.
Parameter mutual_userid is now 'OutgoingUser'.
Parameter mutual_password is now 'OutgoingPass'.
/>

保存服务器配置

/> exit
Global pref auto_save_on_exit=true
Configuration saved to /etc/target/saveconfig.json
[root@linux8 ~]#

配置iSCSI客户端

安装客户端

[root@linux9 ~]# yum install iscsi-initiator-utils -y

配置客户端wwn

修改文件/etc/iscsi/initiatorname.iscsi

InitiatorName=iqn.2008-01.lan.skills:client1

配置客户端双向认证

修改文件/etc/iscsi/iscsid.conf

# *************
# CHAP Settings
# *************

# To enable CHAP authentication set node.session.auth.authmethod
# to CHAP. The default is None.
node.session.auth.authmethod = CHAP #取消注释

# To configure which CHAP algorithms to enable set
# node.session.auth.chap_algs to a comma seperated list.
# The algorithms should be listen with most prefered first.
# Valid values are MD5, SHA1, SHA256, and SHA3-256.
# The default is MD5.
#node.session.auth.chap_algs = SHA3-256,SHA256,SHA1,MD5

# To set a CHAP username and password for initiator
# authentication by the target(s), uncomment the following lines:
node.session.auth.username = IncomingUser #修改
node.session.auth.password = IncomingPass #修改

# To set a CHAP username and password for target(s)
# authentication by the initiator, uncomment the following lines:
node.session.auth.username_in = OutgoingUser #修改
node.session.auth.password_in = OutgoingPass #修改

# To enable CHAP authentication for a discovery session to the target
# set discovery.sendtargets.auth.authmethod to CHAP. The default is None.
discovery.sendtargets.auth.authmethod = CHAP #取消注释

# To set a discovery session CHAP username and password for the initiator
# authentication by the target(s), uncomment the following lines:
discovery.sendtargets.auth.username = IncomingUser #修改
discovery.sendtargets.auth.password = IncomingPass #修改

# To set a discovery session CHAP username and password for target(s)
# authentication by the initiator, uncomment the following lines:
discovery.sendtargets.auth.username_in = OutgoingUser #修改
discovery.sendtargets.auth.password_in = OutgoingPass #修改

# ********
# Timeouts
# ********

客户端尝试发现目标

[root@linux9 ~]# iscsiadm -m discovery -t st -p 192.168.1.18
192.168.1.18:3260,1 iqn.2008-01.lan.skills:server

回显服务器wwn即可。

客户端连接iSCSI服务器

登录

[root@linux9 ~]# iscsiadm -m node -T iqn.2008-01.lan.skills:server -p 192.168.1.18 --login

挂载

[root@linux9 ~]# mkdir /iscsi
[root@linux9 ~]# mount /dev/sdb /iscsi/

重启自动挂载

编辑/etc/rc.local

mount /dev/sdb /iscsi