iSCSI：自动化配置基于 iSCSI 的块设备网络存储启动器

对每个人而言，真正的职责只有一个：找到自我。然后在心中坚守其一生，全心全意，永不停息。所有其它的路都是不完整的，是人的逃避方式，是对大众理想的懦弱回归，是随波逐流，是对内心的恐惧 ——赫尔曼·黑塞《德米安》

写在前面

---

• 准备考试整理相关笔记
• 博文内容涉及：
  • 手动配置 使用块存储做后端存储的 iSCSI ⽬标并通过启动器访问
  • 通过 ansible 自动化配置启动器
• 理解不足小伙伴帮忙指正

对每个人而言，真正的职责只有一个：找到自我。然后在心中坚守其一生，全心全意，永不停息。所有其它的路都是不完整的，是人的逃避方式，是对大众理想的懦弱回归，是随波逐流，是对内心的恐惧 ——赫尔曼·黑塞《德米安》

---

关于 iSCSI 是什么小伙伴可以看看我之前的博客，这里我们直接开始配置

手动配置

通过 iSCSI ⽬标为⽹络客⼾端提供基于块的存储，然后配置 iSCSI 启动器以访问该设备。配置步骤

• 配置 iSCSI ⽬标。
• 配置 iSCSI 启动器并访问⽬标。
• 格式化并挂载共享块设备。

配置 iSCSI ⽬标

安装 targetcli 软件包，用于配置和管理 iSCSI 目标的命令行工具。启用并启动了 target.service，这是用于支持 iSCSI 目标的服务。配置了防火墙规则，允许 iSCSI 目标服务通过防火墙。

[root@serverd ~]# yum -y install  targetcli >> /dev/null
[root@serverd ~]# systemctl enable --now target.service
Created symlink /etc/systemd/system/multi-user.target.wants/target.service → /usr/lib/systemd/system/target.service.
[root@serverd ~]# firewall-cmd --permanent --add-service=iscsi-target
success
[root@serverd ~]# firewall-cmd --reload
success

进入 targetcli 配置

[root@serverd ~]# targetcli
targetcli shell version 2.1.fb49
Copyright 2011-2013 by Datera, Inc and others.
For help on commands, type 'help'.

/> ls
o- / ............................................................................................ [...]
  o- backstores ................................................................................. [...]
  | o- block ..................................................................... [Storage Objects: 0]
  | o- fileio .................................................................... [Storage Objects: 0]
  | o- pscsi ..................................................................... [Storage Objects: 0]
  | o- ramdisk ................................................................... [Storage Objects: 0]
  o- iscsi ............................................................................... [Targets: 0]
  o- loopback ............................................................................ [Targets: 0]
/>

配置要求：

• 块设备: /dev/vdb
• ⽬标后备存储名称: store1.disk1
• ⽬标 IQN: iqn.2014-06.com.example:store1
• 允许访问⽬标的启动器 IQN: iqn.2014-06.com.example:servera
• 访问地址: 172.25.250.13，端⼝: 3260

      Block device: /dev/vdb
Backing store name: store1.disk1
        Target IQN: iqn.2014-06.com.example:store1
     Initiator IQN: iqn.2014-06.com.example:servera
    Portal address: 172.25.250.13 (port 3260)

将 /dev/vdb 配置为块后备存储。为 backstore 对象使⽤名称 store1.disk1 。

/backstores> cd block
/backstores/block> ls
o- block ......................................................................... [Storage Objects: 0]
/backstores/block> create store1.disk1  /dev/vdb
Created block storage object store1.disk1 using /dev/vdb.
/backstores/block> ls
o- block ......................................................................... [Storage Objects: 1]
  o- store1.disk1 .......................................... [/dev/vdb (5.0GiB) write-thru deactivated]
    o- alua .......................................................................... [ALUA Groups: 1]
      o- default_tg_pt_gp .............................................. [ALUA state: Active/optimized]

为⽬标配置 IQN。使⽤名称 iqn.2014-06.com.example:store1 作为 IQN

/backstores/block> cd /iscsi
/iscsi> create iqn.2014-06.com.example:store1
Created target iqn.2014-06.com.example:store1.
Created TPG 1.
Global pref auto_add_default_portal=true
Created default portal listening on all IPs (0.0.0.0), port 3260.

为启动器创建 ACL。启动器 IQN 为 iqn.2014-06.com.example:servera

/iscsi> cd iqn.2014-06.com.example:store1/tpg1/acls
/iscsi/iqn.20...re1/tpg1/acls> create  iqn.2014-06.com.example:servera
Created Node ACL for iqn.2014-06.com.example:servera
/iscsi/iqn.20...re1/tpg1/acls> ls
o- acls ..................................................................................... [ACLs: 1]
  o- iqn.2014-06.com.example:servera ................................................. [Mapped LUNs: 0]

在⽬标下创建⼀个 LUN。使⽤ store1.disk1 作为后备存储。

/iscsi/iqn.20...re1/tpg1/acls> cd /iscsi/iqn.2014-06.com.example:store1/tpg1/luns
/iscsi/iqn.20...re1/tpg1/luns> create /backstores/block/store1.disk1
Created LUN 0.
Created LUN 0->0 mapping in node ACL iqn.2014-06.com.example:servera
/iscsi/iqn.20...re1/tpg1/luns> ls
o- luns ..................................................................................... [LUNs: 1]
  o- lun0 .......................................... [block/store1.disk1 (/dev/vdb) (default_tg_pt_gp)]

删除默认目标端口，然后创建⼀个仅侦听 172.25.250.13 地址上的端⼝ 3260 的目标端口

/iscsi/iqn.20...re1/tpg1/luns> cd /iscsi/iqn.2014-06.com.example:store1/tpg1/portals/
/iscsi/iqn.20.../tpg1/portals> ls
o- portals ............................................................................... [Portals: 1]
  o- 0.0.0.0:3260 ................................................................................ [OK]
/iscsi/iqn.20.../tpg1/portals> delete 0.0.0.0 3260
Deleted network portal 0.0.0.0:3260
/iscsi/iqn.20.../tpg1/portals> create 172.25.250.13 3260
Using default IP port 3260
Created network portal 172.25.250.13:3260.
/iscsi/iqn.20.../tpg1/portals> ls
o- portals ............................................................................... [Portals: 1]
  o- 172.25.250.13:3260 .......................................................................... [OK]

列出⽬标配置，以验证配置

/iscsi/iqn.20.../tpg1/portals> ls /
o- / ............................................................................................ [...]
  o- backstores ................................................................................. [...]
  | o- block ..................................................................... [Storage Objects: 1]
  | | o- store1.disk1 ........................................ [/dev/vdb (5.0GiB) write-thru activated]
  | |   o- alua ...................................................................... [ALUA Groups: 1]
  | |     o- default_tg_pt_gp .......................................... [ALUA state: Active/optimized]
  | o- fileio .................................................................... [Storage Objects: 0]
  | o- pscsi ..................................................................... [Storage Objects: 0]
  | o- ramdisk ................................................................... [Storage Objects: 0]
  o- iscsi ............................................................................... [Targets: 1]
  | o- iqn.2014-06.com.example:store1 ....................................................... [TPGs: 1]
  |   o- tpg1 .................................................................. [no-gen-acls, no-auth]
  |     o- acls ............................................................................. [ACLs: 1]
  |     | o- iqn.2014-06.com.example:servera ......................................... [Mapped LUNs: 1]
  |     |   o- mapped_lun0 ............................................. [lun0 block/store1.disk1 (rw)]
  |     o- luns ............................................................................. [LUNs: 1]
  |     | o- lun0 .................................. [block/store1.disk1 (/dev/vdb) (default_tg_pt_gp)]
  |     o- portals ....................................................................... [Portals: 1]
  |       o- 172.25.250.13:3260 .................................................................. [OK]
  o- loopback ............................................................................ [Targets: 0]
/iscsi/iqn.20.../tpg1/portals>

iSCSI 启动器配置

在 servera 上配置⼀个 iSCSI 启动器，以访问 serverd 提供的⽬标

安装 iscsi-initiator-utils 软件包，该软件包提供了 iSCSI 相关的工具和服务。更改了系统的 iSCSI 主机名为 iqn.2014-06.com.example:servera。重新启动了 iSCSI 服务以使更改生效。

[root@servera ~]# yum search iscsi
==================================== Name & Summary Matched: iscsi ====================================
libiscsi.x86_64 : iSCSI client library
udisks2-iscsi.x86_64 : Module for iSCSI
libiscsi-utils.x86_64 : iSCSI Client Utilities
qemu-kvm-block-iscsi.x86_64 : QEMU iSCSI block driver
libiscsi-devel.x86_64 : iSCSI client development libraries
iscsi-initiator-utils.i686 : iSCSI daemon and utility programs
iscsi-initiator-utils.x86_64 : iSCSI daemon and utility programs
libvirt-daemon-driver-storage-iscsi.x86_64 : Storage driver plugin for iscsi
python3-iscsi-initiator-utils.x86_64 : Python 3.6 bindings to iscsi-initiator-utils
iscsi-initiator-utils-iscsiuio.x86_64 : Userspace configuration daemon required for some iSCSI hardware
[root@servera ~]# yum -y install iscsi-initiator-utils >> /dev/null
[root@servera ~]# cat /etc/iscsi/initiatorname.iscsi
InitiatorName=iqn.1994-05.com.redhat:1ba9ed303a28
[root@servera ~]# echo "InitiatorName=iqn.2014-06.com.example:servera" > /etc/iscsi/initiatorname.iscsi
[root@servera ~]# systemctl restart iscsid

发现 iSCSI 目标并成功登录。挂载了 iSCSI 磁盘到 /iscsidisk 目录。配置系统在引导时自动挂载该磁盘。

[root@servera ~]# iscsiadm -m discovery  -t st -p  172.25.250.13
172.25.250.13:3260,1 iqn.2014-06.com.example:store1
[root@servera ~]#  iscsiadm -m node -T iqn.2014-06.com.example:store1 -p 172.25.250.13 -l
Logging in to [iface: default, target: iqn.2014-06.com.example:store1, portal: 172.25.250.13,3260]
Login to [iface: default, target: iqn.2014-06.com.example:store1, portal: 172.25.250.13,3260] successful.
[root@servera ~]# iscsiadm -m session -P 3 | grep disk
                        Attached scsi disk sda          State: running
[root@servera ~]# lsblk --fs
NAME   FSTYPE LABEL UUID                                 MOUNTPOINT
sda    ext4         55966983-f99f-4123-b7ce-7bdf1f491563
vda
└─vda1 xfs          f7614c41-2835-4125-bb13-50772dc2f30c /
vdb
[root@servera ~]# mkdir  /iscsidisk
[root@servera ~]# echo "UUID=55966983-f99f-4123-b7ce-7bdf1f491563 /iscsidisk  ext4 _netdev  0  0" >> /e
tc/fstab
[root@servera ~]# mount /iscsidisk/
[root@servera ~]# df /iscsidisk/
Filesystem     1K-blocks  Used Available Use% Mounted on
/dev/sda         5095040 20596   4795916   1% /iscsidisk
[root@servera ~]#

目标自动化配置

对于目标的端的自动化配置，一种可以直接 copy saveconfig.json 文件,第二种方式使用 直接通过 shell 命令的方式，但是 shell 方式不满足幂等性，所以优先考虑 copy saveconfig.json，时间关系，没有整理 ^_^

启动器自动化配置

涉及到的文件

[student@workstation iscsi-review]$ tree .
.
├── ansible.cfg
├── inventory
├── playbook.yml
└── templates
    └── initiatorname.iscsi.j2

1 directory, 4 files
[student@workstation iscsi-review]$ ls
ansible.cfg  inventory  playbook.yml  templates

具体的配置，相对简单，这里不多讲

[student@workstation iscsi-review]$ cat ansible.cfg
[defaults]
inventory=inventory
remote_user=devops
[student@workstation iscsi-review]$ cat inventory
[initiators]
servera.lab.example.com
[student@workstation iscsi-review]$ cat templates/initiatorname.iscsi.j2
InitiatorName=iqn.2014-06.com.example:{{ ansible_facts['hostname'] }}
[student@workstation iscsi-review]$ cat playbook.yml

主要看下 主剧本，需要提权哦

[student@workstation iscsi-review]$ cat playbook.yml
---
- name: Ensure /iscsidisk is mounted from serverd iSCSI target
  hosts: initiators
  # 提升权限为超级用户（root）
  become: true

  tasks:
    # 启动器相关的配置 
    - name: the iSCSI initiator software installed
      # 安装所需软件包
      yum:
        name: iscsi-initiator-utils
        state: present
    - name: the IQN is set for the initiator
      # 设置启动器 将启动器 IQN 设置为 iqn.2014-06.com.example:servera
      copy:
        dest: /etc/iscsi/initiatorname.iscsi
        content: "InitiatorName=iqn.2014-06.com.example:{{ ansible_facts['hostname'] }}\n"
        mode: '644'
        owner: root
        group: root
      notify: restart iscsid

    # Forces the handler to run so that the iscsid service is restarted
    # and is aware of the new initiator IQN
    - meta: flush_handlers
      # - meta: flush_handlers时，它会导致处理程序队列中的所有处理程序立即执行，而不需要等待到Playbook
的结尾
    #  
    - name: the iSCSI target is discovered and available
      # open_iscsi 模块发现并登录到指定的 iSCSI 目标
      open_iscsi:
        portal: 172.25.250.13
        port: '3260'
        target: iqn.2014-06.com.example:store1
        discover: yes
        login: yes
      # 将结果注册到 target 变量中
      register: target

    - name: display the discovered devices
      debug:
        msg: The new device is {{ target['devicenodes'][0] }}
    # 使用角色  rhel-system-roles.storage 来完成 格式化和挂载设备
    - name: the new device is formatted and mounted under /iscsidisk
      include_role:
        name: rhel-system-roles.storage
      vars:
        #FIXME: mount target['devicenodes'][0] into /iscsidisk
        #       If the device is not yet formatted in ext4, format it.
        #       Use the proper mount option for an iSCSI disk.
        storage_volumes:
          - name: devdata
            state: present
            type: disk
            disks:
              - "{{ target['devicenodes'][0] }}"
            mount_point: /iscsidisk
            fs_type: ext4
            mount_options: '_netdev'

  handlers:
    - name: restart iscsid
      service:
        name: iscsid
        state: restarted

博文部分内容参考

© 文中涉及参考链接内容版权归原作者所有，如有侵权请告知

---

红帽服务管理与自动化（RH358）授课笔记

---

© 2018-至今 liruilonger@gmail.com, All rights reserved. 保持署名-非商用-相同方式共享(CC BY-NC-SA 4.0)