ISCSI Initiator Setup
Quick iSCSI Primer
- What is iSCSI?
- iSCSI (Internet SCSI) is a block protocol that allows you to connect block storage to your servers using over the standard TCP/IP protocol on standard Ethernet networks. After logging into a system to access an iSCSI device your server will see a new disk device and it will appear just in the same way as it would if you had physically added a new HDD to your server.
- What is an iSCSI Initiator?
- The server that connects to the system to use the iSCSI storage is the SCSI initiator. It initiates connections to the storage system which has one or more target devices. Each and every server has a unique initiator IQN which identifies it.
- What is an iSCSI Target?
- Each Storage Volume you create in QuantaStor is a iSCSI target. Each Storage Volume has a unique name assigned to it which is called an IQN. More specifically, it is called a target IQN and QuantaStor Storage Volumes have IQNs that always start with iqn.2009-10.com.osnexus: and look like this iqn.2009-10.com.osnexus:9c30f734-261a10ffeda36cf6:volume1
- How is iSCSI storage access controlled?
- In the QuantaStor web management interface you assign which hosts are able to access which volumes. (Traditionally this has been called "LUN Masking") In QuantaStor you simply check-box which volumes should be accessible by which hosts in the Assign Volumes.. screen.
Connecting to your QuantaStor (QS) storage system via the Microsoft iSCSI initiator is very straight forward. It involves 4 steps which include:
- Find the initiator IQN for the host/server you're going to assign storage to. These typically look like a URL but start with 'iqn.'
- Create a Host entry in QuantaStor to represent your server/host with it's IQN
- Assign the storage volume to the host in the QuantaStor web management interface
- Use the iSCSI initiator software on the host/server to login to the QuantaStor System to connect to the iSCSI storage volume you assigned to the host in the previous step.
Step 1. Locating the iSCSI Initiator IQN for your Host/Server
Locate Initiator IQN: Microsoft Windows 7/8 & Windows 2008/2012 Server
On Windows hosts you'll find the host initiator in the Configuration tab after loading the iSCSI Initiator utility. You can find the utility by typing 'iSCSI' into the Search Programs and Files section that appears when you click the Windows Start icon. You'll want to select the IQN and type CTRL-C on your keyboard to copy it to the clipboard so you can easily enter the IQN into the QuantaStor Manager dialog for Host Add..
Locate Initiator IQN: Ubuntu/Debian
Most Linux based systems use the open-iscsi iSCSI initiator software which stores the IQN for the Linux server in a file located at /etc/iscsi/initiator. Here's an example of what the contents of the file looks like, you'll need to enter the IQN part which is iqn.1993-08.org.debian:01:d7eee36ce in this example to the Host Add.. screen in QuantaStor.
root@hat102:/sandbox/osn_quantastor/build# more /etc/iscsi/initiatorname.iscsi ## DO NOT EDIT OR REMOVE THIS FILE! ## If you remove this file, the iSCSI daemon will not start. ## If you change the InitiatorName, existing access control lists ## may reject this initiator. The InitiatorName must be unique ## for each iSCSI initiator. Do NOT duplicate iSCSI InitiatorNames. InitiatorName=iqn.1993-08.org.debian:01:d7eee36ce
If the iSCSI initiator software is not installed, you can install it on your Ubuntu/Debian server via this command.
sudo apt-get install open-iscsi
Once installed it will generate the /etc/iscsi/initiatorname.iscsi file for you. Note that there is some more detail on Ubuntu/Debian configuration steps here that you may find helpful.
Locate Initiator IQN: RedHat / CentOS 6.x
The iSCSI initiator tools you'll need to access iSCSI storage from you QuantaStor System are typically pre-installed even with the minimal server configuration but you should verify they are installed by running this command:
yum install iscsi-initiator-utils
When an iSCSI initiator logs into a storage system like QuantaStor it uses a special identifier called an IQN which stands for iSCSI Qualified Name. This IQN for your server can be found in a file located at /etc/iscsi/initiatorname.iscsi. Simply 'more' the file to see what your IQN is and then use this to create a Host entry in the QuantaStor web management interface to represent this host. In this example the IQN is iqn.1994-05.com.redhat:5a66857c49dc:
[root@centostest ~]# more /etc/iscsi/initiatorname.iscsi InitiatorName=iqn.1994-05.com.redhat:5a66857c49dc
Step 2. Adding a Host entry for your server/host
Now that you know the initiator IQN for you server you must add a Host entry into QuantaStor to represent your host. QuantaStor needs this information because it restricts access to iSCSI storage volumes to only those hosts/servers you have specifically assigned the storage to.
- Note: Restricting access is critically important not just for security purposes but to prevent accessing the same iSCSI device from multiple servers at the same time which can corrupt the filesystem. As a thought experiment imagine if you could connect a hard drive to two servers at the same time. Now imaging you're installing an operating system onto that shared disk device from both servers at the same time. The two servers are not coordinating access with each other so the filesystem created by the first server will be overwritten and/or formatted by the second. It will lead to data corruption and data loss almost instantly. Similarly, you must not share iSCSI devices with more than one server unless the servers are communicating with each other and are using a "cluster-aware" file-system on the iSCSI device. Good examples of cluster-aware systems where you can safely assign iSCSI devices to multiple servers include VMware's VMFS, XenServer iSCSI/HBA SRs, CXFS, OCFS2, Apple XSan, Quantum StorNext, and others.
To do this, login to QuantaStor Manager, select the 'Hosts' section and then choose 'Add Host' from the toolbar or right-click in the Hosts section and choose 'Add Host' from the pop-up menu. Next, enter the host name and the initiator IQN for your host. The initiator IQN (iSCSI Qualified Name) you've entered is an identifier that uniquely identifies your host to the storage system. By default this name is generated for you so you'll need to go to your Windows system and run the iSCSI Initiator application to get the IQN. The initiator name will look something like this: 'iqn.1991-05.com.microsoft:yourhostname' for Windows machines and varies widely by OS type but generally starts with iqn.
- Note: The first part of the initiator name identifies the initiator vendor, in this case "iqn.1991-05.com.microsoft", the second part is typically your host name or the fully qualified domain name (FQDN) for the host (ex: yourhostname.yourdomainname.com). All IQNs start with 'iqn.' and IQNs have various restrictions on what characters you can use. So if you modify the IQN try keeping your changes to the host name portion of the IQN and only use alpha-numeric characters.
- Note: You must enter the IQN into the 'Add Hosts' dialog exactly as it is written in 'iSCSI Initiator Properties', if you make a typo then the host will not successfully login to the storage system.
Step 3. Assigning iSCSI Storage Volume(s) to your Host/Server
Now that you have a Host entry in QuantaStor for your server, you can now assign storage to it. After you have assigned one or more storage volumes to the host, return to your server to do the final iSCSI login step.
Now right-click on the newly added Host and choose 'Assign Volumes..' to assign your Storage Volumes to this Host.
- Note: You should not assign any given storage volume to more than one host unless you are using it with a cluster aware filesystem like OCFS2, CXFS, VMware VMFS, or XenServer iSCSI Software / LVHD SR. If your systems do not have a cluster filesystem and you need shared storage then a file based protocol like NFS and/or CIFS is best. For NAS storage you'll create a Network Share in QuantaStor rather than a storage volume.
Step 4. iSCSI Initiator Login to access your QuantaStor Storage Volume
Initiator Login: Linux / RedHat
Now that you've added a host entry with the IQN for your RedHat/CentOS server and assigned volumes to that host, we're now ready to do the iSCSI login to the QuantaStor system. Well, almost, here you can see my first login attempt came back and reported no portals.
[root@centostest ~]# iscsiadm -m discovery -t sendtargets -p 192.168.0.103 Starting iscsid: [ OK ] iscsiadm: No portals found
This is because I forgot set the 'iSCSI Enabled' flag on the network interface for 192.168.0.103 in the QuantaStor System. See the section below on how to Enable iSCSI access on your network ports. Now that we have iSCSI enabled on the port the discovery succeeds and shows us the available iSCSI targets:
[root@centostest ~]# iscsiadm -m discovery -t sendtargets -p 192.168.0.103 192.168.0.103:3260,1 iqn.2009-10.com.osnexus:264583c5-866fb7bf39a7eb35:vol001 192.168.0.103:3260,1 iqn.2009-10.com.osnexus:264583c5-43d213d5be8bd56f:vol002
The quick way to login to all the available targets is to just add the --login option to the end of the line like so:
[root@centostest ~]# iscsiadm -m discovery -t sendtargets -p 192.168.0.103 --login 192.168.0.103:3260,1 iqn.2009-10.com.osnexus:264583c5-866fb7bf39a7eb35:vol001 192.168.0.103:3260,1 iqn.2009-10.com.osnexus:264583c5-43d213d5be8bd56f:vol002 Logging in to [iface: default, target: iqn.2009-10.com.osnexus:264583c5-866fb7bf39a7eb35:vol001, portal: 192.168.0.103,3260] (multiple) Logging in to [iface: default, target: iqn.2009-10.com.osnexus:264583c5-43d213d5be8bd56f:vol002, portal: 192.168.0.103,3260] (multiple) Login to [iface: default, target: iqn.2009-10.com.osnexus:264583c5-866fb7bf39a7eb35:vol001, portal: 192.168.0.103,3260] successful. Login to [iface: default, target: iqn.2009-10.com.osnexus:264583c5-43d213d5be8bd56f:vol002, portal: 192.168.0.103,3260] successful.
My two 40GB storage volumes now appear to the CentOS server as scsi block devices sdb and sdc:
[root@centostest ~]# more /proc/partitions major minor #blocks name 8 0 18874368 sda 8 1 512000 sda1 8 2 18361344 sda2 253 0 16293888 dm-0 253 1 2064384 dm-1 8 16 41943040 sdb 8 32 41943040 sdc
This also presents another common challenge which is determining which volume is which. The solution here is to install a tools called sg_inq like so:
yum install sg3_utils
Once installed you can now check to see some internal information about your devices including the internal ID.
[root@centostest ~]# sg_inq --page=0x83 /dev/sdc | grep specific vendor specific: 866fb7bf39a7eb35bf97d239
The ID for this storage volume can be found in the QuantaStor web interface in the Properties page for the Storage Volume. Just look for the field marked 'Internal ID' and this ID will correlate with the device so you can tell which is which.
With the devices now identified and available you can now partition and format the devices with the filesystem of your choice just as you would with a local direct attached disk device.
Initiator Login: Windows Server
Windows system and bring up the 'iSCSI Initiator' application again. On the first page under the 'Targets' tab, you can enter the IP address of your QuantaStor storage system in the box marked 'Target:' then press 'Quick Connect...'. After a moment you will see your storage volumes appear in the 'Discovered targets' section. When they appear simply select the storage volume you want to connect to, then press the 'Connect' button. Within a few seconds you'll be connected to the storage volume (iSCSI target). Unless this is a storage volume you've previously formatted and utilized, you'll need to use the Windows Disk Management screen to quick format the disk before you begin using it.
Initiator Login: Apple Mac OS X
We recommend using the ATTO Xtend SAN iSCSI initiator available here. We do not recommend using the globalSAN initiator with QuantaStor Systems as we have seen multiple problems with it in testing.
Once you have the IQN for your OS/X system you'll need to add a host entry to QuantaStor using the QuantaStor manager web UI. Just press the 'Add Host' button and then enter the name of your system, and enter the IQN in the box that says 'IQN'. Now that you have a host added, you can assign volumes to your Mac. After you've assigned some storage, go back to the iSCSI initiator dialog in OS/X and enter the IP address of your QuantaStor system and you should immediately see all the storage volumes listed which you have assigned to the host. Note that you'll need to partition the disk after you connect to the iSCSI device / volume. We recommend that you use 'quick format' because a full format will end up reserving blocks in the storage system which defeats the purpose of using thin-provisioning which is the default when you 'Create Storage Volume'.
Enable iSCSI Access on Network Ports
By default iSCSI access is enabled on all network ports in your QuantaStor System. This is typically OK if all the ports are the same speed and on the same network but in most cases you'll want to disable iSCSI access to 1GbE management ports so that all data flows through the faster 10GbE or 40GbE network ports if you have them. Even with 1GbE ports it is common to separate the management network from the SAN ports used to deliver iSCSI storage to the servers and this option allows you to control that. To enable iSCSI on your network interface in your system you'll need to configure it with the 'iSCSI Portal' option selected as shown in this screenshot.