ISCSI Initiator Setup

From OSNEXUS Online Documentation Site
Jump to: navigation, search

Quick iSCSI Primer

  • What is iSCSI?
    • iSCSI (Internet SCSI) is a block protocol that allows you to connect block storage to your servers using over the standard TCP/IP protocol on standard Ethernet networks. After logging into an appliance to access an iSCSI device your server will see a new disk device and it will appear just in the same way as it would if you had physically added a new HDD to your server.
  • What is an iSCSI Initiator?
    • The server that connects to the appliance to use the iSCSI storage is the SCSI initiator. It initiates connections to the storage appliance which has one or more target devices. Each and every server has a unique initiator IQN which identifies it.
  • What is an iSCSI Target?
    • Each Storage Volume you create in QuantaStor is a iSCSI target. Each Storage Volume has a unique name assigned to it which is called an IQN. More specifically, it is called a target IQN and QuantaStor Storage Volumes have IQNs that always start with iqn.2009-10.com.osnexus: and look like this iqn.2009-10.com.osnexus:9c30f734-261a10ffeda36cf6:volume1
  • How is iSCSI storage access controlled?
    • In the QuantaStor web management interface you assign which hosts are able to access which volumes. (Traditionally this has been called "LUN Masking") In QuantaStor you simply check-box which volumes should be accessible by which hosts in the Assign Volumes.. screen.

Connecting to your QuantaStor (QS) storage system via the Microsoft iSCSI initiator is very straight forward. It involves 4 steps which include:

  1. Find the initiator IQN for the host/server you're going to assign storage to. These typically look like a URL but start with 'iqn.'
  2. Create a Host entry in QuantaStor to represent your server/host with it's IQN
  3. Assign the storage volume to the host in the QuantaStor web management interface
  4. Use the iSCSI initiator software on the host/server to login to the QuantaStor appliance to connect to the iSCSI storage volume you assigned to the host in the previous step.

Step 1. Locating the iSCSI Initiator IQN for your Host/Server

Locate Initiator IQN: Microsoft Windows 7/8 & Windows 2008/2012 Server

On Windows hosts you'll find the host initiator in the Configuration tab after loading the iSCSI Initiator utility. You can find the utility by typing 'iSCSI' into the Search Programs and Files section that appears when you click the Windows Start icon. You'll want to select the IQN and type CTRL-C on your keyboard to copy it to the clipboard so you can easily enter the IQN into the QuantaStor Manager dialog for Host Add..

A software iSCSI initiator comes with Windows and you will find it under the 'Administrative Tools' section under the Windows Start menu. Once you have the 'iSCSI Initiator Properties' dialog loaded, choose the 'Configuration' tab and in there you'll see the 'Initiator Name:'. Copy & paste that IQN into the 'Add Hosts' dialog in QuantaStor Manager using the clipboard (Ctrl-C & Ctrl-V).

Locate Initiator IQN: Ubuntu/Debian

Most Linux based systems use the open-iscsi iSCSI initiator software which stores the IQN for the Linux server in a file located at /etc/iscsi/initiator. Here's an example of what the contents of the file looks like, you'll need to enter the IQN part which is iqn.1993-08.org.debian:01:d7eee36ce in this example to the Host Add.. screen in QuantaStor.

root@hat102:/sandbox/osn_quantastor/build# more /etc/iscsi/initiatorname.iscsi
## DO NOT EDIT OR REMOVE THIS FILE!
## If you remove this file, the iSCSI daemon will not start.
## If you change the InitiatorName, existing access control lists
## may reject this initiator.  The InitiatorName must be unique
## for each iSCSI initiator.  Do NOT duplicate iSCSI InitiatorNames.
InitiatorName=iqn.1993-08.org.debian:01:d7eee36ce

If the iSCSI initiator software is not installed, you can install it on your Ubuntu/Debian server via this command.

sudo apt-get install open-iscsi

Once installed it will generate the /etc/iscsi/initiatorname.iscsi file for you. Note that there is some more detail on Ubuntu/Debian configuration steps here that you may find helpful.


Locate Initiator IQN: RedHat / CentOS 6.x

The iSCSI initiator tools you'll need to access iSCSI storage from you QuantaStor appliance are typically pre-installed even with the minimal server configuration but you should verify they are installed by running this command:

yum install iscsi-initiator-utils

When an iSCSI initiator logs into a storage appliance like QuantaStor it uses a special identifier called an IQN which stands for iSCSI Qualified Name. This IQN for your server can be found in a file located at /etc/iscsi/initiatorname.iscsi. Simply 'more' the file to see what your IQN is and then use this to create a Host entry in the QuantaStor web management interface to represent this host. In this example the IQN is iqn.1994-05.com.redhat:5a66857c49dc:

[root@centostest ~]# more /etc/iscsi/initiatorname.iscsi
InitiatorName=iqn.1994-05.com.redhat:5a66857c49dc

Step 2. Adding a Host entry for your server/host

Now that you know the initiator IQN for you server you must add a Host entry into QuantaStor to represent your host. QuantaStor needs this information because it restricts access to iSCSI storage volumes to only those hosts/servers you have specifically assigned the storage to.

Note: Restricting access is critically important not just for security purposes but to prevent accessing the same iSCSI device from multiple servers at the same time which can corrupt the filesystem. As a thought experiment imagine if you could connect a hard drive to two servers at the same time. Now imaging you're installing an operating system onto that shared disk device from both servers at the same time. The two servers are not coordinating access with each other so the filesystem created by the first server will be overwritten and/or formatted by the second. It will lead to data corruption and data loss almost instantly. Similarly, you must not share iSCSI devices with more than one server unless the servers are communicating with each other and are using a "cluster-aware" file-system on the iSCSI device. Good examples of cluster-aware systems where you can safely assign iSCSI devices to multiple servers include VMware's VMFS, XenServer iSCSI/HBA SRs, CXFS, OCFS2, Apple XSan, Quantum StorNext, and others.

Centosiscsi.png


To do this, login to QuantaStor Manager, select the 'Hosts' section and then choose 'Add Host' from the toolbar or right-click in the Hosts section and choose 'Add Host' from the pop-up menu. Next, enter the host name and the initiator IQN for your host. The initiator IQN (iSCSI Qualified Name) you've entered is an identifier that uniquely identifies your host to the storage system. By default this name is generated for you so you'll need to go to your Windows system and run the iSCSI Initiator application to get the IQN. The initiator name will look something like this: 'iqn.1991-05.com.microsoft:yourhostname' for Windows machines and varies widely by OS type but generally starts with iqn.

Note: The first part of the initiator name identifies the initiator vendor, in this case "iqn.1991-05.com.microsoft", the second part is typically your host name or the fully qualified domain name (FQDN) for the host (ex: yourhostname.yourdomainname.com). All IQNs start with 'iqn.' and IQNs have various restrictions on what characters you can use. So if you modify the IQN try keeping your changes to the host name portion of the IQN and only use alpha-numeric characters.
Note: You must enter the IQN into the 'Add Hosts' dialog exactly as it is written in 'iSCSI Initiator Properties', if you make a typo then the host will not successfully login to the storage system.

Step 3. Assigning iSCSI Storage Volume(s) to your Host/Server

Now that you have a Host entry in QuantaStor for your server, you can now assign storage to it. After you have assigned one or more storage volumes to the host, return to your server to do the final iSCSI login step.

Now right-click on the newly added Host and choose 'Assign Volumes..' to assign your Storage Volumes to this Host.

Note: You should not assign any given storage volume to more than one host unless you are using it with a cluster aware filesystem like OCFS2, CXFS, VMware VMFS, or XenServer iSCSI Software / LVHD SR. If your systems do not have a cluster filesystem and you need shared storage then a file based protocol like NFS and/or CIFS is best. For NAS storage you'll create a Network Share in QuantaStor rather than a storage volume.

Step 4. iSCSI Initiator Login to access your QuantaStor Storage Volume

Initiator Login: Linux / RedHat

Now that you've added a host entry with the IQN for your RedHat/CentOS server and assigned volumes to that host, we're now ready to do the iSCSI login to the QuantaStor system. Well, almost, here you can see my first login attempt came back and reported no portals.

[root@centostest ~]# iscsiadm -m discovery -t sendtargets -p 192.168.0.103
Starting iscsid:                                           [  OK  ]
iscsiadm: No portals found

This is because I forgot set the 'iSCSI Enabled' flag on the network interface for 192.168.0.103 in the QuantaStor appliance. See the section below on how to Enable iSCSI access on your network ports. Now that we have iSCSI enabled on the port the discovery succeeds and shows us the available iSCSI targets:

[root@centostest ~]# iscsiadm -m discovery -t sendtargets -p 192.168.0.103
192.168.0.103:3260,1 iqn.2009-10.com.osnexus:264583c5-866fb7bf39a7eb35:vol001
192.168.0.103:3260,1 iqn.2009-10.com.osnexus:264583c5-43d213d5be8bd56f:vol002

The quick way to login to all the available targets is to just add the --login option to the end of the line like so:

[root@centostest ~]# iscsiadm -m discovery -t sendtargets -p 192.168.0.103 --login
192.168.0.103:3260,1 iqn.2009-10.com.osnexus:264583c5-866fb7bf39a7eb35:vol001
192.168.0.103:3260,1 iqn.2009-10.com.osnexus:264583c5-43d213d5be8bd56f:vol002
Logging in to [iface: default, target: iqn.2009-10.com.osnexus:264583c5-866fb7bf39a7eb35:vol001, portal: 192.168.0.103,3260] (multiple)
Logging in to [iface: default, target: iqn.2009-10.com.osnexus:264583c5-43d213d5be8bd56f:vol002, portal: 192.168.0.103,3260] (multiple)
Login to [iface: default, target: iqn.2009-10.com.osnexus:264583c5-866fb7bf39a7eb35:vol001, portal: 192.168.0.103,3260] successful.
Login to [iface: default, target: iqn.2009-10.com.osnexus:264583c5-43d213d5be8bd56f:vol002, portal: 192.168.0.103,3260] successful.

My two 40GB storage volumes now appear to the CentOS server as scsi block devices sdb and sdc:

[root@centostest ~]# more /proc/partitions
major minor  #blocks  name

   8        0   18874368 sda
   8        1     512000 sda1
   8        2   18361344 sda2
 253        0   16293888 dm-0
 253        1    2064384 dm-1
   8       16   41943040 sdb
   8       32   41943040 sdc

This also presents another common challenge which is determining which volume is which. The solution here is to install a tools called sg_inq like so:

yum install sg3_utils

Once installed you can now check to see some internal information about your devices including the internal ID.

[root@centostest ~]# sg_inq --page=0x83 /dev/sdc | grep specific
      vendor specific: 866fb7bf39a7eb35bf97d239

The ID for this storage volume can be found in the QuantaStor web interface in the Properties page for the Storage Volume. Just look for the field marked 'Internal ID' and this ID will correlate with the device so you can tell which is which.

With the devices now identified and available you can now partition and format the devices with the filesystem of your choice just as you would with a local direct attached disk device.

Initiator Login: Windows Server

Windows system and bring up the 'iSCSI Initiator' application again. On the first page under the 'Targets' tab, you can enter the IP address of your QuantaStor storage system in the box marked 'Target:' then press 'Quick Connect...'. After a moment you will see your storage volumes appear in the 'Discovered targets' section. When they appear simply select the storage volume you want to connect to, then press the 'Connect' button. Within a few seconds you'll be connected to the storage volume (iSCSI target). Unless this is a storage volume you've previously formatted and utilized, you'll need to use the Windows Disk Management screen to quick format the disk before you begin using it.

Msftiscsilogin.png

Initiator Login: Apple Mac OS X

We recommend using the ATTO Xtend SAN iSCSI initiator available here. We do not recommend using the globalSAN initiator with QuantaStor appliances as we have seen multiple problems with it in testing.

Once you have the IQN for your OS/X system you'll need to add a host entry to QuantaStor using the QuantaStor manager web UI. Just press the 'Add Host' button and then enter the name of your system, and enter the IQN in the box that says 'IQN'. Now that you have a host added, you can assign volumes to your Mac. After you've assigned some storage, go back to the iSCSI initiator dialog in OS/X and enter the IP address of your QuantaStor system and you should immediately see all the storage volumes listed which you have assigned to the host. Note that you'll need to partition the disk after you connect to the iSCSI device / volume. We recommend that you use 'quick format' because a full format will end up reserving blocks in the storage system which defeats the purpose of using thin-provisioning which is the default when you 'Create Storage Volume'.

Enable iSCSI Access on Network Ports

By default iSCSI access is enabled on all network ports in your QuantaStor appliance. This is typically OK if all the ports are the same speed and on the same network but in most cases you'll want to disable iSCSI access to 1GbE management ports so that all data flows through the faster 10GbE or 40GbE network ports if you have them. Even with 1GbE ports it is common to separate the management network from the SAN ports used to deliver iSCSI storage to the servers and this option allows you to control that. To enable iSCSI on your network interface in your appliance you'll need to configure it with the 'Enable iSCSI' option selected as shown in this screenshot.

Iscsienable.png