mirror of
https://github.com/LCTT/TranslateProject.git
synced 2025-03-27 02:30:10 +08:00
translated
This commit is contained in:
zhengsihua
parent
aea12ba42b
commit
fa96853c90
@ -1,150 +0,0 @@
|
||||
Translating----geekpi
|
||||
|
||||
Create Centralized Secure Storage using iSCSI Target on RHEL/CentOS/Fedora Part -I
|
||||
================================================================================
|
||||
**iSCSI** is a block level Protocol for sharing **RAW Storage Devices** over TCP/IP Networks, Sharing and accessing Storage over iSCSI, can be used with existing IP and Ethernet networks such as NICs, Switched, Routers etc. iSCSI target is a remote hard disk presented from an remote iSCSI server (or) target.
|
||||
|
||||
|
||||
Install iSCSI Target in Linux
|
||||
|
||||
We don’t need a high resource for stable connectivity and performance in Client side’s. iSCSI Server called as Target, this share’s the storage from server. iSCSI Client’s called as Initiator, this will access the storage which shared from Target Server. There are iSCSI adapter’s available in market for Large Storage services such as SAN Storage’s.
|
||||
|
||||
**Why we need a iSCSI adapter for Large storage Area?**
|
||||
|
||||
Ethernet adapters (NIC) are designed to transfer packetized file level data among systems, servers and storage devices like NAS storage’s, they are not capable for transferring block level data over Internet.
|
||||
|
||||
### Features of iSCSI Target ###
|
||||
|
||||
- Possible to run several iSCSI targets on a single machine.
|
||||
- A single machine making multiple iscsi target available on the iSCSI SAN
|
||||
- The target is the Storage and makes it available for initiator (Client) over the network
|
||||
- These Storage’s are Pooled together to make available to the network is iSCSI LUNs (Logical Unit Number).
|
||||
- iSCSI supports multiple connections within the same session
|
||||
- iSCSI initiator discover the targets in network then authenticating and login with LUNs, to get the remote storage locally.
|
||||
- We can Install any Operating systems in those locally mounted LUNs as what we used to install in our Base systems.
|
||||
|
||||
### Why the need of iSCSI? ###
|
||||
|
||||
In Virtualization we need storage with high redundancy, stability, iSCSI provides those all in low cost. Creating a SAN Storage in low price while comparing to Fiber Channel SANs, We can use the standard equipment’s for building a SAN using existing hardware such as NIC, Ethernet Switched etc..
|
||||
|
||||
Let start to get install and configure the centralized Secure Storage using iSCSI Target. For this guide, I’ve used following setups.
|
||||
|
||||
- We need separate 1 systems to Setup the iSCSI Target Server and Initiator (Client).
|
||||
- Multiple numbers of Hard disk can be added in large storage environment, But we here using only 1 additional drive except Base installation disk.
|
||||
- Here we using only 2 drives, One for Base server installation, Other one for Storage (LUNs) which we going to create in PART-II of this series.
|
||||
|
||||
#### Master Server Setup ####
|
||||
|
||||
- Operating System – CentOS release 6.5 (Final)
|
||||
- iSCSI Target IP – 192.168.0.200
|
||||
- Ports Used : TCP 860, 3260
|
||||
- Configuration file : /etc/tgt/targets.conf
|
||||
|
||||
## Installing iSCSI Target ##
|
||||
|
||||
Open terminal and use yum command to search for the package name which need to get install for iscsi target.
|
||||
|
||||
# yum search iscsi
|
||||
|
||||
#### Sample Output ####
|
||||
|
||||
========================== N/S matched: iscsi =======================
|
||||
iscsi-initiator-utils.x86_64 : iSCSI daemon and utility programs
|
||||
iscsi-initiator-utils-devel.x86_64 : Development files for iscsi-initiator-utils
|
||||
lsscsi.x86_64 : List SCSI devices (or hosts) and associated information
|
||||
scsi-target-utils.x86_64 : The SCSI target daemon and utility programs
|
||||
|
||||
We got the search result as above, choose the **Target** package and install to play around.
|
||||
|
||||
# yum install scsi-target-utils -y
|
||||
|
||||
|
||||
Install iSCSI Utils
|
||||
|
||||
List the installed package to know the default config, service, and man page location.
|
||||
|
||||
# rpm -ql scsi-target-utils.x86_64
|
||||
|
||||
|
||||
|
||||
List All iSCSI Files
|
||||
|
||||
Let’s start the iSCSI Service, and check the status of Service up and running, iSCSI service named as **tgtd**.
|
||||
|
||||
# /etc/init.d/tgtd start
|
||||
# /etc/init.d/tgtd status
|
||||
|
||||
|
||||
|
||||
Start iSCSI Service
|
||||
|
||||
Now we need to configure it to start Automatically while system start-up.
|
||||
|
||||
# chkconfig tgtd on
|
||||
|
||||
Next, verify that the run level configured correctly for the tgtd service.
|
||||
|
||||
# chkconfig --list tgtd
|
||||
|
||||
|
||||
|
||||
Enable iSCSI on Startup
|
||||
|
||||
Let’s use **tgtadm** to list what targets and LUNS we currently got configured in our Server.
|
||||
|
||||
# tgtadm --mode target --op show
|
||||
|
||||
The **tgtd** installed up and running, but there is no **Output** from the above command because we have not yet defined the LUNs in Target Server. For manual page, Run ‘**man**‘ command.
|
||||
|
||||
# man tgtadm
|
||||
|
||||
|
||||
|
||||
iSCSI Man Pages
|
||||
|
||||
Finally we need to add iptables rules for iSCSI if there is iptables deployed in your target Server. First, find the Port number of iscsi target using following netstat command, The target always listens on TCP port 3260.
|
||||
|
||||
# netstat -tulnp | grep tgtd
|
||||
|
||||
|
||||
|
||||
Find iSCSI Port
|
||||
|
||||
Next add the following rules to allow iptables to Broadcast the iSCSI target discovery.
|
||||
|
||||
# iptables -A INPUT -i eth0 -p tcp --dport 860 -m state --state NEW,ESTABLISHED -j ACCEPT
|
||||
# iptables -A INPUT -i eth0 -p tcp --dport 3260 -m state --state NEW,ESTABLISHED -j ACCEPT
|
||||
|
||||
|
||||
|
||||
Open iSCSI Ports
|
||||
|
||||
|
||||
|
||||
Add iSCSI Ports to Iptables
|
||||
|
||||
**Note**: Rule may vary according to your **Default CHAIN Policy**. Then save the Iptables and restart the iptables.
|
||||
|
||||
# iptables-save
|
||||
# /etc/init.d/iptables restart
|
||||
|
||||
|
||||
|
||||
Restart iptables
|
||||
|
||||
Here we have deployed a target server to share LUNs to any initiator which authenticating with target over TCP/IP, This suitable for small to large scale production environments too.
|
||||
|
||||
In my next upcoming articles, I will show you how to [Create LUN’s using LVM in Target Server][1] and how to share LUN’s on Client machines, till then stay tuned to TecMint for more such updates and don’t forget to give valuable comments.
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
via: http://www.tecmint.com/create-centralized-secure-storage-using-iscsi-targetin-linux/
|
||||
|
||||
作者:[Babin Lonston][a]
|
||||
译者:[译者ID](https://github.com/译者ID)
|
||||
校对:[校对者ID](https://github.com/校对者ID)
|
||||
|
||||
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
|
||||
|
||||
[a]:http://www.tecmint.com/author/babinlonston/
|
||||
[1]:http://www.tecmint.com/create-luns-using-lvm-in-iscsi-target/
|
||||
@ -0,0 +1,149 @@
|
||||
在RHEL/CentOS/Fedora上使用iSCSI Target创建集中式安全存储 - 第一部分
|
||||
================================================================================
|
||||
**iSCSI** 是一种就块级别协议,用于通过TCP/IP网络共享**原始存储设备**,可以用已经存在的IP和以太网如网卡、交换机、路由器等通过iSCSI协议共享和访问存储。iSCSI target是一种远程iSCSI服务器或者taget上的远程硬盘。
|
||||
|
||||
|
||||
在Linux中安装iSCSI Target
|
||||
|
||||
我们不需要在客户端为了稳定的连接和性能而占用很大的资源。iSCSI服务器称为Target,它共享存储。iSCSI客户端称为Initiator,它访问Target服务器行的存储。市场中有用于大型存储服务如SAN的iSCSI适配器。
|
||||
|
||||
**我们为什么要在大型存储领域中使用iSCSI适配器**
|
||||
|
||||
以太网适配器(NIC)被设计用于在系统、服务器和存储设备如NAS间传输分组数据,它不适合在Internet中传输块级别数据。
|
||||
|
||||
### iSCSI Target的功能 ###
|
||||
|
||||
- 可以在一台机器上运行几个iSCSI target
|
||||
- 一台机器的多个iSCSI target可以在iSCSI中访问
|
||||
- 一个target就是一块存储,并且可以通过网络被初始化器(客户端)访问
|
||||
- 把这些存储汇聚在一起让它们在网络中可以访问的是iSCSI LUN(逻辑单元号)
|
||||
- iSCSI支持在同一个会话中含有多个连接
|
||||
- iSCSI初始化器在网络中发现目标接着用LUN验证并登录,这样就可以本地访问远程存储。
|
||||
- 我们了一在本地挂载的LUN上安装任何操作系统,就像我们安装我们本地的操作系统一样。
|
||||
|
||||
### 为什么需要iSCSI? ###
|
||||
|
||||
在虚拟化中,我们需要存储拥有高度的冗余性、稳定性,iSCSI以低成本的方式提供了这些特性。与使用光纤通道的SAN比起来,我们可以使用已经存在的设备比如NIC、以太网交换机等建造一个低成本的SAN。
|
||||
|
||||
现在我开始使用iSCSI Target安装并配置安全存储。本篇中,我们遵循下面的步骤
|
||||
|
||||
- 我们需要隔离一个系统来设置iSCSI Target服务器和初始化器(客户端)。
|
||||
- 可以在大型存储环境中添加多个硬盘,但是我们除了基本的安装盘之外只使用一个额外的驱动器。
|
||||
- 现在我们只使用2块硬盘,一个用于基本的服务器安装,另外一个用于存储(LUN),这个我们会在这个系列的第二篇描述。
|
||||
|
||||
#### 主服务器设置 ####
|
||||
|
||||
- 操作系统 – CentOS release 6.5 (最终版)
|
||||
- iSCSI Target IP – 192.168.0.200
|
||||
- 使用的端口 : TCP 860, 3260
|
||||
- 配置文件 : /etc/tgt/targets.conf
|
||||
|
||||
## 安装 iSCSI Target ##
|
||||
|
||||
打开终端并使用yum命令来搜索我们需要在iscsi target上安装的包名。
|
||||
|
||||
# yum search iscsi
|
||||
|
||||
#### 输出示例 ####
|
||||
|
||||
========================== N/S matched: iscsi =======================
|
||||
iscsi-initiator-utils.x86_64 : iSCSI daemon and utility programs
|
||||
iscsi-initiator-utils-devel.x86_64 : Development files for iscsi-initiator-utils
|
||||
lsscsi.x86_64 : List SCSI devices (or hosts) and associated information
|
||||
scsi-target-utils.x86_64 : The SCSI target daemon and utility programs
|
||||
|
||||
We got the search result as above, choose the **Target** package and install to play around.
|
||||
你会的到上面的那些结果,选择**Target**包来安装
|
||||
|
||||
# yum install scsi-target-utils -y
|
||||
|
||||
|
||||
安装iSCSI工具
|
||||
|
||||
列出安装的包来了解默认的配置、服务和man页面的位置
|
||||
|
||||
# rpm -ql scsi-target-utils.x86_64
|
||||
|
||||
|
||||
|
||||
列出所有的iSCSI文件
|
||||
|
||||
让我们启动iSCSI服务,并检查服务运行的状态,iSCSI的服务名是**tgtd**。
|
||||
|
||||
# /etc/init.d/tgtd start
|
||||
# /etc/init.d/tgtd status
|
||||
|
||||
|
||||
|
||||
启动iSCSI服务
|
||||
|
||||
现在我们需要配置开机自动启动。
|
||||
|
||||
# chkconfig tgtd on
|
||||
|
||||
现在验证tgtd服务的运行级别是否配置正确。
|
||||
|
||||
# chkconfig --list tgtd
|
||||
|
||||
|
||||
|
||||
开机启动iSCSI
|
||||
|
||||
现在使用**tgtadm**来列出在我们的服务器上已经配置了哪些target和LUN。
|
||||
|
||||
# tgtadm --mode target --op show
|
||||
|
||||
**tgtd**已经安装并在运行了,但是上面的命令没有**输出**因为我们还没有在Target服务器上定义LUN。要查看手册,运行‘**man**‘命令。
|
||||
|
||||
# man tgtadm
|
||||
|
||||
|
||||
|
||||
iSCSI Man 页面
|
||||
|
||||
最终我们需要为iSCSI添加iptable规则,如果你的target服务器上存在iptable的话。首先使用netstat命令找出iscsi target的端口号,target总是监听TCP端口3260。
|
||||
|
||||
# netstat -tulnp | grep tgtd
|
||||
|
||||
|
||||
|
||||
找出iSCSI端口
|
||||
|
||||
下面加入如下规则让iptable允许广播iSCSI target发现包。
|
||||
|
||||
# iptables -A INPUT -i eth0 -p tcp --dport 860 -m state --state NEW,ESTABLISHED -j ACCEPT
|
||||
# iptables -A INPUT -i eth0 -p tcp --dport 3260 -m state --state NEW,ESTABLISHED -j ACCEPT
|
||||
|
||||
|
||||
|
||||
打开iSCSI端口
|
||||
|
||||
|
||||
|
||||
添加iSCSI端口到iptable中
|
||||
|
||||
**注意**: 规则可能根据你的 **默认链策略**而不同。接着保存iptable并重启。
|
||||
|
||||
# iptables-save
|
||||
# /etc/init.d/iptables restart
|
||||
|
||||
|
||||
|
||||
重启iptable
|
||||
|
||||
现在我们已经部署了一个target服务器来共享LUN给通过TCP/IP认证的初始化器。这也适用于从小到大规模的生产环境。
|
||||
|
||||
在我的下篇文章中,我会展示如何[在Target服务器中使用LVM创建LUN][1],并且如何在客户端中共享LUN,在此之前请继续关注TecMint获取更多的更新,并且不要忘记留下有价值的评论。
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
via: http://www.tecmint.com/create-centralized-secure-storage-using-iscsi-targetin-linux/
|
||||
|
||||
作者:[Babin Lonston][a]
|
||||
译者:[geekpi](https://github.com/geekpi)
|
||||
校对:[校对者ID](https://github.com/校对者ID)
|
||||
|
||||
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
|
||||
|
||||
[a]:http://www.tecmint.com/author/babinlonston/
|
||||
[1]:http://www.tecmint.com/create-luns-using-lvm-in-iscsi-target/
|
||||
Loading…
Reference in New Issue
Block a user