Using iSCSI LFNW

Lee Duncan
SUSE Labs iSCSI Hacker
lduncan@suse.com
Using iSCSI to share Disc and Tape
SAN for Dummies (or non-SAN Administrators)

2
Learning about iSCSI on Linux
● My Background
– SCSI and iSCSI experience
– Worked for SUN, HP, GE, AT&T, now SUSE
– Co-maintainer of open-iscsi initiator
– Co-maintainer of Linux kernel initiator code
– Maintainer of targets and initiator for SUSE
– Other github projects (gonzoleeman)

3
Learning about iSCSI on Linux
● Talking about today:
– What is iSCSI?
– What is the value of iSCSI?
– iSCSI Basics: Initiators, Targets, and Sessions
– iSCSI Tape
– iSCSI Services and systemd
– Advanced iSCSI topics
● iSNS, tcmu-runner, ...

4
What is iSCSI?
● iSCSI is just SCSI over a transport, e.g. TCP/IP
– RFC3270: Initial IETF Request for Comment
– RFC3721/RFC3980/etc: Naming, etc
– RFC7143/RFC7144: Updates/replaces 3270 and friends
– Encapsulates SCSI commands and responses for
transport
● We get remote storage using non-storage transport

5
What is SCSI?
● SCSI is just a way that a computer and disc can talk
– The Computer makes requests: this client initiates all
communication
– The Disc responds: it’s target serves disc data to the
computer
– All modern SCSI Discs and Tape speak SCSI-2/SCSI-3
● ATA is a subset of SCSI

6
What is the Value of iSCSI?
● Free and open software
● Cheap: you do not need special hardware, other than
your network
● Well used: it is generally reliable/mature
● Well maintained
– New stuff still being added (e.g. tcmu_runner)
● Can be building block for larger storage systems

7
iSCSI Basics: Initiators, Targets and Sessions
● iSCSi uses initiators, targets, and sessions
● Initiators and Targets have unique names
– iSCSI Qualified Name
● iqn.YYYY-MM.name-athority:unique-name
● A Session is an Initiator/Target connection
– Logs on, Logs off
● Packages to use:
– Use open-iscsi for our initiator (client)
– Use targetcli-fb for our target (server)

8
iSCSI Basics: Topology (simple)
NetworkNetwork
Client*Client*
ServerServer
iSCSI InitiatoriSCSI Initiator
iSCSI TargetiSCSI Target
LULU
open-iscsi
targetcli-fb/LIO
iqn.yyyy-mm.name-authority:unique-name
iqn.yyyy-mm.name-authority:unique-name
Storage (or Tape)
Switch

9
iSCSI Basics: Setting up the Target
● We need a target for the initiator to connect to
– Can be disc, partition, file, SCSI device, ...
● Things we care about for our target:
– Storage Where’s the bits?
– Name An IQN
– Access ACL, Location

10
iSCSI Basics: Setting up the Target (cont)
● Two parts to a target (must be connected)
– Backstore
● Where the bits actually live
● Several different types (file, disc, tape, ...)
– Target front-end
● Our Name iqn.*
● Portal(s) Address(es) (IP:Port)
● LU(s) Points to backstore
● ACL(s) Initiator IQN(s)

11
● Let’s use the targetcli(1) command to configure out
target
– Use the “free branch” version
– Can be interactive or batch mode
– Must be root
– Shell-like
● Has a node hierarchy: root, directories, ...
● Commands depend on where you are in tree

12
iscsi vhost
/
loopbackbackstores xen-pvscsi
block fileio pscsi ramdisc rbd
An empty
targetcli tree
tcm_loop for kvm
guests
XEN
ParaVirt
SCSI

13
So how does that look on the command line?
Let’s look at an empty target subsystem …

14

15
● Let’s create the backstore first
● Use fileio – Size 10M
– Use backstore directory /alt/bs/
– Use/create backstore file bs.img
● Let’s let targetcli create the backstore
– It defaults to sparse files

16
● Then we will create the front-end
– We want the iscsi front end
– We will pick our own IQN (iscsi target name)
– We will allow connection from any initiator
– We will allow connection from any portal

17

18

19
Let’s look at what we created …
Then we will finish configuring the front end

20

21

22
● Now to configure the front end
– Set iSCSI attribute for demo mode
– Set iSCSI attribute for read-write demo mode
– Then create our Logical Unit (LU)
● The connect to the backend

23

24

25

26

27

28
Finally, let’s look at the result!

29

30
iSCSI Basics: Setting up the Initiator
Now that we have a target disc, how to use it?
Perhaps we need an initiator

31
iSCSI Basics: Setting up the Initiator
● The initiator uses the open-iscsi package
– Installed and enabled by default
● Can be configured using
– Command line: iscsiadm(1)

32
iSCSI Basics: Setting up the Initiator (cont)
● Initiator uses two phases to connect:
– Discovery: find target(s) at IP:Port
– Login: connect to discovered target(s)
● Creates Sessions
● Command line
– iscsiadm(1)

33
● Using iscsiadm(1)
– First, we will enter the Discovery phase
– We will use the iSCSI protocol command SendTargets
– We will build up a database of Nodes found
– We can then use that database to establish session(s)

34

35

36

37

38

39

40

41

42

43

44

45
iSCSI: Sharing a Tape Drive
● Very similar to sharing a disc
● We use pscsi (Pass-through SCSI) back-end
● The front-end stays the same
● We will set up the tape Target, then the Initiator

46
iSCSI Tape: Setting up the Target

47
iSCSI Tape: Setting up the Target (cont)

48

49

50

51

52
iSCSI: Sharing a Tape Drive (cont)
● Now the Target is Set Up
● Let’s set up the Initiator
– Just like before, but on different host (no tape drive)

53
iSCSI Tape: Setting up the Initiator

54
iSCSI Tape: Setting up the Initiator (cont)

55

56

57

58
iSCSI Services: Using systemd
● These days you have to understand/use systemd
● Systemd manages services
– iSCSI initiator Service(s)
– iSCSI target Service(s)
● Examples based on SUSE Linux
– other distros similar

59
iSCSI Services: Using systemd (cont)
● Target (targetcli-fb) uses targetcli.service
● Does not really control a daemon
● Mostly just manages storing/recovering state

60

61
● Initiator uses three services
– The iscsid service manages the daemon
– The iscsi service manages sessions
● requires iscsid service
– The iscsiuio service manages CNA daemon
● For some Hardware-assisted iSCSI adapters
– The two daemon services are socket-activated
● This starts the service automatically, when needed!

62

63

64
● Initiator has to modify the node database
– Only needed if we wish connection to persist across reboots
– Set the node connection startup value to automatic

65

66

67

68

69
iSCSI: Advanced Topics
● Now that we have the basics down, what else is there?
– Access Control/Security
– iSNS – the iSCSI Directory Service
– YaST (mentioned for reference)
– tcmu-runner

70
iSCSI: Advanced Topics (cont)
● Access Controls (i.e. security?)
– Different types
● Access (ACLs)
● Discovery
● Session/Login
– ACLs: Can control which IQNs (initiators) connect
– Discovery: Can set name/password for each target
– Session: Can set name/password for each target
● MUST be different than the Discovery set!
– Assumes a secure network!

71
●
iSNS: iSCSI Directory Services
– See RFC 4171
– Answers the question: how do I find my iSCSI Storage
– Also provices Asynch Notification!
– Replaces need for knowing IQN and IP of target
– Now you just need IP/name of iSNS server
– Targets and Initiators register
– Initiators query to find Targets
– Uses open-isns and target-isns packages

72
● What is tcmu-runner?
– TCM is another name for LIO
– tcm-user is another back end
– tcm-runner runs plugs in userspace
● Let’s look at the LIO/TCM Linux Target Architecture
– But just a tease ...

73
vhost
loopback
iscsi
targetcli
Initiator
fileIO
block
pscsi
ramdisc
tcm-user
tcmu-runner
qcow2 qlfs
user
kernel
LIO Core

74
iSCSI: That’s It!
● iSCSI is easy to set up on Linux
● Don’t be afraid of the command line
● You can roll your own SAN!

75
iSCSI: For More Information
● https://www.open-iscsi.com
● https://github.com/open-iscsi/targetcli-fb
● https://github.com/open-iscsi/open-isns
● https://github.com/open-iscsi/target-isns
● https://github.com/open-iscsi/tcmu-runner
● https://build.opensuse.org – Open Build Service
● https://www.slideshare.net/LeeDuncan16/using-iscsi-lfnw

Join Us at www.opensuse.org
76
● Contact:
lduncan@suse.com

License
This slide deck is licensed under the Creative Commons Attribution-ShareAlike 4.0 International
license.
It can be shared and adapted for any purpose (even commercially) as long as Attribution is given and
any derivative work is distributed under the same license.
Details can be found at https://creativecommons.org/licenses/by-sa/4.0/
General Disclaimer
This document is not to be construed as a promise by any participating organisation to develop,
deliver, or market a product. It is not a commitment to deliver any material, code, or functionality, and
should not be relied upon in making purchasing decisions. openSUSE makes no representations or
warranties with respect to the contents of this document, and specifically disclaims any express or
implied warranties of merchantability or fitness for any particular purpose. The development, release,
and timing of features or functionality described for openSUSE products remains at the sole discretion
of openSUSE. Further, openSUSE reserves the right to revise this document and to make changes to
its content, at any time, without obligation to notify any person or entity of such revisions or changes.
All openSUSE marks referenced in this presentation are trademarks or registered trademarks of
SUSE LLC, in the United States and other countries. All third-party trademarks are the property of
their respective owners.
Credits
Template
Richard Brown
rbrown@opensuse.org
Design & Inspiration
openSUSE Design Team
http://opensuse.github.io/branding-guidelines/
77

Using iSCSI LFNW

Recommended

Recommended

More Related Content

What's hot

What's hot (11)

Similar to Using iSCSI LFNW

Similar to Using iSCSI LFNW (20)

Recently uploaded

Recently uploaded (20)

Using iSCSI LFNW