Code: Select all
sudo apt-get install iscsitarget iscsitarget-source iscsitarget-dkms
Accept all the dependencies. It may be necessary to install "libssl-dev". If it doesn't get install as part of the dependencies for the "iscsitarget" package, install as follows:
Code: Select all
sudo apt-get install libssl-dev
2. Edit "/etc/default/iscsitarget" and start the service:
Code: Select all
sudo vi /etc/default/iscsitarget
Set
Code: Select all
ISCSITARGET_ENABLE=false
to
Code: Select all
ISCSITARGET_ENABLE=true
Start the iscsitarget service:
Code: Select all
sudo /etc/init.d/iscsitarget start
3. Create a storage file to be used as an iscsi partition:
Change to directory you want to create the storage file. I created an "/mnt/iscsi" mount point and created the file there:
Code: Select all
sudo mkdir /mnt/iscsi
cd /mnt/iscsi
sudo dd if=/dev/zero of=iscsi01.bin bs=1M count=300000
The command above created a file named "iscsi01.bin" 300 GB in size under the "/mnt/iscsi" mount point. Adjust your size as necessary. Depending on the size you select and the speed of your hard drive it could take a VERY considerable amount of time, however the command above will allocate the entire size of the filesize you created on the file system. Once the file is created proceed to the next step.
Another alternate approach to creating the storage file is to use the command below which will create the file extremely fast. Howerever, the caveat with this approach is the fact that the space will NOT be allocated in the file system.
Code: Select all
dd if=/dev/zero of=iscsi01.bin bs=1M count=1 seek=300000
4. Edit the "/etc/iet/ietd.conf" file:
Code: Select all
sudo vi /etc/iet/ietd.conf
At the very boot of the file (ensuring everything else in that file is commented out) enter the following lines:
Code: Select all
Target iqn.2010-12.tld.mydomain:myhostname.lun1
# IncomingUser
OutgoingUser
Lun 0 Path=/mnt/iscsi/iscsi01.bin,Type=fileio
Alias LUN1
#MaxConnections 6
The target name must be a globally unique name, the iSCSI standard defines the "iSCSI Qualified Name" as follows: iqn.YYYY-MM.<reversed domain name>[:identifier]; YYYY-MM is the date at which the domain is valid; the identifier is freely selectable(In this case I use the server host name). The IncomingUser line contains a username and a password so that only the initiators (clients) that provide this username and password can log in and use the storage device; if you don't need authentication, don't specify a username and password in the IncomingUser line. In the Lun line, we must specify the full path to the storage device (e.g. /dev/vg0/storage_lun1, /storage/lun1.img, /dev/sdb, etc.).
Save the file
5. Next, edit the "/etc/iet/initiators.allow" file:
Code: Select all
sudo vi /etc/iet/initiators.allow
At the bottom of it, comment out "ALL ALL":
#ALL ALL
Enter the following line:
Code: Select all
iqn.2010-12.tld.mydomain:myhostname.lun1 192.168.xxx.xxx
Where "iqn.2010-12.tld.mydomain:myhostname.lun1 " is the target name you setup earlier in the /etc/iet/ietd.conf file and "192.168.xxx.xxxx" is the ip addresses you want to have access to the iscsi share.
Save the file and restart the iscsi target service:
Code: Select all
sudo /etc/init.d/iscsitarget start
You iscsi share should be ready for connections!
Setup CHAP Authentication to your iSCSI Target
Another way to contorl access to your iSCSI target besides entering an IP address in the /etc/iet/initiators.allow is to use CHAP authentication. In this configuration, the initiator must provide a valid username/password before the iSCSI target will allow access to a specific iSCSI share. This way you can have more granular access to each iSCSI share, since the /etc/iet/initiators.allow only controls access to the server level and not at the iSCSI share.
Edit /etc/iet/ietd.conf file:
Code: Select all
vi /etc/iet/ietd.conf
Goto the iSCSI target configuration you setup previously, uncomment the "IncomingUser" line and enter a username and password next to it like below:
Code: Select all
Target iqn.2010-12.tld.mydomain:myhostname.lun1
IncomingUser username somepassword
#OutgoingUser
Lun 0 Path=/mnt/iscsi/iscsi01.bin,Type=fileio
Alias LUN1
#MaxConnections 6
Please keep in mind that there is a minimum password length requirement if you are planning on using the Microsoft iSCSI initiator. I've been using 14 characters passwords and it has worked with no problems. I'm not sure what the minimum is, but 14 seems to do the trick.