Setting up iSCSI Target Ubuntu 12.04 Server

Ubuntu Linux Specific Guides
Post Reply
User avatar
dedwards
Site Admin
Posts: 69
Joined: Wed Mar 15, 2006 8:28 pm
Contact:

Setting up iSCSI Target Ubuntu 12.04 Server

Post by dedwards » Wed Oct 27, 2010 4:11 pm

1. Install iSCSI Target Packages

Code: Select all

sudo apt-get install iscsitarget iscsitarget-source iscsitarget-dkms


Accept all the dependencies. It may be necessary to install "libssl-dev". If it doesn't get install as part of the dependencies for the "iscsitarget" package, install as follows:

Code: Select all

sudo apt-get install libssl-dev


2. Edit "/etc/default/iscsitarget" and start the service:

Code: Select all

sudo vi /etc/default/iscsitarget


Set

Code: Select all

ISCSITARGET_ENABLE=false

to

Code: Select all

ISCSITARGET_ENABLE=true


Start the iscsitarget service:

Code: Select all

sudo /etc/init.d/iscsitarget start


3. Create a storage file to be used as an iscsi partition:

Change to directory you want to create the storage file. I created an "/mnt/iscsi" mount point and created the file there:

Code: Select all

sudo mkdir /mnt/iscsi
cd /mnt/iscsi
sudo dd if=/dev/zero of=iscsi01.bin bs=1M count=300000


The command above created a file named "iscsi01.bin" 300 GB in size under the "/mnt/iscsi" mount point. Adjust your size as necessary. Depending on the size you select and the speed of your hard drive it could take a VERY considerable amount of time, however the command above will allocate the entire size of the filesize you created on the file system. Once the file is created proceed to the next step.

Another alternate approach to creating the storage file is to use the command below which will create the file extremely fast. Howerever, the caveat with this approach is the fact that the space will NOT be allocated in the file system.

Code: Select all

dd if=/dev/zero of=iscsi01.bin bs=1M count=1 seek=300000


4. Edit the "/etc/iet/ietd.conf" file:

Code: Select all

sudo vi /etc/iet/ietd.conf


At the very boot of the file (ensuring everything else in that file is commented out) enter the following lines:

Code: Select all

Target iqn.2010-12.tld.mydomain:myhostname.lun1
       # IncomingUser
        OutgoingUser
        Lun 0 Path=/mnt/iscsi/iscsi01.bin,Type=fileio
        Alias LUN1
        #MaxConnections  6


The target name must be a globally unique name, the iSCSI standard defines the "iSCSI Qualified Name" as follows: iqn.YYYY-MM.<reversed domain name>[:identifier]; YYYY-MM is the date at which the domain is valid; the identifier is freely selectable(In this case I use the server host name). The IncomingUser line contains a username and a password so that only the initiators (clients) that provide this username and password can log in and use the storage device; if you don't need authentication, don't specify a username and password in the IncomingUser line. In the Lun line, we must specify the full path to the storage device (e.g. /dev/vg0/storage_lun1, /storage/lun1.img, /dev/sdb, etc.).

Save the file

5. Next, edit the "/etc/iet/initiators.allow" file:

Code: Select all

sudo vi /etc/iet/initiators.allow


At the bottom of it, comment out "ALL ALL":

#ALL ALL


Enter the following line:

Code: Select all

iqn.2010-12.tld.mydomain:myhostname.lun1 192.168.xxx.xxx


Where "iqn.2010-12.tld.mydomain:myhostname.lun1 " is the target name you setup earlier in the /etc/iet/ietd.conf file and "192.168.xxx.xxxx" is the ip addresses you want to have access to the iscsi share.

Save the file and restart the iscsi target service:

Code: Select all

sudo /etc/init.d/iscsitarget start


You iscsi share should be ready for connections!

Setup CHAP Authentication to your iSCSI Target

Another way to contorl access to your iSCSI target besides entering an IP address in the /etc/iet/initiators.allow is to use CHAP authentication. In this configuration, the initiator must provide a valid username/password before the iSCSI target will allow access to a specific iSCSI share. This way you can have more granular access to each iSCSI share, since the /etc/iet/initiators.allow only controls access to the server level and not at the iSCSI share.

Edit /etc/iet/ietd.conf file:

Code: Select all

vi /etc/iet/ietd.conf


Goto the iSCSI target configuration you setup previously, uncomment the "IncomingUser" line and enter a username and password next to it like below:

Code: Select all

Target iqn.2010-12.tld.mydomain:myhostname.lun1
        IncomingUser username somepassword
        #OutgoingUser
        Lun 0 Path=/mnt/iscsi/iscsi01.bin,Type=fileio
        Alias LUN1
        #MaxConnections  6


Please keep in mind that there is a minimum password length requirement if you are planning on using the Microsoft iSCSI initiator. I've been using 14 characters passwords and it has worked with no problems. I'm not sure what the minimum is, but 14 seems to do the trick.
Post Reply