I followed the instructions here
https://www.howtoforge.com/tutorial/how-to-setup-iscsi-storage-server-on-ubuntu-2004-lts/
In the iscsi model the computer that physically hosts the storage media is called the target. The computer that accesses the targets is called the initiator.
The static IP of my target PC is 192.168.3.27. The reserved dynamic IP address of my initiator PC is 192.168.3.180.
I started with a fresh install of Ubuntu 22.10 Desktop. Did my standard after install command:
# apt update; apt upgrade -y; apt install vim mc tmux smartmontools -y
First check what disks we have available:
# lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS ... deletia ... sda 8:0 0 1.8T 0 disk sdb 8:16 0 1.8T 0 disk sdc 8:32 0 931.5G 0 disk ├─sdc1 8:33 0 16M 0 part └─sdc2 8:34 0 931.5G 0 part nvme0n1 259:0 0 931.5G 0 disk ├─nvme0n1p1 259:1 0 1M 0 part ├─nvme0n1p2 259:2 0 1G 0 part /boot/efi ├─nvme0n1p3 259:3 0 32G 0 part [SWAP] └─nvme0n1p4 259:4 0 898.5G 0 part /var/snap/firefox/common/host-hunspell
The operating system is on nvme0n1, the storage devices are sda, sdb and sdc. I want the serial numbers of the drives because I’m paranoid about writing to the wrong drives.
# for i in `ls /dev/sd?` ; do echo -n $i " " ; smartctl -i $i | grep Serial ; done /dev/sda Serial Number: WD-WXN2A13DXJDK /dev/sdb Serial Number: WD-WXA2A61AJY3T /dev/sdc Serial Number: Z1DA4E2G
These are the correct drives. The two Western Digital drives (sda and sdb) are my linux backup drives. The Seagate drive is my Windows backup drive.
Now we install the iscsi target software on the backup server
# apt install tgt
Get the status of the target daemon
# systemctl status tgt
tgt.service - (i)SCSI target daemon
Loaded: loaded (/lib/systemd/system/tgt.service; enabled; preset: enabled)
Active: active (running) since Sat 2023-04-08 11:57:59 EDT; 27min ago
Docs: man:tgtd(8)
Process: 19574 ExecStartPost=/usr/sbin/tgtadm --op update --mode sys --name State -v offline (code=exited, status=0/SUCCESS)
Process: 19575 ExecStartPost=/usr/sbin/tgt-admin -e -c /etc/tgt/targets.conf (code=exited, status=0/SUCCESS)
Process: 19629 ExecStartPost=/usr/sbin/tgtadm --op update --mode sys --name State -v ready (code=exited, status=0/SUCCESS)
Main PID: 19573 (tgtd)
Status: "Starting event loop..."
Tasks: 33
Memory: 1.7M
CPU: 410ms
CGroup: /system.slice/tgt.service
└─19573 /usr/sbin/tgtd -f
Apr 08 11:57:58 ahserver systemd[1]: Starting (i)SCSI target daemon...
Apr 08 11:57:58 ahserver tgtd[19573]: tgtd: iser_ib_init(3431) Failed to initialize RDMA; load kernel modules?
Apr 08 11:57:58 ahserver tgtd[19573]: tgtd: work_timer_start(146) use timer_fd based scheduler
Apr 08 11:57:58 ahserver tgtd[19573]: tgtd: bs_init(387) use signalfd notification
Apr 08 11:57:58 ahserver tgtd[19573]: tgtd: device_mgmt(246) sz:14 params:path=/dev/sda
Apr 08 11:57:58 ahserver tgtd[19573]: tgtd: bs_thread_open(409) 16
Apr 08 11:57:59 ahserver tgtd[19573]: tgtd: device_mgmt(246) sz:14 params:path=/dev/sdb
Apr 08 11:57:59 ahserver tgtd[19573]: tgtd: bs_thread_open(409) 16
Apr 08 11:57:59 ahserver systemd[1]: Started (i)SCSI target daemon.Yep, target is enabled and running, looks great. Next we need to configure the target drives by editing the configuration file. Here's the configuration I use.
# cat /etc/tgt/conf.d/iscsi.conf
<target iqn.backupserver.radagast.ca:linux>
backing-store /dev/sda
backing-store /dev/sdb
initiator-address 192.168.3.180
incominguser iscsi-user password
outgoinguser iscsi-target secretpass
</target>
<target iqn.backupserver.radagast.ca:windows>
backing-store /dev/sdc
initiator-address 192.168.3.180
incominguser iscsi-user password2023
outgoinguser iscsi-target secretpass2023
</target>
This configuration defines two targets. The first target has two linux drives, the second target has one windows drive. It is important to note the the initiator-address line must be repeated for each IP address added to the access control list.
Must restart the daemon to read the new configuration file
# systemctl restart tgt
And let’s have a look at how tgtd is configured:
# tgtadm -m target -o show
Target 1: iqn.backupserver.radagast.ca:linux
System information:
Driver: iscsi
State: ready
I_T nexus information:
LUN information:
LUN: 0
Type: controller
SCSI ID: IET 00010000
SCSI SN: beaf10
Size: 0 MB, Block size: 1
Online: Yes
Removable media: No
Prevent removal: No
Readonly: No
SWP: No
Thin-provisioning: No
Backing store type: null
Backing store path: None
Backing store flags:
LUN: 1
Type: disk
SCSI ID: IET 00010001
SCSI SN: beaf11
Size: 2000399 MB, Block size: 512
Online: Yes
Removable media: No
Prevent removal: No
Readonly: No
SWP: No
Thin-provisioning: No
Backing store type: rdwr
Backing store path: /dev/sda
Backing store flags:
LUN: 2
Type: disk
SCSI ID: IET 00010002
SCSI SN: beaf12
Size: 2000399 MB, Block size: 512
Online: Yes
Removable media: No
Prevent removal: No
Readonly: No
SWP: No
Thin-provisioning: No
Backing store type: rdwr
Backing store path: /dev/sdb
Backing store flags:
Account information:
iscsi-user
iscsi-target (outgoing)
ACL information:
192.168.3.180
Target 2: iqn.backupserver.radagast.ca:windows
System information:
Driver: iscsi
State: ready
I_T nexus information:
LUN information:
LUN: 0
Type: controller
SCSI ID: IET 00020000
SCSI SN: beaf20
Size: 0 MB, Block size: 1
Online: Yes
Removable media: No
Prevent removal: No
Readonly: No
SWP: No
Thin-provisioning: No
Backing store type: null
Backing store path: None
Backing store flags:
LUN: 1
Type: disk
SCSI ID: IET 00020001
SCSI SN: beaf21
Size: 1000205 MB, Block size: 512
Online: Yes
Removable media: No
Prevent removal: No
Readonly: No
SWP: No
Thin-provisioning: No
Backing store type: rdwr
Backing store path: /dev/sdc
Backing store flags:
Account information:
iscsi-user
iscsi-target (outgoing)
ACL information:
192.168.3.180
Notice that tgtd creates a LUN0 for each target’s controller.
In my case, the initiator was an Ubuntu 22.04 laptop.
# apt install open-iscsi
Then we use the iscsiadm tool to discover the targets
# iscsiadm -m discovery -t st -p 192.168.3.27 192.168.3.27:3260,1 iqn.backupserver.radagast.ca:linux 192.168.3.27:3260,1 iqn.backupserver.radagast.ca:windows
-t is for type sendtarget (st), -p is for “portal” (scsi terminology is OLD). We can see the target (this is the configuration with one target, two LUN).
Now add the desired LUNs to the initiator configuration file:
# vim /etc/iscsi/initiatorname.iscsi
Add this line:
InitiatorName=iqn.backupserver.radagast.ca:linux
There exists an iscsi.conf configuration file at /etc/iscsi/iscsi.conf but when iscsi discovers a target it will create an individual configuration file in the /etc/iscsi/nodes heirarchy. I will define the passwords in the target specific configuration file because different targets may have different usernames and passwords.
# vi /etc/iscsi/nodes/iqn.backupserver.radagast.ca\:linux/192.168.3.27\,3260\,1/default
add these lines
node.session.auth.authmethod = CHAP node.session.auth.username = iscsi-user node.session.auth.password = password node.session.auth.username_in = iscsi-target node.session.auth.username_in = secretpass
And change node.startup to automatic at the top of the file.
Restart iscsi on the initiator
# systemctl restart open-iscsi iscsid
and check what’s going on with iscsi
# systemctl status open-iscsi.service
● open-iscsi.service - Login to default iSCSI targets
Loaded: loaded (/lib/systemd/system/open-iscsi.service; disabled; vendor preset: enabled)
Active: active (exited) since Mon 2023-04-10 20:55:19 EDT; 35s ago
Docs: man:iscsiadm(8)
man:iscsid(8)
Process: 16478 ExecStart=/sbin/iscsiadm -m node --loginall=automatic (code=exited, status=0/SUCCESS)
Process: 16494 ExecStart=/lib/open-iscsi/activate-storage.sh (code=exited, status=0/SUCCESS)
Main PID: 16494 (code=exited, status=0/SUCCESS)
CPU: 3ms
Apr 10 20:55:18 gwaihir systemd[1]: Starting Login to default iSCSI targets...
Apr 10 20:55:19 gwaihir iscsiadm[16478]: Logging in to [iface: default, target: iqn.backupserver.radagast.ca:linux, portal: 192.168.3.27,3260]
Apr 10 20:55:19 gwaihir iscsiadm[16478]: Login to [iface: default, target: iqn.backupserver.radagast.ca:linux, portal: 192.168.3.27,3260] success>
Apr 10 20:55:19 gwaihir systemd[1]: Finished Login to default iSCSI targets.
Using the iscsiadm and lsblk commands can be helpful:
# iscsiadm -m session -o show
root@gwaihir:/etc/iscsi# iscsiadm -m session -o show
tcp: [6] 192.168.3.27:3260,1 iqn.backupserver.radagast.ca:backup (non-flash)
# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
... deletia ...
sda 8:0 0 1.8T 0 disk
sdb 8:16 0 1.8T 0 disk
nvme1n1 259:0 0 931.5G 0 disk
├─nvme1n1p1 259:1 0 512M 0 part
├─nvme1n1p2 259:2 0 30.5G 0 part
└─nvme1n1p3 259:3 0 900.5G 0 part /var/snap/firefox/common/host-hunspell
/
... deletia ...
Notice that the sda (2TB) and sdb (1TB) devices now appear on my laptop. This laptop has no physical SATA drives: those devices are the iscsi devices:
# smartctl -i /dev/sda | grep Serial; smartctl -i /dev/sdb | grep Serial Serial number: beaf11 Serial number: beaf12
Scroll back up to the end of the target configuration section, look at the output of the tgtadm --mode target --op show command. You will see that the SCSI serial number for LUN1 is beaf11 and for LUN2 is beaf12
Closing the iscsi session
Close the session with this command:
# iscsiadm -m node -T iqn.backupserver.radagast.ca:linux -p 192.168.3.27:3260,1 -u Logging out of session [sid: 6, target: iqn.backupserver.radagast.ca:linux, portal: 192.168.3.27,3260] Logout of [sid: 6, target: iqn.backupserver.radagast.ca:linux, portal: 192.168.3.27,3260] successful.
And then stop and disable the service to prevent it from reconnecting
# systemctl stop open-iscsi iscsid # systemctl disable open-iscsi iscsid
Question: what happens when there is already and sda on the initiator?
In Windows 11 press the windows key then type iscsi. Windows search should find the iSCSI Initiator app. Launch the app. The first time you launch it Windows will tell you that the service needs to run. Says OK, you want to run the service.
Now that the service is running, do the same thing again: press the windows key, type iscsi, launch the iSCSI app. This time Windows should open the iSCSI initiator properties dialog. Click on the Discovery tab. Click the Discover Portal ... button then enter 192.168.3.27 as the IP address and click OK.
192.168.3.27 should now appear in the target portals list. Click on the targets tab. The two targets should already appear in the Discovered Targets list. Select the windows target and click the Connect button.
The Connect to Target dialog box should appear. Click on Advanced. Click the Enable CHAP Logon checkbox. Change the name to iscsi-user. Now this is the different part. Windows requires a 12 character password. So I had to go back to my target machine, change the password to 12 characters, restart the tgt service, then entered that password in the Windows Advanced Settings box. Click Ok then click OK again.
# iscsiadm -m discovery -o show -P 3
# iscsiadm -m session -P 3
# iscsiadm -m node -l
# iscsiadm -m node -u
# iscsiadm -m node -p 192.168.3.27 --rescan
# iscsiadm -m node -s