====== iscsi op Linux======
[[iscsi:iscsi|{{ :iscsi:icon.jpg?120|}}]]

===== context=====
dit document beschrijft hoe je iscsi targets beheert op Linux ahv **targetcli** (vanop Debian10)

===== installatie=====
  - ''apt get install targetcli-fb''
  - pas de firewall aan zodat ''tcp/3260'' wordt doorgelaten. 
  - voeg (op Debian10, althans) een basic opstartscript toe: <code>cd /etc/systemd/system
sudo curl https://raw.githubusercontent.com/open-iscsi/rtslib-fb/master/systemd/target.service -o target.service
sudo systemctl enable target.service
sudo service target start</code>
===== werking =====
  * start ''targetcli''
  * navigeren doe je ahv standaard linux commando's: ''cd, ls''
  * directory: 
    * **backstores**: disken die je beschikbaar maakt ivv:
      * block: device file (hard disk, logisch volume)
      * fileio: bestand
    * **iscsi**: bovenstaande disk ahv iscsi protocol exporteren
  * gebruik ''TAB''-toets om beschikbare commando's te zien
  * gebruik ''çd'' om grafisch te navigeren{{ :iscsi:targetcli_navigate_graphically.png?400 |}}
  * gebruiker ''info'' om de eigenschappen te zien van het object

===== backstore aanmaken =====
==== disk ====
  * ''cd /backstores/fileio''
  * ''create file_or_dev=<nowiki>/home/test/bigster</nowiki> name=bigster size=1024m''\\ = maakt 1Gb bestand bigster aan in /home/test{{ :iscsi:targetcli_create_file.png?400 |}}

==== block ====
  * ''cd /backstores/block''
  * ''create dev=<nowiki>/dev/vg00/lvvmware</nowiki> name=vmware size=750g''\\ = maakt logisch volume vmware beschikbaar als block device.

===== iSCSI target aanmaken =====
  * ''cd iscsi''
  * ''create''\\ maakt default iSCSI componenten aan: portal, IQN, lun, ACL{{ :iscsi:targetcli_iscsi_create.png?400 |}}
===== LUN aanmaken =====
  * ''cd iscsi''
  * ''cd <IQN>''
  * ''cd <tpg#>''
  * ''cd lun''
  * ''create storage_object=<device file>''\\ vb: ''create storage_object=/backstores/fileio/groot''
===== ACL aanmaken =====
  * ''cd iscsi''
  * ''cd <IQN>''
  * ''cd <tpg#>''
  * ''cd acl''
  *   * ''create wwn=<IQN van iSCSI initiator>''

===== CHAP authenticatie=====
  * ''cd iscsi''
  * ''cd <IQN>''
  * ''cd <tpg#>''
  * ''set attribute authentication=1''
  * ''cd acls''
  * ''çd <IQN_Initiator>''
  * ''set auth userid=<IQN_Initiator>''
  * ''set auth password=<ArbitaryPasswordOf16characters>''



















<bootnote>Nu zou de iSCSI target beschikbaar moeten zijn vanuit je client (iSCSI initiator).</bootnote>
===== beheer =====
==== actieve sessies ====
  * ''cd /''
  * ''session action=detail''{{ :iscsi:targetcli_sessions.png?400 |}}
==== target uitschakelen ====
  * ''cd iscsi''
  * ''çd <IQN>\tpg<#>''
  * ''disable''{{ :iscsi:targetcli_portal_disable.png?400 |}}\\ inschakelen: ''enable''

===== backup/restore =====
==== backup ====
  * ''cd /''
  * ''saveconfig''

==== restore ====
  * ''cd /''
  * ''restoreconfig''

Elke backup wordt bewaard onder ''/etc/rtslib-fb-target/backup''
Je kan ook vanop de commmandline: ''targetcli restoreconfig /etc/rtslib-fb-target/backup/backup-x-x.json''


===== problemen, problemen=====
==== netwerk monitor ahv tshark ====
''tshark -f "dst port 3260" && "src ip <IPvanInitiator>"'' (zie: [[linux:tshark|tshark]]))<code> 1 0.000000000  10.11.12.16 → 10.11.110.10 TCP 74 40399 → 3260 [SYN] Seq=0 Win=65535 Len=0 MSS=1460 WS=512 SACK_PERM=1 TSval=74754 TSecr=0
    2 0.000054598 10.11.110.10 → 10.11.12.16  TCP 74 3260 → 40399 [SYN, ACK] Seq=0 Ack=1 Win=65160 Len=0 MSS=1460 SACK_PERM=1 TSval=2937156815 TSecr=74754 WS=128
    3 0.000413976  10.11.12.16 → 10.11.110.10 TCP 66 40399 → 3260 [ACK] Seq=1 Ack=1 Win=263168 Len=0 TSval=74754 TSecr=2937156815
    4 0.252186069  10.11.12.16 → 10.11.110.10 iSCSI 274 Login Command
    5 0.252224095 10.11.110.10 → 10.11.12.16  TCP 66 3260 → 40399 [ACK] Seq=1 Ack=209 Win=65024 Len=0 TSval=2937157067 TSecr=74779
    6 0.252325001 10.11.110.10 → 10.11.12.16  iSCSI 114 Login Response (Service unavailable)
    7 0.252370167 10.11.110.10 → 10.11.12.16  TCP 66 3260 → 40399 [FIN, ACK] Seq=49 Ack=209 Win=65024 Len=0 TSval=2937157068 TSecr=74779
    8 0.252688938  10.11.12.16 → 10.11.110.10 TCP 66 40399 → 3260 [ACK] Seq=209 Ack=50 Win=263168 Len=0 TSval=74780 TSecr=2937157067
    9 0.503529224  10.11.12.16 → 10.11.110.10 TCP 66 40399 → 3260 [FIN, ACK] Seq=209 Ack=50 Win=263168 Len=0 TSval=74805 TSecr=2937157067
   10 0.503573310 10.11.110.10 → 10.11.12.16  TCP 66 3260 → 40399 [ACK] Seq=50 Ack=210 Win=65024 Len=0 TSval=2937157319 TSecr=74805
^C   11 3.021542392  10.11.12.16 → 10.11.110.10 TCP 74 13353 → 3260 [SYN] Seq=0 Win=65535 Len=0 MSS=1460 WS=512 SACK_PERM=1 TSval=75056 TSecr=0
</code>
=== /var/log/syslog===
 
<code>Feb  7 13:28:41 UVMkve-ubuntu kernel: [296881.919424] iSCSI Login negotiation failed.
Feb  7 13:28:46 UVMkve-ubuntu kernel: [296886.935254] Unable to locate Target IQN: iqn.2003-01.org.linux-iscsi.uvmkve-ubuntu.x8664:sn.50a18bfcc36b in Storage Node
</code><code>Feb  7 14:05:18 UVMkve-ubuntu kernel: [299078.761397] iSCSI Initiator Node: iqn.1991-05.com.microsoft:uvmkve-ls103.dmz.lab.local is not authorized to access iSCSI target portal group: 1.
Feb  7 14:05:18 UVMkve-ubuntu kernel: [299078.761421] iSCSI Login negotiation failed.</code>

===== meer info =====
  * [[https://manpages.ubuntu.com/manpages/focal/en/man8/targetcli.8.html|targetcli MAN page]]
  * [[https://www.unixmen.com/attach-iscsi-target-disks-linux-servers/|iSCSI target mounten vanop Linux client]]
{{tag>iscsi linux storage}}