ISCSI: Difference between revisions

From KlavoWiki
Jump to navigationJump to search
New page: This procedure will allow you to have a partition on a Linux server and then mount that partition on another Linux, Mac or Windows computer as an iSCSI device. On your host computer you ne...
 
No edit summary
Line 32: Line 32:
</pre>
</pre>
This command will allow anyone to connect which is obviously insecure.
This command will allow anyone to connect which is obviously insecure.
== Based on IP Address ==
== Based on IP Address ==
=== Individual IP ===
<pre>
<pre>
tgtadm --lld iscsi --op bind --mode target --tid 1 -I 10.10.0.24
tgtadm --lld iscsi --op bind --mode target --tid 1 -I 10.10.0.24
</pre>
</pre>
== Based on Subnet ==
=== Based on Subnet ===
<pre>
<pre>
tgtadm --lld iscsi --op bind --mode target --tid 1 -I 10.10.0.0/24
tgtadm --lld iscsi --op bind --mode target --tid 1 -I 10.10.0.0/24

Revision as of 06:09, 27 February 2009

This procedure will allow you to have a partition on a Linux server and then mount that partition on another Linux, Mac or Windows computer as an iSCSI device. On your host computer you need an allocated hard disk or a partition of a hard disk to be used as an iSCSI target.

Installation

Lets get started by installing the iSCSI initiator on the Linux host.

yum install scsi-target-utils

Service Startup at Boot

chkconfig tgtd on
service tgtd start

Create a new target

tgtadm --lld iscsi --op new --mode target --tid 1 --targetname myvideofiles

NOTE: the target name must be in lowercase for windows to be able to successfully connect to it. If you have uppercase characters in the name you will get errors on connection.

Add a logical Unit

tgtadm --lld iscsi --op new --mode logicalunit --tid 1 --lun 1 -b /dev/hda4

NOTE: In this example I have created a partition that I will be using. That is why I have specified /dev/hda4. You may have specified /dev/hda or /dev/hdb for a whole hard disk, depending on your configuration.

Security

Allow All Initiators

tgtadm --lld iscsi --op bind --mode target --tid 1 -I ALL

This command will allow anyone to connect which is obviously insecure.

Based on IP Address

Individual IP

tgtadm --lld iscsi --op bind --mode target --tid 1 -I 10.10.0.24

Based on Subnet

tgtadm --lld iscsi --op bind --mode target --tid 1 -I 10.10.0.0/24

Authentication (CHAP)

First, create a user and password

tgtadm --lld iscsi --op new --mode account --user ''consumer'' --password ''Longsw0rd''

Next, add the users to an existing target device

tgtadm --lld iscsi --op bind --mode account --tid 1 --user ''consumer''