iSCSI, Internet SCSI(Small Computer System Interface) 應用越來越普遍,在 FreeBSD上裝來玩看看,環境為兩台主機,伺服器端 target 的 IP 為 192.168.1.9,用戶端 initiator 的 IP 則相同網段的任意 IP。
1. 安裝 FreeBSD iSCSI 的伺服器端 target
# cd /usr/ports/net/iscsi-target # 使用 ports 直接安裝
# make install clean; rehash
# vi /usr/local/etc/iscsi/targets
# extents file start length
extent0 /tmp/iscsi-target0 0 2GB
# target flags storage netmask
target0 rw extent0 192.168.1.0/26
# vi /etc/rc.conf # 開機自動啟動 iSCSI target
iscsi_target_enable="YES"
# /usr/local/etc/rc.d/iscsi_target start # 手動啟動 iSCSI target
Starting iscsi_target.
Reading configuration from `/usr/local/etc/iscsi/targets'
target0:rw:192.168.1.0/26
extent0:/tmp/iscsi-target0:0:2147483648
DISK: 1 logical unit (4194304 blocks, 512 bytes/block), type iscsi fs
DISK: LUN 0: 2048 MB disk storage for "target0"
TARGET: TargetName is iqn.1994-04.org.netbsd.iscsi-target
# ls -l /tmp # 查看 tmp 目錄下是否多了個 2G 大小的 iscsi-target0 檔
-rw-r--r-- 1 root wheel 2147483648 Mar 19 09:33 iscsi-target0
2. 設定 FreeBSD iSCSI 的用戶端 initiator
# vi /boot/loader.conf # 讓開機可以自動載入 iscsi_initiator 核心模組
iscsi_initiator_load="YES"
# kldload iscsi_initiator # 手動載入 iscsi_initiator 核心模組
# kldstat # 查看有無載入 iscsi_initiator.ko
Id Refs Address Size Name
1 6 0xc0400000 97f830 kernel
2 1 0xc4c71000 f000 iscsi_initiator.ko
# iscontrol -d -t 192.168.1.9 # 測試 iSCSI 連線
TargetName=iqn.1994-04.org.netbsd.iscsi-target:target0
TargetAddress=192.168.1.9:3260,1
# iscontrol -c /etc/iscsi.conf -n target0 # 啟動 iSCSI session
iscontrol[2664]: running
iscontrol[2664]: (pass0:iscsi0:0:0:0): tagged openings now 0
iscontrol[2664]: cam_open_btl: no passthrough device found at 0:0:1
iscontrol[2664]: cam_open_btl: no passthrough device found at 0:0:2
iscontrol[2664]: cam_open_btl: no passthrough device found at 0:0:3
iscontrol: supervise starting main loop
#cat /var/log/messages # 會有下面兩行訊息表示 /dev/da0 介面已經被建立
Mar 19 09:45:11 ntut kernel: da0 at iscsi0 bus 0 target 0 lun 0
Mar 19 09:45:11 ntut kernel: da0:
# newfs /dev/da0 # 格式化 /dev/da0 檔案系統
/dev/da0: 2048.0MB (4194304 sectors) block size 16384, fragment size 2048
using 12 cylinder groups of 183.77MB, 11761 blks, 23552 inodes.
super-block backups (for fsck -b #) at:
160, 376512, 752864, 1129216, 1505568, 1881920, 2258272, 2634624, 3010976, 3387328, 3763680, 4140032
# mkdir /mydata # 建立目錄
# mount /dev/da0 /mydata # 掛載檔案系統
# df
Filesystem 1K-blocks Used Avail Capacity Mounted on
/dev/da0 2026030 4 1863944 0% /mydata
3. 用戶端 FreeBSD 如何開機自動掛載 iSCSI 硬碟?參考網路上前人所寫的 Shell Script 開機可以自動掛載啟動檔
# vi /etc/rc.d/iscsi
#!/bin/sh
# PROVIDE: iscsi
# REQUIRE: NETWORKING
# BEFORE: mountcritremote
# KEYWORD: shutdown
. /etc/rc.subr
name="iscsi"
start_cmd="iscsi_start"
stop_cmd="iscsi_stop"
rcvar="iscsi_enable"
required_modules="iscsi_initiator:iscsi"
iscsi_start()
{
${iscsi_command} -c ${iscsi_config} -n ${iscsi_nickname}
if [ -f ${iscsi_fstab} ]; then
devs=`sed -e '/^#/d' < ${iscsi_fstab} | cut -f 1`
for xdev in $devs
do
i=10
echo "Wait for $xdev"
while [ $i -ne 0 ]
do
[ -c $xdev ] && break
sleep 1
i=$(($i-1))
done
done
echo "mount -a -F ${iscsi_fstab}"
mount -a -F ${iscsi_fstab}
fi
}
iscsi_stop()
{
if [ -f ${iscsi_fstab} ]; then
echo "umount -a -F ${iscsi_fstab}"
umount -a -F ${iscsi_fstab}
fi
killall -HUP ${iscsi_command}
}
load_rc_config $name
: ${iscsi_enable="NO"}
: ${iscsi_command="iscontrol"}
: ${iscsi_nickname="target0"}
: ${iscsi_config="/etc/iscsi.conf"}
: ${iscsi_fstab="/etc/iscsi.fstab"}
run_rc_command "$1"
# chmod 555 /etc/rc.d/iscsi # 改變權限
# vi /etc/iscsi.fstab # 設定開機掛載 HD
/dev/da0 /mydata ufs rw 3 3
# vi /etc/rc.conf # 加入開機自動執行
iscsi_enable="YES"
4. 如何使用 AES 加密檔案系統掛載 iSCSI
# kldload geom_eli.ko # 載入核心加密模組 GEOM_ELI
# kldstat # 查看載入的核心模組
Id Refs Address Size Name
1 9 0xc0400000 97f830 kernel
2 1 0xc4c71000 f000 iscsi_initiator.ko
3 1 0xc4f93000 10000 geom_eli.ko
4 1 0xc4fa3000 23000 crypto.ko
5 1 0xc4fc6000 a000 zlib.ko
# geli init /dev/da0 # 初始化 /dev/da0 需輸入密碼 , 這邊採用 AES 加密
Enter new passphrase:
Reenter new passphrase:
# geli attach /dev/da0 # 加密 /dev/da0 輸入剛剛加密密碼
Enter passphrase:
# cat /var/log/message # 查看核心 log
Mar 19 09:54:43 ntut kernel: cryptosoft0:
Mar 19 09:59:48 ntut kernel: GEOM_ELI: Device da0.eli created.
Mar 19 09:59:48 ntut kernel: GEOM_ELI: Encryption: AES-CBC 128
Mar 19 09:59:48 ntut kernel: GEOM_ELI: Crypto: software
# /boot/loader.conf # 加入開機自動載入 GEOM_ELI 加密模組
geom_eli_load="YES"
# newfs -U -L mydata /dev/da0.eli # 格式化加密檔案系統
/dev/da0.eli: 2048.0MB (4194300 sectors) block size 16384, fragment size 2048
using 12 cylinder groups of 183.77MB, 11761 blks, 23552 inodes.
with soft updates
super-block backups (for fsck -b #) at:
160, 376512, 752864, 1129216, 1505568, 1881920, 2258272, 2634624, 3010976, 3387328, 3763680, 4140032
# cat /var/log/message # 查看核心 log 可發現多了區塊標籤 ufs/mydata
Mar 19 10:04:58 ntut kernel: GEOM_LABEL: Label for provider da0.eli is ufs/mydata.
# mkdir /mydata # 建立檔案目錄
# mount /dev/ufs/mydata /mydata # 掛載檔案目錄
# df # 查看檔案目錄
Filesystem 1K-blocks Used Avail Capacity Mounted on
/dev/ufs/mydata 2026028 4 1863942 0% /mydata
Add.
如何在 Windows 運行 Initiator 用戶端 ?
Vista/2K8 已經內建支援 iSCSI 用戶端軟體 XP/2K 則需到微軟官網下載軟體安裝方可運行 iSCSI
http://www.microsoft.com/downloads/details.aspx?familyid=12cb3c1a-15d6-4585-b385-befd1319f825&displaylang=en
Ref.
http://ivoras.sharanet.org/freebsd/iscsi-eli.html
http://www.cyberciti.biz/faq/freebsd-iscsi-initiator-howto/
http://shell.peach.ne.jp/aoyama/archives/45
0 意見:
張貼意見