iSCSI (Internet Small Computer System Interface) is a protocol used in Storage Area Networks (SANs) to share block-level storage resources across a network. By employing a client-server architecture, iSCSI enables the transmission of SCSI commands over TCP/IP networks, allowing two primary components – the initiator and the target – to communicate and share storage resources. In this tutorial, we will guide you through the process of setting up an iSCSI storage server on Ubuntu 22.04, enabling secure storage sharing within your network.

Requirements

Before we begin, ensure that you have the following:

• A system running Ubuntu 22.04 for the iSCSI target, with a 1 GB external HDD.
• A system running fresh Ubuntu 22.04 for the iSCSI initiator.
• A static IP address of 192.168.1.10 configured on the iSCSI target and 192.168.1.20 on the iSCSI initiator.
• A root password configured on both servers.

Updating the System

To ensure that your system has the latest packages, it is recommended to update them before proceeding with the installation. Open the terminal on both the iSCSI target and initiator and run the following commands:

apt update -y
apt upgrade -y

Once the system is updated, restart it to apply the changes.

Installing the iSCSI Target

The iSCSI Target package is available in the default repository of Ubuntu 22.04. To install it, run the following command on the iSCSI Target server:

apt install tgt -y

After the installation is complete, verify the status of the server with the following command:

systemctl status tgt

You should see the output indicating that the iSCSI target daemon is active and running.

Configuring the iSCSI Target

Next, we will create a Logical Unit Number (LUN) device on the iSCSI server. A LUN is a backend storage device that is part of a physical SCSI device. It allows initiators to establish and manage file systems on iSCSI LUNs.

To configure the iSCSI target, create a new configuration file by running the following command:

nano /etc/tgt/conf.d/iscsi.conf

In the file, add the following lines:

<target iqn.2024-01.example.com:lun1>
backing-store /dev/sdb
initiator-address 192.168.1.20
incominguser iscsi-user password
outgoinguser iscsi-target secretpass
</target>

Save and close the file. This configuration specifies the name of the LUN, the location and name of the storage device on the iSCSI target server, the IP address of the iSCSI initiator, and the authentication details.

Restart the iSCSI service to apply the changes:

systemctl restart tgt

Verify the iSCSI Target server with the following command:

tgtadm --mode target --op show

You should see the output displaying the target information.

Installing and Configuring the iSCSI Initiator

Moving on to the iSCSI initiator machine, install the iSCSI initiator package by running the following command:

apt install open-iscsi -y

Once the installation is complete, discover the iSCSI target server to find the shared targets using the following command:

iscsiadm -m discovery -t st -p 192.168.1.10

This command will display the shared targets available on the iSCSI target server.

Define the LUN device name in the initiatorname.iscsi file by running the following command:

nano /etc/iscsi/initiatorname.iscsi

Add the iSCSI target LUN name as shown below:

InitiatorName=iqn.2024-01.example.com:lun1

Save and close the file. This step ensures that the initiator can identify the target.

Next, define the CHAP (Challenge-Handshake Authentication Protocol) information that you configured on the iSCSI target to access the target from the initiator. Edit the node configuration file by running the following command:

nano /etc/iscsi/nodes/iqn.2024-01.example.com:lun1/192.168.1.10,3260,1/default

Modify the following lines:

node.session.auth.authmethod = CHAP
node.session.auth.username = iscsi-user
node.session.auth.password = password
node.session.auth.username_in = iscsi-target
node.session.auth.password_in = secretpass
node.startup = automatic

Save and close the file. Restart the iSCSI initiator service with the following command:

systemctl restart open-iscsi iscsid

Verify the status of the service with the following command:

systemctl status open-iscsi

You should see the output indicating that the service is active and running.

To verify the iSCSI connection, run the following command:

iscsiadm -m session -o show

This command will display the active iSCSI sessions.

To verify the storage device shared from the iSCSI target, run the following command:

lsblk

You should see the shared device listed among the available disks.

Creating a File System on the Shared Device

To utilize the shared device on the iSCSI initiator, you need to create a file system on it. First, access the partitioning tool by running the following command:

fdisk /dev/sdb

Follow the prompts to create a new partition. Once the partition is created, format it with the following command:

mkfs.ext4 /dev/sdb1

Mount the partition to the /mnt directory using the following command:

mount /dev/sdb1/mnt

You can now verify the mounted partition by running the following command:

df -h

The output will display the mounted partition among the file systems.

Frequently Asked Questions

What is iSCSI?

iSCSI, or Internet Small Computer System Interface, is a network protocol that enables the transfer of data over intranets and manages storage over long distances. It facilitates block-level data transport between an iSCSI initiator on a server and an iSCSI target on storage hardware.

What are iSCSI Target and Initiator?

The iSCSI Target acts as a storage unit, such as a hard drive, that is accessible over a network. The iSCSI Initiator is the client that connects to and interacts with the storage on the Target.

Can I use iSCSI over a WAN?

Yes, iSCSI can be used over a Wide Area Network (WAN). However, it is important to ensure a stable and fast network connection for optimal performance and reliability. Implementing security measures like VPNs or dedicated lines is also recommended when using iSCSI over a WAN.

How is iSCSI different from NFS or SMB?

Unlike NFS (Network File System) or SMB (Server Message Block), which are file-level storage protocols, iSCSI operates at the block level. This means that iSCSI allows a system to interact with remote storage as if it were a local hard drive, providing more flexibility in managing storage resources.

Is iSCSI secure?

iSCSI itself does not include high-level security features. However, you can secure your iSCSI connections by implementing methods such as IPsec for network layer security or configuring CHAP for authentication.

What are the performance considerations for iSCSI?

iSCSI performance is influenced by factors such as network speed, latency, the performance of the storage devices, and the network configuration. To achieve optimal performance, it is important to ensure a high-speed network connection with minimal latency.

Do I need special hardware for iSCSI?

No special hardware is required for iSCSI. It can run on standard network equipment. However, dedicated iSCSI Host Bus Adapters (HBAs) can be used to improve performance.

How do I troubleshoot iSCSI connection issues on Ubuntu?

Troubleshooting iSCSI connection issues may involve checking network connectivity, verifying configuration files for both the initiator and target, reviewing system logs, and ensuring that the target is properly exporting the storage devices. Tools like iscsiadm can also assist in diagnosing and managing iSCSI connections.

Conclusion

In this tutorial, we have covered the process of setting up an iSCSI storage server on Ubuntu 22.04. You have learned how to install and configure the iSCSI target and initiator, create a file system on the shared device, and troubleshoot common iSCSI connection issues. By following these steps, you can enable secure storage sharing within your network. If you are looking for reliable and efficient cloud hosting solutions, consider Shape.host’s Linux SSD VPS services.