FreeBSD iSCSI Server (target)

Part of the new central storage setup is to enable the server to be an iSCSI server or target so our clients can be iSCSI initiations to connect in and use the storage. The main reason is to facilitate the new Microsoft DPM feature which is remote storage via iSCSI. I’ll be combining this with ZFS storage on the final project, but ehat ypu see below is on my test server, the beloved HP Microserver – 1x (slow) CPU, 8GB RAM, 1 160GB HDD, 3 x 2TB HDD. To start I’ll add the ZFS storage disks:

# echo 'zfs_enable="YES"' >> /etc/rc.conf
# service zfs start
# zpool create DATA raidz1 ada1 ada2 ada3

# zpool list
DATA  5.44T   206K  5.44T     0%  1.00x  ONLINE  -

Now I’ll install the iSCSI target port:

# cd /usr/ports/net/istgt
# make install

--/ Stuff happens /--


To run istgt at startup, add istgt_enable="YES" to /etc/rc.conf.
Create configuration files manually.
Sample configuration files can be found in /usr/local/etc/istgt.
QUICKSTART in /usr/local/share/doc/istgt shows you how to configure.


--/legal mumbo jumbo/--

That all went well, so lets add the enable line to /etc/rc.conf

echo 'istgt_enable="YES"' >> /etc/rc.conf

Before starting the istgt service we need to configure some files located in /usr/local/etc/istgt/. They are

  • istgt.conf
  • auth.conf
  • istgtcontrol.conf

There are some sample files which can be used as templates to get the ball rolling. My research on the internet reveal very little information on this with virtually zero explanation of what a lot of the stuff means. So I’ve hacked them about to make them work on my system here, heres the first:

# cat istgt.conf
  Comment "Global section"
  NodeBase ""

  PidFile /var/run/
  AuthFile /usr/local/etc/istgt/auth.conf

  LogFacility "local7"

  Timeout 30
  NopInInterval 20

  DiscoveryAuthMethod Auto

  MaxSessions 16
  MaxConnections 4
  MaxR2T 32

  MaxOutstandingR2T 16
  DefaultTime2Wait 2
  DefaultTime2Retain 60
  FirstBurstLength 262144
  MaxBurstLength 1048576
  MaxRecvDataSegmentLength 262144

  InitialR2T Yes
  ImmediateData Yes
  DataPDUInOrder Yes
  DataSequenceInOrder Yes
  ErrorRecoveryLevel 0

  Comment "Internal Logical Unit Controller"
  AuthMethod CHAP Mutual
  AuthGroup AuthGroup10000
  Portal UC1

  Portal DA1

  Comment "Initiator Group7"
  InitiatorName "ALL"

  Comment "iDisk1"
  TargetName iDisk1
  TargetAlias "iDisk1"
  Mapping PortalGroup7 InitiatorGroup7
  AuthMethod CHAP
  AuthGroup AuthGroup7
  UseDigest Auto
  UnitType Disk
  LUN0 Storage /DATA/iSCSI/iDisk1 100MB

And the second

# cat auth.conf
  Comment "Auth Group7"
  Auth "iDisk1" "qwertyuiop12345" 

  Comment "Unit Controller's users"
  Auth "ctluser" "test" "mutualuser" "mutualsecret"
  Auth "onlysingle" "secret"

And the third

# cat istgtcontrol.conf
  Comment "totally butchered configuration"
  Timeout 60
  AuthMethod CHAP Mutual
  Auth "testuser" "secret" "mutual user" "mutual secret"

  Host localhost
  Port 3261

Then I created my disk with the dd command:

dd if=/dev/zero of=/DATA/iSCSI/iDisk1 bs=`expr 1024 \* 1024` count=100

The next task is to test this to see if it works and i’m working form home and the the server is in the office with nowt but a nasty ADSL line between us! I tend to use Macs so i needed to find an iscsi initiator for Mac. A swift ‘Google’ revealed that there seemed to be one main player here – the GlobalSAN iSCSI Initiator, which has a 14 day trial available despite the rest of the internet claiming its free. Ho hum, i gues if it works then $89 wont be too bad!

So, i downloaded and installed the the client…

Now we need to set up a target by clicking the ‘+’ button on the left hand side at the bottom. Select ‘target’ from the list.

When you click add the entry will appear in the list on the left.

Ensure the target volume is highlighted on the left hand panel and now select the ‘+’ button from the ‘connections’ panel. Add the ip address of the iSCSI target server.

Now click the iSCSI option button and click the checkboxes.

Click the Authentication button and add the username and password you entered into the auth.conf file.

When done click on ‘Connect’ and it should all go green!

I get a satisfying icon on the desktop like this:

Related Links:

This entry was posted in FreeBSD Administration, ZFS and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *