Server
dnf install nfs-utils
# mkdir [공유할_디렉터리]
# vi /etc/exports
[공유할_디렉터리] [허가할_호스트][디렉터리 권한]
[root@localhost nfs]# cat /etc/exports
/home/nfs 192.168.*.*(rw,all_squash,sync)
/home/nfs2 192.168.*.*(rw,root_squash, no_root_squash)
[root@localhost nfs]# exportfs -a
[root@localhost nfs]# exportfs -v
/home/nfs 192.168.*.*(sync,wdelay,hide,no_subtree_check,sec=sys,rw,root_squash,all_squash)
[root@localhost nfs]# systemctl enable nfs-server
[root@localhost nfs]# systemctl start nfs-server
ro : 읽기 전용, 디폴트 값이다. rw : 읽기쓰기 root_squash : 클라이언트가 root 권한 획득을 막는다. uid/gid가 0의 요청을 익명의 uid/gid(일반적으로 nobody)로 매핑한다. 그외 uid/gid(일반 계정)에 대해서는 해당되지 않는다. 디폴트 값이다. no_root_squash : 클라이언트가 root 권한 획득가능, 파일 생성시 클라이언트의 권한으로 생성됨 all_squash : 모든 uid, gid를 익명사용자에게 매핑합니다. 디폴트 값이다. no_all_squash : no_root_squash 와 동일, 디폴트 값이다. sync : 변경 사항이 커밋된 후에만 요청에 응답(안정적인 저장), 디폴트 값이다. async : 요청에 의해 변경되기 전에 요청에 응답, 이 옵션을 사용하면 일반적으로 성능이 향상되지만 비용이 많이 듭니다. 부정한 서버 재시작 (예 : 충돌)으로 인해 데이터가 손상 될 수 있음 rw : read write ro : read only rx : read and excute root_squash, no_root_squash : 모든 호스트에는 슈퍼 유저(root)가 있다. 즉, NFS 서버에서도 root가 있고, NFS 클라이언트에서도 root 사용자가 있다. 하지만 두 호스트의 root가 반드시 동일할 수는 없다. 그렇기 때문에 클라이언트의 root는 서버에서 root의 권한을 가질 수 없다. 따라서 root_squash는 기본값으로 클라이언트의 root는 NFS 파일 시스템에서는 nobody로 매핑되도록 한다. 즉 클라이언트의 root가 마운트된 디렉토리에서 마음대로 쓰고 지울 수 없도록 설정하게 된다. no_root_squash는 클라이언트의 root가 NFS 파일시스템 위에서도 root의 권한을 가지도록 한다. all_squash, no_all_squash : 기본값은 no_all_squash로 root를 제외한 일반 사용자 계정에 대해서 서버와 클라이언트에 존재하는 동일한 UID에 대해서는 동일한 권리를 갖게 해 준다. 이는 root에 대한 기본 처리 값과는 반대다. all_squash는 클라이언트의 모든 UID와 GID에 대해서 익명 사용자 ID로 매핑하여 처리한다. link_relative : 절대 경로에 해당하는 심볼릭 링크를 상대 경로로 변경하도록 설정하는 옵션으로, 서버의 전체 파일 시스템이 클라이언트에 마운트되었을 때 유용한 옵션이다. 옵션이 설정되지 않은 상태에서 클라이언트에 마운트된 파일 시스템이 링크를 가지고 있다면 링크는 전혀 엉뚱한 파일을 가리키거나 존재하지 않는 파일을 가리킬 수도 있다. 그래서 이 옵션은 기본 설정값으로 지정된다.
Client
dnf install nfs-utils nfs4-acl-tools
vi /etc/fstab
192.168.0.0:/home/homepage /home/homepage nfs rw,rsize=131072,wsize=131072,proto=tcp,soft,timeo=20,retrans=1 0 0
Base Rocky 8
1) Server (192.168.0.70)
dnf update
dnf install -y targetcli
mkdir /var/lib/iscsi_disks
File (Fileio Storage Object)
[root@localhost ~]# targetcli
Warning: Could not load preferences file /root/.targetcli/prefs.bin.
targetcli shell version 2.1.53
Copyright 2011-2013 by Datera, Inc and others.
For help on commands, type 'help'.
/>
/> cd backstores/fileio
/backstores/fileio> create disk1 /var/lib/iscsi_disks/disk1.img 1G
Created fileio disk1 with size 1073741824
/backstores/fileio>
/backstores/fileio> ls
o- fileio ............................................................................. [Storage Objects: 1]
o- disk1 ................................ [/var/lib/iscsi_disks/disk1.img (1.0GiB) write-back deactivated]
o- alua ............................................................................... [ALUA Groups: 1]
o- default_tg_pt_gp ................................................... [ALUA state: Active/optimized]
/backstores/fileio> exit
Global pref auto_save_on_exit=true
Configuration saved to /etc/target/saveconfig.json
HDD (block storage object)
[root@localhost ~]# targetcli
Warning: Could not load preferences file /root/.targetcli/prefs.bin.
targetcli shell version 2.1.53
Copyright 2011-2013 by Datera, Inc and others.
For help on commands, type 'help'.
/>
/> cd /backstores/block/
/backstores/block> create name=block_backend dev=/dev/xvdb
Created block storage object block_backend using /dev/xvdb.
/backstores/block> ls
o- block .............................................................................. [Storage Objects: 1]
o- block_backend ............................................. [/dev/xvdb (1.0GiB) write-thru deactivated]
o- alua ............................................................................... [ALUA Groups: 1]
o- default_tg_pt_gp ................................................... [ALUA state: Active/optimized]
Ram (Ram storage object)
[root@localhost ~]# targetcli
Warning: Could not load preferences file /root/.targetcli/prefs.bin.
targetcli shell version 2.1.53
Copyright 2011-2013 by Datera, Inc and others.
For help on commands, type 'help'.
/>
/> cd /backstores/ramdisk/
/backstores/ramdisk> create name=rd_backend size=125MB
Created ramdisk rd_backend with size 125MB.
/backstores/ramdisk> ls
o- ramdisk ............................................................................ [Storage Objects: 1]
o- rd_backend ................................................................... [(125.0MiB) deactivated]
o- alua ............................................................................... [ALUA Groups: 1]
o- default_tg_pt_gp ................................................... [ALUA state: Active/optimized]
SCSI (pscsi storage object)
[root@localhost ~]# targetcli Warning: Could not load preferences file /root/.targetcli/prefs.bin. targetcli shell version 2.1.53 Copyright 2011-2013 by Datera, Inc and others. For help on commands, type 'help'. /> /> cd /backstores/pscsi/ /backstores/pscsi> create name=pscsi_backend dev=/dev/sr0
iSCSI target
[root@localhost ~]# targetcli
Warning: Could not load preferences file /root/.targetcli/prefs.bin.
targetcli shell version 2.1.53
Copyright 2011-2013 by Datera, Inc and others.
For help on commands, type 'help'.
/>
/> cd /iscsi/
/iscsi> create iqn.2024-02.kr.xcp-ng:blk.target01
Created target iqn.2024-02.kr.xcp-ng:blk.target01.
Created TPG 1.
Global pref auto_add_default_portal=true
Created default portal listening on all IPs (0.0.0.0), port 3260.
/iscsi> ls
o- iscsi ...................................................................................... [Targets: 1]
o- iqn.2024-02.kr.xcp-ng:blk.target01 .......................................................... [TPGs: 1]
o- tpg1 ......................................................................... [no-gen-acls, no-auth]
o- acls .................................................................................... [ACLs: 0]
o- luns .................................................................................... [LUNs: 0]
o- portals .............................................................................. [Portals: 1]
o- 0.0.0.0:3260 ............................................................................... [OK]
iSCSI portal(Client 아이피 추가 변경시 필요)
[root@localhost ~]# targetcli Warning: Could not load preferences file /root/.targetcli/prefs.bin. targetcli shell version 2.1.53 Copyright 2011-2013 by Datera, Inc and others. For help on commands, type 'help'. /> /> cd /iscsi/iqn.2024-02.kr.xcp-ng:blk.target01/tpg1/portals/ /iscsi/iqn.20.../tpg1/portals> ls o- portals .................................................................................... [Portals: 1] o- 0.0.0.0:3260 ..................................................................................... [OK] /iscsi/iqn.20.../tpg1/portals> delete ip_address=0.0.0.0 ip_port=3260 Deleted network portal 0.0.0.0:3260 /iscsi/iqn.20.../tpg1/portals> create 192.168.0.0 Using default IP port 3260 Created network portal 192.168.0.0:3260. /iscsi/iqn.20.../tpg1/portals> ls o- portals .................................................................................... [Portals: 1] o- 192.168.0.0:3260 ................................................................................. [OK
iSCSI LUN
[root@localhost ~]# targetcli Warning: Could not load preferences file /root/.targetcli/prefs.bin. targetcli shell version 2.1.53 Copyright 2011-2013 by Datera, Inc and others. For help on commands, type 'help'. /> /> cd /iscsi/iqn.2024-02.kr.xcp-ng:blk.target01/tpg1/luns /iscsi/iqn.20...t01/tpg1/luns> ls o- luns .......................................................................................... [LUNs: 0] ##For Block device /iscsi/iqn.20...t01/tpg1/luns> create /backstores/block/block_backend Created LUN 0. ##For fileio /iscsi/iqn.20...t01/tpg1/luns> create /backstores/fileio/disk1 Created LUN 1. ##For ramdisk /iscsi/iqn.20...t01/tpg1/luns> create /backstores/ramdisk/rd_backend Created LUN 2. /iscsi/iqn.20...t01/tpg1/luns> ls o- luns .......................................................................................... [LUNs: 3] o- lun0 ............................................. [block/block_backend (/dev/xvdb) (default_tg_pt_gp)] o- lun1 ............................... [fileio/disk1 (/var/lib/iscsi_disks/disk1.img) (default_tg_pt_gp)] o- lun2 .......................................................... [ramdisk/rd_backend (default_tg_pt_gp)]
iSCSI ACL
[root@localhost ~]# targetcli
Warning: Could not load preferences file /root/.targetcli/prefs.bin.
targetcli shell version 2.1.53
Copyright 2011-2013 by Datera, Inc and others.
For help on commands, type 'help'.
/>
/> cd /iscsi/iqn.2024-02.kr.xcp-ng:blk.target01/tpg1/acls
/iscsi/iqn.20...t01/tpg1/acls> ls
o- acls .......................................................................................... [ACLs: 0]
/iscsi/iqn.20...t01/tpg1/acls> create iqn.2024-02.kr.xcp-ng:node01.initiator01
Created Node ACL for iqn.2024-02.kr.xcp-ng:node01.initiator01
Created mapped LUN 2.
Created mapped LUN 1.
Created mapped LUN 0.
/iscsi/iqn.20...t01/tpg1/acls> ls
o- acls .......................................................................................... [ACLs: 1]
o- iqn.2024-02.kr.xcp-ng:node01.initiator01 ............................................. [Mapped LUNs: 3]
o- mapped_lun0 ......................................................... [lun0 block/block_backend (rw)]
o- mapped_lun1 ................................................................ [lun1 fileio/disk1 (rw)]
o- mapped_lun2 .......................................................... [lun2 ramdisk/rd_backend (rw)]
/iscsi/iqn.20...t01/tpg1/acls> cd iqn.2024-02.kr.xcp-ng:node01.initiator01/
### CHAP 인증 적용
/iscsi/iqn.20...1.initiator01> set attribute authentication=1
Parameter authentication is now '1'.
/iscsi/iqn.20...1.initiator01> set auth userid=username01
Parameter userid is now 'username01'.
/iscsi/iqn.20...1.initiator01> set auth password=password
Parameter password is now 'password'.
/iscsi/iqn.20...1.initiator01> / saveconfig
Last 10 configs saved in /etc/target/backup/.
Configuration saved to /etc/target/saveconfig.json
/iscsi/iqn.20...1.initiator01> exit
Global pref auto_save_on_exit=true
Last 10 configs saved in /etc/target/backup/.
Configuration saved to /etc/target/saveconfig.json
[root@localhost ~]# systemctl enable target
[root@localhost ~]# systemctl start target
[root@localhost ~]# systemctl status target
● target.service - Restore LIO kernel target configuration
Loaded: loaded (/usr/lib/systemd/system/target.service; disabled; vendor preset: disabled)
Active: active (exited) since Sat 2024-02-00 00:00:00 KST; 5s ago
Process: 1819 ExecStart=/usr/bin/targetctl restore (code=exited, status=0/SUCCESS)
Main PID: 1819 (code=exited, status=0/SUCCESS)
2월 02 00:00:00 localhost.localdomain systemd[1]: Starting Restore LIO kernel target configuration...
2월 02 00:00:00 localhost.localdomain systemd[1]: Started Restore LIO kernel target configuration.
[root@localhost ~]#firewall-cmd --add-service=iscsi-target --permanent
[root@localhost ~]#firewall-cmd --reload
2) Client(192.168.0.x)
dnf -y install iscsi-initiator-utils
vi /etc/iscsi/initiatorname.iscsi
=========================================
InitiatorName=iqn.2024-02.kr.xcp-ng:node01.initiator01
=========================================
vi /etc/iscsi/iscsid.conf
=========================================
# *************
# CHAP Settings
# *************
......
node.session.auth.authmethod = CHAP
.....
node.session.auth.username = username01
node.session.auth.password = password
....
=========================================
[root@localhost ~]# iscsiadm -m discovery -t st -p 192.168.0.70
192.168.0.70:3260,1 iqn.2024-02.kr.xcp-ng:blk.target01
[root@localhost ~]# ls -al /var/lib/iscsi/send_targets/
합계 0
drwxr-xr-x 4 root root 56 2월 3 02:05 .
drwxr-xr-x 8 root root 90 2월 3 01:47 ..
drwx------ 2 root root 93 2월 3 02:12 192.168.0.70,3260
[root@localhost iscsi]# iscsiadm -m node --login
Logging in to [iface: default, target: iqn.2024-02.kr.xcp-ng:blk.target01, portal: 192.168.0.70,3260]
Login to [iface: default, target: iqn.2024-02.kr.xcp-ng:blk.target01, portal: 192.168.0.70,3260] successful.
[root@localhost iscsi]# iscsiadm -m session -o show
tcp: [1] 192.168.0.70:3260,1 iqn.2024-02.kr.xcp-ng:blk.target01 (non-flash)
[root@localhost iscsi]# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 1G 0 disk
sdb 8:16 0 125M 0 disk
sdc 8:32 0 1G 0 disk
[root@localhost iscsi]#
[root@localhost iscsi]# iscsiadm -m node --logout
Logging out of session [sid: 1, target: iqn.2024-02.kr.xcp-ng:blk.target01, portal: 192.168.0.70,3260]
Logout of [sid: 1, target: iqn.2024-02.kr.xcp-ng:blk.target01, portal: 192.168.0.70,3260] successful.
[root@localhost iscsi]# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
mount /dev/sdb1 -o _netdev /iscsi_lun1
vi /etc/fstab에 쓸 땐 defaults 대신 _netdev를 쓰면 된다
/dev/sda /block1 ext4 _netdev 0 0
/dev/sdb /file1 ext4 _netdev 0 0