fluxcoil wiki

• On fedora 16 actually also the new LIO target should be usable

yum -y install scsi-target-utils iscsi-initiator-utils

systemctl start tgtd.service
tgtadm --lld iscsi --op new --mode target --tid 1 -T iqn.2003-01.org.x:disk1
tgtadm --lld iscsi --op show --mode target

# dd if=/dev/zero of=lun0 bs=1 count=1 seek=10G
# dd if=/dev/zero of=lun1 bs=1 count=1 seek=10G
DEV0=$(losetup --show -f lun0 2>&1|grep -v ^losetup)
DEV1=$(losetup --show -f lun1 2>&1|grep -v ^losetup)
echo "$DEV0 $DEV1"
tgtadm --lld iscsi --op new --mode logicalunit --tid 1 --lun 1 -b $DEV0
tgtadm --lld iscsi --op new --mode logicalunit --tid 1 --lun 2 -b $DEV1

# now lets accept access from everywhere
tgtadm --lld iscsi --op bind --mode target --tid 1 -I ALL

# first: rundown tgtd.
systemctl stop tgtd.service

yum install targetcli

# lets start the targetcli shell
/usr/bin/targetcli

cd /
# existing file
/> /backstores/fileio create file1 /mnt/lun1 write_back=false

# having targetcli create the file
/> /backstores/fileio create file2 /mnt/lun2 128M write_back=false

# blockbased example
/> /backstores/block create block2 dev=/dev/vg-targ/vol2

# ramdisk backend
/> /backstores/ramdisk create ramdisk1 30M

# We will create a new IQN
/> iscsi/ create iqn.2003-01.org.x:disk1

# now, older targetcli (RHEL7) needs explicit port created:
/> cd /iscsi/iqn.2003-01.org.linux-iscsi.rhel7a.x8664:sn.0d82d6d67995/tpg1/
/iscsi/iqn.20...d6d67995/tpg1> portals/ create 0.0.0.0

# now creating luns
/> cd iscsi/iqn.2003-01.org.x:disk1/tpg1/
/iscsi/iqn.20....x:disk1/tpg1> luns/ create /backstores/fileio/file1 
Created LUN 0.
/iscsi/iqn.20....x:disk1/tpg1> luns/ create /backstores/fileio/file2

# set acl.
# iqn.2014-06.com.rhel7a:testinit is here the IQN of the client
# who should get access to the lun
/iscsi/iqn.20....x:disk1/tpg1> acls/ create iqn.2014-06.com.rhel7a:testinit

/> exit

// store the config
targetctl save

// Weird, I need this to restore the target config after reboots
echo 'targetctl restore /etc/target/saveconfig.json' >>/etc/rc.local
chmod +x /etc/rc.local
systemctl enable rc-local targetclid

#### At this point the initiator can access the LUN:
$ iscsiadm -m discovery -t sendtargets -p 192.168.4.1:3260
192.168.4.1:3260,1 iqn.2003-01.org.linux-iscsi.hive.x8664:sn.07237ee0428d
$ iscsiadm -m node --target iqn.2003-01.org.linux-iscsi.hive.x8664:sn.07237ee0428d -p 192.168.4.1:3260 --login
Logging in to [iface: default, target: iqn.2003-01.org.linux-iscsi.hive.x8664:sn.07237ee0428d, portal: 192.168.4.1,3260] (multiple)
Login to [iface: default, target: iqn.2003-01.org.linux-iscsi.hive.x8664:sn.07237ee0428d, portal: 192.168.4.1,3260] successful.

issue:

[root@rhel7a ~]# iscsiadm -m discovery -t sendtargets -p 192.168.4.1
192.168.4.1:3260,1 iqn.2003-01.org.x:disk1
[root@rhel7a ~]# iscsiadm -m node -T iqn.2003-01.org.x:disk1 -p 192.168.4.1:3260 -l
Logging in to [iface: default, target: iqn.2003-01.org.x:disk1, portal: 192.168.4.1,3260] (multiple)
iscsiadm: Could not login to [iface: default, target: iqn.2003-01.org.x:disk1, portal: 192.168.4.1,3260].
iscsiadm: initiator reported error (24 - iSCSI login failed due to authorization failure)
iscsiadm: Could not log into all portals
[root@rhel7a ~]# 

solution: the target needs to set proper ACL for the initiator. For example, this happens if no ACL exists for the exact initiatorname. On the target, using targetcli, this is the directory below “acls”. This has to match the initiatorname in “/etc/iscsi/initiatorname.iscsi” on the client.