๐ง Linux iSCSI Server Setup Guide
iSCSI (Internet Small Computer System Interface) is a network storage protocol that allows remote hosts to access block-level storage devices over TCP/IP. It is widely used in data centers, virtualization platforms, and NAS/SAN systems for efficient, low-cost storage integration.
๐ 1. Understanding iSCSI Architecture
- Target: The storage provider server exposing logical disks.
- Initiator: The client that connects to the target and accesses storage.
- LUN (Logical Unit Number): Logical disk unit exported from the target to the initiator.
iSCSI uses TCP port 3260 and supports authentication (CHAP), multi-path I/O (MPIO), and encryption. It behaves like a local disk once connected and mounted.
⚙️ 2. Example Environment
System: Rocky Linux 9
Target Server IP: 192.168.1.100
Initiator Client IP: 192.168.1.110
Storage Directory: /data/iscsi/
1️⃣ Install Required Packages
# Target (Server)
sudo dnf install targetcli -y
# Initiator (Client)
sudo dnf install iscsi-initiator-utils -y
2️⃣ Configure iSCSI Target
sudo targetcli
/> backstores/fileio create disk1 /data/iscsi/disk1.img 5G
/> iscsi/ create iqn.2025-11.local.iscsi:storage
/> iscsi/iqn.2025-11.local.iscsi:storage/tpg1/luns/ create /backstores/fileio/disk1
/> iscsi/iqn.2025-11.local.iscsi:storage/tpg1/acls/ create iqn.2025-11.client:initiator
/> iscsi/iqn.2025-11.local.iscsi:storage/tpg1/portals/ create 0.0.0.0
/> saveconfig
/> exit
sudo systemctl enable --now target
3️⃣ Connect and Mount from Client
# Edit initiator name
sudo vi /etc/iscsi/initiatorname.iscsi
InitiatorName=iqn.2025-11.client:initiator
# Discover and login
sudo iscsiadm -m discovery -t sendtargets -p 192.168.1.100
sudo iscsiadm -m node -T iqn.2025-11.local.iscsi:storage -p 192.168.1.100 --login
# Verify and mount
lsblk
sudo mkfs.xfs /dev/sdb
sudo mkdir /mnt/iscsi
sudo mount /dev/sdb /mnt/iscsi
4️⃣ Enable Auto-Mount at Boot
sudo systemctl enable --now iscsid
sudo iscsiadm -m node --op update -n node.startup -v automatic
๐งฉ 3. Security & Performance Tips
- ๐ Enable CHAP Authentication for secure access.
- ⚡ Use a dedicated 10GbE or VLAN segment for iSCSI traffic.
- ๐งฑ Implement MPIO (Multipath I/O) for redundancy and load balancing.
- ๐ Combine with LVM, RAID, or ZFS for storage optimization.
# Enable CHAP authentication (Target side)
/> iscsi/iqn.2025-11.local.iscsi:storage/tpg1 set attribute authentication=1
/> iscsi/iqn.2025-11.local.iscsi:storage/tpg1 set auth userid=admin
/> iscsi/iqn.2025-11.local.iscsi:storage/tpg1 set auth password=securepass
๐ Conclusion
iSCSI provides a flexible and cost-effective way to centralize storage management. By integrating it with LVM, RAID, or backup automation tools, you can build a scalable and high-availability storage architecture suitable for both enterprise and lab environments.
๐ Related Articles
- ๐ง Linux FTP Server Setup Guide (vsftpd)
- ๐ง Linux Samba Server Configuration Guide
- ๐ง LAMP Stack Setup on Linux (Apache + MariaDB + PHP)
— WWFandy・System & Network Notes
ๆฒๆ็่จ:
ๅผต่ฒผ็่จ