Diferencia entre revisiones de «Pacemaker»
De jagfloriano.com
Ir a la navegaciónIr a la búsqueda
| Línea 28: | Línea 28: | ||
Para simular una cabina de almacenamiento se compartirá un disco mediante iSCSI hacia ambos nodos del clúster Pacemaker. | Para simular una cabina de almacenamiento se compartirá un disco mediante iSCSI hacia ambos nodos del clúster Pacemaker. | ||
=== Instalación de paquetes requeridos === | === Instalación de paquetes requeridos === | ||
En el servidor SAN: | En el servidor SAN (target): | ||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
| Línea 175: | Línea 173: | ||
==== Configuración del iSCSI Target (targetcli) ==== | |||
Configuraciones previas: | |||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
[root@icecube ~]# systemctl enable --now target | |||
</syntaxhighlight> | </syntaxhighlight> | ||
<syntaxhighlight lang="bash"> | |||
[root@icecube ~]# systemctl status target | |||
● target.service - Restore LIO kernel target configuration | |||
Loaded: loaded (/usr/lib/systemd/system/target.service; enabled; preset: disabled) | |||
Active: active (exited) since Fri 2026-01-02 23:10:39 CET; 2min 44s ago | |||
Main PID: 5382 (code=exited, status=0/SUCCESS) | |||
CPU: 49ms | |||
= | Jan 02 23:10:39 icecube systemd[1]: Starting Restore LIO kernel target configuration... | ||
Jan 02 23:10:39 icecube systemd[1]: Finished Restore LIO kernel target configuration. | |||
[root@icecube ~]# | |||
</syntaxhighlight> | |||
<syntaxhighlight lang="bash"> | |||
</syntaxhighlight> | |||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
[root@icecube ~]# lsblk /dev/vg_iscsi/lv_storage | |||
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS | |||
vg_iscsi-lv_storage 253:2 0 40G 0 lvm | |||
[root@icecube ~]# f | |||
</syntaxhighlight> | |||
Verificar que no existe configuración actualmente en targetcli: | |||
<syntaxhighlight lang="ini"> | |||
[root@icecube ~]# targetcli ls | |||
o- / ......................................................................................................................... [...] | |||
o- backstores .............................................................................................................. [...] | |||
| o- block .................................................................................................. [Storage Objects: 0] | |||
| o- fileio ................................................................................................. [Storage Objects: 0] | |||
| o- pscsi .................................................................................................. [Storage Objects: 0] | |||
| o- ramdisk ................................................................................................ [Storage Objects: 0] | |||
o- iscsi ............................................................................................................ [Targets: 0] | |||
o- loopback ......................................................................................................... [Targets: 0] | |||
[root@icecube ~]# | |||
</syntaxhighlight> | |||
Acceder a la consola de configuración y crear una LUN: | |||
<syntaxhighlight lang="ini"> | |||
[root@icecube ~]# targetcli | [root@icecube ~]# targetcli | ||
targetcli shell version 2.1.57 | |||
targetcli shell version 2.1. | |||
Copyright 2011-2013 by Datera, Inc and others. | Copyright 2011-2013 by Datera, Inc and others. | ||
For help on commands, type 'help'. | For help on commands, type 'help'. | ||
/> /backstores/block create lun01 /dev/vg_iscsi/lv_storage | |||
Created block storage object lun01 using /dev/vg_iscsi/lv_storage. | |||
</syntaxhighlight> | </syntaxhighlight> | ||
Crear el target y el backstore iSCSI: | |||
<syntaxhighlight lang="ini"> | |||
<syntaxhighlight lang=" | /> /iscsi create iqn.2026-01.icecube:storage.target01 | ||
/> | Created target iqn.2026-01.icecube:storage.target01. | ||
/iscsi | |||
Created target iqn. | |||
Created TPG 1. | Created TPG 1. | ||
Global pref auto_add_default_portal=true | Global pref auto_add_default_portal=true | ||
| Línea 209: | Línea 244: | ||
</syntaxhighlight> | </syntaxhighlight> | ||
<syntaxhighlight lang="ini"> | |||
<syntaxhighlight lang=" | /> /iscsi/iqn.2026-01.icecube:storage.target01/tpg1/luns create /backstores/block/lun01 | ||
/iscsi | |||
Created LUN 0. | Created LUN 0. | ||
</syntaxhighlight> | </syntaxhighlight> | ||
| Línea 218: | Línea 251: | ||
Configurar ACLs y autenticación CHAP: | Configurar ACLs y autenticación CHAP: | ||
<syntaxhighlight lang=" | <syntaxhighlight lang="ini"> | ||
/ | /> /iscsi/iqn.2026-01.icecube:storage.target01/tpg1/acls create iqn.2026-01.icecube:node01.initiator01 | ||
Created Node ACL for iqn.2026-01.icecube:node01.initiator01 | |||
/iscsi/iqn. | |||
Created Node ACL for iqn. | |||
Created mapped LUN 0. | Created mapped LUN 0. | ||
</syntaxhighlight> | |||
/iscsi/iqn. | <syntaxhighlight lang="ini"> | ||
/> /iscsi/iqn.2026-01.icecube:storage.target01/tpg1 set attribute authentication=1 | |||
Parameter authentication is now '1'. | |||
</syntaxhighlight> | |||
/iscsi/iqn. | <syntaxhighlight lang="ini"> | ||
/> /iscsi/iqn.2026-01.icecube:storage.target01/tpg1/acls/iqn.2026-01.icecube:node01.initiator01 set auth userid=bonzo | |||
Parameter userid is now 'bonzo'. | Parameter userid is now 'bonzo'. | ||
/iscsi/iqn. | </syntaxhighlight> | ||
<syntaxhighlight lang="ini"> | |||
/> /iscsi/iqn.2026-01.icecube:storage.target01/tpg1/acls/iqn.2026-01.icecube:node01.initiator01 set auth password=PASSWORD2020 | |||
Parameter password is now 'PASSWORD2020'. | Parameter password is now 'PASSWORD2020'. | ||
</syntaxhighlight> | </syntaxhighlight> | ||
Salir y guardar la configuración: | Salir y guardar la configuración: | ||
<syntaxhighlight lang=" | <syntaxhighlight lang="ini"> | ||
/ | /> exit | ||
Global pref auto_save_on_exit=true | Global pref auto_save_on_exit=true | ||
Last 10 configs saved in /etc/target/backup/. | |||
Configuration saved to /etc/target/saveconfig.json | Configuration saved to /etc/target/saveconfig.json | ||
</syntaxhighlight> | </syntaxhighlight> | ||
Verificación del fichero de configuracion: | |||
<syntaxhighlight lang="ini"> | |||
[root@icecube ~]# cat /etc/target/saveconfig.json | |||
{ | |||
"fabric_modules": [], | |||
<syntaxhighlight lang=" | "storage_objects": [ | ||
{ | |||
[root@icecube ~]# | "alua_tpgs": [ | ||
{ | |||
"alua_access_state": 0, | |||
"alua_access_status": 0, | |||
"alua_access_type": 3, | |||
"alua_support_active_nonoptimized": 1, | |||
"alua_support_active_optimized": 1, | |||
"alua_support_offline": 1, | |||
"alua_support_standby": 1, | |||
"alua_support_transitioning": 1, | |||
"alua_support_unavailable": 1, | |||
"alua_write_metadata": 0, | |||
"implicit_trans_secs": 0, | |||
"name": "default_tg_pt_gp", | |||
"nonop_delay_msecs": 100, | |||
"preferred": 0, | |||
"tg_pt_gp_id": 0, | |||
"trans_delay_msecs": 0 | |||
} | |||
], | |||
"attributes": { | |||
"alua_support": 1, | |||
"block_size": 512, | |||
"emulate_3pc": 1, | |||
"emulate_caw": 1, | |||
"emulate_dpo": 1, | |||
"emulate_fua_read": 1, | |||
"emulate_fua_write": 1, | |||
"emulate_model_alias": 1, | |||
"emulate_pr": 1, | |||
"emulate_rest_reord": 0, | |||
"emulate_rsoc": 1, | |||
"emulate_tas": 1, | |||
"emulate_tpu": 0, | |||
"emulate_tpws": 0, | |||
"emulate_ua_intlck_ctrl": 0, | |||
"emulate_write_cache": 0, | |||
"enforce_pr_isids": 1, | |||
"force_pr_aptpl": 0, | |||
"is_nonrot": 0, | |||
"max_unmap_block_desc_count": 0, | |||
"max_unmap_lba_count": 0, | |||
"max_write_same_len": 65535, | |||
"optimal_sectors": 65528, | |||
"pgr_support": 1, | |||
"pi_prot_format": 0, | |||
"pi_prot_type": 0, | |||
"pi_prot_verify": 0, | |||
"queue_depth": 128, | |||
"submit_type": 0, | |||
"unmap_granularity": 0, | |||
"unmap_granularity_alignment": 0, | |||
"unmap_zeroes_data": 0 | |||
}, | |||
"dev": "/dev/vg_iscsi/lv_storage", | |||
"name": "lun01", | |||
"plugin": "block", | |||
"readonly": false, | |||
"write_back": false, | |||
"wwn": "b1e53820-2d0e-4605-a66e-96ed4d4738a9" | |||
} | |||
], | |||
"targets": [ | |||
{ | |||
"fabric": "iscsi", | |||
"parameters": { | |||
"cmd_completion_affinity": "-1" | |||
}, | |||
"tpgs": [ | |||
{ | |||
"attributes": { | |||
"authentication": 1, | |||
"cache_dynamic_acls": 0, | |||
"default_cmdsn_depth": 64, | |||
"default_erl": 0, | |||
"demo_mode_discovery": 1, | |||
"demo_mode_write_protect": 1, | |||
"fabric_prot_type": 0, | |||
"generate_node_acls": 0, | |||
"login_keys_workaround": 1, | |||
"login_timeout": 15, | |||
"prod_mode_write_protect": 0, | |||
"t10_pi": 0, | |||
"tpg_enabled_sendtargets": 1 | |||
}, | |||
"enable": true, | |||
"luns": [ | |||
{ | |||
"alias": "4937399dfd", | |||
"alua_tg_pt_gp_name": "default_tg_pt_gp", | |||
"index": 0, | |||
"storage_object": "/backstores/block/lun01" | |||
} | |||
], | |||
"node_acls": [ | |||
{ | |||
"attributes": { | |||
"authentication": -1, | |||
"dataout_timeout": 3, | |||
"dataout_timeout_retries": 5, | |||
"default_erl": 0, | |||
"nopin_response_timeout": 30, | |||
"nopin_timeout": 15, | |||
"random_datain_pdu_offsets": 0, | |||
"random_datain_seq_offsets": 0, | |||
"random_r2t_offsets": 0 | |||
}, | |||
"chap_password": "PASSWORD2020", | |||
"chap_userid": "bonzo", | |||
"mapped_luns": [ | |||
{ | |||
"alias": "612d32f2e4", | |||
"index": 0, | |||
"tpg_lun": 0, | |||
"write_protect": false | |||
} | |||
], | |||
"node_wwn": "iqn.2026-01.icecube:node01.initiator01" | |||
} | |||
], | |||
"parameters": { | |||
"AuthMethod": "CHAP", | |||
"DataDigest": "CRC32C,None", | |||
"DataPDUInOrder": "Yes", | |||
"DataSequenceInOrder": "Yes", | |||
"DefaultTime2Retain": "20", | |||
"DefaultTime2Wait": "2", | |||
"ErrorRecoveryLevel": "0", | |||
"FirstBurstLength": "65536", | |||
"HeaderDigest": "CRC32C,None", | |||
"IFMarkInt": "Reject", | |||
"IFMarker": "No", | |||
"ImmediateData": "Yes", | |||
"InitialR2T": "Yes", | |||
"MaxBurstLength": "262144", | |||
"MaxConnections": "1", | |||
"MaxOutstandingR2T": "1", | |||
"MaxRecvDataSegmentLength": "8192", | |||
"MaxXmitDataSegmentLength": "262144", | |||
"OFMarkInt": "Reject", | |||
"OFMarker": "No", | |||
"TargetAlias": "LIO Target" | |||
}, | |||
"portals": [ | |||
{ | |||
"ip_address": "0.0.0.0", | |||
"iser": false, | |||
"offload": false, | |||
"port": 3260 | |||
} | |||
], | |||
"tag": 1 | |||
} | |||
], | |||
"wwn": "iqn.2026-01.icecube:storage.target01" | |||
} | |||
] | |||
} | |||
</syntaxhighlight> | </syntaxhighlight> | ||
==== Comprobación del servicio iSCSI ==== | |||
== | |||
Ver estado de configuracion de targetcli: | |||
<syntaxhighlight lang="ini"> | <syntaxhighlight lang="ini"> | ||
[root@icecube ~]# targetcli ls | [root@icecube ~]# targetcli ls | ||
o- / ......................................................................................................................... [...] | o- / ......................................................................................................................... [...] | ||
| Línea 312: | Línea 475: | ||
| o- 0.0.0.0:3260 ..................................................................................................... [OK] | | o- 0.0.0.0:3260 ..................................................................................................... [OK] | ||
o- loopback ......................................................................................................... [Targets: 0] | o- loopback ......................................................................................................... [Targets: 0] | ||
</syntaxhighlight> | |||
Verificar que el puerto iSCSI está en escucha: | |||
<syntaxhighlight lang="bash"> | |||
[root@icecube ~]# ss -napt | grep 3260 | |||
LISTEN 0 256 *:3260 *:* | |||
[root@icecube ~]# | [root@icecube ~]# | ||
</syntaxhighlight> | |||
<syntaxhighlight lang="bash"> | |||
[root@icecube ~]# firewall-cmd --add-service=iscsi-target --permanent | |||
success | |||
[root@icecube ~]# firewall-cmd --reload | |||
success | |||
</syntaxhighlight> | |||
=== Configuración alternativa del Target === | |||
Ajustar contextos SELinux: | |||
<syntaxhighlight lang="bash"> | |||
[root@icecube ~]# chcon -R -t tgtd_var_lib_t /var/lib/iscsi_disks | |||
[root@icecube ~]# semanage fcontext -a -t tgtd_var_lib_t /var/lib/iscsi_disks | |||
</syntaxhighlight> | </syntaxhighlight> | ||
=== Configuración del iSCSI Initiator en los nodos === | === Configuración del iSCSI Initiator en los nodos === | ||
Los siguientes pasos deben ejecutarse en '''todos los nodos del clúster'''. | Los siguientes pasos deben ejecutarse en '''todos los nodos del clúster'''. | ||
=== Instalación de paquetes === | === Instalación de paquetes === | ||
Revisión del 22:36 2 ene 2026
Creación de un clúster Pacemaker ( EN DESARROLLO)
Introducción
En este laboratorio se configura un clúster Pacemaker utilizando almacenamiento compartido vía iSCSI. Para ello se emplean un mínimo de tres máquinas:
- Dos nodos que formarán el clúster Pacemaker
- Una máquina adicional que actuará como servidor de almacenamiento SAN
El objetivo es simular el uso de discos compartidos de una cabina de almacenamiento en una infraestructura real.
---
Topología del laboratorio
Máquinas
- Servidor SAN
- Icecube —
192.168.1.80
- Icecube —
- Nodos Pacemaker
- Nodo1 —
192.168.1.81 - Nodo2 —
192.168.1.82
- Nodo1 —
---
Configuración del almacenamiento SAN
Para simular una cabina de almacenamiento se compartirá un disco mediante iSCSI hacia ambos nodos del clúster Pacemaker.
Instalación de paquetes requeridos
En el servidor SAN (target):
[root@icecube ~]# subscription-manager register
Registering to: subscription.rhsm.redhat.com:443/subscription
Username: $USER
Password:
The system has been registered with ID: dddb6e1e-049a-4ea2-8943-403ec63bb06f
The registered system name is: icecube
[root@icecube ~]# subscription-manager repos --enable codeready-builder-for-rhel-9-$(arch)-rpms
Repository 'codeready-builder-for-rhel-9-x86_64-rpms' is enabled for this system.
[root@icecube ~]# dnf install \
https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm
Updating Subscription Management repositories.
Red Hat CodeReady Linux Builder for RHEL 9 x86_64 (RPMs) 24 MB/s | 15 MB 00:00
epel-release-latest-9.noarch.rpm 41 kB/s | 19 kB 00:00
Dependencies resolved.
===============================================================================================================================
Package Architecture Version Repository Size
===============================================================================================================================
Installing:
epel-release noarch 9-10.el9 @commandline 19 k
Transaction Summary
===============================================================================================================================
Install 1 Package
Total size: 19 k
Installed size: 26 k
Is this ok [y/N]: y
Downloading Packages:
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : epel-release-9-10.el9.noarch 1/1
Running scriptlet: epel-release-9-10.el9.noarch 1/1
Many EPEL packages require the CodeReady Builder (CRB) repository.
It is recommended that you run /usr/bin/crb enable to enable the CRB repository.
Verifying : epel-release-9-10.el9.noarch 1/1
Installed products updated.
Installed:
epel-release-9-10.el9.noarch
Complete!
[root@icecube ~]# dnf --enablerepo=epel* install targetcli
Updating Subscription Management repositories.
Last metadata expiration check: 0:02:26 ago on Fri 02 Jan 2026 09:50:24 PM CET.
Dependencies resolved.
======================================================================================================================================================
Package Architecture Version Repository Size
======================================================================================================================================================
Installing:
targetcli noarch 2.1.57-2.el9 rhel-9-for-x86_64-appstream-rpms 79 k
Installing dependencies:
python3-configshell noarch 1:1.1.30-1.el9 rhel-9-for-x86_64-baseos-rpms 76 k
python3-kmod x86_64 0.9-32.el9 rhel-9-for-x86_64-baseos-rpms 88 k
python3-pyparsing noarch 2.4.7-9.el9 rhel-9-for-x86_64-baseos-rpms 154 k
python3-rtslib noarch 2.1.76-1.el9 rhel-9-for-x86_64-appstream-rpms 104 k
python3-urwid x86_64 2.1.2-4.el9 rhel-9-for-x86_64-baseos-rpms 842 k
target-restore noarch 2.1.76-1.el9 rhel-9-for-x86_64-appstream-rpms 16 k
Transaction Summary
======================================================================================================================================================
Install 7 Packages
Total download size: 1.3 M
Installed size: 5.0 M
Is this ok [y/N]: y
Downloading Packages:
(1/7): python3-pyparsing-2.4.7-9.el9.noarch.rpm 1.0 MB/s | 154 kB 00:00
(2/7): python3-kmod-0.9-32.el9.x86_64.rpm 347 kB/s | 88 kB 00:00
(3/7): python3-configshell-1.1.30-1.el9.noarch.rpm 683 kB/s | 76 kB 00:00
(4/7): target-restore-2.1.76-1.el9.noarch.rpm 145 kB/s | 16 kB 00:00
(5/7): python3-rtslib-2.1.76-1.el9.noarch.rpm 900 kB/s | 104 kB 00:00
(6/7): targetcli-2.1.57-2.el9.noarch.rpm 677 kB/s | 79 kB 00:00
(7/7): python3-urwid-2.1.2-4.el9.x86_64.rpm 318 kB/s | 842 kB 00:02
---------------------------------------------------------------------------------------
Total 513 kB/s | 1.3 MB 00:02
Red Hat Enterprise Linux 9 for x86_64 - BaseOS (RPMs) 2.7 MB/s | 3.6 kB 00:00
Importing GPG key 0xFD431D51:
Userid : "Red Hat, Inc. (release key 2) <security@redhat.com>"
Fingerprint: 567E 347A D004 4ADE 55BA 8A5F 199E 2F91 FD43 1D51
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
Is this ok [y/N]: y
Key imported successfully
Importing GPG key 0x5A6340B3:
Userid : "Red Hat, Inc. (auxiliary key 3) <security@redhat.com>"
Fingerprint: 7E46 2425 8C40 6535 D56D 6F13 5054 E4A4 5A63 40B3
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
Is this ok [y/N]: y
Key imported successfully
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : python3-urwid-2.1.2-4.el9.x86_64 1/7
Installing : python3-pyparsing-2.4.7-9.el9.noarch 2/7
Installing : python3-configshell-1:1.1.30-1.el9.noarch 3/7
Installing : python3-kmod-0.9-32.el9.x86_64 4/7
Installing : python3-rtslib-2.1.76-1.el9.noarch 5/7
Installing : target-restore-2.1.76-1.el9.noarch 6/7
Running scriptlet: target-restore-2.1.76-1.el9.noarch 6/7
Installing : targetcli-2.1.57-2.el9.noarch 7/7
Running scriptlet: targetcli-2.1.57-2.el9.noarch 7/7
Verifying : python3-kmod-0.9-32.el9.x86_64 1/7
Verifying : python3-pyparsing-2.4.7-9.el9.noarch 2/7
Verifying : python3-urwid-2.1.2-4.el9.x86_64 3/7
Verifying : python3-configshell-1:1.1.30-1.el9.noarch 4/7
Verifying : target-restore-2.1.76-1.el9.noarch 5/7
Verifying : python3-rtslib-2.1.76-1.el9.noarch 6/7
Verifying : targetcli-2.1.57-2.el9.noarch 7/7
Installed products updated.
Installed:
python3-configshell-1:1.1.30-1.el9.noarch python3-kmod-0.9-32.el9.x86_64 python3-pyparsing-2.4.7-9.el9.noarch python3-rtslib-2.1.76-1.el9.noarch python3-urwid-2.1.2-4.el9.x86_64 target-restore-2.1.76-1.el9.noarch targetcli-2.1.57-2.el9.noarch
Complete!
Configuración del iSCSI Target (targetcli)
Configuraciones previas:
[root@icecube ~]# systemctl enable --now target
[root@icecube ~]# systemctl status target
● target.service - Restore LIO kernel target configuration
Loaded: loaded (/usr/lib/systemd/system/target.service; enabled; preset: disabled)
Active: active (exited) since Fri 2026-01-02 23:10:39 CET; 2min 44s ago
Main PID: 5382 (code=exited, status=0/SUCCESS)
CPU: 49ms
Jan 02 23:10:39 icecube systemd[1]: Starting Restore LIO kernel target configuration...
Jan 02 23:10:39 icecube systemd[1]: Finished Restore LIO kernel target configuration.
[root@icecube ~]#
[root@icecube ~]# lsblk /dev/vg_iscsi/lv_storage
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
vg_iscsi-lv_storage 253:2 0 40G 0 lvm
[root@icecube ~]# f
Verificar que no existe configuración actualmente en targetcli:
[root@icecube ~]# targetcli ls
o- / ......................................................................................................................... [...]
o- backstores .............................................................................................................. [...]
| o- block .................................................................................................. [Storage Objects: 0]
| o- fileio ................................................................................................. [Storage Objects: 0]
| o- pscsi .................................................................................................. [Storage Objects: 0]
| o- ramdisk ................................................................................................ [Storage Objects: 0]
o- iscsi ............................................................................................................ [Targets: 0]
o- loopback ......................................................................................................... [Targets: 0]
[root@icecube ~]#
Acceder a la consola de configuración y crear una LUN:
[root@icecube ~]# targetcli
targetcli shell version 2.1.57
Copyright 2011-2013 by Datera, Inc and others.
For help on commands, type 'help'.
/> /backstores/block create lun01 /dev/vg_iscsi/lv_storage
Created block storage object lun01 using /dev/vg_iscsi/lv_storage.
Crear el target y el backstore iSCSI:
/> /iscsi create iqn.2026-01.icecube:storage.target01
Created target iqn.2026-01.icecube:storage.target01.
Created TPG 1.
Global pref auto_add_default_portal=true
Created default portal listening on all IPs (0.0.0.0), port 3260.
/> /iscsi/iqn.2026-01.icecube:storage.target01/tpg1/luns create /backstores/block/lun01
Created LUN 0.
Configurar ACLs y autenticación CHAP:
/> /iscsi/iqn.2026-01.icecube:storage.target01/tpg1/acls create iqn.2026-01.icecube:node01.initiator01
Created Node ACL for iqn.2026-01.icecube:node01.initiator01
Created mapped LUN 0.
/> /iscsi/iqn.2026-01.icecube:storage.target01/tpg1 set attribute authentication=1
Parameter authentication is now '1'.
/> /iscsi/iqn.2026-01.icecube:storage.target01/tpg1/acls/iqn.2026-01.icecube:node01.initiator01 set auth userid=bonzo
Parameter userid is now 'bonzo'.
/> /iscsi/iqn.2026-01.icecube:storage.target01/tpg1/acls/iqn.2026-01.icecube:node01.initiator01 set auth password=PASSWORD2020
Parameter password is now 'PASSWORD2020'.
Salir y guardar la configuración:
/> exit
Global pref auto_save_on_exit=true
Last 10 configs saved in /etc/target/backup/.
Configuration saved to /etc/target/saveconfig.json
Verificación del fichero de configuracion:
[root@icecube ~]# cat /etc/target/saveconfig.json
{
"fabric_modules": [],
"storage_objects": [
{
"alua_tpgs": [
{
"alua_access_state": 0,
"alua_access_status": 0,
"alua_access_type": 3,
"alua_support_active_nonoptimized": 1,
"alua_support_active_optimized": 1,
"alua_support_offline": 1,
"alua_support_standby": 1,
"alua_support_transitioning": 1,
"alua_support_unavailable": 1,
"alua_write_metadata": 0,
"implicit_trans_secs": 0,
"name": "default_tg_pt_gp",
"nonop_delay_msecs": 100,
"preferred": 0,
"tg_pt_gp_id": 0,
"trans_delay_msecs": 0
}
],
"attributes": {
"alua_support": 1,
"block_size": 512,
"emulate_3pc": 1,
"emulate_caw": 1,
"emulate_dpo": 1,
"emulate_fua_read": 1,
"emulate_fua_write": 1,
"emulate_model_alias": 1,
"emulate_pr": 1,
"emulate_rest_reord": 0,
"emulate_rsoc": 1,
"emulate_tas": 1,
"emulate_tpu": 0,
"emulate_tpws": 0,
"emulate_ua_intlck_ctrl": 0,
"emulate_write_cache": 0,
"enforce_pr_isids": 1,
"force_pr_aptpl": 0,
"is_nonrot": 0,
"max_unmap_block_desc_count": 0,
"max_unmap_lba_count": 0,
"max_write_same_len": 65535,
"optimal_sectors": 65528,
"pgr_support": 1,
"pi_prot_format": 0,
"pi_prot_type": 0,
"pi_prot_verify": 0,
"queue_depth": 128,
"submit_type": 0,
"unmap_granularity": 0,
"unmap_granularity_alignment": 0,
"unmap_zeroes_data": 0
},
"dev": "/dev/vg_iscsi/lv_storage",
"name": "lun01",
"plugin": "block",
"readonly": false,
"write_back": false,
"wwn": "b1e53820-2d0e-4605-a66e-96ed4d4738a9"
}
],
"targets": [
{
"fabric": "iscsi",
"parameters": {
"cmd_completion_affinity": "-1"
},
"tpgs": [
{
"attributes": {
"authentication": 1,
"cache_dynamic_acls": 0,
"default_cmdsn_depth": 64,
"default_erl": 0,
"demo_mode_discovery": 1,
"demo_mode_write_protect": 1,
"fabric_prot_type": 0,
"generate_node_acls": 0,
"login_keys_workaround": 1,
"login_timeout": 15,
"prod_mode_write_protect": 0,
"t10_pi": 0,
"tpg_enabled_sendtargets": 1
},
"enable": true,
"luns": [
{
"alias": "4937399dfd",
"alua_tg_pt_gp_name": "default_tg_pt_gp",
"index": 0,
"storage_object": "/backstores/block/lun01"
}
],
"node_acls": [
{
"attributes": {
"authentication": -1,
"dataout_timeout": 3,
"dataout_timeout_retries": 5,
"default_erl": 0,
"nopin_response_timeout": 30,
"nopin_timeout": 15,
"random_datain_pdu_offsets": 0,
"random_datain_seq_offsets": 0,
"random_r2t_offsets": 0
},
"chap_password": "PASSWORD2020",
"chap_userid": "bonzo",
"mapped_luns": [
{
"alias": "612d32f2e4",
"index": 0,
"tpg_lun": 0,
"write_protect": false
}
],
"node_wwn": "iqn.2026-01.icecube:node01.initiator01"
}
],
"parameters": {
"AuthMethod": "CHAP",
"DataDigest": "CRC32C,None",
"DataPDUInOrder": "Yes",
"DataSequenceInOrder": "Yes",
"DefaultTime2Retain": "20",
"DefaultTime2Wait": "2",
"ErrorRecoveryLevel": "0",
"FirstBurstLength": "65536",
"HeaderDigest": "CRC32C,None",
"IFMarkInt": "Reject",
"IFMarker": "No",
"ImmediateData": "Yes",
"InitialR2T": "Yes",
"MaxBurstLength": "262144",
"MaxConnections": "1",
"MaxOutstandingR2T": "1",
"MaxRecvDataSegmentLength": "8192",
"MaxXmitDataSegmentLength": "262144",
"OFMarkInt": "Reject",
"OFMarker": "No",
"TargetAlias": "LIO Target"
},
"portals": [
{
"ip_address": "0.0.0.0",
"iser": false,
"offload": false,
"port": 3260
}
],
"tag": 1
}
],
"wwn": "iqn.2026-01.icecube:storage.target01"
}
]
}
Comprobación del servicio iSCSI
Ver estado de configuracion de targetcli:
[root@icecube ~]# targetcli ls
o- / ......................................................................................................................... [...]
o- backstores .............................................................................................................. [...]
| o- block .................................................................................................. [Storage Objects: 1]
| | o- lun01 ........................................................... [/dev/vg_iscsi/lv_storage (40.0GiB) write-thru activated]
| | o- alua ................................................................................................... [ALUA Groups: 1]
| | o- default_tg_pt_gp ....................................................................... [ALUA state: Active/optimized]
| o- fileio ................................................................................................. [Storage Objects: 0]
| o- pscsi .................................................................................................. [Storage Objects: 0]
| o- ramdisk ................................................................................................ [Storage Objects: 0]
o- iscsi ............................................................................................................ [Targets: 1]
| o- iqn.2026-01.icecube:storage.target01 .............................................................................. [TPGs: 1]
| o- tpg1 .......................................................................................... [no-gen-acls, auth per-acl]
| o- acls .......................................................................................................... [ACLs: 1]
| | o- iqn.2026-01.icecube:node01.initiator01 ................................................... [1-way auth, Mapped LUNs: 1]
| | o- mapped_lun0 ................................................................................. [lun0 block/lun01 (rw)]
| o- luns .......................................................................................................... [LUNs: 1]
| | o- lun0 ...................................................... [block/lun01 (/dev/vg_iscsi/lv_storage) (default_tg_pt_gp)]
| o- portals .................................................................................................... [Portals: 1]
| o- 0.0.0.0:3260 ..................................................................................................... [OK]
o- loopback ......................................................................................................... [Targets: 0]
Verificar que el puerto iSCSI está en escucha:
[root@icecube ~]# ss -napt | grep 3260
LISTEN 0 256 *:3260 *:*
[root@icecube ~]#
[root@icecube ~]# firewall-cmd --add-service=iscsi-target --permanent
success
[root@icecube ~]# firewall-cmd --reload
success
Configuración alternativa del Target
Ajustar contextos SELinux:
[root@icecube ~]# chcon -R -t tgtd_var_lib_t /var/lib/iscsi_disks
[root@icecube ~]# semanage fcontext -a -t tgtd_var_lib_t /var/lib/iscsi_disks
Configuración del iSCSI Initiator en los nodos
Los siguientes pasos deben ejecutarse en todos los nodos del clúster.
Instalación de paquetes
[root@nodo1 ~]# dnf -y install iscsi-initiator-utils
Updating Subscription Management repositories.
Red Hat Enterprise Linux 9 for x86_64 - AppStream (RPMs) 43 MB/s | 79 MB 00:01
Red Hat CodeReady Linux Builder for RHEL 9 x86_64 (RPMs) 19 MB/s | 15 MB 00:00
Red Hat Enterprise Linux 9 for x86_64 - BaseOS (RPMs) 45 MB/s | 95 MB 00:02
Package iscsi-initiator-utils-6.2.1.9-1.gita65a472.el9.x86_64 is already installed.
Dependencies resolved.
================================================================================================================================================================================================================================================================================================
Package Architecture Version Repository Size
================================================================================================================================================================================================================================================================================================
Upgrading:
iscsi-initiator-utils x86_64 6.2.1.11-0.git4b3e853.el9 rhel-9-for-x86_64-baseos-rpms 392 k
iscsi-initiator-utils-iscsiuio x86_64 6.2.1.11-0.git4b3e853.el9 rhel-9-for-x86_64-baseos-rpms 81 k
Transaction Summary
================================================================================================================================================================================================================================================================================================
Upgrade 2 Packages
Total download size: 473 k
Downloading Packages:
(1/2): iscsi-initiator-utils-6.2.1.11-0.git4b3e853.el9.x86_64.rpm 1.6 MB/s | 392 kB 00:00
(2/2): iscsi-initiator-utils-iscsiuio-6.2.1.11-0.git4b3e853.el9.x86_64.rpm 330 kB/s | 81 kB 00:00
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total 1.9 MB/s | 473 kB 00:00
Red Hat Enterprise Linux 9 for x86_64 - BaseOS (RPMs) 3.1 MB/s | 3.6 kB 00:00
Importing GPG key 0xFD431D51:
Userid : "Red Hat, Inc. (release key 2) <security@redhat.com>"
Fingerprint: 567E 347A D004 4ADE 55BA 8A5F 199E 2F91 FD43 1D51
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
Key imported successfully
Importing GPG key 0x5A6340B3:
Userid : "Red Hat, Inc. (auxiliary key 3) <security@redhat.com>"
Fingerprint: 7E46 2425 8C40 6535 D56D 6F13 5054 E4A4 5A63 40B3
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
Key imported successfully
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Upgrading : iscsi-initiator-utils-iscsiuio-6.2.1.11-0.git4b3e853.el9.x86_64 1/4
Running scriptlet: iscsi-initiator-utils-iscsiuio-6.2.1.11-0.git4b3e853.el9.x86_64 1/4
Upgrading : iscsi-initiator-utils-6.2.1.11-0.git4b3e853.el9.x86_64 2/4
Running scriptlet: iscsi-initiator-utils-6.2.1.11-0.git4b3e853.el9.x86_64 2/4
Running scriptlet: iscsi-initiator-utils-6.2.1.9-1.gita65a472.el9.x86_64 3/4
Cleanup : iscsi-initiator-utils-6.2.1.9-1.gita65a472.el9.x86_64 3/4
Running scriptlet: iscsi-initiator-utils-6.2.1.9-1.gita65a472.el9.x86_64 3/4
Running scriptlet: iscsi-initiator-utils-iscsiuio-6.2.1.9-1.gita65a472.el9.x86_64 4/4
Cleanup : iscsi-initiator-utils-iscsiuio-6.2.1.9-1.gita65a472.el9.x86_64 4/4
Running scriptlet: iscsi-initiator-utils-iscsiuio-6.2.1.9-1.gita65a472.el9.x86_64 4/4
Verifying : iscsi-initiator-utils-6.2.1.11-0.git4b3e853.el9.x86_64 1/4
Verifying : iscsi-initiator-utils-6.2.1.9-1.gita65a472.el9.x86_64 2/4
Verifying : iscsi-initiator-utils-iscsiuio-6.2.1.11-0.git4b3e853.el9.x86_64 3/4
Verifying : iscsi-initiator-utils-iscsiuio-6.2.1.9-1.gita65a472.el9.x86_64 4/4
Installed products updated.
Upgraded:
iscsi-initiator-utils-6.2.1.11-0.git4b3e853.el9.x86_64 iscsi-initiator-utils-iscsiuio-6.2.1.11-0.git4b3e853.el9.x86_64
Complete!
---
Configuración del iniciador
Comprobar el IQN del iniciador:
[root@nodo1 ~]# cat /etc/iscsi/initiatorname.iscsi
InitiatorName=iqn.2027-04.icecube:www.icecube
Editar el archivo de configuración CHAP:
[root@nodo1 ~]# vim /etc/iscsi/iscsid.conf
Verificar parámetros de autenticación:
[root@nodo1 ~]# grep -i node.session.auth /etc/iscsi/iscsid.conf|grep -v ^#
node.session.auth.authmethod = CHAP
node.session.auth.username = bonzo
node.session.auth.password = PASSWORD2020
---
Descubrimiento y conexión al target
Descubrir targets disponibles:
[root@nodo1 ~]# iscsiadm -m discovery -t sendtargets -p 192.168.0.80
192.168.0.80:3260,1 iqn.2027-04.icecube:storage.target00
[root@nodo1 ~]# iscsiadm -m node -o show
# BEGIN RECORD 6.2.0.874-19
node.name = iqn.2027-04.icecube:storage.target00
node.tpgt = 1
node.startup = automatic
node.leading_login = No
iface.hwaddress = <empty>
iface.ipaddress = <empty>
iface.iscsi_ifacename = default
iface.net_ifacename = <empty>
iface.gateway = <empty>
iface.subnet_mask = <empty>
iface.transport_name = tcp
iface.initiatorname = <empty>
iface.state = <empty>
iface.vlan_id = 0
iface.vlan_priority = 0
iface.vlan_state = <empty>
iface.iface_num = 0
iface.mtu = 0
iface.port = 0
iface.bootproto = <empty>
iface.dhcp_alt_client_id_state = <empty>
iface.dhcp_alt_client_id = <empty>
iface.dhcp_dns = <empty>
iface.dhcp_learn_iqn = <empty>
iface.dhcp_req_vendor_id_state = <empty>
iface.dhcp_vendor_id_state = <empty>
iface.dhcp_vendor_id = <empty>
iface.dhcp_slp_da = <empty>
iface.fragmentation = <empty>
iface.gratuitous_arp = <empty>
iface.incoming_forwarding = <empty>
iface.tos_state = <empty>
iface.tos = 0
iface.ttl = 0
iface.delayed_ack = <empty>
iface.tcp_nagle = <empty>
iface.tcp_wsf_state = <empty>
iface.tcp_wsf = 0
iface.tcp_timer_scale = 0
iface.tcp_timestamp = <empty>
iface.redirect = <empty>
iface.def_task_mgmt_timeout = 0
iface.header_digest = <empty>
iface.data_digest = <empty>
iface.immediate_data = <empty>
iface.initial_r2t = <empty>
iface.data_seq_inorder = <empty>
iface.data_pdu_inorder = <empty>
iface.erl = 0
iface.max_receive_data_len = 0
iface.first_burst_len = 0
iface.max_outstanding_r2t = 0
iface.max_burst_len = 0
iface.chap_auth = <empty>
iface.bidi_chap = <empty>
iface.strict_login_compliance = <empty>
iface.discovery_auth = <empty>
iface.discovery_logout = <empty>
node.discovery_address = 192.168.0.80
node.discovery_port = 3260
node.discovery_type = send_targets
node.session.initial_cmdsn = 0
node.session.initial_login_retry_max = 8
node.session.xmit_thread_priority = -20
node.session.cmds_max = 128
node.session.queue_depth = 32
node.session.nr_sessions = 1
node.session.auth.authmethod = CHAP
node.session.auth.username = bonzo
node.session.auth.password = ********
node.session.auth.username_in = <empty>
node.session.auth.password_in = <empty>
node.session.auth.chap_algs = MD5
node.session.timeo.replacement_timeout = 120
node.session.err_timeo.abort_timeout = 15
node.session.err_timeo.lu_reset_timeout = 30
node.session.err_timeo.tgt_reset_timeout = 30
node.session.err_timeo.host_reset_timeout = 60
node.session.iscsi.FastAbort = Yes
node.session.iscsi.InitialR2T = No
node.session.iscsi.ImmediateData = Yes
node.session.iscsi.FirstBurstLength = 262144
node.session.iscsi.MaxBurstLength = 16776192
node.session.iscsi.DefaultTime2Retain = 0
node.session.iscsi.DefaultTime2Wait = 2
node.session.iscsi.MaxConnections = 1
node.session.iscsi.MaxOutstandingR2T = 1
node.session.iscsi.ERL = 0
node.session.scan = auto
node.conn[0].address = 192.168.0.80
node.conn[0].port = 3260
node.conn[0].startup = manual
node.conn[0].tcp.window_size = 524288
node.conn[0].tcp.type_of_service = 0
node.conn[0].timeo.logout_timeout = 15
node.conn[0].timeo.login_timeout = 15
node.conn[0].timeo.auth_timeout = 45
node.conn[0].timeo.noop_out_interval = 5
node.conn[0].timeo.noop_out_timeout = 5
node.conn[0].iscsi.MaxXmitDataSegmentLength = 0
node.conn[0].iscsi.MaxRecvDataSegmentLength = 262144
node.conn[0].iscsi.HeaderDigest = None
node.conn[0].iscsi.IFMarker = No
node.conn[0].iscsi.OFMarker = No
# END RECORD
Iniciar sesión:
[root@nodo1 ~]# iscsiadm -m node --login
Verificar la sesión activa:
[root@nodo1 ~]# iscsiadm -m discovery -t sendtargets -p 192.168.0.80
192.168.0.80:3260,1 iqn.2027-04.icecube:storage.target00
---
Verificación del disco compartido
Comprobar que el nuevo disco aparece en el sistema:
[root@nodo1 ~]# iscsiadm -m session -o show
tcp: [1] 192.168.0.80:3260,1 iqn.2027-04.icecube:storage.target00 (non-flash)
[root@nodo1 ~]# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 10.5G 0 disk
├─sda1 8:1 0 1G 0 part /boot
└─sda2 8:2 0 9.5G 0 part
├─centos-root 253:0 0 8.4G 0 lvm /
└─centos-swap 253:1 0 1G 0 lvm [SWAP]
sdb 8:16 0 8G 0 disk
sr0 11:0 1 1024M 0 rom
Inicializar el disco como volumen físico:
[root@nodo1 ~]# pvcreate /dev/sdb
Physical volume "/dev/sdb" successfully created.
---
Notas finales
- El disco iSCSI queda disponible para ser utilizado como recurso compartido en Pacemaker
- Todos los nodos deben ver el mismo dispositivo
- A partir de este punto se puede continuar con la configuración del clúster
