linux iscsi Initiator配置CHAP认证

海外服务器 (712) 2015-10-27 14:26:40

前面关于配置iscsi-target我们已经做过了,由于target上对lun做了chap认证,所以我们在客户端上也要配置认证。

综合老外和国内使用的方法,我总结了几种方法。
_________________________________________________

 

第一种:全局配置的方法,客户端上连接的所有target可能都会使用这个账号和密码进行认证,适用于只有一个target

 

参考 http://www.server-world.info/en/note?os=CentOS_6&p=iscsi&f=2
[root@www ~]# yum -y install iscsi-initiator-utils
[root@www ~]# vi /etc/iscsi/iscsid.conf
# line 49: uncomment
node.session.auth.authmethod = CHAP
# line 53,54: uncomment and set username and password which set on iSCSI Target
node.session.auth.username = username
node.session.auth.password = password
# discover target
[root@www ~]# iscsiadm -m discovery -t sendtargets -p 10.0.0.30 
Starting iscsid: Loading iSCSI transport class v2.0-870.
iscsi: registered transport (tcp)
iscsi: registered transport (iser)
cxgb3i: tag itt 0x1fff, 13 bits, age 0xf, 4 bits.
iscsi: registered transport (cxgb3i)
cnic: Broadcom NetXtreme II CNIC Driver cnic v2.1.2 (May 26, 2010)
Broadcom NetXtreme II iSCSI Driver bnx2i v2.1.1 (Mar 24, 2010)
iscsi: registered transport (bnx2i)
iscsi: registered transport (be2iscsi)
[ OK ]
10.0.0.30:3260,1 iqn.2011-07.world.server:target0
[root@www ~]# chkconfig iscsi on 
[root@www ~]# chkconfig iscsid on
# login to target
[root@www ~]# iscsiadm -m node --login 
Logging in to [iface: default, target: iqn.2011-07.world.server:target0, portal: 10.0.0.30,3260]
scsi2 : iSCSI Initiator over TCP/IP
scsi 2:0:0:0: RAID IET Controller 0001 PQ: 0 ANSI: 5
scsi 2:0:0:1: Direct-Access IET VIRTUAL-DISK 0001 PQ: 0 ANSI: 5
Login to [iface: default, target: iqn.2011-07.world.server:target0, portal: 10.0.0.30,3260] successful.
# confirm session
[root@www ~]# iscsiadm -m session -o show 
tcp: [1] 10.0.0.30:3260,1 iqn.2011-07.world.server:target0
# confirm partitions
[root@www ~]# cat /proc/partitions 
major minor #blocks name
8031457280sda
81512000sda1
8230944256sda2
253020971520dm-0
25316160384dm-1
25323809280dm-2
80104857600sdb
81104857600sdb1# added new device provided from target
# config for auto-mount when booting
[root@www ~]# vi /etc/fstab
/dev/mapper/VolGroup-lv_root /                      ext4    defaults        1 1
UUID=3d3f19a1-582f-4a29-a304-349750094b2c /boot     ext4    defaults        1 2
/dev/mapper/VolGroup-lv_swap swap                   swap    defaults        0 0
tmpfs                       /dev/shm                tmpfs   defaults        0 0
devpts                      /dev/pts                devpts  gid=5,mode=620  0 0
sysfs                       /sys                    sysfs   defaults        0 0
proc                        /proc                   proc    defaults        0 0
# add iSCSI filesystem
 /dev/sdb1                   /var/kvm                ext4    _netdev         0 0

[root@www ~]# chkconfig netfs on
___________________________________________________________________________________________

 

方法二:对特定的target进行修改(假如我们同时连接了多个target,必须这样)

http://zlbzhu.blog.51cto.com/1413424/897422
发现target
iscsiadm -m discovery -t sendtargets -p 192.168.1.211
挂载target
iscsiadm -m node -T iqn_2013-06.com.safexjt:target00 -p 192.168.1.211 -l
配置该target,默认放在客户端/var/lib/iscsi/node下面
 vi /var/lib/iscsi/nodes/iqn_2013-06.com.safexjt\:target00/192.168.1.211\,3260\,1/default
在node.session.*.* 段添加如下信息
node.session.auth.authmethod = CHAP
node.session.auth.username = jack
node.session.auth.password = jack
保存
#service iscsi restart
_________________________________________________________

THE END