| ============================================== |
| SCST 3.x Installation on Gentoo Linux |
| ============================================== |
| |
| This howto will get you a working SCST installation on Gentoo Linux, it |
| will follow the official howto as much as possible with a few exceptions |
| because of Gentoo specifics or my preferences. Most of it will also work |
| on other Linux Distributions so my changes from the official howto might |
| help you get SCST working on another distro. |
| |
| Prerequisites: |
| - A working and up2date Gentoo Linux installation |
| - Free storage space |
| - Installation of the following packages: gentoo-sources, subversion |
| - User with root privileges |
| - Read the official iSCSI-SCST howto for more options and information |
| |
| Assumptions for the examples used in this howto: |
| - User logged on as root |
| - Manual build kernel without initramfs |
| - Gentoo AMD64 version |
| - Grub 1 bootloader (use of GRUB2 should be an easy change) |
| - /boot on a separate partition |
| - One iSCSI target with 2 LUNS, both LUNS virtual disk files |
| - One iSCSI target with one LUN, LUN is a real device |
| |
| When the above options differ from your environment/setup you will need |
| to change some of the commands provided in this howto for things to |
| work. |
| |
| 1. Download SCST. |
| |
| Choose to download a specific branch or the latest development version |
| |
| a) Latest development version |
| cd /root |
| svn checkout svn://svn.code.sf.net/p/scst/svn/trunk scst |
| |
| b) Specific branch (3.0 used in example) |
| cd /root |
| svn checkout svn://svn.code.sf.net/p/scst/svn/branches/3.0.x scst |
| |
| |
| 2. Build SCST |
| |
| ! Important: SCST 3.1.x and trunk: Gentoo Hardened kernels uses |
| Grsec/PaX patchset. If you happen to use one of those kernels |
| (sys-kernel/hardened-sources) you need to change every call |
| "object_is_on_stack" to "object_starts_on_stack" to compile SCST |
| successfully. At the time of writing this there is a single such call |
| in scst/src/scst_lib.c |
| |
| cd /root/scst |
| make 2perf |
| make scst scst_install |
| make iscsi iscsi_install |
| make scstadm scstadm_install |
| |
| |
| 3. Make a clean config and start SCST |
| |
| echo "HANDLER vdisk_fileio {" >> /etc/scst.conf |
| echo "}" >> /etc/scst.conf |
| echo "" >> /etc/scst.conf |
| echo "TARGET_DRIVER iscsi {" >> /etc/scst.conf |
| echo " enabled 0" >> /etc/scst.conf |
| echo "}" >> /etc/scst.conf |
| /etc/init.d/scst start |
| |
| |
| 4. Configure SCST |
| |
| In this example disk01 is a virtual disk that is stored in the file |
| /vdisks/vdisk1 and is mounted read_only, disk02 is the same as disk01 |
| but with file /vdisks/vdisk2 and it has its blocksize increased from 512 |
| to 4096 (see notes below), and finally disk03 is a real disk used as a |
| blockdevice. Both disk01 and disk02 are connected to the same target |
| with different luns and disk03 is connected to a different target as |
| LUN0, if the allowed_target atttribute is not set the target is open |
| to all ip's |
| |
| scstadmin -open_dev disk01 -handler vdisk_fileio -attributes filename=/vdisks/vdisk1,read_only |
| scstadmin -open_dev disk02 -handler vdisk_fileio -attributes filename=/vdisks/vdisk2,blocksize=4096 |
| scstadmin -open_dev disk03 -handler vdisk_blockio -attributes filename=/dev/sdc1 |
| scstadmin -add_target iqn.2011-08.nl.feka:storage.vdisk1 -driver iscsi |
| scstadmin -add_target iqn.2011-08.nl.feka:storage.vdisk2 -driver iscsi |
| scstadmin -add_lun 0 -driver iscsi -target iqn.2011-08.nl.feka:storage.vdisk1 -device disk01 |
| scstadmin -add_lun 1 -driver iscsi -target iqn.2011-08.nl.feka:storage.vdisk1 -device disk02 |
| scstadmin -add_lun 0 -driver iscsi -target iqn.2011-08.nl.feka:storage.vdisk2 -device disk03 |
| scstadmin -enable_target iqn.2011-08.nl.feka:storage.vdisk1 -driver iscsi |
| scstadmin -enable_target iqn.2011-08.nl.feka:storage.vdisk2 -driver iscsi |
| scstadmin -set_drv_attr iscsi -attributes enabled=1 |
| scstadmin -write_config /etc/scst.conf |
| |
| |
| 5. Run SCST automatically at startup |
| |
| rc-update add scst default |
| |
| |
| 6. Using SCST accesscontrol (optional) |
| |
| SCST listens on all the targets IP addresses and allows access to any |
| initiators per default. There are a couple of ways to restrict access and |
| here I will give some examples. For the full documentation see the |
| README file in the scst/iscsi-scst/ directory |
| |
| To make a target accessible on only one IP address do: |
| scstadmin -set_tgt_attr iqn.2011-08.nl.feka:storage.vdisk1 -driver iscsi -attributes allowed_portal=192.168.100.15 |
| (Remember the IP address is the address of the target machine, not of |
| the allowed initiator, you can add multiple entries on the same target |
| by repeating the above command, you can also use the wild cards * and ? |
| where the ? stands for any single digit) |
| |
| To make targets only accessible by specific inititators add a group to |
| each target and define the allowed inititiators on each group and add |
| the lun to the group instead of the target: |
| (remove the old lun if it already exists directly under the target) |
| scstadmin -add_group vCenter -driver iscsi -target iqn.2011-08.nl.feka:storage.vdisk2 |
| scstadmin -add_group ESXi -driver iscsi -target iqn.2011-08.nl.feka:storage.vdisk1 |
| scstadmin -add_init iqn.2011-08.nl.feka:vcenterserver -driver iscsi -target iqn.2011-08.nl.feka:storage.vdisk2 -group vCenter |
| scstadmin -add_init iqn.1998-01.com.vmware:esx1-47f53b1d -driver iscsi -target iqn.2011-08.nl.feka:storage.vdisk1 -group ESXi |
| scstadmin -add_init iqn.1998-01.com.vmware:esx2-23e64b45 -driver iscsi -target iqn.2011-08.nl.feka:storage.vdisk1 -group ESXi |
| scstadmin -rem_lun 0 -driver iscsi -target iqn.2011-08.nl.feka:storage.vdisk1 -device disk01 |
| scstadmin -rem_lun 1 -driver iscsi -target iqn.2011-08.nl.feka:storage.vdisk1 -device disk02 |
| scstadmin -rem_lun 0 -driver iscsi -target iqn.2011-08.nl.feka:storage.vdisk2 -device disk03 |
| scstadmin -add_lun 0 -driver iscsi -target iqn.2011-08.nl.feka:storage.vdisk1 -group ESXi -device disk01 |
| scstadmin -add_lun 1 -driver iscsi -target iqn.2011-08.nl.feka:storage.vdisk1 -group ESXi -device disk02 |
| scstadmin -add_lun 0 -driver iscsi -target iqn.2011-08.nl.feka:storage.vdisk2 -group vCenter -device disk03 |
| |
| |
| ============================================== |
| Notes |
| ============================================== |
| |
| SCST's vdisk_fileio handler will use a default blocksize of 512b, this |
| is the only safe option for VMware ESXi or older windows versions, for |
| best performance with newer windows versions a blocksize of 4096 will be |
| much faster. |
| |
| If you have an Intel CPU that supports SSE4.2 make sure to add the |
| crc32c-intel module to the kernel, so iSCSI-SCST will do all digest |
| calculations with hardware acceleration. You can find this option in the |
| kernel Cryptographic API -> CRC32c INTEL hardware acceleration |
| |
| It is recommended to increase the read ahead size to at least 512KB on |
| the initiators and the target. To do this for dev/sdb and /dev/sdc on |
| the scst target do this: |
| |
| nano -w /etc/local.d/blockdev.start |
| blockdev --setra 1024 /dev/sdb |
| blockdev --setra 1024 /dev/sdc |
| chmod 775 /etc/local.d/blockdev.start |
| (--setra 1024 means 1024x512bytes) |
| |
| When running a firewall you need to open TCP Port 3260 on the required |
| interface, see below example for iptables. |
| iptables -A INPUT -p TCP -i eth0 --dport 3260 -m state --state NEW -j ACCEPT |
| |