Preconfiguring iSCSI for Creating Volumes and VMFS/NFS Datastores
This section covers the necessary steps you need to perform with the CLI on the NexentaStor appliance before creating iSCSI or Fibre Channel (FC) volumes or VMFS/NFS datastores. For more information, see the NexentaStor 5.3 CLI Reference Guide.
Creating an iSCSI Target
An iSCSI target is a software only service that utilizes the iSCSI protocol to link data storage devices over the network. An iSCSI target is what an initiator connects to. You can create an iSCSI target to associate multiple portal addresses that the target will be bound to. When creating an iSCSI target you can also optionally configure the secure authentication. Challenge-Handshake Authentication Protocol (CHAP) is a scheme that the PPP protocol uses to authenticate the remote clients in the network. Secure authentication is optional. However, the following CHAP options ensure that only trusted hosts can access specified targets:
- Unidirectional CHAP – Unidirectional CHAP is the most commonly used iSCSI security level. It enhances data security and ensures that only authorized initiators access the data with unidirectional CHAP between a particular initiator and an iSCSI target on a peer-to-peer model
- Bidirectional CHAPRADIUS – Bidirectional CHAP provides a two-layer authentication protection. It requires that the target identifies an initiator, as well as the initiator identifies the target
The CHAP credentials that you specify during the iSCSI Target creation are only relevant for bidirectional CHAP. For non-bidirectional CHAP authentication, specify the CHAP parameters for the initiator when configuring the initiator.
CLI@host> # `10.10.10.10` is IP on the NexentaStor appliance you want to use to share iSCSI over CLI@host> iscsitarget create 10.10.10.10
Creating a Target Group
Target groups are necessary to manage LUN mappings. You can create multiple iSCSI targets on the same NexentaStor appliance for a multi-path scenario or unite these iSCSI targets in logical groups to control the access of initiator hosts. LUNs are mapped between a target group and a host group or initiator group.
CLI@host> # `test` is your group name CLI@host> # `iqn.2010-08.org.illumos:02:58e0a636-7fac-ed18-d297-a788c0de3edf` is your target name CLI@host> targetgroup create test iqn.2010-08.org.illumos:02:58e0a636-7fac-ed18-d297-a788c0de3edf
Now you can select the iSCSI group you created to create your iSCSI/FC volumes or datastores.
See NexentaStor 5.3 CLI Configuration QuickStart guide for more information on creating a Target and Target group.