Chinaunix首页 | 论坛 | 博客
  • 博客访问: 439381
  • 博文数量: 58
  • 博客积分: 0
  • 博客等级: 民兵
  • 技术积分: 623
  • 用 户 组: 普通用户
  • 注册时间: 2013-04-26 18:48
个人简介

在生存面前,那纯洁的理想,原来是那么脆弱不堪!

文章分类

全部博文(58)

文章存档

2022年(1)

2021年(1)

2019年(3)

2018年(6)

2017年(6)

2016年(14)

2015年(10)

2014年(16)

2013年(1)

我的朋友

分类: 服务器与存储

2015-09-05 14:58:32

本文在上文的基础上添加 CHAP 认证,以便规范存储的访问。避免负责网络的存储破坏。
    服务器端:
        1)服务器端首先要保证相应客户端的Ip访问允许。例如:
  1. tgtadm -m target --op bind -t 1 -I 10.11.4.28
  2. 保证10.11.4.28能够访问连接目标1。
       2)创建帐户。
  1. tgtadm -m account --op new --user bobo --password qwer1234
  2. 用户bobo 密码qwer1234
       3)邦定在某个连接目标。
  1. tgtadm -m account --op bind -t 1 --user bobo
  2. 为连接目标1,邦定帐户bobo

     客户端 :
      1)配置帐户信息。

编辑/etc/iscsi/iscsid.conf 文件,修改下面三行。

  1. node.session.auth.authmethod = CHAP            //认证方式
  2. node.session.auth.username = bobo              //用户名
  3. node.session.auth.password = qwer1234          //密码
     2)探测连接目标。
  1. iscsiadm -m discovery -t st -p 10.11.4.26
  2. 10.11.4.26:3260,1 a_test_target@10.11.4.26
  3. 10.11.4.26为服务器ip,a_test_target@10.11.4.26为发现的目标连接。
     3)察看目标信息。

点击(此处)折叠或打开

  1. [root@centos ~]# iscsiadm -m node -T a_test_target@10.11.4.26
  2. # BEGIN RECORD 6.2.0-873.13.el6
  3. node.name = a_test_target@10.11.4.26
  4. node.tpgt = 1
  5. node.startup = automatic
  6. node.leading_login = No
  7. iface.hwaddress = <empty>
  8. iface.ipaddress = <empty>
  9. iface.iscsi_ifacename = default
  10. iface.net_ifacename = <empty>
  11. iface.transport_name = tcp
  12. iface.initiatorname = <empty>
  13. iface.state = <empty>
  14. iface.vlan_id = 0
  15. iface.vlan_priority = 0
  16. iface.vlan_state = <empty>
  17. iface.iface_num = 0
  18. iface.mtu = 0
  19. iface.port = 0
  20. iface.bootproto = <empty>
  21. iface.subnet_mask = <empty>
  22. iface.gateway = <empty>
  23. iface.dhcp_alt_client_id_state = <empty>
  24. iface.dhcp_alt_client_id = <empty>
  25. iface.dhcp_dns = <empty>
  26. iface.dhcp_learn_iqn = <empty>
  27. iface.dhcp_req_vendor_id_state = <empty>
  28. iface.dhcp_vendor_id_state = <empty>
  29. iface.dhcp_vendor_id = <empty>
  30. iface.dhcp_slp_da = <empty>
  31. iface.fragmentation = <empty>
  32. iface.gratuitous_arp = <empty>
  33. iface.incoming_forwarding = <empty>
  34. iface.tos_state = <empty>
  35. iface.tos = 0
  36. iface.ttl = 0
  37. iface.delayed_ack = <empty>
  38. iface.tcp_nagle = <empty>
  39. iface.tcp_wsf_state = <empty>
  40. iface.tcp_wsf = 0
  41. iface.tcp_timer_scale = 0
  42. iface.tcp_timestamp = <empty>
  43. iface.redirect = <empty>
  44. iface.def_task_mgmt_timeout = 0
  45. iface.header_digest = <empty>
  46. iface.data_digest = <empty>
  47. iface.immediate_data = <empty>
  48. iface.initial_r2t = <empty>
  49. iface.data_seq_inorder = <empty>
  50. iface.data_pdu_inorder = <empty>
  51. iface.erl = 0
  52. iface.max_receive_data_len = 0
  53. iface.first_burst_len = 0
  54. iface.max_outstanding_r2t = 0
  55. iface.max_burst_len = 0
  56. iface.chap_auth = <empty>
  57. iface.bidi_chap = <empty>
  58. iface.strict_login_compliance = <empty>
  59. iface.discovery_auth = <empty>
  60. iface.discovery_logout = <empty>
  61. node.discovery_address = 10.11.4.26
  62. node.discovery_port = 3260
  63. node.discovery_type = send_targets
  64. node.session.initial_cmdsn = 0
  65. node.session.initial_login_retry_max = 8
  66. node.session.xmit_thread_priority = -20
  67. node.session.cmds_max = 128
  68. node.session.queue_depth = 32
  69. node.session.nr_sessions = 1
  70. node.session.auth.authmethod = CHAP
  71. node.session.auth.username = bobo
  72. node.session.auth.password = ********
  73. node.session.auth.username_in = <empty>
  74. node.session.auth.password_in = <empty>
  75. node.session.timeo.replacement_timeout = 120
  76. node.session.err_timeo.abort_timeout = 15
  77. node.session.err_timeo.lu_reset_timeout = 30
  78. node.session.err_timeo.tgt_reset_timeout = 30
  79. node.session.err_timeo.host_reset_timeout = 60
  80. node.session.iscsi.FastAbort = Yes
  81. node.session.iscsi.InitialR2T = No
  82. node.session.iscsi.ImmediateData = Yes
  83. node.session.iscsi.FirstBurstLength = 262144
  84. node.session.iscsi.MaxBurstLength = 16776192
  85. node.session.iscsi.DefaultTime2Retain = 0
  86. node.session.iscsi.DefaultTime2Wait = 2
  87. node.session.iscsi.MaxConnections = 1
  88. node.session.iscsi.MaxOutstandingR2T = 1
  89. node.session.iscsi.ERL = 0
  90. node.conn[0].address = 10.11.4.26
  91. node.conn[0].port = 3260
  92. node.conn[0].startup = manual
  93. node.conn[0].tcp.window_size = 524288
  94. node.conn[0].tcp.type_of_service = 0
  95. node.conn[0].timeo.logout_timeout = 15
  96. node.conn[0].timeo.login_timeout = 15
  97. node.conn[0].timeo.auth_timeout = 45
  98. node.conn[0].timeo.noop_out_interval = 5
  99. node.conn[0].timeo.noop_out_timeout = 5
  100. node.conn[0].iscsi.MaxXmitDataSegmentLength = 0
  101. node.conn[0].iscsi.MaxRecvDataSegmentLength = 262144
  102. node.conn[0].iscsi.HeaderDigest = None
  103. node.conn[0].iscsi.IFMarker = No
  104. node.conn[0].iscsi.OFMarker = No
  105. # END RECORD
        4)连接目标。
  1. [root@centos ~]# iscsiadm -m node -T a_test_target@10.11.4.26 -l
  2. Logging in to [iface: default, target: a_test_target@10.11.4.26, portal: 10.11.4.26,3260] (multiple)
  3. Login to [iface: default, target: a_test_target@10.11.4.26, portal: 10.11.4.26,3260] successful.

  4. 断开连接:
  5. [root@centos ~]# iscsiadm -m node -T a_test_target@10.11.4.26 -u
  6. Logging out of session [sid: 23, target: a_test_target@10.11.4.26, portal: 10.11.4.26,3260]
  7. Logout of [sid: 23, target: a_test_target@10.11.4.26, portal: 10.11.4.26,3260] successful.
       5)察看磁盘。
  1. fdisk -l




阅读(3425) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~