iSCSI Multi LUN Howto

Recently I needed to connect a server to multiple iSCSI targets with each target requiring a unique username and password. From what I can tell this isn’t a well documented feature of openiscsi, nor is it handled cleanly in the config file. All that I could find was an email thread that briefly outlined how to get it working.

Here’s how I implemented this on a RHEL 5 host with an equallogic backend.

How it works

From what I gather, In order to make this work you first need to add multiple new discovery records. Each time changing the contents of /etc/iscsi/iscsid.conf to reflect your differ username/password combinations. This must be done in a particular way to avoid the default discovery behavior which removes records that are no longer present (for your current user). The command used to perform discovery is as follows, the ‘-o new’ argument prevents removal of old records.

  # edit /etc/iscsi/iscsid.conf to change user/pass for current target, then
  iscsiadm -m discovery -t st -p portal_ip_address -o new --discover

Once discovered, the username and password needs to be set individually for that target.

  iscsiadm -m node --targetname TARGET -p PORTAL -o update -n node.session.auth.username -v USERNAME
  iscsiadm -m node --targetname TARGET -p PORTAL -o update -n node.session.auth.password -v PASSWORD

At this point you should be able to log in/out of that target

  iscsiadm -m node --targetname TARGET -p PORTAL --login

Now rince, lather and repeat for the remainder if your target/portal/username/password combinations.

Scripting the process

This script takes an array of portal ips, usernames and passwords then loops through them attempting to log in to all available iSCSI available. Once performed once the connections should be remembered across iSCSI logouts and reboots.

This is currently working well for me on RHEL5, YMMV.

#!/bin/bash
# iscsi_multi_setup.sh - Set up connections for multiple iSCSI targets having 
#                        unique portal/user/password combinations.
#			
#			 This script will attempt to log in to all available targets
#			 on the supplied portal addresses.
#
#                        2012 Keith Herron <[email protected]>
 
  PORTAL[0]=portal_ip_1
USERNAME[0]=username1
PASSWORD[0]=password1
 
  PORTAL[1]=portal_ip_2
USERNAME[1]=username2
PASSWORD[1]=password2
 
  PORTAL[2]=portal_ip_3
USERNAME[2]=username3
PASSWORD[2]=passowrd3
 
i=0
while [ $i -lt ${#PORTAL[@]} ]; do
 
  echo Discovering on ${PORTAL[$i]} as user ${USERNAME[$i]}:
 
  # Set discovery user/pass in /etc/iscsi/iscsid.conf
  sed -i "s/^#\?discovery.sendtargets.auth.username.*/discovery.sendtargets.auth.username = ${USERNAME[$i]}/g" /etc/iscsi/iscsid.conf
  sed -i "s/^#\?discovery.sendtargets.auth.password.*/discovery.sendtargets.auth.password = ${PASSWORD[$i]}/g" /etc/iscsi/iscsid.conf
  sleep 1
 
  # Perform discovery (note -o new argument, this is important)
  TARGET[$i]=`iscsiadm -m discovery -t st -p ${PORTAL[$i]} -o new --discover | awk '{ print $2}'`
 
  echo Found IQN: ${TARGET[$i]}
 
  # Set username/password individually for each target, and login
  iscsiadm -m node --targetname ${TARGET[$i]} -p ${PORTAL[$i]} -o update -n node.session.auth.username -v ${USERNAME[$i]}
  iscsiadm -m node --targetname ${TARGET[$i]} -p ${PORTAL[$i]} -o update -n node.session.auth.password -v ${PASSWORD[$i]}
  iscsiadm -m node --targetname ${TARGET[$i]} -p ${PORTAL[$i]} --login
 
  # Log out of target
  iscsiadm -m node --targetname ${TARGET[$i]} --logout 
 
 i=$((i+1))
done
 
# Set discovery user/password to nothing in hopes to prevent manual discovery
sed -i "s/^discovery.sendtargets.auth.username.*/discovery.sendtargets.auth.username = /g" /etc/iscsi/iscsid.conf
sed -i "s/^discovery.sendtargets.auth.password.*/discovery.sendtargets.auth.password = /g" /etc/iscsi/iscsid.conf
 
# Log in to all nodes now
echo Logging in to all nodes
iscsiadm -m node --login

#!/bin/bash # iscsi_multi_setup.sh - Set up connections for multiple iSCSI targets having # unique portal/user/password combinations. # # This script will attempt to log in to all available targets # on the supplied portal addresses. # # 2012 Keith Herron <[email protected]> PORTAL[0]=portal_ip_1 USERNAME[0]=username1 PASSWORD[0]=password1 PORTAL[1]=portal_ip_2 USERNAME[1]=username2 PASSWORD[1]=password2 PORTAL[2]=portal_ip_3 USERNAME[2]=username3 PASSWORD[2]=passowrd3 i=0 while [ $i -lt ${#PORTAL[@]} ]; do echo Discovering on ${PORTAL[$i]} as user ${USERNAME[$i]}: # Set discovery user/pass in /etc/iscsi/iscsid.conf sed -i "s/^#\?discovery.sendtargets.auth.username.*/discovery.sendtargets.auth.username = ${USERNAME[$i]}/g" /etc/iscsi/iscsid.conf sed -i "s/^#\?discovery.sendtargets.auth.password.*/discovery.sendtargets.auth.password = ${PASSWORD[$i]}/g" /etc/iscsi/iscsid.conf sleep 1 # Perform discovery (note -o new argument, this is important) TARGET[$i]=`iscsiadm -m discovery -t st -p ${PORTAL[$i]} -o new --discover | awk '{ print $2}'` echo Found IQN: ${TARGET[$i]} # Set username/password individually for each target, and login iscsiadm -m node --targetname ${TARGET[$i]} -p ${PORTAL[$i]} -o update -n node.session.auth.username -v ${USERNAME[$i]} iscsiadm -m node --targetname ${TARGET[$i]} -p ${PORTAL[$i]} -o update -n node.session.auth.password -v ${PASSWORD[$i]} iscsiadm -m node --targetname ${TARGET[$i]} -p ${PORTAL[$i]} --login # Log out of target iscsiadm -m node --targetname ${TARGET[$i]} --logout i=$((i+1)) done # Set discovery user/password to nothing in hopes to prevent manual discovery sed -i "s/^discovery.sendtargets.auth.username.*/discovery.sendtargets.auth.username = /g" /etc/iscsi/iscsid.conf sed -i "s/^discovery.sendtargets.auth.password.*/discovery.sendtargets.auth.password = /g" /etc/iscsi/iscsid.conf # Log in to all nodes now echo Logging in to all nodes iscsiadm -m node --login

Hope that helps, please leave a comment if you found this helpful. Or if you were able to adapt it to work on a different distribution.