Jump to contentJump to page navigation: previous page [access key p]/next page [access key n]
documentation.suse.com / SUSE Linux Enterprise Server Documentation / Storage Administration Guide / Network Storage / iSNS for Linux
Applies to SUSE Linux Enterprise Server 15 SP2

14 iSNS for Linux

Storage area networks (SANs) can contain many disk drives that are dispersed across complex networks. This can make device discovery and device ownership difficult. iSCSI initiators must be able to identify storage resources in the SAN and determine whether they have access to them.

Internet Storage Name Service (iSNS) is a standards-based service that simplifies the automated discovery, management, and configuration of iSCSI devices on a TCP/IP network. iSNS provides intelligent storage discovery and management services comparable to those found in Fibre Channel networks.

Without iSNS, you must know the host name or IP address of each node where targets of interest are located. In addition, you must manually manage which initiators can access which targets yourself using mechanisms such as access control lists.

Important: Security Considerations

iSNS should only be used in secure internal networking environments, as the network traffic is not encrypted.

14.1 How iSNS Works

For an iSCSI initiator to discover iSCSI targets, it needs to identify which devices in the network are storage resources and what IP addresses it needs to access them. A query to an iSNS server returns a list of iSCSI targets and the IP addresses that the initiator has permission to access.

Using iSNS, you create iSNS discovery domains into which you then group or organize iSCSI targets and initiators. By dividing storage nodes into domains, you can limit the discovery process of each host to the most appropriate subset of targets registered with iSNS, which allows the storage network to scale by reducing the number of unnecessary discoveries and by limiting the amount of time each host spends establishing discovery relationships. This lets you control and simplify the number of targets and initiators that must be discovered.

iSNS Discovery Domains
Figure 14.1: iSNS Discovery Domains

Both iSCSI targets and iSCSI initiators can use iSNS clients to initiate transactions with iSNS servers by using the iSNS protocol. They then register device attribute information in a common discovery domain, download information about other registered clients, and receive asynchronous notification of events that occur in their discovery domain.

iSNS servers respond to iSNS protocol queries and requests made by iSNS clients using the iSNS protocol. iSNS servers initiate iSNS protocol state change notifications and store properly authenticated information submitted by a registration request in an iSNS database.

Benefits provided by iSNS for Linux include:

  • Provides an information facility for registration, discovery, and management of networked storage assets.

  • Integrates with the DNS infrastructure.

  • Consolidates registration, discovery, and management of iSCSI storage.

  • Simplifies storage management implementations.

  • Improves scalability compared to other discovery methods.

iSNS offers several important benefits.

For example, in a setup with 100 iSCSI initiators and 100 iSCSI targets, all iSCSI initiators could potentially try to discover and connect to any of the 100 iSCSI targets. By grouping initiators and targets into discovery domains, you can prevent iSCSI initiators in one department from discovering the iSCSI targets in another department.

Another advantage of using iSNS is that the iSCSI clients only need to know the hostname or IP address of the iSNS server, rather than having to know the hostnames or IP addresses of a hundred servers.

14.2 Installing iSNS Server for Linux

iSNS Server for Linux is included with SUSE Linux Enterprise Server, but is not installed or configured by default. You need to install the package open-isns and configure the iSNS service.

Note: iSNS and iSCSI on the Same Server

iSNS can be installed on the same server where iSCSI target or iSCSI initiator software is installed. Installing both the iSCSI target software and iSCSI initiator software on the same server is not supported.

To install iSNS for Linux:

  1. Start YaST and select Network Services › iSNS Server.

  2. In case open-isns is not installed yet, you are prompted to install it now. Confirm by clicking Install.

  3. The iSNS Service configuration dialog opens automatically to the Service tab.

    iSNS Service configuration dialog
  4. In Service Start, select one of the following:

    • When Booting: The iSNS service starts automatically on server start-up.

    • Manually (Default): The iSNS service must be started manually by entering sudo systemctl start isnsd at the server console of the server where you install it.

  5. Specify the following firewall settings:

    • Open Port in Firewall: Select the check box to open the firewall and allow access to the service from remote computers. The firewall port is closed by default.

    • Firewall Details: If you open the firewall port, the port is open on all network interfaces by default. Click Firewall Details to select interfaces on which to open the port, select the network interfaces to use, then click OK.

  6. Click OK to apply the configuration settings and complete the installation.

  7. Continue with Section 14.3, “Configuring iSNS Discovery Domains”.

14.3 Configuring iSNS Discovery Domains

For iSCSI initiators and targets to use the iSNS service, they must belong to a discovery domain.

Important: The iSNS Service Must be Active

The iSNS service must be installed and running to configure iSNS discovery domains. For information, see Section 14.4, “Starting the iSNS Service”.

14.3.1 Creating iSNS Discovery Domains

A default discovery domain named default DD is automatically created when you install the iSNS service. The existing iSCSI targets and initiators that have been configured to use iSNS are automatically added to the default discovery domain.

To create a new discovery domain:

  1. Start YaST and under Network Services, select iSNS Server.

  2. Click the Discovery Domains tab.

    The Discovery Domains area lists all existing discovery domains. You can Create Discovery Domains, or Delete existing ones. Keep in mind that deleting an iSCSI node from domain membership removes it from the domain, but it does not delete the iSCSI node.

    The Discovery Domain Members area lists all iSCSI nodes assigned to a selected discovery domain. Selecting a different discovery domain refreshes the list with members from that discovery domain. You can add and delete iSCSI nodes from a selected discovery domain. Deleting an iSCSI node removes it from the domain, but it does not delete the iSCSI node.

    Create iSCSI Node Member allows a node that is not yet registered to be added as a member of the discovery domain. When the iSCSI initiator or target registers this node, then it becomes part of this domain.

    When an iSCSI initiator performs a discovery request, the iSNS service returns all iSCSI node targets that are members of the same discovery domain.

    Discovery Domain Members
  3. Click the Create Discovery Domain button.

    You can also select an existing discovery domain and click the Delete button to remove that discovery domain.

  4. Specify the name of the discovery domain you are creating, then click OK.

  5. Continue with Section 14.3.2, “Adding iSCSI Nodes to a Discovery Domain”.

14.3.2 Adding iSCSI Nodes to a Discovery Domain

  1. Start YaST and under Network Services, select iSNS Server.

  2. Click the iSCSI Nodes tab.

    iSCSI Nodes
  3. Review the list of nodes to ensure that the iSCSI targets and initiators that you want to use the iSNS service are listed.

    If an iSCSI target or initiator is not listed, you might need to restart the iSCSI service on the node. You can do this by running

    > sudo systemctl restart iscsid.socket
    > sudo systemctl restart iscsi

    to restart an initiator or

    > sudo systemctl restart target-isns

    to restart a target.

    You can select an iSCSI node and click the Delete button to remove that node from the iSNS database. This is useful if you are no longer using an iSCSI node or have renamed it.

    The iSCSI node is automatically added to the list (iSNS database) again when you restart the iSCSI service or reboot the server unless you remove or comment out the iSNS portion of the iSCSI configuration file.

  4. Click the Discovery Domains tab and select the desired discovery domain.

  5. Click Add existing iSCSI Node, select the node you want to add to the domain, then click Add Node.

  6. Repeat the previous step for as many nodes as you want to add to the discovery domain, then click Done when you are finished adding nodes.

    Note that an iSCSI node can belong to more than one discovery domain.

14.4 Starting the iSNS Service

iSNS must be started at the server where you install it. If you have not configured it to be started at boot time (see Section 14.2, “Installing iSNS Server for Linux” for details), enter the following command at a terminal:

> sudo systemctl start isnsd

You can also use the stop, status, and restart options with iSNS.

14.5 Further Information

The following projects provide further information on iSNS and iSCSI:

General information about iSNS is available in RFC 4171: Internet Storage Name Service at https://datatracker.ietf.org/doc/html/rfc4171.