14 iSNS for Linux #
Storage area networks (SANs) can contain many disk drives that are dispersed across complex networks. This can make device discovery and device ownership difficult. iSCSI initiators must be able to identify storage resources in the SAN and determine whether they have access to them.
Internet Storage Name Service (iSNS) is a standards-based service that simplifies the automated discovery, management, and configuration of iSCSI devices on a TCP/IP network. iSNS provides intelligent storage discovery and management services comparable to those found in Fibre Channel networks.
Without iSNS, you must know the host name or IP address of each node where targets of interest are located. In addition, you must manually manage which initiators can access which targets yourself using mechanisms such as access control lists.
iSNS should only be used in secure internal networking environments, as the network traffic is not encrypted.
14.1 How iSNS Works #
For an iSCSI initiator to discover iSCSI targets, it needs to identify which devices in the network are storage resources and what IP addresses it needs to access them. A query to an iSNS server returns a list of iSCSI targets and the IP addresses that the initiator has permission to access.
Using iSNS, you create iSNS discovery domains into which you then group or organize iSCSI targets and initiators. By dividing storage nodes into domains, you can limit the discovery process of each host to the most appropriate subset of targets registered with iSNS, which allows the storage network to scale by reducing the number of unnecessary discoveries and by limiting the amount of time each host spends establishing discovery relationships. This lets you control and simplify the number of targets and initiators that must be discovered.
Both iSCSI targets and iSCSI initiators can use iSNS clients to initiate transactions with iSNS servers by using the iSNS protocol. They then register device attribute information in a common discovery domain, download information about other registered clients, and receive asynchronous notification of events that occur in their discovery domain.
iSNS servers respond to iSNS protocol queries and requests made by iSNS clients using the iSNS protocol. iSNS servers initiate iSNS protocol state change notifications and store properly authenticated information submitted by a registration request in an iSNS database.
Benefits provided by iSNS for Linux include:
Provides an information facility for registration, discovery, and management of networked storage assets.
Integrates with the DNS infrastructure.
Consolidates registration, discovery, and management of iSCSI storage.
Simplifies storage management implementations.
Improves scalability compared to other discovery methods.
iSNS offers several important benefits.
For example, in a setup with 100 iSCSI initiators and 100 iSCSI targets, all iSCSI initiators could potentially try to discover and connect to any of the 100 iSCSI targets. By grouping initiators and targets into discovery domains, you can prevent iSCSI initiators in one department from discovering the iSCSI targets in another department.
Another advantage of using iSNS is that the iSCSI clients only need to know the hostname or IP address of the iSNS server, rather than having to know the hostnames or IP addresses of a hundred servers.
14.2 Installing iSNS Server for Linux #
iSNS Server for Linux is included with SUSE Linux Enterprise Server, but is not installed
or configured by default. You need to install the package
open-isns
and configure the iSNS
service.
iSNS can be installed on the same server where iSCSI target or iSCSI initiator software is installed. Installing both the iSCSI target software and iSCSI initiator software on the same server is not supported.
To install iSNS for Linux:
Start YaST and select
› .In case
open-isns
is not installed yet, you are prompted to install it now. Confirm by clicking .The iSNS Service configuration dialog opens automatically to the
tab.In
, select one of the following:When Booting: The iSNS service starts automatically on server start-up.
Manually (Default): The iSNS service must be started manually by entering
sudo systemctl start isnsd
at the server console of the server where you install it.
Specify the following firewall settings:
Open Port in Firewall: Select the check box to open the firewall and allow access to the service from remote computers. The firewall port is closed by default.
Firewall Details: If you open the firewall port, the port is open on all network interfaces by default. Click to select interfaces on which to open the port, select the network interfaces to use, then click .
Click
to apply the configuration settings and complete the installation.Continue with Section 14.3, “Configuring iSNS Discovery Domains”.
14.3 Configuring iSNS Discovery Domains #
For iSCSI initiators and targets to use the iSNS service, they must belong to a discovery domain.
The iSNS service must be installed and running to configure iSNS discovery domains. For information, see Section 14.4, “Starting the iSNS Service”.
14.3.1 Creating iSNS Discovery Domains #
A default discovery domain named
is automatically created when you install the iSNS service. The existing iSCSI targets and initiators that have been configured to use iSNS are automatically added to the default discovery domain.To create a new discovery domain:
Start YaST and under
, select .Click the
tab.The
area lists all existing discovery domains. You can , or existing ones. Keep in mind that deleting an iSCSI node from domain membership removes it from the domain, but it does not delete the iSCSI node.The
area lists all iSCSI nodes assigned to a selected discovery domain. Selecting a different discovery domain refreshes the list with members from that discovery domain. You can add and delete iSCSI nodes from a selected discovery domain. Deleting an iSCSI node removes it from the domain, but it does not delete the iSCSI node.When an iSCSI initiator performs a discovery request, the iSNS service returns all iSCSI node targets that are members of the same discovery domain.
Click the
button.You can also select an existing discovery domain and click the
button to remove that discovery domain.Specify the name of the discovery domain you are creating, then click
.Continue with Section 14.3.2, “Adding iSCSI Nodes to a Discovery Domain”.
14.3.2 Adding iSCSI Nodes to a Discovery Domain #
Start YaST and under
, select .Click the
tab.Review the list of nodes to ensure that the iSCSI targets and initiators that you want to use the iSNS service are listed.
If an iSCSI target or initiator is not listed, you might need to restart the iSCSI service on the node. You can do this by running
>
sudo
systemctl restart iscsid.socket>
sudo
systemctl restart iscsito restart an initiator or
>
sudo
systemctl restart target-isnsto restart a target.
You can select an iSCSI node and click the
button to remove that node from the iSNS database. This is useful if you are no longer using an iSCSI node or have renamed it.The iSCSI node is automatically added to the list (iSNS database) again when you restart the iSCSI service or reboot the server unless you remove or comment out the iSNS portion of the iSCSI configuration file.
Click the
tab and select the desired discovery domain.Click
, select the node you want to add to the domain, then click .Repeat the previous step for as many nodes as you want to add to the discovery domain, then click
when you are finished adding nodes.Note that an iSCSI node can belong to more than one discovery domain.
14.4 Starting the iSNS Service #
iSNS must be started at the server where you install it. If you have not configured it to be started at boot time (see Section 14.2, “Installing iSNS Server for Linux” for details), enter the following command at a terminal:
>
sudo
systemctl start isnsd
You can also use the stop
, status
, and
restart
options with iSNS.
14.5 Further Information #
The following projects provide further information on iSNS and iSCSI:
General information about iSNS is available in RFC 4171: Internet Storage Name Service at https://datatracker.ietf.org/doc/html/rfc4171.