Linux iSCSI Target (TCM)

From Alpine Linux
Note: TCM is another name for LinuxIO (LIO), an in-kernel iSCSI target (server). LIO is the standard open source multiprotocol SCSI target for Linux. LIO replaced the STGT (SCSI Target) framework as the standard unified storage target in Linux with Linux kernel version 2.6.38 and later.

Install the utilities to configure Target Core: 

 # apk add targetcli
 # rc-update add dbus
 # rc-update add targetcli
 # service dbus start
 # service targetcli start

In contrast with plain text files as usual, all configuration is done in ConfigFS via targetcli shell (you can use tab for command auto-completion and "ls" for inspecting current config): 

 # targetcli
 />
 /> ls
 o- / ..................................................................... [...]
 o- backstores .......................................................... [...]
 | o- fileio ............................................... [0 Storage Object]
 | o- iblock ............................................... [0 Storage Object]
 | o- pscsi ................................................ [0 Storage Object]
 | o- rd_dr ................................................ [0 Storage Object]
 | o- rd_mcp ............................................... [0 Storage Object]
 o- ib_srpt ........................................................ [0 Target]
 o- iscsi .......................................................... [0 Target]
 o- loopback ....................................................... [0 Target]
 o- qla2xxx ........................................................ [0 Target]
 />

You can create a file to be exported as a target: 

 /> cd backstores/fileio
 /backstores/fileio> create file_backstore file1 1M
 Generating a wwn serial.
 Not using buffered mode.
 Created fileio file_backstore.
 /backstores/fileio>

Or you can use a block device: 

 /> cd backstores/blockio
 /backstores/blockio> create block0 /dev/sda1

You can use any block device, including RAID and LVM2. Now create an iSCSI Target and a Target Portal Group (tpg) (the iqn is automatically created. You can also specify one by hand): 

 /> cd /iscsi
 /iscsi> create
 Created target iqn.2003-01.org.linux-iscsi.rtsnode1.x8664:sn.83a8cde7aca8.
 Selected TPG Tag 1.
 Successfully created TPG 1.

Now you have to tell Target Core to use the previously create backstore for the target now created: 

 /iscsi> cd iqn.2003-01.org.linux-iscsi.rtsnode1.x8664:sn.83a8cde7aca8/tpg1/luns
 ../tpg1/luns> create lun=0 storage_object=/backstores/blockio/block0
 Successfully created LUN 0.

Now create the iSCSI portal: 

 ../tpg1/luns> cd ../portals
 ../tpg1/portals> create ip_address=192.168.1.10
 Using default IP port 3260
 Successfully created network portal 192.168.1.10:3260.

By default authentication is enabled. To disable it: 

 ../tpg1> set attribute authentication=0
 Parameter authentication is now '0'.
 ../tpg1> set attribute generate_node_acls=1
 Parameter generate_node_acls is now '1'.

Finally save the configuration: 

 /> saveconfig
 Existing file /etc/target/saveconfig.json backed up to saveconfig.json.backup
 Configuration saved to /etc/target/saveconfig.json

For real use, you should always track changes to the saveconfig file and make sure (there's a flag for it) to not save config if you are in an error situation. By default, targetcli creates a config backup if you exit, meaning you might lose the working config at the time. So better to be prepared. Errors don't simply appear, but e.g. if you're missing a HBA on boot, these settings will not be loaded and thus not be in the configuration upon save.


  1. Fibrechannel

This requires a QLogic HBA.

Configuration files

- /etc/modprobe.d/qla2xxx-tcm.conf set at least the ini mode. other options exist but only concern further finetuning. - /etc/modules-load.d/tcm.conf (tcm_qla2xxx) - /etc/fstab (mount configfs)

apply using ...

(if already loaded and you don't want to reboot, try to unload using rmmod / modprobe qla2xxx) The QLA kernel module might show a deprecation warning depending on what card you use. I even got it for a 16gbit card, so there's some apparent "product strategy" at play here trying to deprecate common and working hardware.

Packages (same as above)


in LIO

path /qla2xxx should automatically appear. If not, check the kernel module has loaded properly (dmesg!)

you define a target using create wwn=naa.wwn-of-hba create one per HBA port. ACLs are simple as usual, just create the acl naming the initiator's wwn. LUN assignment is similar, but reference the /backstore path, not just the lun object name, otherwise you cannot expose it over multiple HBAs paths.

There's a target portal group function, but I haven't seen where/how it is done.

unknowns:

- NPIV for clustering etc. - Multipath access - Correlation with certain module parameters - Correlation with card settings (like hba-based failover), it is assumed they are not relevant/valid once the target firmware is activated


Security notice:

There have been CVEs for the qla2xxx driver (I think 2019, 2024, 2x2025). Make sure to use a kernel after december 2025 and to check for any newly released CVEs.

Retrieved from "https://wiki.alpinelinux.org/w/index.php?title=Linux_iSCSI_Target_(TCM)&oldid=31948"