The arrow of time

Ivan Voras' blog

Home · Fun with iSCSI and VMWare

Fun with iSCSI and VMWare

FreeBSD having two iSCSI targets and an initiator, and VMWare in the latest edition having access to the three probably most used remote storage technologies - iSCSI, FC and NFS - there is room to play the combinations and see what is best and most convenient.

Keywords: FreeBSD, iSCSI, VMWare

For start, I wanted to try hosting VMWare images on iSCSI served from a FreeBSD machine. iSCSI is of course "IP SCSI" - a SAN technology that enables machine to export raw storage devices over IP networks to be used on the other end as simple disk drives. In the terminology of iSCSI the "server" - the machine exporting the storage, is a "target" and the "client" machine that uses the storage is an "initiator". I've written about using iSCSI with geli(8) to create an encrypted remote storage device earlier. Wikipedia has a nice illustration of SAN/NAS/DAS schemes:

It looks like the NetBSD original target driver (net/iscsi-target), while easy to setup, cannot be used with the VMWare ESXi initiator, so the alternative, net/istgt must be used. It is enabled by adding

istgt_enable="YES"

in /etc/rc.conf and copying the .sample files in /usr/local/etc/istgt to the "regular" config files without the .sample extension.

The istgt configuration is a bit more complicated. Its istgt.conf file, when fluff is removed, looks like this:

[Global]
  Comment "Global section"
  NodeBase "iqn.2007-09.jp.ne.peach.istgt"
  PidFile /var/run/istgt.pid
  AuthFile /usr/local/etc/istgt/auth.conf
  MediaDirectory /tmp
  LogFacility "local7"
  Timeout 30
  NopInInterval 20
  DiscoveryAuthMethod Auto
  MaxSessions 16
  MaxConnections 4
  FirstBurstLength 65536
  MaxBurstLength 262144
  MaxRecvDataSegmentLength 262144

[UnitControl]
  Comment "Internal Logical Unit Controller"
  AuthMethod Auto
  Portal UC1 127.0.0.1:3261
  Netmask 127.0.0.1

[PortalGroup1]
  Comment "SINGLE PORT TEST"
  #Portal DA1 [2001:03e0:06cf:0003:021b:21ff:fe04:f405]:3260
  #Server IP
  Portal DA1 10.0.0.44:3260

[InitiatorGroup1]
  Comment "Initiator Group1"
  InitiatorName "ALL"
  #Client netmask
  Netmask 10.0.0.0/24

[LogicalUnit1]
  Comment "Hard Disk Sample"
  TargetName disk1
  TargetAlias "Data Disk1"
  Mapping PortalGroup1 InitiatorGroup1
  AuthMethod Auto
  AuthGroup AuthGroup1
  UnitType Disk
  QueueDepth 32
  LUN0 Storage /store/iscsi/target0 50GB

I think this configuration is close to minimal. For one thing, it doesn't address security (authentication), which is supported by istgt, and I don't really know what some of the settings in the "Global" section do since the documentation is a bit lacking, but most importantly - it works.

Note that istgt supports IPv6! It's nice how recently I find more and more utilities supporting IPv6. It looks like the final push might yet happen.

VMWare will happily accept the server for automatic discovery and will use the provided drive for VMFS storage. To be able to use iSCSI (and NFS), VMWare requires a separate "VMKernel" network port to be created (separate from the management port). Unfortunately this eats up one more IP address.

Other options could be:

  • Importing the drives directly from inside the VM as iSCSI drives (using the guest's initiator)
  • Importing the storage not via iSCSI but via NFS client from VMWare - looks messy on the first look but since the VM files are usually always the same size or grow seldomly, there is not much NFS protocol overhead here.

But I'll need some more time and machines to test these...

Posted on 2010-01-24T02:20 by ivoras

Post your comment here!

Your name:
Comment title:
Text:
Type "xxx" here:

Comments are subject to moderation and will be deleted if deemed inappropriate. All content is © Ivan Voras. Comments are owned by their authors... who agree to basically surrender all rights by publishing them here :)