Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- NFS+kerberos server--
- =========================================
- [root@cemtos-server2 ~]# uname -a
- Linux cemtos-server2.example.exam 3.10.0-693.el7.x86_64 #1 SMP Tue Aug 22 21:09:27 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
- [root@cemtos-server2 ~]# cat /etc/krb5.conf
- # Configuration snippets may be placed in this directory as well
- includedir /etc/krb5.conf.d/
- [logging]
- default = FILE:/var/log/krb5libs.log
- kdc = FILE:/var/log/krb5kdc.log
- admin_server = FILE:/var/log/kadmind.log
- [libdefaults]
- dns_lookup_realm = false
- ticket_lifetime = 24h
- renew_lifetime = 7d
- forwardable = true
- rdns = false
- default_realm = EXAMPLE.EXAM
- default_ccache_name = KEYRING:persistent:%{uid}
- [realms]
- EXAMPLE.EXAM = {
- kdc = Cent-Pro.example.exam
- admin_server = Cent-Pro.example.exam
- }
- [domain_realm]
- .example.exam = EXAMPLE.EXAM
- example.exam = EXAMPLE.EXAM
- [root@cemtos-server2 ~]# cat /etc/exports
- /nfs_ker centos-client2.example.exam(rw,sync,sec=krb5p)
- [root@cemtos-server2 ~]# ls -ldZ /nfs_ker/
- drwxr-xr-x. root root unconfined_u:object_r:public_content_rw_t:s0 /nfs_ker/
- [root@cemtos-server2 ~]# firewall-cmd --permanent --list-p
- --list-ports --list-protocols
- [root@cemtos-server2 ~]# firewall-cmd --permanent --list-ports
- [root@cemtos-server2 ~]#
- NFS Client -
- ======================
- [root@centos-client2 ~]# uname -a
- Linux centos-client2.example.exam 3.10.0-693.el7.x86_64 #1 SMP Tue Aug 22 21:09:27 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
- [root@centos-client2 ~]# cat /etc/krb5.conf
- # Configuration snippets may be placed in this directory as well
- includedir /etc/krb5.conf.d/
- [logging]
- default = FILE:/var/log/krb5libs.log
- kdc = FILE:/var/log/krb5kdc.log
- admin_server = FILE:/var/log/kadmind.log
- [libdefaults]
- dns_lookup_realm = false
- ticket_lifetime = 24h
- renew_lifetime = 7d
- forwardable = true
- rdns = false
- default_realm = EXAMPLE.EXAM
- default_ccache_name = KEYRING:persistent:%{uid}
- [realms]
- EXAMPLE.EXAM = {
- kdc = Cent-Pro.example.exam
- admin_server = Cent-Pro.example.exam
- }
- [domain_realm]
- .example.exam = EXAMPLE.EXAM
- example.exam = EXAMPLE.EXAM
- [root@centos-client2 ~]# grep nfs4 /etc/fstab
- cemtos-server2.example.exam:/nfs_ker /mnt/nfs_s nfs4 sec=krb5p,rw,sync,_netdev 0 0
- [root@centos-client2 ~]#
- Iscsi Target -
- ======================
- /> ls
- o- / .............................................................................................. [...]
- o- backstores ................................................................................... [...]
- | o- block ....................................................................... [Storage Objects: 1]
- | | o- lun1 .................................... [/dev/iscsiVG/iscsiLV (296.0MiB) write-thru activated]
- | | o- alua ........................................................................ [ALUA Groups: 1]
- | | o- default_tg_pt_gp ............................................ [ALUA state: Active/optimized]
- | o- fileio ...................................................................... [Storage Objects: 0]
- | o- pscsi ....................................................................... [Storage Objects: 0]
- | o- ramdisk ..................................................................... [Storage Objects: 0]
- o- iscsi ................................................................................. [Targets: 1]
- | o- iqn.2003-01.org.linux-iscsi.cemtos-server2.x8664:sn.782e6ce61ef6 ....................... [TPGs: 1]
- | o- tpg1 .................................................................... [no-gen-acls, no-auth]
- | o- acls ............................................................................... [ACLs: 1]
- | | o- iqn.2018-05.com.centos:f1d8ac511c61 ....................................... [Mapped LUNs: 1]
- | | o- mapped_lun0 ....................................................... [lun0 block/lun1 (rw)]
- | o- luns ............................................................................... [LUNs: 1]
- | | o- lun0 ................................ [block/lun1 (/dev/iscsiVG/iscsiLV) (default_tg_pt_gp)]
- | o- portals ......................................................................... [Portals: 1]
- | o- 0.0.0.0:3260 .......................................................................... [OK]
- o- loopback ......................
- [root@cemtos-server2 ~]# cat /etc/target/saveconfig.json
- {
- "fabric_modules": [],
- "storage_objects": [
- {
- "alua_tpgs": [
- {
- "alua_access_state": 0,
- "alua_access_status": 0,
- "alua_access_type": 3,
- "alua_support_active_nonoptimized": 1,
- "alua_support_active_optimized": 1,
- "alua_support_offline": 1,
- "alua_support_standby": 1,
- "alua_support_transitioning": 1,
- "alua_support_unavailable": 1,
- "alua_write_metadata": 0,
- "implicit_trans_secs": 0,
- "name": "default_tg_pt_gp",
- "nonop_delay_msecs": 100,
- "preferred": 0,
- "tg_pt_gp_id": 0,
- "trans_delay_msecs": 0
- }
- ],
- "attributes": {
- "block_size": 512,
- "emulate_3pc": 1,
- "emulate_caw": 1,
- "emulate_dpo": 0,
- "emulate_fua_read": 0,
- "emulate_fua_write": 1,
- "emulate_model_alias": 1,
- "emulate_rest_reord": 0,
- "emulate_tas": 1,
- "emulate_tpu": 0,
- "emulate_tpws": 0,
- "emulate_ua_intlck_ctrl": 0,
- "emulate_write_cache": 0,
- "enforce_pr_isids": 1,
- "force_pr_aptpl": 0,
- "is_nonrot": 0,
- "max_unmap_block_desc_count": 0,
- "max_unmap_lba_count": 0,
- "max_write_same_len": 65535,
- "optimal_sectors": 4294967288,
- "pi_prot_format": 0,
- "pi_prot_type": 0,
- "queue_depth": 128,
- "unmap_granularity": 0,
- "unmap_granularity_alignment": 0
- },
- "dev": "/dev/iscsiVG/iscsiLV",
- "name": "lun1",
- "plugin": "block",
- "readonly": false,
- "write_back": false,
- "wwn": "053e0c74-2b08-4136-bcd7-64471c7fd3ab"
- }
- ],
- "targets": [
- {
- "fabric": "iscsi",
- "tpgs": [
- {
- "attributes": {
- "authentication": 0,
- "cache_dynamic_acls": 0,
- "default_cmdsn_depth": 64,
- "default_erl": 0,
- "demo_mode_discovery": 1,
- "demo_mode_write_protect": 1,
- "generate_node_acls": 0,
- "login_timeout": 15,
- "netif_timeout": 2,
- "prod_mode_write_protect": 0,
- "t10_pi": 0,
- "tpg_enabled_sendtargets": 1
- },
- "enable": true,
- "luns": [
- {
- "alias": "8ecf9530cc",
- "alua_tg_pt_gp_name": "default_tg_pt_gp",
- "index": 0,
- "storage_object": "/backstores/block/lun1"
- }
- ],
- "node_acls": [
- {
- "attributes": {
- "dataout_timeout": 3,
- "dataout_timeout_retries": 5,
- "default_erl": 0,
- "nopin_response_timeout": 30,
- "nopin_timeout": 15,
- "random_datain_pdu_offsets": 0,
- "random_datain_seq_offsets": 0,
- "random_r2t_offsets": 0
- },
- "chap_password": "redhat",
- "chap_userid": "iscsi",
- "mapped_luns": [
- {
- "alias": "f8795782b3",
- "index": 0,
- "tpg_lun": 0,
- "write_protect": false
- }
- ],
- "node_wwn": "iqn.2018-05.com.centos:f1d8ac511c61"
- }
- ],
- "parameters": {
- "AuthMethod": "CHAP,None",
- "DataDigest": "CRC32C,None",
- "DataPDUInOrder": "Yes",
- "DataSequenceInOrder": "Yes",
- "DefaultTime2Retain": "20",
- "DefaultTime2Wait": "2",
- "ErrorRecoveryLevel": "0",
- "FirstBurstLength": "65536",
- "HeaderDigest": "CRC32C,None",
- "IFMarkInt": "2048~65535",
- "IFMarker": "No",
- "ImmediateData": "Yes",
- "InitialR2T": "Yes",
- "MaxBurstLength": "262144",
- "MaxConnections": "1",
- "MaxOutstandingR2T": "1",
- "MaxRecvDataSegmentLength": "8192",
- "MaxXmitDataSegmentLength": "262144",
- "OFMarkInt": "2048~65535",
- "OFMarker": "No",
- "TargetAlias": "LIO Target"
- },
- "portals": [
- {
- "ip_address": "0.0.0.0",
- "iser": false,
- "offload": false,
- "port": 3260
- }
- ],
- "tag": 1
- }
- ],
- "wwn": "iqn.2003-01.org.linux-iscsi.cemtos-server2.x8664:sn.782e6ce61ef6"
- }
- ]
- }
- ISCSI initiator -
- ====================
- [root@centos-client2 ~]# cat /etc/iscsi/initiatorname.iscsi
- InitiatorName=iqn.2018-05.com.centos:f1d8ac511c61
- [root@centos-client2 ~]# cat /etc/iscsi/iscsid.conf | egrep -v '^#|^$'
- iscsid.startup = /bin/systemctl start iscsid.socket iscsiuio.socket
- node.startup = automatic
- node.leading_login = No
- node.session.auth.username = iscsi
- node.session.auth.password = redhat
- node.session.timeo.replacement_timeout = 120
- node.conn[0].timeo.login_timeout = 15
- node.conn[0].timeo.logout_timeout = 15
- node.conn[0].timeo.noop_out_interval = 5
- node.conn[0].timeo.noop_out_timeout = 5
- node.session.err_timeo.abort_timeout = 15
- node.session.err_timeo.lu_reset_timeout = 30
- node.session.err_timeo.tgt_reset_timeout = 30
- node.session.initial_login_retry_max = 8
- node.session.cmds_max = 128
- node.session.queue_depth = 32
- node.session.xmit_thread_priority = -20
- node.session.iscsi.InitialR2T = No
- node.session.iscsi.ImmediateData = Yes
- node.session.iscsi.FirstBurstLength = 262144
- node.session.iscsi.MaxBurstLength = 16776192
- node.conn[0].iscsi.MaxRecvDataSegmentLength = 262144
- node.conn[0].iscsi.MaxXmitDataSegmentLength = 0
- discovery.sendtargets.iscsi.MaxRecvDataSegmentLength = 32768
- node.conn[0].iscsi.HeaderDigest = None
- node.session.nr_sessions = 1
- node.session.iscsi.FastAbort = Yes
- node.session.scan = auto
- [root@centos-client2 ~]# df -hPT -t ext4
- Filesystem Type Size Used Avail Use% Mounted on
- /dev/sda ext4 279M 2.1M 258M 1% /mnt/iscsi_initiator
- [root@centos-client2 ~]# grep _netdev /etc/fstab | grep -v ^#
- cemtos-server2.example.exam:/nfs_ker /mnt/nfs_s nfs4 sec=krb5p,rw,sync,_netdev 0 0
- UUID="b57e18b0-9514-45dc-904c-5fdf630b6b70" /mnt/iscsi_initiator ext4 _netdev 0 0
- [root@centos-client2 ~]# lsblk
- NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
- sda 8:0 0 296M 0 disk /mnt/iscsi_initiator
- sr0 11:0 1 1024M 0 rom
- vda 252:0 0 12G 0 disk
- ├─vda1 252:1 0 300M 0 part /boot
- └─vda2 252:2 0 11G 0 part
- ├─centos_centos--client2-root 253:0 0 7G 0 lvm /
- ├─centos_centos--client2-swap 253:1 0 1G 0 lvm [SWAP]
- └─centos_centos--client2-data 253:2 0 3G 0 lvm /data
Add Comment
Please, Sign In to add comment
