Mission background
With the increase of some business data, the free space of the company's server hard disk is getting smaller and smaller, and the hard disk cannot be expanded on the server, so we consider using == network storage The method is to use remote shared storage for the server ==. 
Mission requirements
Enable storage to be shared remotely with application servers
Task breakdown
1. You need to know how storage can be shared with the server through the network and how to choose a reasonable method.
2. You need to know what form the storage will be shared with the server. Is it a directory or a block device?
3. What kind of software should be used to achieve this?
4. Configuration implementation
learning target
- Ability to distinguish between three storage categories: DAS, NAS, and SAN
- Ability to distinguish between file storage types and block storage types
- Ability to implement IP-SAN using iscsi
knowledge reserve
Storage introduction
What is storage?
To put it simply, storage is the medium in which data is stored.
We are not learning these hardware knowledge here, but learningstorage technology under the Linux platform.
Add remote storage to the architecture learned previously. 
Linux storage tiering (understanding)
Question: How to mount an NTFS-formatted mobile hard disk on Linux?
The Linux kernel supports ntfs, but the centos7 system does not add this function. There are two solutions:
-
Recompile the kernel and add support for ntfs to the kernel (this method is not recommended, because compiling the kernel will cause the kernel to run unstable, so don’t do it if you don’t have strong capabilities)
-
Install the software and add modules that support ntfs to the kernel
安装 # yum install epel-release -y # yum install ntfs-3g 挂载命令 # mount.ntfs-3g /dev/sdb1 /mnt
Generally speaking, there are three steps to use a new hard disk in a Linux system: (partition, format) - mount - use
Five layers of Linux storage:
What is more difficult to understand above is the virtual file system: also known as VFS (Virtual File System), which uses standard Unix system calls to read and write different files located on different physical media File system provides a unified operation interface and application programming interface for various file systems.
To put it simply, when using upper-layer applications, you don’t need to pay attention to the underlying file system and use them uniformly.
Storage classification
Storage classification(Key points)
| Storage classification | describe |
|---|---|
| ==DAS== direct access/attach storage | Such as: disk in the chassis, or disk directly connected to the system bus through the interface (such as U disk, mobile hard disk) |
| ==NAS== Network attached storage (network attached storage) | are connected through switches and routers, sharing the directory. Such as: nfs, samba, ftp |
| ==SAN== Storage area network | A high-speed storage network connected through switches and routers, sharingblock devices |
DAS: Directly connected to the system, not limited by network speed, fast; expansion capacity has an upper limit.
NAS and SAN: Remote storage connected through network devices, the speed is affected by the network; but it is easy to expand and has almost no upper limit.
Both NAS and SAN are connected through the network (through network devices, such as routers, switches, etc.), but NAS shares the directory of the application layer, and SAN shares block devices such as /dev/sdb1 or /dev/sdb.
Classification of storage types
| Storage type classification | describe |
|---|---|
| ==File Storage== | NAS all fall into this category. To put it simply, it is used directly after mounting. |
| ==Block Storage== | SANs all fall into this category. To put it simply, it is similar to /dev/sdb. It needs to be partitioned and formatted before it can be mounted and used. |
| ==对像existing储== | In layman's terms, it doesn't matter what form the storage is in or how it is done. Users only need to directly use the program interface to access and perform get downloads and put uploads. |
File storage: similar to a large directory, multiple clients can mount it and use it.
-
Advantages: Facilitates data sharing
-
Disadvantages: Slow
Block storage: Similar to a block device, the client can format, mount and use it just like a hard disk.
-
Advantages: Same as local hard disk, direct use, faster
-
Disadvantages: Data is not shared
Object storage: We can think of an object as a file, which combines the advantages of file storage and block storage.
-
Advantages: fast speed, data sharing
-
Disadvantages: high cost, not compatible with existing models
If two nginx servers want to achieve consistent data in the web home directory, how should they do it?
summary:
-
Storage needs to be shared remotely
-
It is possible to consider the issue of data sharing
-
Storage classification: DAS, NAS, SAN
-
Storage type classification: file storage, block storage, object storage
SAN
Classification of SANs
Two types of SAN:
-
FC-SAN: In the early days of SAN, data transmission between servers and switches was carried out through optical fibers. The servers transmitted SCSI commands to the storage devices and could not use ordinary LAN networks. IP protocol.
-
IP-SAN: A SAN encapsulated by the IP protocol can completely connect to the ordinary network, so it is called IP-SAN. The most typical one is ISCSI.
FC-SAN advantages and disadvantages: fast (2G, 8G, 16G), high cost.
IP-SAN advantages and disadvantages: Slow speed (there is already W Gigabit Ethernet standard), low cost.
IP-SAN iscsi implementation
iscsi: internat small computer system interface
(Network Small Computer Interface is a protocol that can implement SCSI interface through the network)
Experiment: Linux platform implements IP-SAN through iscsi
Experiment preparation: Two virtual machines (centos7 platform) are in the same network segment (such as vmnet8). There is no need to simulate the switch, because the virtual machines in the same network segment are equivalent to being connected to the same switch.
-
Static IP (the two IPs can communicate with each other, gateway and DNS are not required)
-
Both configure the host name and its host name to bind to each other.
-
Turn off firewall, selinux
-
Time synchronization
-
Configure yum (need to add epel source)
-
Simulate storage on the storage export side (simulated storage can use many forms, such as hard disk: /dev/sdb, partition: /dev/sdb1, software raid: /dev/md0, logical volume: /dev/vg /lv01,
dd if=/dev/zero of=/tmp/storage_file bs=1M count=1000large files created, etc.), Please add a hard drive to simulate this experiment
Experimental steps:
-
Install the software on the export side, configure the exported storage, and start the service.
-
Import installs software on the import side, imports storage, and starts services.
experiment procedure:
Step 1: Install the iscsi-target-utils package on the export side
export# yum install epel-release -y If the epel source is not installed, confirm the installation again export# yum install scsi-target-utils -y
Step 2: Configure the export of storage on the export side
export# cat /etc/tgt/targets.conf |grep -v "#" (The result after configuration is as follows) default-driver iscsi <target iscsi:data> # Share name, which is the name seen after discovery by the storage import end Backing-store /dev/sdb # /dev/sdb is the actual device to be shared </target>
Step 3: Start the service on the export side and verify
export# systemctl start tgtd export# systemctl enable tgtd Verify whether the port and shared resources are ok export# lsof -i:3260 export# tgt-admin --show
Step 4: Install the iscsi-initiator-utils package on the import side
import# yum install iscsi-initiator-utils
Step 5: Import storage on the import side
Before logging in, you must first connect and discover resources (discovery)
import# iscsiadm -m discovery -t sendtargets -p 10.1.1.11 10.1.1.11:3260,1 iscsi:data
After successfully discovering the resource, you can log in to the resource.
Log in to discovered storage: import# iscsiadm -m node -l
After successful login, use directlyfdisk -lto view
import# fdisk -l
Step 6: Start the service on the import side
Start the service and make it self-start at boot (purpose: after the import server reboots, it can also automatically log in to the storage discovered by discovery) import# systemctl start iscsi import# systemctl enable iscsi import# systemctl start iscsid import# systemctl enable iscsid
Supplement: Regarding the operation of canceling the connection
Cancel login: import# iscsiadm -m node -u Delete logged in information: import# iscsiadm -m node --op delete
Problem: If you add a new import server, the two import servers import the same storage, then format and mount it. Can simultaneous reading and writing be achieved?
Answer: No
Extension: You can configure the verification function for the exported storage, and configure the correct user name and password on the importing end to log in
There are only two differences:
-
Add username and password verification functions when configuring the export side
<target iscsi:data>
backing-store /data/storage
incominguser daniel daniel123 verification function, this user can customize it and has nothing to do with system users
</target>
-
When configuring the import side, you need to configure the following step, which corresponds to the user name and password of the export side.
If the export side is configured with the verification function, then the import side needs to configure the correct user name and password to be OK CHAP (Challenge-Handshake Authentication Protocol) Challenge Handshake Authentication Protocol import# vim /etc/iscsi/iscsid.conf 57 node.session.auth.authmethod = CHAP 61 node.session.auth.username = daniel 62 node.session.auth.password = daniel123 71 discovery.sendtargets.auth.authmethod = CHAP 75 discovery.sendtargets.auth.username = daniel 76 discovery.sendtargets.auth.password = daniel123 After completing this step, you can discover resources and log in