Here we are with one of the last steps to configure the NAS4Free iSCSI targets LUNs on VMware ESXi. In order to complete this part of the setup we need enable the iSCSI service and configure the settings pertinent to the iSCSI targets like a Portal, the Extents and optionally the Authentication we want to enforce for the iSCSI initiators to connect.
From the Services > iSCSI Targets page let’s start enabling the iSCSI service. This will automatically generate the Base Name which essentially is the IQN name to identify the Target. We can leave the rest of the options as default for now. We might need to change the security model later should we need to challenge which iSCSI initiators are allowed to connect and to which extent.
Once the service is enabled let’s take a look at the creation of a Portal. This one is responsible for presenting all the available NAS4Free iSCSI Targets associated. Of course it is possible to have multiple Targets “listening” on different ports. By default iSCSI uses TCP 3260. So let’s make sure firewall rules are configure to allow this traffic inbound to NAS4Free iSCSI Server from the clients.
Another recommendation I would share in this case is to avoid routing iSCSI traffic from different subnets. Both iSCSI targets and initiator should be in the same network or domain broadcast. When creating a new portal NAS4Free will automatically default to the configured network interface. So it would be just a matter of accepting the default configuration and hit on “Apply for changes”.
Another scenario could be instead to route the traffic on a separate network interface using a different IP address. This way the Management traffic will be isolated from the iSCSI or Data traffic. Or eventually another option would to segregate IP traffics by using Vlans.
Next is to configure the iSCSI initiators. By default NAS4Free iSCSI Server has the option to accept connections from ALL initiators. Of course for security reasons it is possible to limit this to specific networks and even individual IP Addresses.
On top of this we can also challenge the “allowed” iSCSI initiators with a username and password by mean of CHAP options in the Authorization tab. Usually this is an extra step to be completed after making sure all the connections are working as expected. CHAP settings on both iSCSI Targets and Initiator need to match.
At this point we are ready to create the NAS4Free iSCSI Targets. These Targets are essentially the “friendly names” for the Extents. So from the Targets tab let’s hit on the “plus” button adding our first extent for the Quorum disk.
In my case I’m creating the Extent for the Quorum disk. Please be aware not to put any white space in the name otherwise the iSCSI service will fail to load. Let’s specify the “File” option where this would be created (in this case the Pool for Quorum) and the approximate size.
In theory we could have chosen the “Auto” size but looks like there is a bug with this configuration leaving us determining approximately the size of that file on the disk.
So let’s repeat the same steps also for the remaining extents and we should get something similar to this one.
Once ready let’s click on the Target “+” button and at this point we can create the iSCSI Target for the Quorum disk. Again let’s refrain from using white spaces in the name. As a type select “Disk” with Read/Write flag.
Let’s repeat the steps for the remaining 4 drives and we’ll get to the configuration below.
In the meantime we can also take a quick look at the tail of the log just to make sure everything is working as expected from the Diagnostic > Log page.
Everything looks great! So it’s time to test this with a Windows Server connecting to these Targets. All we have to do is to run the built-in iSCSI client in Windows Server (Windows Server 2008 and older requires a separate download) and specify either the address of our NAS4Free iSCSI server or its IP Address. Personally I like Hostnames making sure DNS name resolution with FQDN is working as expected.
As soon as we hit on “OK” by going to the Targets tab we can see the list of available iSCSI targets we can connect to.
Should this fail let’s make sure connectivity between the Server and Client is operational and a quick test would be to run a telnet to the NAS4free iSCSI server host on port 3260 to check port is open and reachable. So something like:
telnet NAS4FreeName or IPAddress 3260
If it turns a blank command prompt then is good news as port is open and reachable. In a different case I would recommend to check firewall and network connectivity settings again between the NAS4Free iSCSI server and the clients.
This pretty much concludes this article. Next one will cover how to mount the iSCSI Targets on SQL Failover Cluster