David Ramsden – Network engineer, general geek, petrol + drum and bass head

High Availability iSCSI Target Using Linux

Software

  • Linux-HA - Linux clustering software.
  • DRBD - Distributed Replicated Block Device. Allows you to RAID1 partitions over IP.
  • iscsitarget - Linux implementation of an iSCSI target.

Configuration

This guide is based on the following:

  • Two nodes (Ubuntu 9.10 AMD64)
  • Each node has 3x NICs (2x bonded on network and 1x for DRBD data).
  • Nodes:
    • san01-n1 (“node1”) / 172.16.254.101 / bond0 [slaves: eth0, eth1]
      • DRBD sync network: node1-drbd / 10.10.10.101 / eth2
    • san01-n2 (“node2”) / 172.16.254.102 / bond0 [slaves: eth0, eth1]
      • DRBD sync network: node2-drbd / 10.10.10.102 / eth2
  • Cluster IP address: 172.16.254.100

Note: Unless explicitly stated (i.e. commands prefixed with [node1] or [node2]), commands and configurations should be completed on both nodes.

Install Ubuntu/Debian. Use LVM and create one Volume Group (vg01). Create a Logical Volume for the OS (mount point /) and a Logival Volume for swap. Leave the rest of the space.

Install package ifenslave and configure /etc/network/interfaces:

Create DRBD meta data Logical Volume on Volume Group vg01:

# lvcreate -L1G -ndrbd-metadata vg01

Create DRBD meta data Logical Volume on Volume Group vg01:

# lvcreate -L1G -ndrbd-metadata vg01

Create a Logical Volume to become a test LUN later on:

# lvcreate -L4G -nlun.test vg01

Edit /etc/hosts (removing the loopback entry for the host):

Install packages drbd8-utils and heartbeat.

Change permissions and group ownership on some DRBD binaries for use with heartbeat:

# chgrp haclient /sbin/drbdsetup
# chmod o-x /sbin/drbdsetup
# chmod u+s /sbin/drbdsetup
# chgrp haclient /sbin/drbdmeta
# chmod o-x /sbin/drbdmeta
# chmod u+s /sbin/drbdmeta

Edit /etc/drbd.conf and define two resources:

  1. The DRBD device that will contain iscsitarget configuration files.
  2. The DRBD device that will become the test LUN.

Reboot nodes. Test connectivity (both networks) between nodes.

Initialise DRBD meta data discs for the DRBD resources. This needs to be done on both nodes:

# drbdadm create-md iscsi.config
# drbdadm create-md iscsi.lun.test

Restart DRBD service.

Decide which node will act as the primary for the DRBD device that will contain the iSCSI configuration files (/dev/drbd0) and initiate the first full sync between the nodes. Run the following on the primary:

[node1] # drbdadm -- --overwrite-data-of-peer primary iscsi.config

Check the status of the initial sync:

[node1] # cat /proc/drbd

You can wait until the initial sync completes but it's not a requirement. Create a filesystem on /dev/drbd0 (iSCSI configs) and mount it:

[node1] # mkfs.ext4 /dev/drbd0
[node1] # mkdir -p /srv/iscsi-config
[node1] # mount /dev/drbd0 /srv/iscsi-config

Create the /srv/iscsi-config mount point on node 2.

Ensure replication is working as expected. On the primary node:

[node1] # dd if=/dev/zero of=/srv/iscsi-config/test.bin bs=1M count=9
[node1] # umount /srv/iscsi-config
[node1] # drbdadmin secondary iscsi.config

On node 2:

[node2] # drbdadmin primary iscsi.config
[node2] # mount /dev/drbd0 /srv/iscsi-config
[node2] # ls -l /srv/isci-config

Test replication the other way by deleting the file:

[node2] # rm /srv/iscsi-config/test.bin
[node2] # umount /srv/isci-config
[node2] # drbdadm secondary iscsi.config

Make node 1 the primary and mount /srv/iscsi-config (/dev/drbd0) and ensure the file has gone:

[node1] # drbdadm primary iscsi.config
[node1] # mount /dev/drbd0 /srv/iscsi-config
[node1] # ls -l /srv/iscsi-config

Decide which node will act as the primary for the DRBD device that contains the test LUN (/dev/drbd1) and initiate the first full sync between the nodes. Run the following on the primary:

[node1] # drbadm -- --overwrite-data-of-peer primary iscsi.lun.test

Install the iscsitarget package. By default, iscsitarget (ietd) will not start. Edit /etc/defaults/iscsitarget and set ISCSITARGET_ENABLE to true.

Heartbeat will be used to control the iscsitarget service so remove it from init:

# update-rc.d -f iscsitarget remove

Relocate iscsitarget config to DRBD device. Make sure that node 1 is the primary and that /srv/iscsi-config is mounted:

[node1] # drbdadm primary iscsi.config
[node1] # mount /dev/drbd0 /srv/iscsi-config
[node1] # mv /etc/ietd.conf /srv/iscsi-config
[node1] # ln -s /srv/iscsi-config/ietd.conf /etc/ietd.conf
[node2] # rm /etc/ietd.conf
[node2] # ln -s /srv/iscsi-config/ietd.conf /etc/ietd.conf

Create iscsitarget config on node 1. Example:

Configure heartbeat to control virtual IP address of cluster and to failover iscsitarget when a node fails. The following should be completed on node 1:

/etc/ha.d/ha.cf:

/etc/ha.d/authkeys:

/etc/ha.d/haresources:

chmod /etc/ha.d/authkeys to 600.

Copy ha.cf, authkeys and haresources to node 2:

[node1] # scp /etc/ha.d/ha.cf root@172.16.254.102:/etc/ha.d
[node1] # scp /etc/ha.d/authkeys root@172.16.254.102:/etc/ha.d
[node1] # scp /etc/ha.d/haresources root@172.16.254.102:/etc/ha.d

Note: At the time of writing, the portblock resource agent script (/etc/ha.d/resource.d/portblock) is broken. Ubuntu bug #489719 has been filed, along with Debian bug #538987. Apply the following patch to both nodes:

Finally, reboot both nodes and test failover. The best way to do this is to connect the test LUN to a server, copy on a movie and play it. Fail one of the nodes either by pulling the power or via ”/etc/init.d/heartbeat stop”. The movie will freeze for a few seconds but should resume. Also tail /var/log/syslog.

About Me

I'm a 28 year old Network Analyst from Hampshire, United Kingdom.

Apart from being a geek, I own a track prepared Peugeot 106 and listen to lots of Drum and Bass.

Categories

Tags

acl apache drbd ha ios iscsi mallory park mod_proxy mysql nagios replication roll cage sharepoint track twitter ubuntu vmware

Archives

Tweets

Friends