|
| 1 | +--- |
| 2 | +title: Connect to an Azure Elastic SAN (preview) volume - Linux. |
| 3 | +description: Learn how to connect to an Azure Elastic SAN (preview) volume from a Linux client. |
| 4 | +author: roygara |
| 5 | +ms.service: storage |
| 6 | +ms.topic: how-to |
| 7 | +ms.date: 10/21/2022 |
| 8 | +ms.author: rogarana |
| 9 | +ms.subservice: elastic-san |
| 10 | +ms.custom: references_regions, ignite-2022 |
| 11 | +--- |
| 12 | + |
| 13 | +# Connect to Elastic SAN (preview) volumes - Linux |
| 14 | + |
| 15 | +This article explains how to connect to an elastic storage area network (SAN) volume from a Linux client. For details on connecting from a Windows client, see [Connect to Elastic SAN (preview) volumes - Windows](elastic-san-connect-windows.md) |
| 16 | + |
| 17 | +## Prerequisites |
| 18 | + |
| 19 | +- Complete [Deploy an Elastic SAN (preview)](elastic-san-create.md) |
| 20 | +- An Azure Virtual Network, which you'll need to establish a connection from compute clients in Azure to your Elastic SAN volumes. |
| 21 | + |
| 22 | +## Limitations |
| 23 | + |
| 24 | +[!INCLUDE [elastic-san-regions](../../../includes/elastic-san-regions.md)] |
| 25 | + |
| 26 | +## Enable Storage service endpoint |
| 27 | + |
| 28 | +In your virtual network, enable the Storage service endpoint on your subnet. This ensures traffic is routed optimally to your Elastic SAN. |
| 29 | + |
| 30 | +# [Portal](#tab/azure-portal) |
| 31 | + |
| 32 | +1. Navigate to your virtual network and select **Service Endpoints**. |
| 33 | +1. Select **+ Add** and for **Service** select **Microsoft.Storage**. |
| 34 | +1. Select any policies you like, and the subnet you deploy your Elastic SAN into and select **Add**. |
| 35 | + |
| 36 | +:::image type="content" source="media/elastic-san-create/elastic-san-service-endpoint.png" alt-text="Screenshot of the virtual network service endpoint page, adding the storage service endpoint." lightbox="media/elastic-san-create/elastic-san-service-endpoint.png"::: |
| 37 | + |
| 38 | +# [PowerShell](#tab/azure-powershell) |
| 39 | + |
| 40 | +```powershell |
| 41 | +$resourceGroupName = "yourResourceGroup" |
| 42 | +$vnetName = "yourVirtualNetwork" |
| 43 | +$subnetName = "yourSubnet" |
| 44 | +
|
| 45 | +$virtualNetwork = Get-AzVirtualNetwork -ResourceGroupName $resourceGroupName -Name $vnetName |
| 46 | +
|
| 47 | +$subnet = Get-AzVirtualNetworkSubnetConfig -VirtualNetwork $virtualNetwork -Name $subnetName |
| 48 | +
|
| 49 | +$virtualNetwork | Set-AzVirtualNetworkSubnetConfig -Name $subnetName -AddressPrefix $subnet.AddressPrefix -ServiceEndpoint "Microsoft.Storage" | Set-AzVirtualNetwork |
| 50 | +``` |
| 51 | + |
| 52 | +# [Azure CLI](#tab/azure-cli) |
| 53 | + |
| 54 | +```azurecli |
| 55 | +az network vnet subnet update --resource-group "myresourcegroup" --vnet-name "myvnet" --name "mysubnet" --service-endpoints "Microsoft.Storage" |
| 56 | +``` |
| 57 | +--- |
| 58 | + |
| 59 | +## Configure networking |
| 60 | + |
| 61 | +Now that you've enabled the service endpoint, configure the network security settings on your volume groups. You can grant network access to a volume group from one or more Azure virtual networks. |
| 62 | + |
| 63 | +By default, no network access is allowed to any volumes in a volume group. Adding a virtual network to your volume group lets you establish iSCSI connections from clients in the same virtual network and subnet to the volumes in the volume group. For more information on networking, see [Configure Elastic SAN networking (preview)](elastic-san-networking.md). |
| 64 | + |
| 65 | +# [Portal](#tab/azure-portal) |
| 66 | + |
| 67 | +1. Navigate to your SAN and select **Volume groups**. |
| 68 | +1. Select a volume group and select **Modify**. |
| 69 | +1. Add an existing virtual network and select **Save**. |
| 70 | + |
| 71 | +# [PowerShell](#tab/azure-powershell) |
| 72 | + |
| 73 | +```azurepowershell |
| 74 | +$rule = New-AzElasticSanVirtualNetworkRuleObject -VirtualNetworkResourceId $subnet.Id -Action Allow |
| 75 | +
|
| 76 | +Add-AzElasticSanVolumeGroupNetworkRule -ResourceGroupName $resourceGroupName -ElasticSanName $sanName -VolumeGroupName $volGroupName -NetworkAclsVirtualNetworkRule $rule |
| 77 | +
|
| 78 | +``` |
| 79 | +# [Azure CLI](#tab/azure-cli) |
| 80 | + |
| 81 | +```azurecli |
| 82 | +az elastic-san volume-group update -e $sanName -g $resourceGroupName --name $volumeGroupName --network-acls "{virtualNetworkRules:[{id:/subscriptions/subscriptionID/resourceGroups/RGName/providers/Microsoft.Network/virtualNetworks/vnetName/subnets/default, action:Allow}]}" |
| 83 | +``` |
| 84 | +--- |
| 85 | + |
| 86 | +## Connect to a volume |
| 87 | + |
| 88 | +You can either create single sessions or multiple-sessions to every Elastic SAN volume based on your application's multi-threaded capabilities and performance requirements. To achieve higher IOPS and throughput to a volume and reach its maximum limits, use multiple sessions and adjust the queue depth and IO size as needed, if your workload allows. |
| 89 | + |
| 90 | +When using multiple sessions, generally, you should aggregate them with Multipath I/O. It allows you to aggregate multiple sessions from an iSCSI initiator to the target into a single device, and can improve performance by optimally distributing I/O over all available paths based on a load balancing policy. |
| 91 | + |
| 92 | +## Environment setup |
| 93 | + |
| 94 | +To create iSCSI connections from a Linux client, install the iSCSI initiator package. The exact command may vary depending on your distribution, and you should consult their documentation if necessary. |
| 95 | + |
| 96 | +As an example, with Ubuntu you'd use `sudo apt -y install open-iscsi` and with Red Hat Enterprise Linux (RHEL) you'd use `sudo yum install iscsi-initiator-utils -y`. |
| 97 | + |
| 98 | +### Multipath I/O |
| 99 | + |
| 100 | +Install the Multipath I/O package for your Linux distribution. The installation will vary based on your distribution, and you should consult their documentation. As an example, on Ubuntu the command would be `sudo apt install multipath-tools` and for RHEL the command would be `sudo yum install device-mapper-multipath`. |
| 101 | + |
| 102 | +Once you've installed the package, check if **/etc/multipath.conf** exists. If **/etc/multipath.conf** doesn't exist, create an empty file and use the settings in the following example for a general configuration. As an example, `mpathconf --enable` to create **/etc/multipath.conf** will create the file on RHEL. |
| 103 | + |
| 104 | +You'll need to make some modifications to **/etc/multipath.conf**. You'll need to add the devices section in the following example, and the defaults section in the following example sets some defaults that'll generally be applicable. If you need to make any other specific configurations, such as excluding volumes from the multipath topology, see the man page for multipath.conf. |
| 105 | + |
| 106 | +``` |
| 107 | +defaults { |
| 108 | + user_friendly_names yes # To create ‘mpathn’ names for multipath devices |
| 109 | + path_grouping_policy multibus # To place all the paths in one priority group |
| 110 | + path_selector "round-robin 0" # To use round robin algorithm to determine path for next I/O operation |
| 111 | + failback immediate # For immediate failback to highest priority path group with active paths |
| 112 | + no_path_retry 1 # To disable I/O queueing after retrying once when all paths are down |
| 113 | +} |
| 114 | +devices { |
| 115 | + device { |
| 116 | + vendor "MSFT" |
| 117 | + product "Virtual HD" |
| 118 | + } |
| 119 | +} |
| 120 | +``` |
| 121 | + |
| 122 | +After creating or modifying the file, restart Multipath I/O. On Ubuntu, the command is `sudo systemctl restart multipath-tools.service` and on RHEL the command is `sudo systemctl restart multipathd`. |
| 123 | + |
| 124 | +### Gather information |
| 125 | + |
| 126 | +Before you can connect to a volume, you'll need to get **StorageTargetIQN**, **StorageTargetPortalHostName**, and **StorageTargetPortalPort** from your Azure resources. |
| 127 | + |
| 128 | +Run the following command to get these values: |
| 129 | + |
| 130 | +```azurecli |
| 131 | +az elastic-san volume show -e yourSanName -g yourResourceGroup -v yourVolumeGroupName -n yourVolumeName |
| 132 | +``` |
| 133 | + |
| 134 | +You should see a list of output that looks like the following: |
| 135 | + |
| 136 | +:::image type="content" source="media/elastic-san-create/elastic-san-volume.png" alt-text="Screenshot of command output." lightbox="media/elastic-san-create/elastic-san-volume.png"::: |
| 137 | + |
| 138 | + |
| 139 | +Note down the values for **targetIQN**, **targetPortalHostName**, and **targetPortalPort**, you'll need them for the next sections. |
| 140 | + |
| 141 | +## Multi-session connections |
| 142 | + |
| 143 | +To establish multiple sessions to a volume, first you'll need to create a single session with particular parameters. |
| 144 | + |
| 145 | +To establish persistent iSCSI connections, modify **node.startup** in **/etc/iscsi/iscsid.conf** from **manual** to **automatic**. |
| 146 | + |
| 147 | +Replace **yourTargetIQN**, **yourTargetPortalHostName**, and **yourTargetPortalPort** with the values you kept, then run the following commands from your compute client to connect an Elastic SAN volume. |
| 148 | + |
| 149 | +``` |
| 150 | +iscsiadm -m node --targetname yourTargetIQN --portal yourTargetPortalHostName:yourTargetPortalPort -o new |
| 151 | +
|
| 152 | +iscsiadm -m node --targetname yourTargetIQN -p yourTargetPortalHostName:yourTargetPortalPort -l |
| 153 | +``` |
| 154 | + |
| 155 | +Then, get the session ID and create as many sessions as needed with the session ID. To get the session ID, run `iscsiadm -m session` and you should see output similar to the following: |
| 156 | + |
| 157 | +``` |
| 158 | +tcp:[15] <name>:port,-1 <iqn> |
| 159 | +tcp:[18] <name>:port,-1 <iqn> |
| 160 | +``` |
| 161 | +15 is the session ID we'll use from the previous example. |
| 162 | + |
| 163 | +With the session ID, you can create as many sessions as you need however, none of the additional sessions are persistent, even if you modified node.startup. You must recreate them after each reboot. The following script is a loop that creates as many additional sessions as you specify. Replace **numberOfAdditionalSessions** with your desired number of additional sessions and replace **sessionID** with the session ID you'd like to use, then run the script. |
| 164 | + |
| 165 | +``` |
| 166 | +for i in `seq 1 numberOfAdditionalSessions`; do sudo iscsiadm -m session -r sessionID --op new; done |
| 167 | +``` |
| 168 | + |
| 169 | +You can verify the number of sessions using `sudo multipath -ll` |
| 170 | + |
| 171 | +## Single-session connections |
| 172 | + |
| 173 | +To establish persistent iSCSI connections, modify **node.startup** in **/etc/iscsi/iscsid.conf** from **manual** to **automatic**. |
| 174 | + |
| 175 | +Replace **yourTargetIQN**, **yourTargetPortalHostName**, and **yourTargetPortalPort** with the values you kept, then run the following commands from your compute client to connect an Elastic SAN volume. |
| 176 | + |
| 177 | +``` |
| 178 | +iscsiadm -m node --targetname yourTargetIQN --portal yourTargetPortalHostName:yourTargetPortalPort -o new |
| 179 | +
|
| 180 | +iscsiadm -m node --targetname yourTargetIQN -p yourTargetPortalHostName:yourTargetPortalPort -l |
| 181 | +``` |
| 182 | + |
| 183 | +## Next steps |
| 184 | + |
| 185 | +[Configure Elastic SAN networking (preview)](elastic-san-networking.md) |
0 commit comments