Sunday, October 13, 2013

Playing in the SAN

Today we are going to use TGT Project to do an iSCSI mapping of some raw storage on a Linux box.
This is a quick and dirty setup, being that it I would not recommend using this in a high production environment or for an extended period of time if you do. In my head, this is just something to do a stop gap on your storage needs.
Also, I highly recommend separating your iSCSI traffic from by different VLANs, as well as using a dedicated iSCSI initiator card instead of the Windows/Linux iSCSI initiator. But this is just my two cents, and its your network.

Verify that your iSCSI network card is present in the system and that you know what device it is, in my example here it is NIC 3, eth2.
[root@CentOS03 ~]# ifconfig -a
eth1      Link encap:Ethernet  HWaddr 00:50:56:98:2A:95  
          inet addr:  Bcast:  Mask:
          inet6 addr: 2601:9:1400:11c:250:56ff:fe98:2a95/64 Scope:Global
          inet6 addr: fe80::250:56ff:fe98:2a95/64 Scope:Link
          RX packets:79145 errors:0 dropped:0 overruns:0 frame:0
          TX packets:5167 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:18240397 (17.3 MiB)  TX bytes:756186 (738.4 KiB)

eth2      Link encap:Ethernet  HWaddr 00:50:56:98:50:F1  
          BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

Next we want to set an IP for it, and if it is possible I like my iSCSI NIC to match my servers last octet. My servers IP is so for iSCSI on the separate subnet I will be using, just for consistency. 

[root@CentOS03 ~]# cp /etc/sysconfig/network-scripts/ifcfg-eth1 /etc/sysconfig/network-scripts/ifcfg-eth2 
Disk /dev/sdb: 107.4 GB, 107374182400 bytesvim /etc/sysconfig/network-scripts/ifcfg-eth2 

As you can see above, I just copied the eth1 config for eth2. There is no issues with my shortcuts here, just make sure you rename the parts in orange to match your settings, and remove the gateway. 

And turn on the second NIC.
[root@CentOS03 ~]#  service network restart 

Shutting down interface eth1:                                   [  OK  ]
Shutting down loopback interface:                          [  OK  ]
Bringing up loopback interface:                              [  OK  ]
Bringing up interface eth1:                                     [  OK  ]
Bringing up interface eth2:                                    [  OK  ]

If you do not see eth2 come active, your config has an issue. Try removing the UUID line as well as verify your settings.  

Next verify the storage is present, I still like to use fdisk -l shows all the disks in the system, and that is a lower case L 
[root@CentOS03 ~]# fdisk -l

My drive is showing as /dev/sdb, so note yours for use in a few moments. 
Disk /dev/sdb: 107.4 GB, 107374182400 bytes

Now is when we start the magic, we install the TGT Project tools via YUM. 
[root@CentOS03 ~]# yum install scsi-target-utils 

This will take about a minute, and you will have to approve all the dependance packages.  My video shows more detail, but the files are in the same location. You want to edit the targets.conf for your device. There are a lot of options available in the configuration, but I was going for a quick functional, not secure. 

[root@CentOS02 terminfo]# cd /etc/tgt/
[root@CentOS02 tgt]# ls
[root@CentOS02 tgt]# vim targets.conf 

Give the target an iSCSI ID, and a target ID and then the path to the storage. direct-store is full access to the unformatted disk. 

        direct-store /dev/sdb

The server that I wanted it mapped to is a Windows Server 2008 R2. So I have a second NIC installed, on the same subnet. 
I fired up the iSCI initiator and put my IP in the Target field in the Target tab and it connected. 
Your milage may vary. 

Saturday, October 5, 2013

Kingdom of the blind

Before we start, here is a video link to the installation process.

With the introduction of Windows 2012 there was a large change with how to deploy domain controllers. There is no more DCPromo, it sends you to a link to here that tells you to install Active Directory with the Server Manager.

In the server manager select Manage > Add Roles and Features 

This will open the Add Roles and Features Wizard, on the first screen it will ask you to make sure your server is updated, has a stronger admin password, and has been updated. 
You want to select Role-based or Feature-based installation and then Next 

On the Sever Selection page verify the host name and the IP address and then select Next 
In the Server Roles page you want to select Active Directory Domain Servers, then choose Add Feature, and then DNS and Add Feature and then Next 

On the Features page verify that Group Policy Management is selected and then click Next. 

There is nothing really to select on the AD DS page so select Next 
The DNS Server page will give an error across the top saying that no DNS server has been authenticated for the domain, at this point it is an OK warning, so select Next. 

On the Confirmation page select install. 
It will take a few moments to install the features and afterwards you will see a message that the installation was successful, so select Close. 

After clicking Close, go back to the Server Manager page, there will be a new exclamation point there, it will be claiming that the server needs to have the roles and features you just installed configured. 
Select the box for Promote this server to a domain controller

If this is the first domain controller in your forest, select Add New Forest and type the name of your domain. 

You want to select the domain functionality level for your domain, if you are going to have 2008 or even 2003 domain controllers, select the functionality accordingly. 
You will also want to type a password for the Directory Services Restore Mode, this is handy incase you ever have any problems with the server. 

When you click next, you will get a warning about DNS not being configured for this domain. This is the step that will allow for DNS configuration for your domain, so go ahead and click next 

The Additional Options will install the NetBIOS name services on the domain controller. This should come populated with the top level of your domain name, but you can change it to be something different

Next it will prompt you for the location of the AD DS Database, the AD log files and the SYSVOL. I usually leave these defaulted to C:\Windows\ but again, you can change the paths to suit your needs or environment. 

Then we get to the Review Options stage, and that is where we verify all of the settings we just set. 
Just review and make sure everything is how you set it and where you want it then select Next 
* Note: There is a View Script button here, you can use this to create a PowerShell script to deploy the next domain controller from the command line. 

At this point we will be at the Prerequisites Check and this stage will take a few minutes to run, and it should come back with some warnings. 
The warnings I received were for the domain controller encrpytion level being compatible with Windows NT 4, for the DNS server not being installed, and for having DHCP enabled on my IPv6 interface on my single NIC. 

At this point we want to install. 
This will take more than a few minutes and there will be a reboot that is required with this. 

After the server reboots make sure you logon with the domain\Administrator user and verify that you can manage things with Active Directory Users and Computers.
And you are set.