Linux

Automating iSCSI Initiator Configuration with Ansible

Patrick de Ruiter

Patrick de Ruiter

2 min read
Automating iSCSI Initiator Configuration with Ansible

Setting up iSCSI storage manually across multiple servers can be time-consuming and error-prone. By leveraging Ansible, we can automate the installation, configuration, and persistent login of iSCSI initiators, ensuring consistency and reliability across all nodes.

1. Introduction to iSCSI Initiators

iSCSI (Internet Small Computer System Interface) allows servers (initiators) to connect to remote storage (targets) over a network as if they were local disks. This guide will walk through automating the configuration of iSCSI initiators using Ansible, ensuring:

  • Installation of required packages
  • Deployment of a standardised iscsid.conf configuration
  • Automatic iSCSI discovery and login
  • Persistent connections across reboots

2. Prerequisites

Before starting, ensure:

  • Ansible is installed on your control machine.
  • The target iSCSI storage is accessible.
  • Each server has a unique iSCSI initiator name (IQN).

Define the following variables in group_vars/all.yml:

iscsi_target_ip: "192.168.2.253"
iscsi_target_name: "iqn.2025-03.com.example:storage"
iscsi_chap_username: "your_username"
iscsi_chap_password: "your_secure_password"

3. Ansible Playbook for iSCSI Configuration

Create the Ansible playbook setup_iscsi.yml:

---
- name: Configure iSCSI Initiator
  hosts: all
  become: true
  tasks:

    - name: Install iSCSI packages
      ansible.builtin.apt:
        name:
          - open-iscsi
          - multipath-tools  # Optional for multipathing
        state: present
        update_cache: true

    - name: Deploy iSCSI configuration file
      ansible.builtin.template:
        src: templates/iscsid.conf.j2
        dest: /etc/iscsi/iscsid.conf
        owner: root
        group: root
        mode: '0644'

    - name: Set unique iSCSI initiator name
      ansible.builtin.template:
        src: templates/initiatorname.iscsi.j2
        dest: /etc/iscsi/initiatorname.iscsi
        owner: root
        group: root
        mode: '0644'

    - name: Restart iSCSI services
      ansible.builtin.systemd:
        name: open-iscsi
        state: restarted
        enabled: true

    - name: Discover iSCSI targets
      ansible.builtin.command:
        cmd: "iscsiadm -m discovery -t st -p {{ iscsi_target_ip }}"
      register: iscsi_discovery
      changed_when: false

    - name: Log in to iSCSI target
      ansible.builtin.command:
        cmd: "iscsiadm -m node -T {{ iscsi_target_name }} -p {{ iscsi_target_ip }} --login"
      register: iscsi_login
      changed_when: "'successful' in iscsi_login.stdout"

    - name: Set iSCSI login to persist across reboots
      ansible.builtin.command:
        cmd: "iscsiadm -m node -T {{ iscsi_target_name }} -p {{ iscsi_target_ip }} --op=update --name=node.startup --value=automatic"
      changed_when: false

4. Template Files

templates/iscsid.conf.j2

iscsid.startup = /bin/systemctl start iscsid.socket

node.startup = automatic
node.leading_login = No

node.session.auth.authmethod = CHAP
node.session.auth.chap_algs = SHA3-256,SHA256,SHA1,MD5
node.session.auth.username = {{ iscsi_chap_username }}
node.session.auth.password = {{ iscsi_chap_password }}

node.session.timeo.replacement_timeout = 120
node.conn[0].timeo.login_timeout = 15
node.conn[0].timeo.logout_timeout = 15
node.conn[0].timeo.noop_out_interval = 5
node.conn[0].timeo.noop_out_timeout = 5

node.session.scan = auto

templates/initiatorname.iscsi.j2

InitiatorName=iqn.2025-03.com.example:{{ inventory_hostname }}

This ensures each node has a unique IQN, preventing conflicts in iSCSI authentication.

5. Running the Playbook

Execute the playbook:

ansible-playbook -i inventory setup_iscsi.yml

Where inventory lists all nodes that need iSCSI configuration.

6. Verification

After running the playbook, verify iSCSI connectivity on a node:

Check active sessions:

sudo iscsiadm -m session

Expected output:

tcp: [1] 192.168.2.253:3260,1 iqn.2025-03.com.example:storage

Check attached LUNs:

lsblk

Ensure automatic login persists:

sudo cat /etc/iscsi/nodes/iqn.2025-03.com.example:storage/192.168.2.253,3260/default

7. Conclusion

By using Ansible, we've automated the process of configuring iSCSI initiators, ensuring that:

  • Each node has a unique IQN
  • CHAP authentication is applied correctly
  • iSCSI sessions persist across reboots
  • Consistent storage setup across multiple servers

This approach eliminates manual setup errors and guarantees that all nodes correctly connect to the iSCSI target.

Read more

HAProxy Monitoring with Prometheus: Complete Observability Guide

HAProxy Monitoring with Prometheus: Complete Observability Guide

Monitoring HAProxy is essential for maintaining reliable load balancing infrastructure. Prometheus provides powerful metrics collection, alerting capabilities, and seamless Grafana integration for visualizing HAProxy performance and health. Why Prometheus for HAProxy? Prometheus offers: * Pull-based metrics - Prometheus scrapes HAProxy metrics endpoints * Time-series database - Store historical data for trend analysis

By Patrick de Ruiter