==============================================
SCST 2.x Installation on Gentoo Linux
==============================================

This howto will get you a working SCST installation on Gentoo Linux, it
will follow the official howto as much as possible with a few exceptions
because of Gentoo specifics or my preferences. Most of it will also work
on other Linux Distributions so my changes from the official howto might
help you get SCST working on another distro.

Prerequisites:
- A working and up2date Gentoo Linux installation
- Free storage space
- Installation of the following packages: gentoo-sources, subversion
- User with root privileges
- Read the official iSCSI-SCST howto for more options and information

Assumptions for this howto:
- User logged on as root
- Gentoo Sources version 2.6.39-r3 installed
- Manual build kernel without initramfs
- Gentoo AMD64 version
- Grub bootloader
- /boot on a separate partition
- One iSCSI target with 2 LUNS, both LUNS virtual disk files
- One iSCSI target with one LUN, LUN is a real device

When the above options differ from your environment/setup you will need
to change some of the commands provided in this howto for things to
work.


1. Download the latest SCST version.

  cd /root
  svn co https://scst.svn.sourceforge.net/svnroot/scst/trunk scst


2. Patch the kernel (Optional but required for the best speed)

  cd /usr/src/linux-2.6.39-gentoo-r3
  patch -p1 < /root/scst/iscsi-scst/kernel/patches/put_page_callback-2.6.39.patch
  patch -p1 < /root/scst/scst/kernel/scst_exec_req_fifo-2.6.39.patch
  make clean


3. Build the kernel

  make menuconfig
  Select Networking support -> Networking options -> TCP/IP networking
  Select Networking support -> Networking options -> TCP/IP zero-copy transfer completion notification
  Select Device Drivers -> SCSI device support -> SCSI disk support
  Select Enable the block layer -> IO Schedulers -> CFQ I/O Scheduler
  Set Enable the Block layer -> IO Schedulers -> Default I/O Scheduler to 'CFQ'
  Set Processor type and features -> Preemption Model to 'No Forced Preemption (Server)'
  Exit
  make
  make modules_install


4. Install the new kernel and reboot the system

  mount /boot
  cp arch/x86_64/boot/bzImage /boot/kernel-2.6.39-gentoo-r3-SCST
  nano -w /boot/grub/grub.conf  (add a new boot entry with the newly compiled kernel)
  umount /boot
  shutdown -r now


5. Build SCST

  cd /root/scst
  make 2perf
  make scst scst_install
  make iscsi iscsi_install
  make scstadm scstadm_install


6. Make a clean config and start SCST

  echo "HANDLER vdisk_fileio {" >> /etc/scst.conf
  echo "}" >> /etc/scst.conf
  echo ""  >> /etc/scst.conf
  echo "TARGET_DRIVER iscsi {"  >> /etc/scst.conf
  echo "      	enabled 0"  >> /etc/scst.conf
  echo "}"  >> /etc/scst.conf
  /etc/init.d/scst start


7. Configure SCST

In this example disk01 is a virtual disk that is stored in the file
/vdisks/vdisk1 and is mounted read_only, disk02 is the same as disk01
but with file /vdisks/vdisk2 and it has its blocksize increased from 512
to 4096 (see notes below), and finaly disk03 is a real disk used as a
blockdevice. Both disk01 and disk02 are connected to the same target
with different luns and disk03 is connected to a different target as
LUN0, if the allowed_target atttribute is not set the target is open
to all ip's

  scstadmin -open_dev disk01 -handler vdisk_fileio -attributes filename=/vdisks/vdisk1,read_only
  scstadmin -open_dev disk02 -handler vdisk_fileio -attributes filename=/vdisks/vdisk2,blocksize=4096
  scstadmin -open_dev disk03 -handler vdisk_blockio -attributes filename=/dev/sdc1
  scstadmin -add_target iqn.2011-08.nl.feka:storage.vdisk1 -driver iscsi
  scstadmin -add_target iqn.2011-08.nl.feka:storage.vdisk2 -driver iscsi
  scstadmin -add_lun 0 -driver iscsi -target iqn.2011-08.nl.feka:storage.vdisk1 -device disk01
  scstadmin -add_lun 1 -driver iscsi -target iqn.2011-08.nl.feka:storage.vdisk1 -device disk02
  scstadmin -add_lun 0 -driver iscsi -target iqn.2011-08.nl.feka:storage.vdisk2 -device disk03
  scstadmin -enable_target iqn.2011-08.nl.feka:storage.vdisk1 -driver iscsi
  scstadmin -enable_target iqn.2011-08.nl.feka:storage.vdisk2 -driver iscsi
  scstadmin -set_drv_attr iscsi -attributes enabled=1
  scstadmin -write_config /etc/scst.conf


8. Run SCST automatically at startup

For SCST 2.1 SVN version r3805 and newer do:
  rc-update add scst default

For SCST 2.0 and for a SVN version before r3805 and Gentoo with the old baselayout without OpenRC do:
  rc-update add scst default

For SCST 2.0 and for a SVN version before r3805 and you have the new Gentoo baselayout do:
  echo "/etc/init.d/scst start" >> /etc/local.d/scst.start
  echo "/etc/init.d/scst stop" >> /etc/local.d/scst.stop
  chmod 775 /etc/local.d/scst.*
(the SCST init script doesn't work with openRC and changing it would be a lot of work so local.d is used as an easy workaround)


9. Using SCST access control (optional)

SCST listens on all the targets IP addresses and allows access to any
initiators per default. There are a couple of ways to restict access and
here I will give some examples. For the full documentation see the
README file in the scst/iscsi-scst/ directory

To make a target accessible on only one IP address do:
  scstadmin -set_tgt_attr iqn.2011-08.nl.feka:storage.vdisk1 -driver iscsi -attributes allowed_portal=192.168.100.15
(Remember the IP address is the address of the target machine, not of
 the allowed initiator, you can add multiple entries on the same target
 by repeating the above command, you can also use the wildcards * and ?
 where the ? stands for any single digit)

To make targets only accessible by specific inititators add a group to
each target and define the allowed inititiators on each group and add
the lun to the group instead of the target:
(remove the old lun if it already exists directly under the target)
  scstadmin -add_group vCenter -driver iscsi -target iqn.2011-08.nl.feka:storage.vdisk2
  scstadmin -add_group ESXi -driver iscsi -target iqn.2011-08.nl.feka:storage.vdisk1
  scstadmin -add_init iqn.2011-08.nl.feka:vcenterserver  -driver iscsi -target iqn.2011-08.nl.feka:storage.vdisk2 -group vCenter
  scstadmin -add_init iqn.1998-01.com.vmware:esx1-47f53b1d -driver iscsi -target iqn.2011-08.nl.feka:storage.vdisk1 -group ESXi
  scstadmin -add_init iqn.1998-01.com.vmware:esx2-23e64b45 -driver iscsi -target iqn.2011-08.nl.feka:storage.vdisk1 -group ESXi
  scstadmin -rem_lun 0 -driver iscsi -target iqn.2011-08.nl.feka:storage.vdisk1 -device disk01
  scstadmin -rem_lun 1 -driver iscsi -target iqn.2011-08.nl.feka:storage.vdisk1 -device disk02
  scstadmin -rem_lun 0 -driver iscsi -target iqn.2011-08.nl.feka:storage.vdisk2 -device disk03
  scstadmin -add_lun 0 -driver iscsi -target iqn.2011-08.nl.feka:storage.vdisk1 -group ESXi -device disk01
  scstadmin -add_lun 1 -driver iscsi -target iqn.2011-08.nl.feka:storage.vdisk1 -group ESXi -device disk02
  scstadmin -add_lun 0 -driver iscsi -target iqn.2011-08.nl.feka:storage.vdisk2 -group vCenter -device disk03


==============================================
Notes
==============================================

SCST's vdisk_fileio handler will use a default blocksize of 512b, this
is the only safe option for vmware ESXi or older windows versions, for
best performance with newer windows versions a blocksize of 4096 will be
much faster.

The TCP/IP zero-copy transfer completion notification provided by the
put_page_callback patch will only improve performance if your network
adapter supports TX offloading. You can check this by running ethtool -k
eth0 (substitute eth0 for the nic you use),  at least "tx-checksumming"
and "scatter-gather" should be enabled. If your adapter is unable to do
so consider upgrading to a good server grade nic, both Intel and
Broadcom make good server grade nics.

If you have an Intel CPU that supports SSE4.2 make sure to add the
crc32c-intel module to the kernel, so iSCSI-SCST will do all digest
calculations with hardware acceleration. You can find this option in the
kernel Cryptographic API -> CRC32c INTEL hardware acceleration

It is recommended to increase the read ahead size to at least 512KB on
the initiators and the target. To do this for dev/sdb and /dev/sdc on
the scst target do this:

  nano -w /etc/local.d/blockdev.start
    blockdev --setra 1024 /dev/sdb
    blockdev --setra 1024 /dev/sdc
  chmod 775 /etc/local.d/blockdev.start
(--setra 1024 means 1024x512bytes)

When running a firewall you need to open TCP Port 3260 on the required
interface, see below example for iptables.
iptables -A INPUT -p TCP -i eth0 --dport 3260 -m state --state NEW -j ACCEPT

