Un article de Wikipédia, l'encyclopédie libre.
Openmediavault est un système d'exploitation sous licence libre, basé sur , destiné aux
. Il supporte de nombreux protocoles :
(), , , , , , rapport , l'authentification d'utilisateurs locaux, et
Logiciel (dans de nombreuses variantes).
Il utilise une
pour sa configuration.
Openmediavault est distribué sous forme d' et sous forme de code source.
Date / heure, par
Réseau, protocoles
et , DNS, Firewall, gestion des
et du réveil par le réseau ()
Notification d'alerte sur stockages, système, ... par Email,
Annonce sur le LAN par  
Surveille l'état du système et adapte différentes options de contr?le de l'énergie en conséquence.
Certificats.
Taches planifiées.
Gestion des mises à jour (paquets).
Services additionnels (Plugins)
(Onduleur)
Antivirus ()
Capture d’écran de la gestion des disques sous OMV
Disques physiques, HDD, , clé USB, ...
Support de la surveillance de l'état des disques durs via
Gestion avancée de l’énergie pour les disques dur ( / )
Gestion du , Stripe, Miroir, Linéaire, 10, 5, 6
Systèmes de fichiers gérés,
Gestion des Quotas par volume.
Utilisateur
Dossier partagés et ACL
 : synchronisation locale, client et serveur.
(v1 / 2c / 3)
Informations systèmes, vue d'ensemble, processus et graphiques.
Journaux systèmes.
Services, résumé des services et de leurs états.
OpenMediaVault propose de tester en ligne, gratuitement, une version 0.5.38 de démonstration (bridée) de son application:
: Catégories cachées :From Wikipedia, the free encyclopedia
ERROR: the {{Wikify}} template is
and has be please do not use// it. Instead, use a more specific template, such as those listed in this template's .
OpenMediaVault is a free
server, supporting:
protocols, , , local user authentication, and software
(0,1,5,6), with a web-based configuration interface. OpenMediaVault is currently distributed as an
form. OpenMediaVault needs to be installed on a Compact Flash, USB, or dedicated hard drive. Using the dedicated hard drive will use that drive just for the operating system, and files cannot be stored on it.
OpenMediaVault was inspired by
and other commercial NAS but is a complete new implementation. It is released under the .
Javascript/AJAX based WebGUI (based on )
Protocols:
(via ), , , , , , , ,
Extensions (plug-ins) for: , .
server, client and local sync.
feature to create virtual disks.
File systems: ,
and // are fully supported,
read/write and
read/write supported.
Hard drive: /, , ,
/ partitioning for hard drives larger than 2 Terabytes.
Network cards: All wired and wireless cards supported by .
Boot from HDD, USB key, CompactFlash, CD-ROM + floppy disk, or USB flash.
cards: All those supported by Debian.
Software RAID levels: , , , , , , 5+1, 0+1, 1+0, etc. (using mdadm).
4KB sector formatting support for hard drives using
such as Western Digital WD10EARS, WD15EARS, WD20EARS, and WD30EZRS.
forwarding.
monitoring.
Email log and reporting notification.
- NAS especially for encrypted partitions (Debian-based Live-CD, GPL)
- another low-cost commercial NAS operating system from the developers of NanoNAS
- Open source OS and enterprise class NAS with kernel based ZFS
- Unified file and block storage management software that supports NAS, iSCSI, InfiniBand, Fibre Channel, SAN and Failover
- the FreeBSD-based NAS from which OpenMediaVault was forked
- free browser-managed ZFS Internet-Nas-San-Server for user with less computer or opensolaris experience
- Another attempt to create a NAS operating system
. FreeNAS Blog.
. FreeNAS blog.
Wikimedia Commons has media related to .
This computing article is a . You can help Wikipedia by .
: Hidden categories:From Wikipedia, the free encyclopedia
This article has multiple issues. Please help
or discuss these issues on the .
This article needs additional citations for . Please help
by . Unsourced material may be challenged and removed. (March 2012)
This article may have . Please help improve the article by merging similar sections and removing unneeded subheaders. (May 2011)
In computing, iSCSI ( ) is an acronym for Internet Small Computer System Interface, an
(IP)-based storage networking standard for linking data storage facilities.
By carrying
commands over IP networks, iSCSI is used to facilitate data transfers over intranets and to manage storage over long distances. iSCSI can be used to transmit data over
(WANs), or the
and can enable location-independent data storage and retrieval.
allows clients (called initiators) to send SCSI commands () to SCSI storage devices (targets) on remote servers. It is a
(SAN) protocol, allowing organizations to consolidate storage into data center storage arrays while providing hosts (such as database and web servers) with the illusion of locally attached disks.
Unlike traditional , which usually requires dedicated cabling, iSCSI can be run over long distances using existing network infrastructure. iSCSI was pioneered by IBM and Cisco in 1998 and submitted as draft standard in March 2000.
In essence, iSCSI allows two hosts to negotiate and then exchange
commands using
(IP) networks. By doing this, iSCSI takes a popular high-performance local storage bus and emulates it over a wide range of networks, creating a
(SAN). Unlike some SAN protocols, iSCSI requires
it can be run over existing IP infrastructure. As a result, iSCSI is often seen as a low-cost alternative to , which requires dedicated infrastructure except in its
(Fibre Channel over Ethernet) form. However, the performance of an iSCSI SAN deployment can be severely degraded if not operated on a dedicated network or subnet (LAN or ), due to competition for a fixed amount of bandwidth.
Although iSCSI can communicate with arbitrary types of SCSI devices, system administrators almost always use it to allow server computers (such as database servers) to access disk volumes on storage arrays. iSCSI SANs often have one of two objectives:
Storage consolidation
Organizations move disparate storage resources from servers around their network to central locations, o this allows for more efficiency in the allocation of storage, as the storage itself is no longer tied to a particular server. In a SAN environment, a server can be allocated a new disk volume without any changes to hardware or cabling.
Disaster recovery
Organizations mirror storage resources from one data center to a remote data center, which can serve as a hot standby in the event of a prolonged outage. In particular, iSCSI SANs allow entire disk arrays to be migrated across a WAN with minimal configuration changes, in effect making storage "routable" in the same manner as network traffic.[]
Initiator[]
Further information:
An initiator functions as an iSCSI client. An initiator typically serves the same purpose to a computer as a SCSI bus adapter would, except that, instead of physically cabling SCSI devices (like hard drives and tape changers), an iSCSI initiator sends SCSI commands over an IP network. An initiator falls into two broad types:
A software initiator uses code to implement iSCSI. Typically, this happens in a
device driver that uses the existing
to emulate SCSI devices for a computer by speaking the iSCSI protocol. Software initiators are available for most popular operating systems and are the most common method of deploying iSCSI.
A hardware initiator uses dedicated hardware, typically in combination with
running on that hardware, to implement iSCSI. A hardware initiator mitigates the overhead of iSCSI and
processing and , and therefore may improve the performance of servers that use iSCSI. An iSCSI
(more commonly, HBA) implements a hardware initiator. A typical HBA is packaged as a combination of a Gigabit (or 10 Gigabit) Ethernet , some kind of TCP/IP offload engine (TOE) technology and a SCSI bus adapter, which is how it appears to the operating system. An iSCSI HBA can include
from an iSCSI SAN.
An iSCSI offload engine, or iSOE card, offers an alternative to a full iSCSI HBA. An iSOE "offloads" the iSCSI initiator operations for this particular network interface from the host processor, freeing up CPU cycles for the main host applications. iSCSI HBAs or iSOEs are used when the additional performance enhancement justifies the additional expense of using an HBA for iSCSI, rather than using a software-based iSCSI client (initiator). iSOE may be implemented with additional services such as
(TOE) to further reduce host server CPU usage.
The iSCSI specification refers to a storage resource located on an iSCSI server (more generally, one of potentially many instances of iSCSI storage nodes running on that server) as a target.
"iSCSI target" should not be confused with the term "iSCSI" as the latter is a protocol and not a storage server instance.[]
An iSCSI target is often a dedicated network-connected hard disk storage device, but may also be a general-purpose computer, since as with initiators, software to provide an iSCSI target is available for most mainstream operating systems.
Common deployment scenarios for an iSCSI target include:
In a data center or enterprise environment, an iSCSI target often resides in a large storage array. These arrays can be in the form of commodity hardware with
based iSCSI implementations, or as commercial products such as in , , , , , , , , , ,
NS-series, CX4, VNX, VNXe, VMAX,
HNAS, or Pivot3 vSTAC.
A storage array usually provides distinct iSCSI targets for numerous clients.
Nearly all modern mainstream server operating systems (such as , ,
or ) can provide iSCSI target functionality, either as a built-in feature or with supplemental software. Some specific-purpose operating systems (such as , , , , or based on
and derivatives like napp-it, , OmniOS and ) implement iSCSI target support.
Main article:
terminology,
stands for logical unit number. A LUN represents an individually addressable (logical) SCSI device that is part of a physical SCSI device (target). In an iSCSI environment, LUNs are essentially numbered disk drives.[] An initiator negotiates with a target to establish connectivity to a LUN; the result is an iSCSI connection that emulates a connection to a SCSI hard disk. Initiators treat iSCSI LUNs the same way as they would a raw SCSI or IDE for instance, rather than mounting remote directories as would be done in
environments, iSCSI systems format and directly manage filesystems on iSCSI LUNs.
In enterprise deployments, LUNs usually represent subsets of large
disk arrays, often allocated one per client. iSCSI imposes no rules or restrictions on multiple computers sharing individual LUNs; it leaves shared access to a single underlying filesystem as a task for the operating system.
For general data storage on an already-booted computer, any type of generic network interface may be used to access iSCSI devices[]. However, a generic consumer-grade network interface is not able to boot a diskless computer from a remote iSCSI data source[]. Instead, it is commonplace for a server to load its initial operating system from a
server or local boot device, and then use iSCSI for data storage once booting from the local device has finished[].
A separate
may be configured to assist interfaces equipped with
capability to be able to boot over iSCSI. In this case, the network interface looks for a DHCP server offering a
boot image. This is used to kick off the iSCSI remote boot process, using the booting network interface's
to direct the computer to the correct iSCSI boot target[]. One can then use a software-only approach to load a small boot program which can in turn mount a remote iSCSI target as if it was a local SCSI drive and then fire the boot process from said iSCSI target[]. This can be achieved using an existing
(PXE) boot ROM, which is available on many wired Ethernet adapters. The boot code can also be loaded from CD/DVD, floppy disk (or floppy disk image) and USB storage, or it can replace existing PXE boot code on adapters that can be re-flashed. The most popular free software to offer iSCSI boot support is .
Most Intel Ethernet controllers for servers support iSCSI boot.
iSCSI uses TCP (typically
860 and 3260) for the protocols itself, with higher-level names used to address the objects within the protocol. Special names refer to both iSCSI initiators and targets. iSCSI provides three name-formats:
iSCSI Qualified Name (IQN)
Format: The iSCSI Qualified Name is documented in , with further examples of names in . Briefly, the fields are:
literal iqn (iSCSI Qualified Name)
date (yyyy-mm) that the naming authority took ownership of the domain
reversed domain name of the authority (e.g. org.alpinelinux, com.example, to.yp.cr)
Optional ":" prefixing a storage target name specified by the naming authority.
From the RFC:
String defined by
"" naming authority
+--++-----+ +---------+ +-----------------------------+
iqn..example:storage:diskarrays-sn-a8675309
iqn..example
iqn..example:storage.tape1.sys1.xyz
iqn..example:storage.disk2.sys1.xyz
Extended Unique Identifier (EUI)
Format: eui.{EUI-64 bit address} (e.g. eui.678D)
T11 Network Address Authority (NAA)
Format: naa.{NAA 64 or 128 bit identifier} (e.g. naa.678D)
IQN format addresses occur most commonly. They are qualified by a date (yyyy-mm) because domain names can expire or be acquired by another entity.
The IEEE Registration authority provides EUI in accordance with the EUI-64 standard. NAA is part OUI which is provided by the IEEE Registration Authority. NAA name formats were added to iSCSI in , to provide compatibility with naming conventions used in
(SAS) storage technologies.
Usually, an iSCSI participant can be defined by three or four fields:
Hostname or IP Address (e.g., "")
Port Number (e.g., 3260)
iSCSI Name (e.g., the IQN "iqn..ibm:00.fcd0ab21.shark128")
An optional
Secret (e.g., "secretsarefun")
Main article:
iSCSI initiators can locate appropriate storage resources using the
(iSNS) protocol. In theory, iSNS provides iSCSI SANs with the same management model as dedicated
SANs. In practice, administrators can satisfy many deployment goals for iSCSI without using iSNS.
iSCSI initiators and targets prove their identity to each other using the
protocol, which includes a mechanism to prevent
passwords from appearing on the wire. By itself, the CHAP protocol is vulnerable to , , or . If followed carefully, the rules for using CHAP within iSCSI prevent most of these attacks.
Additionally, as with all IP-based protocols,
can operate at the network layer. The iSCSI negotiation protocol is designed to accommodate other authentication schemes, though interoperability issues limit their deployment.
To ensure that only valid initiators connect to storage arrays, administrators most commonly run iSCSI only over logically isolated backchannel networks. In this deployment architecture, only the management ports of storage arrays are exposed to the general-purpose internal network, and the iSCSI protocol itself is run over dedicated network segments or
(VLAN). This mitigates aut unauthorized users are not physically provisioned for iSCSI, and thus cannot talk to storage arrays. However, it also creates a
problem, in that a single compromised host with an iSCSI disk can be used to attack storage resources for other hosts.
This section does not
any . Please help improve this section by . Unsourced material may be challenged and . (November 2013)
While iSCSI can be logically isolated from the general network using VLANs only, it is still no different from any other network equipment and may use any cable or port as long as there is a completed signal path between source and target. Just a single cabling mistake by a network technician can compromise the barrier of logical separation, and an accidental bridging may not be immediately detected because it does not cause network errors.
In order to further differentiate iSCSI from the regular network and prevent cabling mistakes when changing connections, administrators may implement self-defined color-coding and labeling standards, such as only using yellow-colored cables for the iSCSI connections and only blue cables for the regular network, and clearly labeling ports and switches used only for iSCSI.
While iSCSI could be implemented as just a VLAN cluster of ports on a large multi-port switch that is also used for general network usage, the administrator may instead choose to use physically separate switches dedicated to iSCSI VLANs only, to further prevent the possibility of an incorrectly connected cable plugged into the wrong port bridging the logical barrier.
This section does not
any . Please help improve this section by . Unsourced material may be challenged and . (November 2013)
Because iSCSI aims to consolidate storage for many servers into a single storage array, iSCSI deployments require strategies to prevent unrelated initiators from accessing storage resources. As a pathological example, a single enterprise storage array could hold data for servers variously regulated by the
for corporate accounting,
for health benefits information, and
for credit card processing. During an audit, storage systems must demonstrate controls to ensure that a server under one regime cannot access the storage assets of a server under another.
Typically, iSCSI storage arrays explicitly map initiators to specific target LUNs; an initiator authenticates not to the storage array, but to the specific storage asset it intends to use. However, because the target LUNs for SCSI commands are expressed both in the iSCSI negotiation protocol and in the underlying SCSI protocol, care must be taken to ensure that access control is provided consistently.
For the most part, iSCSI operates as a cleartext protocol that provides no cryptographic protection for data in motion during SCSI transactions. As a result, an attacker who can listen in on iSCSI Ethernet traffic can:
Reconstruct and copy the files and filesystems being transferred on the wire
Alter the contents of files by injecting fake iSCSI frames
Corrupt filesystems being accessed by initiators, exposing servers to software flaws in poorly tested filesystem code.
These problems do not occur only with iSCSI, but rather apply to any
protocol without cryptographic security. IP-based security protocols, such as , can provide standards-based cryptographic protection to this traffic, generally at a severe performance penalty.
The dates in the following table denote the first appearance of a native driver in each operating system. Third-party drivers for Windows and Linux were available as early as 2001, specifically for attaching IBM's IP Storage 200i appliance.
First release date
i5/OS V5R4M0
Target, Multipath
ESX 3.0, ESX 4.0, ESXi 5.x
Initiator, Multipath
AIX 5.3 TL10, AIX 6.1 TL3
Initiator, Target
2000, XP Pro, 2003, Vista,
R2, Windows 7, Windows 8, Windows Server 2012, Windows 8.1, Windows Server 2012 R2
Initiator, Target, Multipath
NetWare 5.1, 6.5, & OES
Initiator, Target
HP 11i v1, HP 11i v2, HP 11i v3
Solaris 10, OpenSolaris
Initiator, Target, Multipath,
2.6.12, 3.1
Initiator (2.6.12),
(3.1), Multipath, , VAAI
Initiator (5.0), Target (4.0)
Initiator (7.0), Target (10.0), Multipath, VAAI
Initiator, Multipath
Most iSCSI targets involve disk, though iSCSI tape and medium-changer targets are popular as well. So far, physical devices have not featured native iSCSI interfaces on a component level. Instead, devices with
interfaces are bridged by using iSCSI target software, external bridges, or controllers internal to the device enclosure.
Alternatively, it is possible to virtualize disk and tape targets. Rather than representing an actual physical device, an emulated virtual device is presented. The underlying implementation can deviate drastically from the presented target as is done with
(VTL) products. VTLs use disk storage for storing data written to virtual tapes. As with actual physical devices, virtual targets are presented by using iSCSI target software, external bridges, or controllers internal to the device enclosure.
In the security products industry, some manufacturers use an iSCSI RAID as a target, with the initiator being either an IP-enabled encoder or camera.
Multiple systems exist that allow Fibre Channel, SCSI and SAS devices to be attached to an IP network for use via iSCSI. They can be used to allow migration from older storage technologies, access to SANs from remote servers and the linking of SANs over IP networks. An iSCSI gateway bridges IP servers to Fibre Channel SANs. The TCP connection is terminated at the gateway, which is implemented on a Fibre Channel switch or as a standalone appliance.
SCSI over Ethernet frames instead of IP (as iSCSI is)
Linux SCSI target software stack
Unless tunneled, such as in
Target available only as part of . Target available in Storage Server 2008 (excepted Basic edition). Target available for Windows Server 2008 R2 as a separate download. Windows Server 2012 has built-in iSCSI target version 3.3 (at least in preview versions).
vStorage APIs Array Integration
OS X has neither initiator nor target coming from vendor directly. There are a few OS X initiators and targets available but they are from third-party vendors only.[]
Rouse, Margaret (May 2011). . SearchStorage 2012.
. Tredent Network Solutions 2012.
. IBM 2013.
David Oppenheimer and David A. Patterson, Berkeley, IEEE Internet Computing, September–October 2002.
. ipxe.org.
. ipxe.org.
. ipxe.org.
. April 2004. p. 32.
Satran, J Kalman, M Sapuntzakis, C Zeidner, E Chadalapaka, Mallikarjun (). .
. VMWare 2012.
. IBM 2013.
. Microsoft.
- Internet Small Computer Systems Interface (iSCSI) (obsolete)
- Internet Small Computer Systems Interface (iSCSI) Naming and Discovery (updated)
- String Profile for Internet Small Computer Systems Interface (iSCSI) Names
- Securing Block Storage Protocols over IP (Scope: The use of IPsec and IKE to secure iSCSI, iFCP, FCIP, iSNS and SLPv2.)
- Small Computer Systems Interface protocol over the Internet (iSCSI) Requirements and Design Considerations
- Small Computer Systems Interface (SCSI) Command Ordering Considerations with iSCSI
- T11 Network Address Authority (NAA) Naming Format for iSCSI Node Names (obsolete)
- Finding Internet Small Computer Systems Interface (iSCSI) Targets and Name Servers by Using Service Location Protocol version 2 (SLPv2)
- Bootstrapping Clients using the Internet Small Computer System Interface (iSCSI) Protocol
- Definitions of Managed Objects for Internet Small Computer System Interface (iSCSI)
- Declarative Public Extension Key for Internet Small Computer Systems Interface (iSCSI) Node Architecture (obsolete)
- Definitions of Managed Objects for iSNS (Internet Storage Name Service)
- Internet Small Computer System Interface (iSCSI) Corrections and Clarifications (obsolete)
- DA: Datamover Architecture for the Internet Small Computer System Interface (iSCSI)
- Internet Small Computer System Interface (iSCSI) Extensions for Remote Direct Memory Access (RDMA)
– Internet Small Computer System Interface (iSCSI) Protocol (consolidated)
: Hidden categories:}