Troubleshooting file system issues

4 hours
  • 3 Learning Objectives

About this Hands-on Lab

**Warning**: This lab represents a significantly broken environment and goes well beyond simple troubleshooting.

In this lab, you must resolve any issues preventing the content mounted at `/storage` from being accessed.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Verify the iSCSI target configuration and status.

On Server1 (10.0.1.10)

Verify the target service is running:

systemctl status target

Start and enable the target service:

systemctl start target && systemctl enable target

Verify the process is listening on port 3260:

ss -ltnp | grep 3260

Check if the firewall is permitting traffic over 3260/tcp:

firewall-cmd --list-all

Permit incoming traffic over port 3260/tcp:

firewall-cmd --permanent --add-port=3260/tcp

Reload the firewall:

firewall-cmd --reload

View the iSCSI target configuration:

targetcli
/> ls
Verify the iSCSI initiator configuration and status.

On Server2 (10.0.1.11)

View any existing node entires:

iscsiadm -m node

Verify the initiator name matches the ACL from the target:

cat /etc/iscsi/initiatorname.iscsi

Change the name to match the target:

InitiatorName=iqn.1994-05.com.redhat:c1cd6e78d22

Verify security settings match those of target:

less /etc/iscsi/iscsid.conf
#node.session.auth.authmethod = CHAP
...
#node.session.auth.username = username
#node.session.auth.password = password

Restart the iscsid service to pick up the change:

systemctl restart iscsid

Discover iSCSI targets from 10.0.1.10:

iscsiadm -m discovery -t sendtargets -p 10.0.1.10

Log in to target:

iscsiadm -m node -T iqn.2003-01.org.linux-iscsi.ip-10-0-1-10.x8664:sn.a3776832068c -l

Enable the iscsid service to permit connection upon reboot:

systemctl enable iscsid
Resolve disk encryption.

Review the contents of /etc/crypttab and /etc/fstab:

cat /etc/crypttab
cat /etc/fstab

Attempt to manually open the volume using the key referenced in /etc/crypttab:

cryptsetup luksOpen /dev/mapper/vg_1-lv_1 luks-vg_1-lv_1 --key-file /root/passphrase.key

View the volume key slots:

cryptsetup luksDump /dev/mapper/vg_1-lv_1

Restore the LUKS header:

cryptsetup luksHeaderRestore /dev/mapper/vg_1-lv_1 --header-backup-file /root/vg_1-lv_1.header

Open the volume manually:

cryptsetup luksOpen /dev/mapper/vg_1-lv_1 luks-vg_1-lv_1 --key-file /root/passphrase.key

View the entries in /dev/mapper:

ll /dev/mapper

Attempt to mount /storage:

mount /storage

View the file system label:

blkid

The volume appears to be a swap format, however the entry in /etc/fstab suggests it’s an XFS file system. Repair the file system:

xfs_repair /dev/mapper/luks-vg_1-lv_1

Mount /storage:

mount /storage

View the contents of /storage:

ll /storage

Additional Resources

Resolve any and all issues preventing access to the contents mounted at /storage.

  • 10.0.1.10 is an iSCSI target for the volume mounted at /storage

  • 10.0.1.11 is the iSCSI initiator

  • A backup of the LUKS header is available at /root/vg_1-lv_1.header

Do not format any volumes, do not modify /etc/fstab or /etc/crypttab

The integrity of the existing encryption, filesystems, and files located on the iSCSI volume must be preserved.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?