Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

targetd(8) [centos man page]

targetd(8)						      System Manager's Manual							targetd(8)

NAME

       targetd

DESCRIPTION

       targetd	is  a service to allow the remote configuration of block device volumes and file systems within dedicated pools. Block devices can
       be exported to other hosts via iSCSI, and filesystems can be exported via NFS.

USAGE

       Run targetd as root.

CONFIGURATION

       targetd uses /etc/target/targetd.yaml for configuration. It is in YAML format.  targetd currently uses scalar values and collection values,
       see example for details.

   CONFIGURATION FILE SETTINGS
       block_pools
       Sets the LVM Volume Group(s) that targetd will use to allocate volumes. Defaults to "vg-targetd".

       Alternatively, targetd can allocate thinp (thin-provisioned) volumes out of a thinpool LV. These should be listed as "<vgname>/<poolname>",
       with the VG and thinpool LV names separated by a "/". These should already be created; targetd will not create VGs or thinpool LVs.

       fs_pools
       Sets the mount point(s) that targetd will use to export filesystems over NFS. Defaults to none.

       user
       password
       Sets the username and password required to use the remote API. "user" defaults to admin, but password must be set prior to using targetd.

       target_name
       Sets the iSCSI target name that targetd will use. Default is iqn.2003-01.org.linux-iscsi.<hostname>:targetd.

       ssl
       ssl_key
       ssl_cert
       Settings for enabling SSL/TLS encryption.  ssl defaults to off.	If enabled, it will default to looking for key and cert files  named  tar-
       getd_key.pem and targetd_cert.pem in /etc/target.  These paths may also be specified, using the ssl_key and ssl_cert config settings.

       Key and self-signed cert may be generated using openssl:

       openssl genrsa -out targetd_key.pem 2048
       openssl req -new -x509 -key targetd_key.pem -out targetd_cert.pem -days 9999

FILES

       /etc/target/targetd.yaml
       /etc/target/targetd_key.pem
       /etc/target/targetd_cert.pem

SEE ALSO

       The remote API is defined at
       <https://github.com/agrover/targetd/blob/master/API.md>.

       targetcli(8), lvm(8), lsmcli(8)

AUTHOR

       Written by Andy Grover <agrover@redhat.com>.

REPORTING BUGS

       Report bugs via <targetd-devel@lists.fedorahosted.org>
       or <https://github.com/agrover/targetd/issues>

																	targetd(8)

Check Out this Related Man Page

SYSTEMD-JOURNAL-UPLOAD(8)				      systemd-journal-upload					 SYSTEMD-JOURNAL-UPLOAD(8)

NAME

       systemd-journal-upload - Send journal messages over the network

SYNOPSIS

       systemd-journal-upload [OPTIONS...] [-u/--url=URL] [SOURCES...]

DESCRIPTION

       systemd-journal-upload will upload journal entries to the URL specified with --url. Unless limited by one of the options specified below,
       all journal entries accessible to the user the program is running as will be uploaded, and then the program will wait and send new entries
       as they become available.

OPTIONS

       -u, --url=[https://]URL, --url=[http://]URL
	   Upload to the specified address.  URL may specify either just the hostname or both the protocol and hostname.  https is the default.

       --system, --user
	   Limit uploaded entries to entries from system services and the kernel, or to entries from services of current user. This has the same
	   meaning as --system and --user options for journalctl(1). If neither is specified, all accessible entries are uploaded.

       -m, --merge
	   Upload entries interleaved from all available journals, including other machines. This has the same meaning as --merge option for
	   journalctl(1).

       -D, --directory=DIR
	   Takes a directory path as argument. Upload entries from the specified journal directory DIR instead of the default runtime and system
	   journal paths. This has the same meaning as --directory option for journalctl(1).

       --file=GLOB
	   Takes a file glob as an argument. Upload entries from the specified journal files matching GLOB instead of the default runtime and
	   system journal paths. May be specified multiple times, in which case files will be suitably interleaved. This has the same meaning as
	   --file option for journalctl(1).

       --cursor=
	   Upload entries from the location in the journal specified by the passed cursor. This has the same meaning as --cursor option for
	   journalctl(1).

       --after-cursor=
	   Upload entries from the location in the journal after the location specified by the this cursor. This has the same meaning as
	   --after-cursor option for journalctl(1).

       --save-state[=PATH]
	   Upload entries from the location in the journal after the location specified by the cursor saved in file at PATH
	   (/var/lib/systemd/journal-upload/state by default). After an entry is successfully uploaded, update this file with the cursor of that
	   entry.

       --follow[=BOOL]
	   If set to yes, then systemd-journal-upload waits for input.

       --key=
	   Takes a path to a SSL key file in PEM format. Defaults to /etc/ssl/private/journal-upload.pem.

       --cert=
	   Takes a path to a SSL certificate file in PEM format. Defaults to /etc/ssl/certs/journal-upload.pem.

       --trust=
	   Takes a path to a SSL CA certificate file in PEM format, or all. If all is set, then certificate checking will be disabled. Defaults to
	   /etc/ssl/ca/trusted.pem.

       -h, --help
	   Print a short help text and exit.

       --version
	   Print a short version string and exit.

EXIT STATUS

       On success, 0 is returned; otherwise, a non-zero failure code is returned.

EXAMPLES

       Example 1. Setting up certificates for authentication

       Certificates signed by a trusted authority are used to verify that the server to which messages are uploaded is legitimate, and vice versa,
       that the client is trusted.

       A suitable set of certificates can be generated with openssl:

	   openssl req -newkey rsa:2048 -days 3650 -x509 -nodes 
		 -out ca.pem -keyout ca.key -subj '/CN=Certificate authority/'

	   cat >ca.conf <<EOF
	   [ ca ]
	   default_ca = this

	   [ this ]
	   new_certs_dir = .
	   certificate = ca.pem
	   database = ./index
	   private_key = ca.key
	   serial = ./serial
	   default_days = 3650
	   default_md = default
	   policy = policy_anything

	   [ policy_anything ]
	   countryName		   = optional
	   stateOrProvinceName	   = optional
	   localityName 	   = optional
	   organizationName	   = optional
	   organizationalUnitName  = optional
	   commonName		   = supplied
	   emailAddress 	   = optional
	   EOF

	   touch index
	   echo 0001 >serial

	   SERVER=server
	   CLIENT=client

	   openssl req -newkey rsa:1024 -nodes -out $SERVER.csr -keyout $SERVER.key -subj "/CN=$SERVER/"
	   openssl ca -batch -config ca.conf -notext -in $SERVER.csr -out $SERVER.pem

	   openssl req -newkey rsa:1024 -nodes -out $CLIENT.csr -keyout $CLIENT.key -subj "/CN=$CLIENT/"
	   openssl ca -batch -config ca.conf -notext -in $CLIENT.csr -out $CLIENT.pem

       Generated files ca.pem, server.pem, and server.key should be installed on server, and ca.pem, client.pem, and client.key on the client. The
       location of those files can be specified using TrustedCertificateFile=, ServerCertificateFile=, ServerKeyFile=, in
       /etc/systemd/journal-remote.conf and /etc/systemd/journal-upload.conf, respectively. The default locations can be queried by using
       systemd-journal-remote --help and systemd-journal-upload --help.

SEE ALSO

       systemd-journal-remote(8), journalctl(1), systemd-journald.service(8), systemd-journal-gatewayd.service(8)

systemd 237														 SYSTEMD-JOURNAL-UPLOAD(8)
Man Page