Add configure tasks for iscsid

Add configure tasks for the iscsid role. This essentially copies the
implementation from puppet-tripleo:
https://github.com/openstack/puppet-tripleo/blob/master/manifests/profile/base/iscsid.pp

Change-Id: Idb57bb5179897ee7b4461f81372e6021b72be4d8

tripleo_ansible/roles/tripleo_iscsid/defaults/main.yml

@@ -32,3 +32,6 @@ tripleo_iscsid_volumes:
   - /var/lib/config-data/puppet-generated/iscsid/etc/iscsi:/var/lib/kolla/config_files/src-iscsid:ro
   - /etc/target:/etc/target:z
   - /var/lib/iscsi:/var/lib/iscsi:z
+  - /etc/iscsi:/tmp/iscsi.host:z
+
+tripleo_iscsid_chap_algs: 'SHA3-256,SHA256,SHA1,MD5'

tripleo_ansible/roles/tripleo_iscsid/tasks/configure.yml

@@ -0,0 +1,62 @@
+---
+# Copyright 2022 Red Hat, Inc.
+# All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+- name: Ensure iscsi-initiator-utils
+  ansible.builtin.package:
+    name: iscsi-initiator-utils
+    state: present
+
+- name: Check if initiator_reset present
+  ansible.builtin.stat:
+    path: /tmp/iscsi.host/.initiator_reset
+  register: initiator_reset_state
+
+- name: Reset iscsi initiator name
+  block:
+  - name: Sync IQN from Host
+    ansible.builtin.copy:
+      src: /tmp/iscsi.host/.initiator_reset
+      dest: /tmp/iscsi.host/initiator
+      remote_src: True
+
+  - name: Get ISCSI Initiator Name
+    ansible.builtin.command: /usr/sbin/iscsi-name
+    register: iscsi_name
+
+  - name: Reset iscsi initiator name
+    ansible.builtin.copy:
+      dest: /etc/iscsi/initiatorname.iscsi
+      content: "{{ iscsi_name }}"
+
+  - name: Sync IQN to host
+    ansible.builtin.copy:
+      src: /etc/iscsi/initiatorname.iscsi
+      dest: /etc/iscsi/.initiator_reset
+      remote_src: True
+
+  - name: Sync IQN to host /tmp/iscsi.host/
+    ansible.builtin.copy:
+      src: /etc/iscsi/initiatorname.iscsi
+      dest: /tmp/iscsi.host/
+      remote_src: True
+  when: initiator_reset_state.stat.exists
+
+- name: Write CHAP algorithms
+  ansible.builtin.lineinfile:
+    path: /etc/iscsi/iscsid.conf
+    line: "node.session.auth.chap_algs = {{ tripleo_iscsid_chap_algs }}"
+    regexp: "^node.session.auth.chap_algs"
+    insertafter: "^#node.session.auth.chap.algs"

tripleo_ansible/roles/tripleo_iscsid/tasks/iscsid_install.yaml

@@ -20,31 +20,43 @@
     target: "{{ item.path }}(/.*)?"
     setype: "{{ item.setype }}"
     state: present
-  with_items:
+  loop:
     - { 'path': /etc/iscsi, 'setype': container_file_t }
     - { 'path': /etc/target, 'setype': container_file_t }
     - { 'path': /var/lib/iscsi, 'setype': container_file_t }
+
 - name: create persistent directories
-  file:
+  ansible.builtin.file:
     path: "{{ item.path }}"
     state: directory
     setype: "{{ item.setype }}"
-  with_items:
+  loop:
     - { 'path': /etc/iscsi, 'setype': container_file_t }
     - { 'path': /etc/target, 'setype': container_file_t }
     - { 'path': /var/lib/iscsi, 'setype': container_file_t }
+
 - name: stat /lib/systemd/system/iscsid.socket
-  stat: path=/lib/systemd/system/iscsid.socket
+  ansible.builtin.stat:
+    path: /lib/systemd/system/iscsid.socket
   register: stat_iscsid_socket
+
 - name: Stop and disable iscsid.socket service
-  service: name=iscsid.socket state=stopped enabled=no
+  ansible.builtin.service:
+    name: iscsid.socket
+    state: stopped
+    enabled: no
   when: stat_iscsid_socket.stat.exists
+
 - name: Check if iscsi.service is enabled
-  command: systemctl is-enabled --quiet iscsi.service
+  ansible.builtin.command: systemctl is-enabled --quiet iscsi.service
   failed_when: false
   register: iscsi_service_enabled_result
+
 - name: Stop iscsi.service
-  service: name=iscsi.service state=stopped enabled=no
+  ansible.builtin.service:
+    name: iscsi.service
+    state: stopped
+    enabled: no
   when:
     - iscsi_service_enabled_result is changed
     - iscsi_service_enabled_result.rc == 0