Ensure cinder LVM volumes work after system restart

Update the cinder-lvm-losetup systemd service to wait until the local
/var directory is mounted and the lvm2-monitor service has started
prior to creating the loopback device used by cinder's LVM backend.

Make LIO SCSI target data persistent by adding container volume mounts
for the /etc/target directory so that the data is stored on the host.

NOTE(stable/train): The setype for persistent directories is set to
svirt_sandbox_file_t, whereas later releases use container_file_t.

Closes-Bug: #1905617
Change-Id: I0c0cbed3a41e8d4b1fbaf5c2dc7fd0412fee644a
(cherry picked from commit 63b2a989ba)
(cherry picked from commit 27678af1ab)
(cherry picked from commit 833e812baf)

deployment/cinder/cinder-common-container-puppet.yaml

@@ -76,6 +76,7 @@ parameters:
 
 conditions:
 
+  cinder_iscsi_backend_enabled: {equals: [{get_param: CinderEnableIscsiBackend}, true]}
   multipathd_enabled: {equals: [{get_param: MultipathdEnable}, true]}
   cvol_active_active_tls_enabled:
     and:
@@ -130,7 +131,7 @@ outputs:
         -
           - name: cinder_enable_iscsi_backend fact
             set_fact:
-              cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
+              cinder_enable_iscsi_backend: {if: [cinder_iscsi_backend_enabled, true, false]}
           - when: cinder_enable_iscsi_backend|bool
             block:
               - name: ensure LVM rpm dependencies are installed
@@ -180,9 +181,9 @@ outputs:
                     Description=Cinder LVM losetup
                     DefaultDependencies=no
                     Conflicts=umount.target
-                    Requires=lvm2-lvmetad.service systemd-udev-settle.service
+                    Requires=lvm2-monitor.service systemd-udev-settle.service
                     Before=local-fs.target umount.target
-                    After=lvm2-lvmetad.service systemd-udev-settle.service
+                    After=var.mount lvm2-monitor.service systemd-udev-settle.service
 
                     [Service]
                     Type=oneshot
@@ -216,6 +217,11 @@ outputs:
           - /sys:/sys
           - /var/lib/cinder:/var/lib/cinder:z
           - /var/lib/iscsi:/var/lib/iscsi:z
+        -
+          if:
+          - cinder_iscsi_backend_enabled
+          - - /etc/target:/etc/target:z
+          - []
         -
           if:
           - multipathd_enabled

deployment/iscsid/iscsid-container-puppet.yaml

@@ -142,20 +142,20 @@ outputs:
                   - /sys:/sys
                   - /lib/modules:/lib/modules:ro
                   - /etc/iscsi:/var/lib/kolla/config_files/src-iscsid:ro
+                  - /etc/target:/etc/target:z
                   - /var/lib/iscsi:/var/lib/iscsi:z
             environment:
               KOLLA_CONFIG_STRATEGY: COPY_ALWAYS
       host_prep_tasks:
-        - name: ensure /etc/iscsi exists
+        - name: create persistent directories
           file:
-            path: /etc/iscsi
+            path: "{{ item.path }}"
             state: directory
-            setype: svirt_sandbox_file_t
-        - name: ensure /var/lib/iscsi exists
-          file:
-            path: /var/lib/iscsi
-            state: directory
-            setype: svirt_sandbox_file_t
+            setype: "{{ item.setype }}"
+          with_items:
+            - { 'path': /etc/iscsi, 'setype': svirt_sandbox_file_t }
+            - { 'path': /etc/target, 'setype': svirt_sandbox_file_t }
+            - { 'path': /var/lib/iscsi, 'setype': svirt_sandbox_file_t }
         - name: stat /lib/systemd/system/iscsid.socket
           stat: path=/lib/systemd/system/iscsid.socket
           register: stat_iscsid_socket