Make ntpd listen all interfaces

* Remove ntpd listen restrictions
* Remove client run on controllers
* Add ubuntu service overrides for ntp
* ntp server should use only ipv4
* update dnsmasq to only listen on management vrouter vip

TestImpact
Change-Id: Ic78394fddaafa82e085c55a1a0fdd3c46d4f0089
Closes-Bug: 1466090
Closes-Bug: 1470569

deployment/puppet/cluster/manifests/ntp_ocf.pp

@@ -3,7 +3,10 @@
 # Configure OCF service for NTP managed by corosync/pacemaker
 #
 class cluster::ntp_ocf ( ) {
-  $service_name = 'p_ntp'
+  include ntp::params
+
+  $basic_service_name = $ntp::params::service_name
+  $service_name = "p_${basic_service_name}"
 
   cs_resource { $service_name:
     ensure          => present,
@@ -35,7 +38,7 @@ class cluster::ntp_ocf ( ) {
     },
   } ->
 
-  cs_rsc_colocation { 'ntp-with-vrouter-ns':
+  cs_rsc_colocation { 'ntpd-with-vrouter-ns':
     ensure     => present,
     score      => 'INFINITY',
     primitives => [

deployment/puppet/osnailyfacter/manifests/dnsmasq.pp

@@ -10,11 +10,15 @@
 # [*$master_ip*]
 # Ip address of fuel master node
 #
+# [*$management_vrouter_vip*]
+# IP address of management interface in vrouter namespace
+#
 # === Examples
 #
 #  class { osnailyfacter::dnsmasq:
-#    external_dns => [ 'pool.ntp.org', 'ntp.local.company.com' ],
-#    master_ip    => '1.1.1.1'
+#    external_dns           => [ 'pool.ntp.org', 'ntp.local.company.com' ],
+#    master_ip              => '1.1.1.1',
+#    management_vrouter_vip => '1.2.3.4'
 #  }
 #
 # === Authors
@@ -27,7 +31,8 @@
 #
 class osnailyfacter::dnsmasq (
   $external_dns,
-  $master_ip
+  $master_ip,
+  $management_vrouter_vip,
 ) {
   $package_name = $osfamily ? {
     /(RedHat|CentOS)/ => 'dnsmasq',

deployment/puppet/osnailyfacter/modular/dns/dns-server.pp

@@ -1,12 +1,14 @@
 notice('MODULAR: dns-server.pp')
 
-$dns_servers        = hiera('external_dns')
-$primary_controller = hiera('primary_controller')
-$master_ip          = hiera('master_ip')
+$dns_servers            = hiera('external_dns')
+$primary_controller     = hiera('primary_controller')
+$master_ip              = hiera('master_ip')
+$management_vrouter_vip = hiera('management_vrouter_vip')
 
 class { 'osnailyfacter::dnsmasq':
-  external_dns => strip(split($dns_servers['dns_list'], ',')),
-  master_ip    => $master_ip,
+  external_dns           => strip(split($dns_servers['dns_list'], ',')),
+  master_ip              => $master_ip,
+  management_vrouter_vip => $management_vrouter_vip,
 } ->
 
 class { 'cluster::dns_ocf':

deployment/puppet/osnailyfacter/modular/ntp/ntp-client.pp

@@ -1,18 +1,23 @@
 notice('MODULAR: ntp-client.pp')
 
-$management_vip  = hiera('management_vrouter_vip')
-$nodes_hash      = hiera('nodes', {})
-$roles           = node_roles($nodes_hash, hiera('uid'))
+$management_vrouter_vip  = hiera('management_vrouter_vip')
+$nodes_hash              = hiera('nodes', {})
+$roles                   = node_roles($nodes_hash, hiera('uid'))
 
-if !(member($roles, 'controller') or member($roles, 'primary-controller')) {
-  class { 'ntp':
-    servers        => [$management_vip],
-    service_ensure => running,
-    service_enable => true,
-    iburst_enable  => true,
-    tinker         => true,
-    panic          => 0,
-    stepout        => 5,
-    minpoll        => 3,
-  }
+
+class { 'ntp':
+  servers        => [$management_vrouter_vip],
+  service_ensure => 'running',
+  service_enable => true,
+  iburst_enable  => true,
+  tinker         => true,
+  panic          => '0',
+  stepout        => '5',
+  minpoll        => '3',
+}
+
+include ntp::params
+tweaks::ubuntu_service_override { 'ntpd':
+  package_name => $ntp::params::package_name,
+  service_name => $ntp::params::service_name,
 }

deployment/puppet/osnailyfacter/modular/ntp/ntp-server.pp

@@ -1,16 +1,24 @@
 notice('MODULAR: ntp-server.pp')
 
-$ntp_servers        = hiera('external_ntp')
+$ntp_servers = hiera('external_ntp')
 
 class { 'ntp':
   servers        => strip(split($ntp_servers['ntp_list'], ',')),
   service_enable => false,
-  service_ensure => stopped,
+  service_ensure => 'stopped',
   iburst_enable  => true,
   tinker         => true,
-  panic          => 0,
-  stepout        => 5,
-  minpoll        => 3,
+  panic          => '0',
+  stepout        => '5',
+  minpoll        => '3',
 } ->
 
 class { 'cluster::ntp_ocf': }
+
+if $::operatingsystem == 'Ubuntu' {
+  include ntp::params
+  tweaks::ubuntu_service_override { 'ntpd':
+    package_name => $ntp::params::package_name,
+    service_name => $ntp::params::service_name,
+  }
+}

deployment/puppet/osnailyfacter/modular/ntp/tasks.yaml

@@ -11,7 +11,7 @@
 
 - id: ntp-client
   type: puppet
-  role: [primary-mongo, mongo, primary-controller, controller, compute, ceph-osd, cinder, cinder-vmware, zabbix-server]
+  role: [primary-mongo, mongo, compute, ceph-osd, cinder, cinder-vmware, zabbix-server]
   requires: [dns-client]
   required_for: [post_deployment_end]
   parameters:

deployment/puppet/osnailyfacter/templates/dnsmasq.conf.erb

@@ -1,3 +1,5 @@
 domain=<%= scope.lookupvar('::domain') %>
 server=/<%= scope.lookupvar('::domain') %>/<%= @master_ip %>
 resolv-file=/etc/resolv.dnsmasq.conf
+bind-interfaces
+listen-address=<%= @management_vrouter_vip %>

files/fuel-ha-utils/ocf/ns_ntp

@@ -179,7 +179,7 @@ ntp_start()
   fi
 
   # run the ntp binary
-        ocf_run ${COMMAND} ${OCF_RESKEY_extraconf} -u ntp:ntp -p "${PIDFILE}" -g -c ${CONF_FILE}
+  ocf_run ${COMMAND} ${OCF_RESKEY_extraconf} -u ntp:ntp -p "${PIDFILE}" -4 -g -c ${CONF_FILE}
   if [ $? -ne 0 ]; then
     ocf_log err "Error. ntp daemon returned error $?."
     return $OCF_ERR_GENERIC