openstack/kolla-ansible
Code Issues Proposed changes

Merge "Support multi local chrony servers"

Browse Source
This commit is contained in:
Jenkins 2017-07-27 08:25:31 +00:00 committed by Gerrit Code Review
commit d44d5d0b48
5 changed files with 33 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ansible/inventory/all-in-one
View File

@ -21,7 +21,7 @@ localhost ansible_connection=local
# You can explicitly specify which hosts run each project by updating the # You can explicitly specify which hosts run each project by updating the
# groups in the sections below. Common services are grouped together. # groups in the sections below. Common services are grouped together.
[chrony-server:children] [chrony-server:children]
control haproxy
[chrony:children] [chrony:children]
network network

2
ansible/inventory/multinode
View File

@ -41,7 +41,7 @@ monitoring
# You can explicitly specify which hosts run each project by updating the # You can explicitly specify which hosts run each project by updating the
# groups in the sections below. Common services are grouped together. # groups in the sections below. Common services are grouped together.
[chrony-server:children] [chrony-server:children]
control haproxy
[chrony:children] [chrony:children]
control control

20
ansible/roles/chrony/templates/chrony.conf.j2
View File

@ -1,13 +1,16 @@
{% for host in groups['chrony-server'] %} {% set keyfile = '/etc/chrony.keys' if kolla_base_distro in ['centos', 'oraclelinux', 'redhat'] else '/etc/chrony/chrony.keys' %}
{% if inventory_hostname != host %}
server {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }} iburst server {{ kolla_internal_vip_address }} iburst
{% endif %} {# NOTE(jeffrey4l): external_ntp_servers may be None here #}
{% endfor %} {% if external_ntp_servers %}
{% for ntp_server in external_ntp_servers %} {% for ntp_server in external_ntp_servers %}
server {{ ntp_server }} iburst server {{ ntp_server }} iburst
{% endfor %} {% endfor %}
{% endif %}
keyfile /etc/chrony/chrony.keys user chrony
keyfile {{ keyfile }}
commandkey 1 commandkey 1
@ -26,13 +29,16 @@ dumpdir /var/lib/chrony
{% if inventory_hostname in groups['chrony-server'] %} {% if inventory_hostname in groups['chrony-server'] %}
allow all allow all
# prevent chrony sync from self
deny {{ kolla_internal_vip_address }}
deny {{ api_interface_address }}
local stratum 10 local stratum 10
{% else %} {% else %}
port 0 port 0
deny all deny all
{% endif %} {% endif %}
bindaddress {{ api_interface_address }} bindaddress {{ kolla_internal_vip_address }}
logchange 0.5 logchange 0.5

12
ansible/roles/chrony/templates/chrony.json.j2
View File

@ -7,5 +7,17 @@
"owner": "chrony", "owner": "chrony",
"perm": "0600" "perm": "0600"
} }
],
"permissions": [
{
"path": "/var/log/kolla/chrony",
"owner": "chrony:kolla",
"recurse": true
},
{
"path": "/var/lib/chrony",
"owner": "chrony:chrony",
"recurse": true
}
] ]
} }

6
releasenotes/notes/move-chrony-server-group-depends-on-keepalived-27c60fbd1471cc29.yaml Normal file
View File

@ -0,0 +1,6 @@
---
upgrade:
- |
chrony server high available is implemented. And it depends on VIP now.
chrony-server group is moved to network node in default and must be the
same with haproxy group.