From 58fc26311b35ddaf631574a0e40203a2f3327275 Mon Sep 17 00:00:00 2001 From: Haresh Khandelwal Date: Thu, 27 Aug 2020 18:48:02 +0530 Subject: [PATCH] Support for timemaster service with tripleo-ansible role MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit timemaster service provides provides HA between different time service i.e chrony, PTP. When timemaster service runs, it spwans instances/child processes of chronyd, ptp4l and phy2sys. Look at below output. [root@hareshcomputesriov-0 heat-admin]# systemctl status timemaster ● timemaster.service - Synchronize system clock to NTP and PTP time sources Loaded: loaded (/usr/lib/systemd/system/timemaster.service; disabled; vendor preset: disabled) Active: active (running) since Tue 2020-08-11 17:24:45 UTC; 3s ago Main PID: 544428 (timemaster) Tasks: 4 (limit: 357097) Memory: 2.4M CGroup: /system.slice/timemaster.service ├─544428 /usr/sbin/timemaster -f /etc/timemaster.conf ├─544429 /usr/sbin/chronyd -n -f /var/run/timemaster/chrony.conf ├─544430 /usr/sbin/ptp4l -l 5 -f /var/run/timemaster/ptp4l.0.conf -H -i eno1 └─544431 /usr/sbin/phc2sys -l 5 -a -r -R 1.00 -z /var/run/timemaster/ptp4l.0.socket -t [0:eno1] -n 0 -E ntpshm -M 0 Timemaster service uses /etc/chrony.conf and /etc/ptp4l.conf to create runtime instance for these 2 timeservices. These 2 time services sync to their respective time source. Timemaster provides HA between chrony and PTP (between different PTP domains as well which is not part of this patch).Timemaster compares all time sources and use the best sources to synchronize the system clock. if chronyd commuication breaks then timemaster will set system time with PTP grand master's provided time and vice a versa. Change-Id: I03953059f96079fbb61899d16147007b2fe023ad (cherry picked from commit c4950ce46e28fa87c7dcb0971ae3582a04d83021) --- .../tripleo_timemaster/defaults/main.yml | 34 +++++++ .../roles/tripleo_timemaster/meta/main.yml | 42 +++++++++ .../molecule/defaults/Dockerfile | 37 ++++++++ .../molecule/defaults/converge.yml | 21 +++++ .../molecule/defaults/molecule.yml | 54 +++++++++++ .../molecule/defaults/prepare.yml | 21 +++++ .../roles/tripleo_timemaster/tasks/config.yml | 54 +++++++++++ .../roles/tripleo_timemaster/tasks/main.yml | 30 +++++++ .../templates/timemaster.conf.j2 | 90 +++++++++++++++++++ .../roles/tripleo_timemaster/vars/RedHat.yml | 26 ++++++ 10 files changed, 409 insertions(+) create mode 100644 tripleo_ansible/roles/tripleo_timemaster/defaults/main.yml create mode 100644 tripleo_ansible/roles/tripleo_timemaster/meta/main.yml create mode 100644 tripleo_ansible/roles/tripleo_timemaster/molecule/defaults/Dockerfile create mode 100644 tripleo_ansible/roles/tripleo_timemaster/molecule/defaults/converge.yml create mode 100644 tripleo_ansible/roles/tripleo_timemaster/molecule/defaults/molecule.yml create mode 100644 tripleo_ansible/roles/tripleo_timemaster/molecule/defaults/prepare.yml create mode 100644 tripleo_ansible/roles/tripleo_timemaster/tasks/config.yml create mode 100644 tripleo_ansible/roles/tripleo_timemaster/tasks/main.yml create mode 100644 tripleo_ansible/roles/tripleo_timemaster/templates/timemaster.conf.j2 create mode 100644 tripleo_ansible/roles/tripleo_timemaster/vars/RedHat.yml diff --git a/tripleo_ansible/roles/tripleo_timemaster/defaults/main.yml b/tripleo_ansible/roles/tripleo_timemaster/defaults/main.yml new file mode 100644 index 000000000..9e5f543b6 --- /dev/null +++ b/tripleo_ansible/roles/tripleo_timemaster/defaults/main.yml @@ -0,0 +1,34 @@ +--- +# Copyright 2020 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +# All variables intended for modification should be placed in this file. +# All variables within this role should have a prefix of "tripleo_timemaster" + +tripleo_timemaster_role_action: all +tripleo_timemaster_manage_service: true +tripleo_timemaster_service_state: started + +tripleo_timemaster_global_server_settings: "{{ chrony_global_server_settings | default('iburst') }}" +tripleo_timemaster_ntp_servers: "{{ chrony_ntp_servers | default([]) }}" +tripleo_timemaster_ntp_pools: "{{ chrony_ntp_pools | default(['pool.ntp.org']) }}" +tripleo_timemaster_ntp_peers: "{{ chrony_ntp_peers | default([]) }}" +tripleo_timemaster_bind_addresses: "{{ chrony_bind_addresses | default(['127.0.0.1','::1']) }}" +tripleo_timemaster_acl_rules: "{{ chrony_acl_rules | default([]) }}" +tripleo_timemaster_extra_options: "{{ chrony_extra_options | default([]) }}" +tripleo_timemaster_makestep: "{{ chrony_makestep | default('1.0 3') }}" +tripleo_timemaster_rtc_settings: "{{ chrony_rtc_settings | default('rtcsync') }}" +tripleo_timemaster_ptpinterfaces: "{{ ptp_interfaces | default('') }}" +tripleo_timemaster_ptptransport: "{{ ptp_transport | default('') }}" diff --git a/tripleo_ansible/roles/tripleo_timemaster/meta/main.yml b/tripleo_ansible/roles/tripleo_timemaster/meta/main.yml new file mode 100644 index 000000000..250618c96 --- /dev/null +++ b/tripleo_ansible/roles/tripleo_timemaster/meta/main.yml @@ -0,0 +1,42 @@ +--- +# Copyright 2020 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + + +galaxy_info: + author: OpenStack + description: TripleO OpenStack Role -- tripleo_timemaster + company: Red Hat + license: Apache-2.0 + min_ansible_version: 2.7 + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + platforms: + - name: CentOS + versions: + - 7 + - 8 + + galaxy_tags: + - tripleo + + +# List your role dependencies here, one per line. Be sure to remove the '[]' above, +# if you add dependencies to this list. +dependencies: [] diff --git a/tripleo_ansible/roles/tripleo_timemaster/molecule/defaults/Dockerfile b/tripleo_ansible/roles/tripleo_timemaster/molecule/defaults/Dockerfile new file mode 100644 index 000000000..8fc73a838 --- /dev/null +++ b/tripleo_ansible/roles/tripleo_timemaster/molecule/defaults/Dockerfile @@ -0,0 +1,37 @@ +# Molecule managed +# Copyright 2020 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + + +{% if item.registry is defined %} +FROM {{ item.registry.url }}/{{ item.image }} +{% else %} +FROM {{ item.image }} +{% endif %} + +RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates && apt-get clean; \ + elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install sudo python*-devel python*-dnf bash {{ item.pkg_extras | default('') }} && dnf clean all; \ + elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl python-setuptools bash {{ item.pkg_extras | default('') }} && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \ + elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml {{ item.pkg_extras | default('') }} && zypper clean -a; \ + elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates {{ item.pkg_extras | default('') }}; \ + elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates {{ item.pkg_extras | default('') }} && xbps-remove -O; fi + +{% for pkg in item.easy_install | default([]) %} +# install pip for centos where there is no python-pip rpm in default repos +RUN easy_install {{ pkg }} +{% endfor %} + + +CMD ["sh", "-c", "while true; do sleep 10000; done"] diff --git a/tripleo_ansible/roles/tripleo_timemaster/molecule/defaults/converge.yml b/tripleo_ansible/roles/tripleo_timemaster/molecule/defaults/converge.yml new file mode 100644 index 000000000..76f5a4677 --- /dev/null +++ b/tripleo_ansible/roles/tripleo_timemaster/molecule/defaults/converge.yml @@ -0,0 +1,21 @@ +--- +# Copyright 2020 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + + +- name: Converge + hosts: all + roles: + - role: "tripleo_timemaster" diff --git a/tripleo_ansible/roles/tripleo_timemaster/molecule/defaults/molecule.yml b/tripleo_ansible/roles/tripleo_timemaster/molecule/defaults/molecule.yml new file mode 100644 index 000000000..ce17cef2e --- /dev/null +++ b/tripleo_ansible/roles/tripleo_timemaster/molecule/defaults/molecule.yml @@ -0,0 +1,54 @@ +--- +driver: + name: podman + +log: true + +platforms: + - name: ubi8 + hostname: ubi8 + image: ubi8/ubi-init + registry: + url: registry.access.redhat.com + dockerfile: Dockerfile + pkg_extras: python*setuptools + volumes: + - /etc/ci/mirror_info.sh:/etc/ci/mirror_info.sh:ro + - /etc/pki/rpm-gpg:/etc/pki/rpm-gpg + - /opt/yum.repos.d:/etc/yum.repos.d:rw + privileged: true + environment: &env + http_proxy: "{{ lookup('env', 'http_proxy') }}" + https_proxy: "{{ lookup('env', 'https_proxy') }}" + ulimits: &ulimit + - host + +provisioner: + name: ansible + inventory: + hosts: + all: + hosts: + ubi8: + ansible_python_interpreter: /usr/bin/python3 + log: true + env: + ANSIBLE_STDOUT_CALLBACK: yaml + ANSIBLE_ROLES_PATH: "${ANSIBLE_ROLES_PATH:-/usr/share/ansible/roles}:${HOME}/zuul-jobs/roles" + ANSIBLE_MODULE_UTILS: "${ANSIBLE_MODULE_UTILS:-/tripleo_ansible/ansible_plugins/module_utils}" + ANSIBLE_LIBRARY: "${ANSIBLE_LIBRARY:-/usr/share/ansible/plugins/modules}" + ANSIBLE_FILTER_PLUGINS: "${ANSIBLE_FILTER_PLUGINS:-/usr/share/ansible/plugins/filter}" + ANSIBLE_ACTION_PLUGINS: "${ANSIBLE_ACTION_PLUGINS:-/usr/share/ansible/plugins/action}" + +scenario: + test_sequence: + - destroy + - create + - prepare + - converge + - check + - verify + - destroy + +verifier: + name: testinfra diff --git a/tripleo_ansible/roles/tripleo_timemaster/molecule/defaults/prepare.yml b/tripleo_ansible/roles/tripleo_timemaster/molecule/defaults/prepare.yml new file mode 100644 index 000000000..27e23e495 --- /dev/null +++ b/tripleo_ansible/roles/tripleo_timemaster/molecule/defaults/prepare.yml @@ -0,0 +1,21 @@ +--- +# Copyright 2020 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + + +- name: Prepare + hosts: all + roles: + - role: test_deps diff --git a/tripleo_ansible/roles/tripleo_timemaster/tasks/config.yml b/tripleo_ansible/roles/tripleo_timemaster/tasks/config.yml new file mode 100644 index 000000000..4d657190d --- /dev/null +++ b/tripleo_ansible/roles/tripleo_timemaster/tasks/config.yml @@ -0,0 +1,54 @@ +--- +# Copyright 2020 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +- name: Disable chronyd + systemd: + enabled: false + name: chronyd + state: stopped + when: + - tripleo_timemaster_manage_service|bool + +- name: Disable ptp4l + systemd: + enabled: false + name: ptp4l + state: stopped + when: + - tripleo_timemaster_manage_service|bool + +- name: Disable phc2sys + systemd: + enabled: false + name: phc2sys + state: stopped + when: + - tripleo_timemaster_manage_service|bool + +- name: Install timemaster configuration file + template: + src: timemaster.conf.j2 + dest: "{{ tripleo_timemaster_config_file_location }}" + owner: root + group: root + mode: 0644 + +- name: Restart timemaster with config + systemd: + enabled: "{{ (tripleo_timemaster_service_state|default('started') in ['running', 'started']) |bool }}" + name: "{{ tripleo_timemaster_service_name }}" + state: restarted + when: tripleo_timemaster_manage_service|bool diff --git a/tripleo_ansible/roles/tripleo_timemaster/tasks/main.yml b/tripleo_ansible/roles/tripleo_timemaster/tasks/main.yml new file mode 100644 index 000000000..6d3ec4c33 --- /dev/null +++ b/tripleo_ansible/roles/tripleo_timemaster/tasks/main.yml @@ -0,0 +1,30 @@ +--- +# Copyright 2020 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + + +# "tripleo_timemaster" will search for and load any operating system variable file +# found within the "vars/" path. If no OS files are found the task will skip. + +- name: Load distro-specific variables + include_vars: "{{ item }}" + with_first_found: + - "{{ ansible_distribution }}.yml" + - "{{ ansible_os_family }}.yml" + - default.yml + +- name: Configure timemaster + include_tasks: config.yml + when: tripleo_timemaster_role_action in ['all', 'config'] diff --git a/tripleo_ansible/roles/tripleo_timemaster/templates/timemaster.conf.j2 b/tripleo_ansible/roles/tripleo_timemaster/templates/timemaster.conf.j2 new file mode 100644 index 000000000..cc6e38659 --- /dev/null +++ b/tripleo_ansible/roles/tripleo_timemaster/templates/timemaster.conf.j2 @@ -0,0 +1,90 @@ +# Do not manually edit this file. +# Managed by ansible role tripleo_timemaster + +{% set ptp_ifaces = tripleo_timemaster_ptpinterfaces.split(',') %} +{% set ptp_dict = {} %} +{% for ptp in ptp_ifaces %} +{% if ptp.split(':')[0] not in ptp_dict %} +{% set _ = ptp_dict.update({ptp.split(':')[0]: []}) %} +{% endif %} +{% set _ = ptp_dict[ptp.split(':')[0]].append(ptp.split(':')[1]) %} +{% endfor %} +{% for domain, nic_list in ptp_dict.items() %} +[ptp_domain {{ domain }}] +interfaces {% for nic in nic_list %} +{{ nic }}{% if not loop.last %},{% endif %} +{% endfor %} + +{% endfor %} + +[timemaster] +ntp_program chronyd + +[chrony.conf] +#include /etc/chrony.conf +{% for server in tripleo_timemaster_ntp_servers -%} +{% if server is mapping %} +server {{ server.server_host }} {{ server.server_settings }} +{% else %} +server {{ server }} {{ tripleo_timemaster_global_server_settings|default('') }} +{% endif %} +{% endfor -%} + +{% for pool in tripleo_timemaster_ntp_pools -%} +{% if pool is mapping %} +pool {{ pool.pool_host }} {{ pool.pool_settings }} +{% else %} +pool {{ pool }} {{ tripleo_timemaster_global_pool_settings|default('') }} +{% endif %} +{% endfor -%} + +{% for peer in tripleo_timemaster_ntp_peers -%} +{% if peer is mapping %} +peer {{ peer.peer_host }} {{ peer.peer_settings }} +{% else %} +peer {{ peer }} {{ tripleo_timemaster_global_peer_settings|default('') }} +{% endif %} +{% endfor -%} + +{% if tripleo_timemaster_bind_addresses is defined and tripleo_timemaster_bind_addresses|length > 0 -%} +{% for bind_addr in tripleo_timemaster_bind_addresses %} +bindcmdaddress {{ bind_addr }} +{% endfor %} +{% endif -%} + +{% if tripleo_timemaster_acl_rules is defined and tripleo_timemaster_acl_rules|length > 0 -%} +{{ tripleo_timemaster_acl_rules|join("\n") }} +{% endif -%} + +{% if tripleo_timemaster_rtc_settings is defined -%} +{{ tripleo_timemaster_rtc_settings }} +{% endif -%} + +{% if tripleo_timemaster_makestep is defined -%} +makestep {{ tripleo_timemaster_makestep }}{{ '\n' }} +{% endif -%} + +{% if tripleo_timemaster_extra_options -%} +{{ tripleo_timemaster_extra_options|join("\n") }} +{% endif -%} + +[ntp.conf] +includefile /etc/ntp.conf + +[ptp4l.conf] +#includefile /etc/ptp4l.conf +network_transport {{ tripleo_timemaster_ptptransport }} + +[chronyd] +path /usr/sbin/chronyd + +[ntpd] +path /usr/sbin/ntpd +options -u ntp:ntp -g + +[phc2sys] +path /usr/sbin/phc2sys +#options -w + +[ptp4l] +path /usr/sbin/ptp4l diff --git a/tripleo_ansible/roles/tripleo_timemaster/vars/RedHat.yml b/tripleo_ansible/roles/tripleo_timemaster/vars/RedHat.yml new file mode 100644 index 000000000..441931932 --- /dev/null +++ b/tripleo_ansible/roles/tripleo_timemaster/vars/RedHat.yml @@ -0,0 +1,26 @@ +--- +# Copyright 2020 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + + +# While options found within the vars/ path can be overridden using extra +# vars, items within this path are considered part of the role and not +# intended to be modified. + +# All variables within this role should have a prefix of "tripleo_timemaster" + +tripleo_timemaster_package_name: linuxptp +tripleo_timemaster_service_name: timemaster +tripleo_timemaster_config_file_location: /etc/timemaster.conf