Add chrony time service

Add a chrony service configuration. The chrony service configuration
includes tasks to ensure that the ntpd service is stopped prior to
configuring chronyd. Since both can be switched back and forth, the ntpd
configuration is also updated to stop chronyd prior to attemping to
configure the ntpd service.

Change-Id: Ie5e8183c000915f28166c842cecc04f445c013ae
Related-Blueprint: tripleo-chrony
This commit is contained in:
Alex Schultz 2018-08-01 18:32:26 -06:00
parent 5413ca926d
commit 2d59a92a34
3 changed files with 181 additions and 1 deletions

View File

@ -0,0 +1,166 @@
heat_template_version: rocky
description: >
Chrony time service deployment using ansible, this YAML file
creates the interface between the HOT template
and the ansible role that actually installs
and configure chronyd.
parameters:
ServiceData:
default: {}
description: Dictionary packing service data
type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
DefaultPasswords:
default: {}
type: json
RoleName:
default: ''
description: Role name on which the service is applied
type: string
RoleParameters:
default: {}
description: Parameters specific to the role
type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
NtpServer:
default: ['pool.ntp.org']
description: NTP servers list. Defaulted to pool.ntp.org in order to
have a sane default for Pacemaker deployments when
not configuring this parameter by default.
type: comma_delimited_list
NtpPool:
default: ['pool.ntp.org']
description: NTP pool list. Defaulted to pool.ntp.org in order to
have a sane default for Pacemaker deployments when
not configuring this parameter by default. If configured,
NtpPool takes precedence over NtpServer when using NtpPool.
Set to [] if you wish to only use the NtpServer configuration
and ignore the NtpPool option.
type: comma_delimited_list
ChronyGlobalServerOptions:
default: ''
description: Default server options for the configured NTP servers in
chrony.conf. If this is specified, NtpIburstEnable, MaxPoll,
and MinPoll are ignored.
type: string
ChronyGlobalPoolOptions:
default: ''
description: Default pool options for the configured NTP pools in
chrony.conf. If this is specified, NtpIburstEnable, MaxPoll,
and MinPoll are ignored.
type: string
NtpIburstEnable:
default: true
description: Specifies whether to enable the iburst option for every NTP
peer. If iburst is enabled, when the ntp server is unreachable
ntp will send a burst of eight packages instead of one. This
is designed to speed up the initial syncrhonization.
type: boolean
MaxPoll:
description: Specify maximum poll interval of upstream servers for NTP
messages, in seconds to the power of two.
The maximum poll interval defaults to 10 (1,024 s).
Allowed values are 4 to 17.
type: number
default: 10
constraints:
- range: { min: 4, max: 17 }
MinPoll:
description: Specify minimum poll interval of upstream servers for NTP
messages, in seconds to the power of two.
The minimum poll interval defaults to 6 (64 s).
Allowed values are 4 to 17.
type: number
default: 6
constraints:
- range: { min: 4, max: 17 }
EnablePackageInstall:
default: 'false'
description: Set to true to enable package installation at deploy time
type: boolean
ChronyAclRules:
default: ['deny all']
description: Access Control List of NTP clients. By default no clients
are permitted.
type: comma_delimited_list
conditions:
chrony_global_server_settings_is_empty: {equals: [{get_param: ChronyGlobalServerOptions}, '']}
chrony_global_pool_settings_is_empty: {equals: [{get_param: ChronyGlobalPoolOptions}, '']}
chrony_pool_is_empty: {equals: [{get_param: NtpPool}, []]}
ntp_iburst: {equals: [{get_param: NtpIburstEnable}, true]}
outputs:
role_data:
description: Role chrony using composable timesync services.
value:
service_name: chrony
config_settings:
tripleo.ntp.firewall_rules:
'105 ntp':
dport: 123
proto: udp
step_config: ''
host_prep_tasks:
- name: Populate service facts (chrony)
service_facts: # needed to make yaml happy
- name: Disable NTP before configuring Chrony
service:
name: ntpd
state: stopped
enabled: no
when: "'ntpd.service' in ansible_facts.services"
- name: Install, Configure and Run Chrony
include_role:
name: chrony
- name: Ensure system is NTP time synced
command: chronyc waitsync 20
ansible_group_vars:
chrony_role_action: all
chrony_ntp_servers:
if:
- chrony_pool_is_empty
- {get_param: NtpServer}
- []
chrony_ntp_pools: {get_param: NtpPool}
chrony_global_server_settings:
if:
- chrony_global_server_settings_is_empty
- str_replace:
template: IBURST minpoll MINPOLL maxpoll MAXPOLL
params:
IBURST:
if:
- ntp_iburst
- iburst
- ''
MINPOLL: { get_param: MinPoll }
MAXPOLL: { get_param: MaxPoll }
- {get_param: ChronyGlobalServerOptions}
chrony_global_pool_settings:
if:
- chrony_global_pool_settings_is_empty
- str_replace:
template: IBURST minpoll MINPOLL maxpoll MAXPOLL
params:
IBURST:
if:
- ntp_iburst
- iburst
- ''
MINPOLL: { get_param: MinPoll }
MAXPOLL: { get_param: MaxPoll }
- {get_param: ChronyGlobalPoolOptions}
chrony_manage_package: {get_param: EnablePackageInstall}
chrony_acl_rules: {get_param: ChronyAclRules}

View File

@ -230,7 +230,7 @@ resource_registry:
OS::TripleO::Services::Xinetd: docker/services/xinetd.yaml
# Time sync services
OS::TripleO::Services::Chrony: OS::Heat::None
OS::TripleO::Services::Chrony: deployment/timesync/chrony-ansible.yaml
OS::TripleO::Services::Ntp: puppet/services/time/ntp.yaml
OS::TripleO::Services::Ptp: OS::Heat::None
OS::TripleO::Services::Timesync: OS::TripleO::Services::Ntp

View File

@ -86,6 +86,20 @@ outputs:
step_config: |
include ::tripleo::profile::base::time::ntp
host_prep_tasks:
- name: Populate service facts (ntp)
service_facts: # needed to make yaml happy
- name: Disable chronyd before configuring NTP
service:
name: chronyd
state: stopped
enabled: no
when: "'chronyd.service' in ansible_facts.services"
- name: Disable chrony-wait before configuring NTP
service:
name: chrony-wait
state: stopped
enabled: no
when: "'chrony-wait.service' in ansible_facts.services"
- name: NTP settings
set_fact:
ntp_servers: {get_param: NtpServer}