Try a timesync as part of first boot
We're running into issues where if someone creates a firstboot script
that touches a file that will eventually be mounted into a container, it
can fail if the time of the file ends up being in the future due to a
later timesync. Let's try a basic timesync bootstrap as part of
cloud-init to address the case of configuration changes occuring prior
to the host_prep_tasks where we traditionally configure chrony/ntp
Depends-On: https://review.opendev.org/#/c/659398
Change-Id: I294eba826b98c5793336815282f766e3d2e60a51
Related-Bug: #1776869
(cherry picked from commit eafe390853
)
This commit is contained in:
parent
dd200499de
commit
b23fd9f708
97
firstboot/userdata_timesync.yaml
Normal file
97
firstboot/userdata_timesync.yaml
Normal file
@ -0,0 +1,97 @@
|
||||
heat_template_version: rocky
|
||||
|
||||
parameters:
|
||||
NtpServer:
|
||||
default: ['0.pool.ntp.org', '1.pool.ntp.org', '2.pool.ntp.org', '3.pool.ntp.org']
|
||||
description: NTP servers list. Defaulted to a set of pool.ntp.org servers
|
||||
in order to have a sane default for Pacemaker deployments when
|
||||
not configuring this parameter by default.
|
||||
type: comma_delimited_list
|
||||
NtpPool:
|
||||
default: []
|
||||
description: NTP pool list. Defaults to [], so only NtpServer is used by
|
||||
default.
|
||||
type: comma_delimited_list
|
||||
NtpService:
|
||||
default: chrony
|
||||
description: NTP Service to use for the timesync bootstrap.
|
||||
type: string
|
||||
|
||||
|
||||
description: >
|
||||
Uses cloud-init to bootstrap timesync configuration to ensure it is done
|
||||
as soon as possible. We do additional and more complex configurations as
|
||||
part of the deployment itself.
|
||||
|
||||
conditions:
|
||||
use_chrony: {equals: [{get_param: NtpService}, 'chrony']}
|
||||
|
||||
resources:
|
||||
userdata:
|
||||
type: OS::Heat::MultipartMime
|
||||
properties:
|
||||
parts:
|
||||
- config: {get_resource: timesync_chrony}
|
||||
- config: {get_resource: timesync_sync}
|
||||
|
||||
# chrony sync needs chrony to be configured, if not chrony just exit
|
||||
timesync_chrony:
|
||||
type: OS::Heat::SoftwareConfig
|
||||
properties:
|
||||
config:
|
||||
str_replace:
|
||||
template: |
|
||||
#!/bin/bash
|
||||
if [ "$service" != "chrony" ]; then
|
||||
exit 0
|
||||
fi
|
||||
set -x
|
||||
SERVERS="$ntp_servers"
|
||||
POOLS="$ntp_pools"
|
||||
systemctl is-active --quiet chronyd || systemctl start chronyd
|
||||
for server in $SERVERS; do
|
||||
chronyc add server "${server}" iburst
|
||||
done
|
||||
for pool in $POOLS; do
|
||||
chronyc add server "${pool}" iburst
|
||||
done
|
||||
chronyc sources
|
||||
params:
|
||||
$ntp_servers:
|
||||
list_join: [' ', {get_param: NtpServer}]
|
||||
$ntp_pools:
|
||||
list_join: [' ', {get_param: NtpPool}]
|
||||
$service: {get_param: NtpService}
|
||||
|
||||
# attempt a timesync on boot to ensure the time has been synced
|
||||
timesync_sync:
|
||||
type: OS::Heat::SoftwareConfig
|
||||
properties:
|
||||
config:
|
||||
str_replace:
|
||||
template: |
|
||||
#!/bin/bash
|
||||
set -x
|
||||
if [ "$service" = "chrony" ]; then
|
||||
if command -v chronyc >/dev/null; then
|
||||
chronyc waitsync 20
|
||||
else
|
||||
echo "No chronyc available, skipping sync"
|
||||
fi
|
||||
elif [ "$service" = "ntp" ]; then
|
||||
if command -v ntpdate >/dev/null; then
|
||||
ntpdate -u $ntp_servers
|
||||
else
|
||||
echo "No ntpdate available, skipping sync"
|
||||
fi
|
||||
fi
|
||||
hwclock --systohc --utc
|
||||
params:
|
||||
$service: {get_param: NtpService}
|
||||
$ntp_servers:
|
||||
list_join: [' ', {get_param: NtpServer}]
|
||||
|
||||
|
||||
outputs:
|
||||
OS::stack_id:
|
||||
value: {get_resource: userdata}
|
@ -44,6 +44,10 @@ resource_registry:
|
||||
# To disable, replace with firstboot/userdata_default.yaml
|
||||
OS::TripleO::NodeAdminUserData: firstboot/userdata_heat_admin.yaml
|
||||
|
||||
# This bootstraps the timesync configuration for any subsequent deployment
|
||||
# operations. To disable, replace with firstboot/userdata_default.yaml
|
||||
OS::TripleO::NodeTimesyncUserData: firstboot/userdata_timesync.yaml
|
||||
|
||||
# Hooks for operator extra config
|
||||
# NodeUserData == Cloud-init additional user-data, e.g cloud-config
|
||||
# role::NodeUserData == Role specific cloud-init additional user-data
|
||||
|
@ -458,6 +458,12 @@ resources:
|
||||
NodeAdminUserData:
|
||||
type: OS::TripleO::NodeAdminUserData
|
||||
|
||||
# Bootstraps an ntp configuration and includes a hardware clock sync to
|
||||
# for containers.
|
||||
# Should return a OS::Heat::MultipartMime reference via OS::stack_id
|
||||
NodeTimesyncUserData:
|
||||
type: OS::TripleO::NodeTimesyncUserData
|
||||
|
||||
# For optional operator additional userdata
|
||||
# Should return a OS::Heat::MultipartMime reference via OS::stack_id
|
||||
NodeUserData:
|
||||
@ -627,6 +633,8 @@ resources:
|
||||
parts:
|
||||
- config: {get_resource: NodeAdminUserData}
|
||||
type: multipart
|
||||
- config: {get_resource: NodeTimesyncUserData}
|
||||
type: multipart
|
||||
- config: {get_resource: NodeUserData}
|
||||
type: multipart
|
||||
- config: {get_resource: {{role.name}}RoleUserData}
|
||||
|
Loading…
Reference in New Issue
Block a user