heat_template_version: rocky description: > Chrony time service deployment using ansible, this YAML file creates the interface between the HOT template and the ansible role that actually installs and configure chronyd. parameters: ServiceData: default: {} description: Dictionary packing service data type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. This mapping overrides those in ServiceNetMapDefaults. type: json RoleName: default: '' description: Role name on which the service is applied type: string RoleParameters: default: {} description: Parameters specific to the role type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json NtpServer: default: ['0.pool.ntp.org', '1.pool.ntp.org', '2.pool.ntp.org', '3.pool.ntp.org'] description: NTP servers list. Defaulted to a set of pool.ntp.org servers in order to have a sane default for Pacemaker deployments when not configuring this parameter by default. type: comma_delimited_list NtpPool: default: [] description: NTP pool list. Defaults to [], so only NtpServer is used by default. type: comma_delimited_list ChronyGlobalServerOptions: default: '' description: Default server options for the configured NTP servers in chrony.conf. If this is specified, NtpIburstEnable, MaxPoll, and MinPoll are ignored. type: string ChronyGlobalPoolOptions: default: '' description: Default pool options for the configured NTP pools in chrony.conf. If this is specified, NtpIburstEnable, MaxPoll, and MinPoll are ignored. type: string NtpIburstEnable: default: true description: Specifies whether to enable the iburst option for every NTP peer. If iburst is enabled, when the ntp server is unreachable ntp will send a burst of eight packages instead of one. This is designed to speed up the initial syncrhonization. type: boolean MaxPoll: description: Specify maximum poll interval of upstream servers for NTP messages, in seconds to the power of two. The maximum poll interval defaults to 10 (1,024 s). Allowed values are 4 to 17. type: number default: 10 constraints: - range: { min: 4, max: 17 } MinPoll: description: Specify minimum poll interval of upstream servers for NTP messages, in seconds to the power of two. The minimum poll interval defaults to 6 (64 s). Allowed values are 4 to 17. type: number default: 6 constraints: - range: { min: 4, max: 17 } EnablePackageInstall: default: 'false' description: Set to true to enable package installation at deploy time type: boolean ChronyAclRules: default: ['deny all'] description: Access Control List of NTP clients. By default no clients are permitted. type: comma_delimited_list conditions: chrony_global_server_settings_is_empty: {equals: [{get_param: ChronyGlobalServerOptions}, '']} chrony_global_pool_settings_is_empty: {equals: [{get_param: ChronyGlobalPoolOptions}, '']} ntp_iburst: {equals: [{get_param: NtpIburstEnable}, true]} outputs: role_data: description: Role chrony using composable timesync services. value: service_name: chrony firewall_rules: '105 ntp': dport: 123 proto: udp host_prep_tasks: - name: Check for NTP service shell: systemctl is-active ntpd.service || systemctl is-enabled ntpd.service failed_when: false become: true register: ntp_service_check - name: Disable NTP before configuring Chrony service: name: ntpd state: stopped enabled: no when: - ntp_service_check.rc is defined - ntp_service_check.rc == 0 - name: Install, Configure and Run Chrony include_role: name: chrony - name: Ensure chrony has been restarted meta: flush_handlers - name: Ensure system is NTP time synced command: chronyc makestep ansible_group_vars: chrony_role_action: all chrony_ntp_servers: {get_param: NtpServer} chrony_ntp_pools: {get_param: NtpPool} chrony_global_server_settings: if: - chrony_global_server_settings_is_empty - str_replace: template: IBURST minpoll MINPOLL maxpoll MAXPOLL params: IBURST: if: - ntp_iburst - iburst - '' MINPOLL: { get_param: MinPoll } MAXPOLL: { get_param: MaxPoll } - {get_param: ChronyGlobalServerOptions} chrony_global_pool_settings: if: - chrony_global_pool_settings_is_empty - str_replace: template: IBURST minpoll MINPOLL maxpoll MAXPOLL params: IBURST: if: - ntp_iburst - iburst - '' MINPOLL: { get_param: MinPoll } MAXPOLL: { get_param: MaxPoll } - {get_param: ChronyGlobalPoolOptions} chrony_manage_package: {get_param: EnablePackageInstall} chrony_acl_rules: {get_param: ChronyAclRules}