tripleo-heat-templates/deployment/timesync/chrony-baremetal-ansible.yaml
2021-02-22 15:22:42 +00:00

160 lines
5.7 KiB
YAML

heat_template_version: rocky
description: >
Chrony time service deployment using ansible, this YAML file
creates the interface between the HOT template
and the ansible role that actually installs
and configure chronyd.
parameters:
ServiceData:
default: {}
description: Dictionary packing service data
type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
RoleName:
default: ''
description: Role name on which the service is applied
type: string
RoleParameters:
default: {}
description: Parameters specific to the role
type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
NtpServer:
default: ['0.pool.ntp.org', '1.pool.ntp.org', '2.pool.ntp.org', '3.pool.ntp.org']
description: NTP servers list. Defaulted to a set of pool.ntp.org servers
in order to have a sane default for Pacemaker deployments when
not configuring this parameter by default.
type: comma_delimited_list
NtpPool:
default: []
description: NTP pool list. Defaults to [], so only NtpServer is used by
default.
type: comma_delimited_list
ChronyGlobalServerOptions:
default: ''
description: Default server options for the configured NTP servers in
chrony.conf. If this is specified, NtpIburstEnable, MaxPoll,
and MinPoll are ignored.
type: string
ChronyGlobalPoolOptions:
default: ''
description: Default pool options for the configured NTP pools in
chrony.conf. If this is specified, NtpIburstEnable, MaxPoll,
and MinPoll are ignored.
type: string
NtpIburstEnable:
default: true
description: Specifies whether to enable the iburst option for every NTP
peer. If iburst is enabled, when the ntp server is unreachable
ntp will send a burst of eight packages instead of one. This
is designed to speed up the initial syncrhonization.
type: boolean
MaxPoll:
description: Specify maximum poll interval of upstream servers for NTP
messages, in seconds to the power of two.
The maximum poll interval defaults to 10 (1,024 s).
Allowed values are 4 to 17.
type: number
default: 10
constraints:
- range: { min: 4, max: 17 }
MinPoll:
description: Specify minimum poll interval of upstream servers for NTP
messages, in seconds to the power of two.
The minimum poll interval defaults to 6 (64 s).
Allowed values are 4 to 17.
type: number
default: 6
constraints:
- range: { min: 4, max: 17 }
EnablePackageInstall:
default: 'false'
description: Set to true to enable package installation at deploy time
type: boolean
ChronyAclRules:
default: ['deny all']
description: Access Control List of NTP clients. By default no clients
are permitted.
type: comma_delimited_list
conditions:
chrony_global_server_settings_is_empty: {equals: [{get_param: ChronyGlobalServerOptions}, '']}
chrony_global_pool_settings_is_empty: {equals: [{get_param: ChronyGlobalPoolOptions}, '']}
ntp_iburst: {equals: [{get_param: NtpIburstEnable}, true]}
outputs:
role_data:
description: Role chrony using composable timesync services.
value:
service_name: chrony
firewall_rules:
'105 ntp':
dport: 123
proto: udp
host_prep_tasks:
- name: Check for NTP service
shell: systemctl is-active ntpd.service || systemctl is-enabled ntpd.service
failed_when: false
become: true
register: ntp_service_check
- name: Disable NTP before configuring Chrony
service:
name: ntpd
state: stopped
enabled: no
when:
- ntp_service_check.rc is defined
- ntp_service_check.rc == 0
- name: Install, Configure and Run Chrony
include_role:
name: chrony
- name: Ensure chrony has been restarted
meta: flush_handlers
- name: Ensure system is NTP time synced
command: chronyc makestep
ansible_group_vars:
chrony_role_action: all
chrony_ntp_servers: {get_param: NtpServer}
chrony_ntp_pools: {get_param: NtpPool}
chrony_global_server_settings:
if:
- chrony_global_server_settings_is_empty
- str_replace:
template: IBURST minpoll MINPOLL maxpoll MAXPOLL
params:
IBURST:
if:
- ntp_iburst
- iburst
- ''
MINPOLL: { get_param: MinPoll }
MAXPOLL: { get_param: MaxPoll }
- {get_param: ChronyGlobalServerOptions}
chrony_global_pool_settings:
if:
- chrony_global_pool_settings_is_empty
- str_replace:
template: IBURST minpoll MINPOLL maxpoll MAXPOLL
params:
IBURST:
if:
- ntp_iburst
- iburst
- ''
MINPOLL: { get_param: MinPoll }
MAXPOLL: { get_param: MaxPoll }
- {get_param: ChronyGlobalPoolOptions}
chrony_manage_package: {get_param: EnablePackageInstall}
chrony_acl_rules: {get_param: ChronyAclRules}