Ubuntu 18.04, configure chrony

Added ntp server configuration to be used by chrony as the recommended
ntp service for ubuntu 18.04.
Since, chorny is not installed by default in ubuntu 18.04, also added
chrony apt package to be installed on airship nodes.

Change-Id: If1437a79cf89806043f62e2eac49c3b4b5eae2cd

doc/source/configuration/host-system.rst

@@ -62,6 +62,7 @@ Sample Document to run containers in Docker runtime
         additional:
           - curl
           - jq
+          - chrony
         required:
           runtime: docker-engine=1.13.1-0~ubuntu-xenial
           socat: socat=1.7.3.1-1
@@ -95,6 +96,7 @@ Sample Document to run containers in Containerd runtime
         additional:
           - curl
           - jq
+          - chrony
         required:
           runtime: containerd
           socat: socat=1.7.3.1-1

doc/source/configuration/kubernetes-network.rst

@@ -45,6 +45,13 @@ Sample Document
           names:
             - registry
 
+      ntp:
+        servers:
+          - 0.us.pool.ntp.org
+          - 1.us.pool.ntp.org
+          - 2.us.pool.ntp.org
+          - 3.us.pool.ntp.org
+
       proxy:
         url: http://proxy.example.com:8080
         additional_no_proxy:
@@ -91,5 +98,13 @@ The ``kubernetes`` key contains:
 ``service_ip``
     The in-cluster Kubernetes service IP.
 
+NTP
+----------
+
+The ``ntp`` key contains:
+
+``servers``
+    The list of ntp server FQDN or ip addresses used for time synchronization.
+
 
 .. _coredns: https://github.com/coredns/coredns

examples/basic/HostSystem.yaml

@@ -118,6 +118,7 @@ data:
         - ceph-common
         - curl
         - jq
+        - chrony
       required:
         runtime: docker-engine
         socat: socat
@@ -159,6 +160,7 @@ data:
         - ceph-common
         - curl
         - jq
+        - chrony
       required:
         runtime: docker-engine
         socat: socat
@@ -200,6 +202,7 @@ data:
         - ceph-common
         - curl
         - jq
+        - chrony
       required:
         runtime: docker-engine
         socat: socat

examples/basic/KubernetesNetwork.yaml

@@ -36,6 +36,13 @@ data:
       names:
         - registry
 
+  ntp:
+    servers:
+      - 0.us.pool.ntp.org
+      - 1.us.pool.ntp.org
+      - 2.us.pool.ntp.org
+      - 3.us.pool.ntp.org
+
 #  proxy:
 #    url: http://proxy.example.com:8080
 #    additional_no_proxy:

examples/complete/HostSystem.yaml

@@ -84,6 +84,7 @@ data:
         - ceph-common
         - curl
         - jq
+        - chrony
       required:
         runtime: docker-engine
         socat: socat
@@ -125,6 +126,7 @@ data:
         - ceph-common
         - curl
         - jq
+        - chrony
       required:
         runtime: docker-engine
         socat: socat
@@ -166,6 +168,7 @@ data:
         - ceph-common
         - curl
         - jq
+        - chrony
       required:
         runtime: docker-engine
         socat: socat

examples/complete/KubernetesNetwork.yaml

@@ -36,6 +36,13 @@ data:
       names:
         - registry
 
+  ntp:
+    servers:
+      - 0.us.pool.ntp.org
+      - 1.us.pool.ntp.org
+      - 2.us.pool.ntp.org
+      - 3.us.pool.ntp.org
+
 #  proxy:
 #    url: http://proxy.example.com:8080
 #    additional_no_proxy:

examples/containerd/HostSystem.yaml

@@ -93,6 +93,7 @@ data:
         - ceph-common
         - curl
         - jq
+        - chrony
       required:
         runtime: containerd
         socat: socat
@@ -101,6 +102,7 @@ data:
         - ceph-common
         - curl
         - jq
+        - chrony
       required:
         runtime: containerd
         socat: socat
@@ -109,6 +111,7 @@ data:
         - ceph-common
         - curl
         - jq
+        - chrony
       required:
         runtime: containerd
         socat: socat

examples/containerd/KubernetesNetwork.yaml

@@ -36,6 +36,13 @@ data:
       names:
         - registry
 
+  ntp:
+    servers:
+      - 0.us.pool.ntp.org
+      - 1.us.pool.ntp.org
+      - 2.us.pool.ntp.org
+      - 3.us.pool.ntp.org
+
 #  proxy:
 #    url: http://proxy.example.com:8080
 #    additional_no_proxy:

examples/gate/HostSystem.yaml

@@ -118,6 +118,7 @@ data:
         - ceph-common
         - curl
         - jq
+        - chrony
       required:
         runtime: docker-engine
         socat: socat
@@ -159,6 +160,7 @@ data:
         - ceph-common
         - curl
         - jq
+        - chrony
       required:
         runtime: docker-engine
         socat: socat
@@ -200,6 +202,7 @@ data:
         - ceph-common
         - curl
         - jq
+        - chrony
       required:
         runtime: docker-engine
         socat: socat

examples/gate/KubernetesNetwork.yaml

@@ -36,6 +36,13 @@ data:
       names:
         - registry
 
+  ntp:
+    servers:
+      - 0.us.pool.ntp.org
+      - 1.us.pool.ntp.org
+      - 2.us.pool.ntp.org
+      - 3.us.pool.ntp.org
+
 #  proxy:
 #    url: http://proxy.example.com:8080
 #    additional_no_proxy:

promenade/schemas/KubernetesNetwork.yaml

@@ -101,6 +101,17 @@ data:
             items:
               $ref: '#/definitions/hostname'
 
+    ntp:
+      type: object
+      properties:
+        servers:
+          type: array
+          items:
+            $ref: '#/definitions/hostname_or_ip_address'
+      additionalProperties: false
+      required:
+        - servers
+
     proxy:
       type: object
       properties:

promenade/templates/roles/common/etc/chrony/chrony.conf

@@ -0,0 +1,30 @@
+# This file is controlled by Promenade.  Do not modify.
+#
+# This directive specify the location of the file containing ID/key pairs for
+# NTP authentication.
+keyfile /etc/chrony/chrony.keys
+
+# This directive specify the file into which chronyd will store the rate
+# information.
+driftfile /var/lib/chrony/chrony.drift
+
+# Uncomment the following line to turn logging on.
+#log tracking measurements statistics
+
+# Log files location.
+logdir /var/log/chrony
+
+# Stop bad estimates upsetting machine clock.
+maxupdateskew 100.0
+
+# This directive enables kernel synchronisation (every 11 minutes) of the
+# real-time clock. Note that it can’t be used along with the 'rtcfile' directive.
+rtcsync
+
+# Step the system clock instead of slewing it if the adjustment is larger than
+# one second, but only in the first three clock updates.
+makestep 1 3
+
+{% for server in config['KubernetesNetwork:ntp.servers'] | default([]) %}
+server {{ server }} iburst
+{%- endfor %}

tests/unit/builder_data/simple/HostSystem.yaml

@@ -77,6 +77,7 @@ data:
       additional:
         - curl
         - jq
+        - chrony
       required:
         runtime: docker-engine=1.13.1-0~ubuntu-xenial
         socat: socat=1.7.3.1-1
@@ -117,6 +118,7 @@ data:
       additional:
         - curl
         - jq
+        - chrony
       required:
         runtime: docker-engine=1.13.1-0~ubuntu-xenial
         socat: socat=1.7.3.1-1
@@ -157,6 +159,7 @@ data:
       additional:
         - curl
         - jq
+        - chrony
       required:
         runtime: docker-engine=1.13.1-0~ubuntu-xenial
         socat: socat=1.7.3.1-1

tests/unit/builder_data/simple/KubernetesNetwork.yaml

@@ -36,6 +36,13 @@ data:
       names:
         - registry
 
+  ntp:
+    servers:
+      - 0.us.pool.ntp.org
+      - 1.us.pool.ntp.org
+      - 2.us.pool.ntp.org
+      - 3.us.pool.ntp.org
+
 #  proxy:
 #    url: http://proxy.example.com:8080
 #    additional_no_proxy:

tools/gate/config-templates/site-config.yaml

@@ -30,6 +30,13 @@ data:
   etcd:
     container_port: 2379
     haproxy_port: 2378
+
+  ntp:
+    servers:
+      - 0.us.pool.ntp.org
+      - 1.us.pool.ntp.org
+      - 2.us.pool.ntp.org
+      - 3.us.pool.ntp.org
 ---
 schema: promenade/Docker/v1
 metadata:
@@ -104,6 +111,7 @@ data:
         -----END PGP PUBLIC KEY BLOCK-----
     additional:
       - ceph-common
+      - chrony
     required:
       docker: docker-engine
       socat: socat