diff --git a/doc/source/configuration/host-system.rst b/doc/source/configuration/host-system.rst index 710df8ac..0323e5e9 100644 --- a/doc/source/configuration/host-system.rst +++ b/doc/source/configuration/host-system.rst @@ -62,6 +62,7 @@ Sample Document to run containers in Docker runtime additional: - curl - jq + - chrony required: runtime: docker-engine=1.13.1-0~ubuntu-xenial socat: socat=1.7.3.1-1 @@ -95,6 +96,7 @@ Sample Document to run containers in Containerd runtime additional: - curl - jq + - chrony required: runtime: containerd socat: socat=1.7.3.1-1 diff --git a/doc/source/configuration/kubernetes-network.rst b/doc/source/configuration/kubernetes-network.rst index 81eca10d..112c4d42 100644 --- a/doc/source/configuration/kubernetes-network.rst +++ b/doc/source/configuration/kubernetes-network.rst @@ -45,6 +45,13 @@ Sample Document names: - registry + ntp: + servers: + - 0.us.pool.ntp.org + - 1.us.pool.ntp.org + - 2.us.pool.ntp.org + - 3.us.pool.ntp.org + proxy: url: http://proxy.example.com:8080 additional_no_proxy: @@ -91,5 +98,13 @@ The ``kubernetes`` key contains: ``service_ip`` The in-cluster Kubernetes service IP. +NTP +---------- + +The ``ntp`` key contains: + +``servers`` + The list of ntp server FQDN or ip addresses used for time synchronization. + .. _coredns: https://github.com/coredns/coredns diff --git a/examples/basic/HostSystem.yaml b/examples/basic/HostSystem.yaml index e5f49c61..6694bc35 100644 --- a/examples/basic/HostSystem.yaml +++ b/examples/basic/HostSystem.yaml @@ -118,6 +118,7 @@ data: - ceph-common - curl - jq + - chrony required: runtime: docker-engine socat: socat @@ -159,6 +160,7 @@ data: - ceph-common - curl - jq + - chrony required: runtime: docker-engine socat: socat @@ -200,6 +202,7 @@ data: - ceph-common - curl - jq + - chrony required: runtime: docker-engine socat: socat diff --git a/examples/basic/KubernetesNetwork.yaml b/examples/basic/KubernetesNetwork.yaml index 1e35dbb8..387772b1 100644 --- a/examples/basic/KubernetesNetwork.yaml +++ b/examples/basic/KubernetesNetwork.yaml @@ -36,6 +36,13 @@ data: names: - registry + ntp: + servers: + - 0.us.pool.ntp.org + - 1.us.pool.ntp.org + - 2.us.pool.ntp.org + - 3.us.pool.ntp.org + # proxy: # url: http://proxy.example.com:8080 # additional_no_proxy: diff --git a/examples/complete/HostSystem.yaml b/examples/complete/HostSystem.yaml index 9b5cabc7..ee6312ff 100644 --- a/examples/complete/HostSystem.yaml +++ b/examples/complete/HostSystem.yaml @@ -84,6 +84,7 @@ data: - ceph-common - curl - jq + - chrony required: runtime: docker-engine socat: socat @@ -125,6 +126,7 @@ data: - ceph-common - curl - jq + - chrony required: runtime: docker-engine socat: socat @@ -166,6 +168,7 @@ data: - ceph-common - curl - jq + - chrony required: runtime: docker-engine socat: socat diff --git a/examples/complete/KubernetesNetwork.yaml b/examples/complete/KubernetesNetwork.yaml index 1e35dbb8..387772b1 100644 --- a/examples/complete/KubernetesNetwork.yaml +++ b/examples/complete/KubernetesNetwork.yaml @@ -36,6 +36,13 @@ data: names: - registry + ntp: + servers: + - 0.us.pool.ntp.org + - 1.us.pool.ntp.org + - 2.us.pool.ntp.org + - 3.us.pool.ntp.org + # proxy: # url: http://proxy.example.com:8080 # additional_no_proxy: diff --git a/examples/containerd/HostSystem.yaml b/examples/containerd/HostSystem.yaml index ecd8aea4..8ad9a2c3 100644 --- a/examples/containerd/HostSystem.yaml +++ b/examples/containerd/HostSystem.yaml @@ -93,6 +93,7 @@ data: - ceph-common - curl - jq + - chrony required: runtime: containerd socat: socat @@ -101,6 +102,7 @@ data: - ceph-common - curl - jq + - chrony required: runtime: containerd socat: socat @@ -109,6 +111,7 @@ data: - ceph-common - curl - jq + - chrony required: runtime: containerd socat: socat diff --git a/examples/containerd/KubernetesNetwork.yaml b/examples/containerd/KubernetesNetwork.yaml index 1e35dbb8..387772b1 100644 --- a/examples/containerd/KubernetesNetwork.yaml +++ b/examples/containerd/KubernetesNetwork.yaml @@ -36,6 +36,13 @@ data: names: - registry + ntp: + servers: + - 0.us.pool.ntp.org + - 1.us.pool.ntp.org + - 2.us.pool.ntp.org + - 3.us.pool.ntp.org + # proxy: # url: http://proxy.example.com:8080 # additional_no_proxy: diff --git a/examples/gate/HostSystem.yaml b/examples/gate/HostSystem.yaml index e5f49c61..6694bc35 100644 --- a/examples/gate/HostSystem.yaml +++ b/examples/gate/HostSystem.yaml @@ -118,6 +118,7 @@ data: - ceph-common - curl - jq + - chrony required: runtime: docker-engine socat: socat @@ -159,6 +160,7 @@ data: - ceph-common - curl - jq + - chrony required: runtime: docker-engine socat: socat @@ -200,6 +202,7 @@ data: - ceph-common - curl - jq + - chrony required: runtime: docker-engine socat: socat diff --git a/examples/gate/KubernetesNetwork.yaml b/examples/gate/KubernetesNetwork.yaml index 1e35dbb8..387772b1 100644 --- a/examples/gate/KubernetesNetwork.yaml +++ b/examples/gate/KubernetesNetwork.yaml @@ -36,6 +36,13 @@ data: names: - registry + ntp: + servers: + - 0.us.pool.ntp.org + - 1.us.pool.ntp.org + - 2.us.pool.ntp.org + - 3.us.pool.ntp.org + # proxy: # url: http://proxy.example.com:8080 # additional_no_proxy: diff --git a/promenade/schemas/KubernetesNetwork.yaml b/promenade/schemas/KubernetesNetwork.yaml index f9fcf43b..96bce8f4 100644 --- a/promenade/schemas/KubernetesNetwork.yaml +++ b/promenade/schemas/KubernetesNetwork.yaml @@ -101,6 +101,17 @@ data: items: $ref: '#/definitions/hostname' + ntp: + type: object + properties: + servers: + type: array + items: + $ref: '#/definitions/hostname_or_ip_address' + additionalProperties: false + required: + - servers + proxy: type: object properties: diff --git a/promenade/templates/roles/common/etc/chrony/chrony.conf b/promenade/templates/roles/common/etc/chrony/chrony.conf new file mode 100644 index 00000000..29a3d0f6 --- /dev/null +++ b/promenade/templates/roles/common/etc/chrony/chrony.conf @@ -0,0 +1,30 @@ +# This file is controlled by Promenade. Do not modify. +# +# This directive specify the location of the file containing ID/key pairs for +# NTP authentication. +keyfile /etc/chrony/chrony.keys + +# This directive specify the file into which chronyd will store the rate +# information. +driftfile /var/lib/chrony/chrony.drift + +# Uncomment the following line to turn logging on. +#log tracking measurements statistics + +# Log files location. +logdir /var/log/chrony + +# Stop bad estimates upsetting machine clock. +maxupdateskew 100.0 + +# This directive enables kernel synchronisation (every 11 minutes) of the +# real-time clock. Note that it can’t be used along with the 'rtcfile' directive. +rtcsync + +# Step the system clock instead of slewing it if the adjustment is larger than +# one second, but only in the first three clock updates. +makestep 1 3 + +{% for server in config['KubernetesNetwork:ntp.servers'] | default([]) %} +server {{ server }} iburst +{%- endfor %} diff --git a/tests/unit/builder_data/simple/HostSystem.yaml b/tests/unit/builder_data/simple/HostSystem.yaml index dbaecee2..1ac19b57 100644 --- a/tests/unit/builder_data/simple/HostSystem.yaml +++ b/tests/unit/builder_data/simple/HostSystem.yaml @@ -77,6 +77,7 @@ data: additional: - curl - jq + - chrony required: runtime: docker-engine=1.13.1-0~ubuntu-xenial socat: socat=1.7.3.1-1 @@ -117,6 +118,7 @@ data: additional: - curl - jq + - chrony required: runtime: docker-engine=1.13.1-0~ubuntu-xenial socat: socat=1.7.3.1-1 @@ -157,6 +159,7 @@ data: additional: - curl - jq + - chrony required: runtime: docker-engine=1.13.1-0~ubuntu-xenial socat: socat=1.7.3.1-1 diff --git a/tests/unit/builder_data/simple/KubernetesNetwork.yaml b/tests/unit/builder_data/simple/KubernetesNetwork.yaml index 1e35dbb8..387772b1 100644 --- a/tests/unit/builder_data/simple/KubernetesNetwork.yaml +++ b/tests/unit/builder_data/simple/KubernetesNetwork.yaml @@ -36,6 +36,13 @@ data: names: - registry + ntp: + servers: + - 0.us.pool.ntp.org + - 1.us.pool.ntp.org + - 2.us.pool.ntp.org + - 3.us.pool.ntp.org + # proxy: # url: http://proxy.example.com:8080 # additional_no_proxy: diff --git a/tools/gate/config-templates/site-config.yaml b/tools/gate/config-templates/site-config.yaml index 38790e87..5c1b2feb 100644 --- a/tools/gate/config-templates/site-config.yaml +++ b/tools/gate/config-templates/site-config.yaml @@ -30,6 +30,13 @@ data: etcd: container_port: 2379 haproxy_port: 2378 + + ntp: + servers: + - 0.us.pool.ntp.org + - 1.us.pool.ntp.org + - 2.us.pool.ntp.org + - 3.us.pool.ntp.org --- schema: promenade/Docker/v1 metadata: @@ -104,6 +111,7 @@ data: -----END PGP PUBLIC KEY BLOCK----- additional: - ceph-common + - chrony required: docker: docker-engine socat: socat