From f5ad002690c283df020d0d26fd3679ebc24fcee9 Mon Sep 17 00:00:00 2001 From: Ahmad Mahmoudi Date: Fri, 6 Dec 2019 15:14:49 -0600 Subject: [PATCH] Ubuntu 18.04, configure chrony Added ntp server configuration to be used by chrony as the recommended ntp service for ubuntu 18.04. Since, chorny is not installed by default in ubuntu 18.04, also added chrony apt package to be installed on airship nodes. Change-Id: If1437a79cf89806043f62e2eac49c3b4b5eae2cd --- doc/source/configuration/host-system.rst | 2 ++ .../configuration/kubernetes-network.rst | 15 ++++++++++ examples/basic/HostSystem.yaml | 3 ++ examples/basic/KubernetesNetwork.yaml | 7 +++++ examples/complete/HostSystem.yaml | 3 ++ examples/complete/KubernetesNetwork.yaml | 7 +++++ examples/containerd/HostSystem.yaml | 3 ++ examples/containerd/KubernetesNetwork.yaml | 7 +++++ examples/gate/HostSystem.yaml | 3 ++ examples/gate/KubernetesNetwork.yaml | 7 +++++ promenade/schemas/KubernetesNetwork.yaml | 11 +++++++ .../roles/common/etc/chrony/chrony.conf | 30 +++++++++++++++++++ .../unit/builder_data/simple/HostSystem.yaml | 3 ++ .../simple/KubernetesNetwork.yaml | 7 +++++ tools/gate/config-templates/site-config.yaml | 8 +++++ 15 files changed, 116 insertions(+) create mode 100644 promenade/templates/roles/common/etc/chrony/chrony.conf diff --git a/doc/source/configuration/host-system.rst b/doc/source/configuration/host-system.rst index 710df8ac..0323e5e9 100644 --- a/doc/source/configuration/host-system.rst +++ b/doc/source/configuration/host-system.rst @@ -62,6 +62,7 @@ Sample Document to run containers in Docker runtime additional: - curl - jq + - chrony required: runtime: docker-engine=1.13.1-0~ubuntu-xenial socat: socat=1.7.3.1-1 @@ -95,6 +96,7 @@ Sample Document to run containers in Containerd runtime additional: - curl - jq + - chrony required: runtime: containerd socat: socat=1.7.3.1-1 diff --git a/doc/source/configuration/kubernetes-network.rst b/doc/source/configuration/kubernetes-network.rst index 81eca10d..112c4d42 100644 --- a/doc/source/configuration/kubernetes-network.rst +++ b/doc/source/configuration/kubernetes-network.rst @@ -45,6 +45,13 @@ Sample Document names: - registry + ntp: + servers: + - 0.us.pool.ntp.org + - 1.us.pool.ntp.org + - 2.us.pool.ntp.org + - 3.us.pool.ntp.org + proxy: url: http://proxy.example.com:8080 additional_no_proxy: @@ -91,5 +98,13 @@ The ``kubernetes`` key contains: ``service_ip`` The in-cluster Kubernetes service IP. +NTP +---------- + +The ``ntp`` key contains: + +``servers`` + The list of ntp server FQDN or ip addresses used for time synchronization. + .. _coredns: https://github.com/coredns/coredns diff --git a/examples/basic/HostSystem.yaml b/examples/basic/HostSystem.yaml index e5f49c61..6694bc35 100644 --- a/examples/basic/HostSystem.yaml +++ b/examples/basic/HostSystem.yaml @@ -118,6 +118,7 @@ data: - ceph-common - curl - jq + - chrony required: runtime: docker-engine socat: socat @@ -159,6 +160,7 @@ data: - ceph-common - curl - jq + - chrony required: runtime: docker-engine socat: socat @@ -200,6 +202,7 @@ data: - ceph-common - curl - jq + - chrony required: runtime: docker-engine socat: socat diff --git a/examples/basic/KubernetesNetwork.yaml b/examples/basic/KubernetesNetwork.yaml index 1e35dbb8..387772b1 100644 --- a/examples/basic/KubernetesNetwork.yaml +++ b/examples/basic/KubernetesNetwork.yaml @@ -36,6 +36,13 @@ data: names: - registry + ntp: + servers: + - 0.us.pool.ntp.org + - 1.us.pool.ntp.org + - 2.us.pool.ntp.org + - 3.us.pool.ntp.org + # proxy: # url: http://proxy.example.com:8080 # additional_no_proxy: diff --git a/examples/complete/HostSystem.yaml b/examples/complete/HostSystem.yaml index 9b5cabc7..ee6312ff 100644 --- a/examples/complete/HostSystem.yaml +++ b/examples/complete/HostSystem.yaml @@ -84,6 +84,7 @@ data: - ceph-common - curl - jq + - chrony required: runtime: docker-engine socat: socat @@ -125,6 +126,7 @@ data: - ceph-common - curl - jq + - chrony required: runtime: docker-engine socat: socat @@ -166,6 +168,7 @@ data: - ceph-common - curl - jq + - chrony required: runtime: docker-engine socat: socat diff --git a/examples/complete/KubernetesNetwork.yaml b/examples/complete/KubernetesNetwork.yaml index 1e35dbb8..387772b1 100644 --- a/examples/complete/KubernetesNetwork.yaml +++ b/examples/complete/KubernetesNetwork.yaml @@ -36,6 +36,13 @@ data: names: - registry + ntp: + servers: + - 0.us.pool.ntp.org + - 1.us.pool.ntp.org + - 2.us.pool.ntp.org + - 3.us.pool.ntp.org + # proxy: # url: http://proxy.example.com:8080 # additional_no_proxy: diff --git a/examples/containerd/HostSystem.yaml b/examples/containerd/HostSystem.yaml index ecd8aea4..8ad9a2c3 100644 --- a/examples/containerd/HostSystem.yaml +++ b/examples/containerd/HostSystem.yaml @@ -93,6 +93,7 @@ data: - ceph-common - curl - jq + - chrony required: runtime: containerd socat: socat @@ -101,6 +102,7 @@ data: - ceph-common - curl - jq + - chrony required: runtime: containerd socat: socat @@ -109,6 +111,7 @@ data: - ceph-common - curl - jq + - chrony required: runtime: containerd socat: socat diff --git a/examples/containerd/KubernetesNetwork.yaml b/examples/containerd/KubernetesNetwork.yaml index 1e35dbb8..387772b1 100644 --- a/examples/containerd/KubernetesNetwork.yaml +++ b/examples/containerd/KubernetesNetwork.yaml @@ -36,6 +36,13 @@ data: names: - registry + ntp: + servers: + - 0.us.pool.ntp.org + - 1.us.pool.ntp.org + - 2.us.pool.ntp.org + - 3.us.pool.ntp.org + # proxy: # url: http://proxy.example.com:8080 # additional_no_proxy: diff --git a/examples/gate/HostSystem.yaml b/examples/gate/HostSystem.yaml index e5f49c61..6694bc35 100644 --- a/examples/gate/HostSystem.yaml +++ b/examples/gate/HostSystem.yaml @@ -118,6 +118,7 @@ data: - ceph-common - curl - jq + - chrony required: runtime: docker-engine socat: socat @@ -159,6 +160,7 @@ data: - ceph-common - curl - jq + - chrony required: runtime: docker-engine socat: socat @@ -200,6 +202,7 @@ data: - ceph-common - curl - jq + - chrony required: runtime: docker-engine socat: socat diff --git a/examples/gate/KubernetesNetwork.yaml b/examples/gate/KubernetesNetwork.yaml index 1e35dbb8..387772b1 100644 --- a/examples/gate/KubernetesNetwork.yaml +++ b/examples/gate/KubernetesNetwork.yaml @@ -36,6 +36,13 @@ data: names: - registry + ntp: + servers: + - 0.us.pool.ntp.org + - 1.us.pool.ntp.org + - 2.us.pool.ntp.org + - 3.us.pool.ntp.org + # proxy: # url: http://proxy.example.com:8080 # additional_no_proxy: diff --git a/promenade/schemas/KubernetesNetwork.yaml b/promenade/schemas/KubernetesNetwork.yaml index f9fcf43b..96bce8f4 100644 --- a/promenade/schemas/KubernetesNetwork.yaml +++ b/promenade/schemas/KubernetesNetwork.yaml @@ -101,6 +101,17 @@ data: items: $ref: '#/definitions/hostname' + ntp: + type: object + properties: + servers: + type: array + items: + $ref: '#/definitions/hostname_or_ip_address' + additionalProperties: false + required: + - servers + proxy: type: object properties: diff --git a/promenade/templates/roles/common/etc/chrony/chrony.conf b/promenade/templates/roles/common/etc/chrony/chrony.conf new file mode 100644 index 00000000..29a3d0f6 --- /dev/null +++ b/promenade/templates/roles/common/etc/chrony/chrony.conf @@ -0,0 +1,30 @@ +# This file is controlled by Promenade. Do not modify. +# +# This directive specify the location of the file containing ID/key pairs for +# NTP authentication. +keyfile /etc/chrony/chrony.keys + +# This directive specify the file into which chronyd will store the rate +# information. +driftfile /var/lib/chrony/chrony.drift + +# Uncomment the following line to turn logging on. +#log tracking measurements statistics + +# Log files location. +logdir /var/log/chrony + +# Stop bad estimates upsetting machine clock. +maxupdateskew 100.0 + +# This directive enables kernel synchronisation (every 11 minutes) of the +# real-time clock. Note that it can’t be used along with the 'rtcfile' directive. +rtcsync + +# Step the system clock instead of slewing it if the adjustment is larger than +# one second, but only in the first three clock updates. +makestep 1 3 + +{% for server in config['KubernetesNetwork:ntp.servers'] | default([]) %} +server {{ server }} iburst +{%- endfor %} diff --git a/tests/unit/builder_data/simple/HostSystem.yaml b/tests/unit/builder_data/simple/HostSystem.yaml index dbaecee2..1ac19b57 100644 --- a/tests/unit/builder_data/simple/HostSystem.yaml +++ b/tests/unit/builder_data/simple/HostSystem.yaml @@ -77,6 +77,7 @@ data: additional: - curl - jq + - chrony required: runtime: docker-engine=1.13.1-0~ubuntu-xenial socat: socat=1.7.3.1-1 @@ -117,6 +118,7 @@ data: additional: - curl - jq + - chrony required: runtime: docker-engine=1.13.1-0~ubuntu-xenial socat: socat=1.7.3.1-1 @@ -157,6 +159,7 @@ data: additional: - curl - jq + - chrony required: runtime: docker-engine=1.13.1-0~ubuntu-xenial socat: socat=1.7.3.1-1 diff --git a/tests/unit/builder_data/simple/KubernetesNetwork.yaml b/tests/unit/builder_data/simple/KubernetesNetwork.yaml index 1e35dbb8..387772b1 100644 --- a/tests/unit/builder_data/simple/KubernetesNetwork.yaml +++ b/tests/unit/builder_data/simple/KubernetesNetwork.yaml @@ -36,6 +36,13 @@ data: names: - registry + ntp: + servers: + - 0.us.pool.ntp.org + - 1.us.pool.ntp.org + - 2.us.pool.ntp.org + - 3.us.pool.ntp.org + # proxy: # url: http://proxy.example.com:8080 # additional_no_proxy: diff --git a/tools/gate/config-templates/site-config.yaml b/tools/gate/config-templates/site-config.yaml index 38790e87..5c1b2feb 100644 --- a/tools/gate/config-templates/site-config.yaml +++ b/tools/gate/config-templates/site-config.yaml @@ -30,6 +30,13 @@ data: etcd: container_port: 2379 haproxy_port: 2378 + + ntp: + servers: + - 0.us.pool.ntp.org + - 1.us.pool.ntp.org + - 2.us.pool.ntp.org + - 3.us.pool.ntp.org --- schema: promenade/Docker/v1 metadata: @@ -104,6 +111,7 @@ data: -----END PGP PUBLIC KEY BLOCK----- additional: - ceph-common + - chrony required: docker: docker-engine socat: socat