From 69481cc72b09dc3bdb8a6ce5741db395d5e5401b Mon Sep 17 00:00:00 2001
From: Major Hayden <major@mhtx.net>
Date: Tue, 12 Sep 2017 09:54:29 -0600
Subject: [PATCH] Make default NTP servers more global

This patch uses a more global list of NTP servers as the default
for chrony.

Change-Id: I09b80082af2712a1feea47823e0f2996ec17aea4
---
 defaults/main.yml                                         | 8 ++++----
 .../notes/global-ntp-servers-155c1daef3680025.yaml        | 6 ++++++
 2 files changed, 10 insertions(+), 4 deletions(-)
 create mode 100644 releasenotes/notes/global-ntp-servers-155c1daef3680025.yaml

diff --git a/defaults/main.yml b/defaults/main.yml
index 029edf62..570b1890 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -262,10 +262,10 @@ security_rhel7_session_timeout: 600                          # V-72223
 security_rhel7_enable_chrony: yes                            # V-72269
 # Use the following NTP servers.
 security_ntp_servers:
-  - 0.north-america.pool.ntp.org
-  - 1.north-america.pool.ntp.org
-  - 2.north-america.pool.ntp.org
-  - 3.north-america.pool.ntp.org
+  - 0.pool.ntp.org
+  - 1.pool.ntp.org
+  - 2.pool.ntp.org
+  - 3.pool.ntp.org
 # Restrict mail relaying.
 security_rhel7_restrict_mail_relaying: yes                   # V-72297
 # Deploy a login banner.                                     # V-72225 / V-71863
diff --git a/releasenotes/notes/global-ntp-servers-155c1daef3680025.yaml b/releasenotes/notes/global-ntp-servers-155c1daef3680025.yaml
new file mode 100644
index 00000000..d1fcd42f
--- /dev/null
+++ b/releasenotes/notes/global-ntp-servers-155c1daef3680025.yaml
@@ -0,0 +1,6 @@
+---
+features:
+  - |
+    The default list of NTP servers for chrony are now more friendly to users
+    outside North America. Deployers can still provide their own list of NTP
+    servers with the ``security_ntp_servers`` Ansible variable.