Add chrony ansible role
Change-Id: I49503275a8b3700185ee0395d9beee7397f5fccf Implements: blueprint add-chrony-service
This commit is contained in:
parent
2d32083a27
commit
093d2828fc
@ -56,6 +56,16 @@ kolla_enable_sanity_swift: "{{ kolla_enable_sanity_checks }}"
|
||||
# recommended.
|
||||
api_interface_address: "{{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] if orchestration_engine == 'ANSIBLE' else '0.0.0.0' }}"
|
||||
|
||||
################
|
||||
# Chrony options
|
||||
################
|
||||
# a list contains ntp servers
|
||||
external_ntp_servers:
|
||||
- 0.pool.ntp.org
|
||||
- 1.pool.ntp.org
|
||||
- 2.pool.ntp.org
|
||||
- 3.pool.ntp.org
|
||||
|
||||
####################
|
||||
# Database options
|
||||
####################
|
||||
@ -273,6 +283,7 @@ enable_ceilometer: "no"
|
||||
enable_central_logging: "no"
|
||||
enable_ceph: "no"
|
||||
enable_ceph_rgw: "no"
|
||||
enable_chrony: "no"
|
||||
enable_cinder: "no"
|
||||
enable_cinder_backend_hnas_iscsi: "no"
|
||||
enable_cinder_backend_iscsi: "no"
|
||||
|
@ -17,6 +17,15 @@ localhost ansible_connection=local
|
||||
|
||||
# You can explicitly specify which hosts run each project by updating the
|
||||
# groups in the sections below. Common services are grouped together.
|
||||
[chrony-server:children]
|
||||
control
|
||||
|
||||
[chrony:children]
|
||||
network
|
||||
compute
|
||||
storage
|
||||
monitoring
|
||||
|
||||
[collectd:children]
|
||||
compute
|
||||
|
||||
|
@ -36,6 +36,16 @@ monitoring
|
||||
|
||||
# You can explicitly specify which hosts run each project by updating the
|
||||
# groups in the sections below. Common services are grouped together.
|
||||
[chrony-server:children]
|
||||
control
|
||||
|
||||
[chrony:children]
|
||||
control
|
||||
network
|
||||
compute
|
||||
storage
|
||||
monitoring
|
||||
|
||||
[collectd:children]
|
||||
compute
|
||||
|
||||
|
22
ansible/roles/chrony/defaults/main.yml
Normal file
22
ansible/roles/chrony/defaults/main.yml
Normal file
@ -0,0 +1,22 @@
|
||||
---
|
||||
project_name: "chrony"
|
||||
|
||||
chrony_services:
|
||||
chrony:
|
||||
container_name: "chrony"
|
||||
group: "chrony"
|
||||
image: "{{ chrony_image_full }}"
|
||||
enabled: True
|
||||
privileged: True
|
||||
volumes:
|
||||
- "{{ node_config_directory }}/chrony/:{{ container_config_directory }}/:ro"
|
||||
- "/etc/localtime:/etc/localtime:ro"
|
||||
- "kolla_logs:/var/log/kolla"
|
||||
|
||||
|
||||
####################
|
||||
# Docker
|
||||
####################
|
||||
chrony_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-chrony"
|
||||
chrony_tag: "{{ openstack_release }}"
|
||||
chrony_image_full: "{{ chrony_image }}:{{ chrony_tag }}"
|
12
ansible/roles/chrony/handlers/main.yml
Normal file
12
ansible/roles/chrony/handlers/main.yml
Normal file
@ -0,0 +1,12 @@
|
||||
---
|
||||
- name: Restart chrony container
|
||||
vars:
|
||||
service_name: "chrony"
|
||||
service: "{{ chrony_services[service_name] }}"
|
||||
kolla_docker:
|
||||
action: "recreate_or_restart_container"
|
||||
common_options: "{{ docker_common_options }}"
|
||||
privileged: "{{ service.privileged }}"
|
||||
name: "{{ service.container_name }}"
|
||||
image: "{{ service.image }}"
|
||||
volumes: "{{ service.volumes }}"
|
3
ansible/roles/chrony/meta/main.yml
Normal file
3
ansible/roles/chrony/meta/main.yml
Normal file
@ -0,0 +1,3 @@
|
||||
---
|
||||
dependencies:
|
||||
- { role: common }
|
45
ansible/roles/chrony/tasks/config.yml
Normal file
45
ansible/roles/chrony/tasks/config.yml
Normal file
@ -0,0 +1,45 @@
|
||||
---
|
||||
- name: Ensuring config directories exist
|
||||
file:
|
||||
path: "{{ node_config_directory }}/{{ item }}"
|
||||
state: "directory"
|
||||
recurse: yes
|
||||
with_items:
|
||||
- "chrony"
|
||||
|
||||
- name: Copying over config.json files for services
|
||||
template:
|
||||
src: "{{ item }}.json.j2"
|
||||
dest: "{{ node_config_directory }}/{{ item }}/config.json"
|
||||
with_items:
|
||||
- "chrony"
|
||||
notify:
|
||||
- Restart chrony container
|
||||
|
||||
- name: Copying over chrony.conf
|
||||
template:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ node_config_directory }}/chrony/chrony.conf"
|
||||
with_first_found:
|
||||
- "{{ node_custom_config }}/chrony/{{ inventory_hostname }}/chrony.conf"
|
||||
- "{{ node_custom_config }}/chrony/chrony.conf"
|
||||
- "chrony.conf.j2"
|
||||
notify:
|
||||
- Restart chrony container
|
||||
|
||||
- name: Check chrony container
|
||||
kolla_docker:
|
||||
action: "compare_container"
|
||||
common_options: "{{ docker_common_options }}"
|
||||
name: "{{ item.value.container_name }}"
|
||||
image: "{{ item.value.image }}"
|
||||
privileged: "{{ item.value.privileged }}"
|
||||
volumes: "{{ item.value.volumes }}"
|
||||
when:
|
||||
- inventory_hostname in groups[item.value.group]
|
||||
- item.value.enabled | bool
|
||||
- action != "genconfig"
|
||||
with_dict: "{{ chrony_services }}"
|
||||
notify:
|
||||
- Restart chrony container
|
||||
|
5
ansible/roles/chrony/tasks/deploy.yml
Normal file
5
ansible/roles/chrony/tasks/deploy.yml
Normal file
@ -0,0 +1,5 @@
|
||||
---
|
||||
- include: config.yml
|
||||
|
||||
- name: Flush handlers
|
||||
meta: flush_handlers
|
2
ansible/roles/chrony/tasks/main.yml
Normal file
2
ansible/roles/chrony/tasks/main.yml
Normal file
@ -0,0 +1,2 @@
|
||||
---
|
||||
- include: "{{ action }}.yml"
|
3
ansible/roles/chrony/tasks/precheck.yml
Normal file
3
ansible/roles/chrony/tasks/precheck.yml
Normal file
@ -0,0 +1,3 @@
|
||||
---
|
||||
# TODO(Jeffrey4l), need check whether udp 123 port is used. But there is no
|
||||
# module to do this now.
|
10
ansible/roles/chrony/tasks/pull.yml
Normal file
10
ansible/roles/chrony/tasks/pull.yml
Normal file
@ -0,0 +1,10 @@
|
||||
---
|
||||
- name: Pulling chrony images
|
||||
kolla_docker:
|
||||
action: "pull_image"
|
||||
common_options: "{{ docker_common_options }}"
|
||||
image: "{{ item.value.image }}"
|
||||
when:
|
||||
- inventory_hostname in groups[item.value.group]
|
||||
- item.value.enabled | bool
|
||||
with_dict: "{{ chrony_services }}"
|
1
ansible/roles/chrony/tasks/reconfigure.yml
Symbolic link
1
ansible/roles/chrony/tasks/reconfigure.yml
Symbolic link
@ -0,0 +1 @@
|
||||
deploy.yml
|
1
ansible/roles/chrony/tasks/upgrade.yml
Symbolic link
1
ansible/roles/chrony/tasks/upgrade.yml
Symbolic link
@ -0,0 +1 @@
|
||||
deploy.yml
|
38
ansible/roles/chrony/templates/chrony.conf.j2
Normal file
38
ansible/roles/chrony/templates/chrony.conf.j2
Normal file
@ -0,0 +1,38 @@
|
||||
{% for host in groups['chrony-server'] %}
|
||||
{% if inventory_hostname != host %}
|
||||
server {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }} iburst
|
||||
{% endif %}
|
||||
{% endfor %}
|
||||
{% for ntp_server in external_ntp_servers %}
|
||||
server {{ ntp_server }} iburst
|
||||
{% endfor %}
|
||||
|
||||
keyfile /etc/chrony/chrony.keys
|
||||
|
||||
commandkey 1
|
||||
|
||||
driftfile /var/lib/chrony/chrony.drift
|
||||
|
||||
log tracking measurements statistics
|
||||
logdir /var/log/kolla/chrony
|
||||
|
||||
maxupdateskew 100.0
|
||||
|
||||
dumponexit
|
||||
|
||||
dumpdir /var/lib/chrony
|
||||
|
||||
{% if inventory_hostname in groups['chrony-server'] %}
|
||||
allow all
|
||||
{% else %}
|
||||
port 0
|
||||
deny all
|
||||
{% endif %}
|
||||
|
||||
bindaddress {{ api_interface_address }}
|
||||
|
||||
logchange 0.5
|
||||
|
||||
hwclockfile /etc/adjtime
|
||||
|
||||
rtcsync
|
11
ansible/roles/chrony/templates/chrony.json.j2
Normal file
11
ansible/roles/chrony/templates/chrony.json.j2
Normal file
@ -0,0 +1,11 @@
|
||||
{
|
||||
"command": "/usr/sbin/chronyd -d -f /etc/chrony/chrony.conf",
|
||||
"config_files": [
|
||||
{
|
||||
"source": "{{ container_config_directory }}/chrony.conf",
|
||||
"dest": "/etc/chrony/chrony.conf",
|
||||
"owner": "root",
|
||||
"perm": "0644"
|
||||
}
|
||||
]
|
||||
}
|
@ -53,6 +53,16 @@
|
||||
- role: prechecks
|
||||
when: action == "precheck"
|
||||
|
||||
- name: Apply role chrony
|
||||
hosts:
|
||||
- chrony-server
|
||||
- chrony
|
||||
serial: '{{ serial|default("0") }}'
|
||||
roles:
|
||||
- { role: chrony,
|
||||
tags: chrony,
|
||||
when: enable_chrony | bool }
|
||||
|
||||
- name: Apply role collectd
|
||||
hosts: collectd
|
||||
serial: '{{ serial|default("0") }}'
|
||||
|
@ -122,6 +122,7 @@ kolla_internal_vip_address: "10.10.10.254"
|
||||
#enable_central_logging: "no"
|
||||
#enable_ceph: "no"
|
||||
#enable_ceph_rgw: "no"
|
||||
#enable_chrony: "no"
|
||||
#enable_cinder: "no"
|
||||
#enable_cinder_backend_hnas_iscsi: "no"
|
||||
#enable_cinder_backend_iscsi: "no"
|
||||
|
Loading…
Reference in New Issue
Block a user