Merge "Add chrony time service"

deployment/timesync/chrony-ansible.yaml

@@ -0,0 +1,166 @@
+heat_template_version: rocky
+
+description: >
+  Chrony time service deployment using ansible, this YAML file
+  creates the interface between the HOT template
+  and the ansible role that actually installs
+  and configure chronyd.
+
+parameters:
+  ServiceData:
+    default: {}
+    description: Dictionary packing service data
+    type: json
+  ServiceNetMap:
+    default: {}
+    description: Mapping of service_name -> network name. Typically set
+                 via parameter_defaults in the resource registry.  This
+                 mapping overrides those in ServiceNetMapDefaults.
+    type: json
+  DefaultPasswords:
+    default: {}
+    type: json
+  RoleName:
+    default: ''
+    description: Role name on which the service is applied
+    type: string
+  RoleParameters:
+    default: {}
+    description: Parameters specific to the role
+    type: json
+  EndpointMap:
+    default: {}
+    description: Mapping of service endpoint -> protocol. Typically set
+                 via parameter_defaults in the resource registry.
+    type: json
+  NtpServer:
+    default: ['pool.ntp.org']
+    description: NTP servers list. Defaulted to pool.ntp.org in order to
+                 have a sane default for Pacemaker deployments when
+                 not configuring this parameter by default.
+    type: comma_delimited_list
+  NtpPool:
+    default: ['pool.ntp.org']
+    description: NTP pool list. Defaulted to pool.ntp.org in order to
+                 have a sane default for Pacemaker deployments when
+                 not configuring this parameter by default. If configured,
+                 NtpPool takes precedence over NtpServer when using NtpPool.
+                 Set to [] if you wish to only use the NtpServer configuration
+                 and ignore the NtpPool option.
+    type: comma_delimited_list
+  ChronyGlobalServerOptions:
+    default: ''
+    description: Default server options for the configured NTP servers in
+                 chrony.conf. If this is specified, NtpIburstEnable, MaxPoll,
+                 and MinPoll are ignored.
+    type: string
+  ChronyGlobalPoolOptions:
+    default: ''
+    description: Default pool options for the configured NTP pools in
+                 chrony.conf. If this is specified, NtpIburstEnable, MaxPoll,
+                 and MinPoll are ignored.
+    type: string
+  NtpIburstEnable:
+    default: true
+    description: Specifies whether to enable the iburst option for every NTP
+                 peer. If iburst is enabled, when the ntp server is unreachable
+                 ntp will send a burst of eight packages instead of one. This
+                 is designed to speed up the initial syncrhonization.
+    type: boolean
+  MaxPoll:
+    description: Specify maximum poll interval of upstream servers for NTP
+                 messages, in seconds to the power of two.
+                 The maximum poll interval defaults to 10 (1,024 s).
+                 Allowed values are 4 to 17.
+    type: number
+    default: 10
+    constraints:
+      - range: { min: 4, max: 17 }
+  MinPoll:
+    description: Specify minimum poll interval of upstream servers for NTP
+                 messages, in seconds to the power of two.
+                 The minimum poll interval defaults to 6 (64 s).
+                 Allowed values are 4 to 17.
+    type: number
+    default: 6
+    constraints:
+      - range: { min: 4, max: 17 }
+  EnablePackageInstall:
+    default: 'false'
+    description: Set to true to enable package installation at deploy time
+    type: boolean
+  ChronyAclRules:
+    default: ['deny all']
+    description: Access Control List of NTP clients.  By default no clients
+                 are permitted.
+    type: comma_delimited_list
+
+conditions:
+  chrony_global_server_settings_is_empty: {equals: [{get_param: ChronyGlobalServerOptions}, '']}
+  chrony_global_pool_settings_is_empty: {equals: [{get_param: ChronyGlobalPoolOptions}, '']}
+  chrony_pool_is_empty: {equals: [{get_param: NtpPool}, []]}
+  ntp_iburst: {equals: [{get_param: NtpIburstEnable}, true]}
+
+outputs:
+  role_data:
+    description: Role chrony using composable timesync services.
+    value:
+      service_name: chrony
+      config_settings:
+        tripleo.ntp.firewall_rules:
+          '105 ntp':
+            dport: 123
+            proto: udp
+      step_config: ''
+      host_prep_tasks:
+        - name: Populate service facts (chrony)
+          service_facts: # needed to make yaml happy
+        - name: Disable NTP before configuring Chrony
+          service:
+              name: ntpd
+              state: stopped
+              enabled: no
+          when: "'ntpd.service' in ansible_facts.services"
+        - name: Install, Configure and Run Chrony
+          include_role:
+            name: chrony
+        - name: Ensure system is NTP time synced
+          command: chronyc waitsync 20
+      ansible_group_vars:
+        chrony_role_action: all
+        chrony_ntp_servers:
+          if:
+            - chrony_pool_is_empty
+            - {get_param: NtpServer}
+            - []
+        chrony_ntp_pools: {get_param: NtpPool}
+        chrony_global_server_settings:
+          if:
+          - chrony_global_server_settings_is_empty
+          - str_replace:
+              template: IBURST minpoll MINPOLL maxpoll MAXPOLL
+              params:
+                IBURST:
+                  if:
+                  - ntp_iburst
+                  - iburst
+                  - ''
+                MINPOLL: { get_param: MinPoll }
+                MAXPOLL: { get_param: MaxPoll }
+          - {get_param: ChronyGlobalServerOptions}
+        chrony_global_pool_settings:
+          if:
+          - chrony_global_pool_settings_is_empty
+          - str_replace:
+              template: IBURST minpoll MINPOLL maxpoll MAXPOLL
+              params:
+                IBURST:
+                  if:
+                  - ntp_iburst
+                  - iburst
+                  - ''
+                MINPOLL: { get_param: MinPoll }
+                MAXPOLL: { get_param: MaxPoll }
+          - {get_param: ChronyGlobalPoolOptions}
+        chrony_manage_package: {get_param: EnablePackageInstall}
+        chrony_acl_rules: {get_param: ChronyAclRules}

overcloud-resource-registry-puppet.j2.yaml

@@ -230,7 +230,7 @@ resource_registry:
   OS::TripleO::Services::Xinetd: docker/services/xinetd.yaml
 
   # Time sync services
-  OS::TripleO::Services::Chrony: OS::Heat::None
+  OS::TripleO::Services::Chrony: deployment/timesync/chrony-ansible.yaml
   OS::TripleO::Services::Ntp: puppet/services/time/ntp.yaml
   OS::TripleO::Services::Ptp: OS::Heat::None
   OS::TripleO::Services::Timesync: OS::TripleO::Services::Ntp

puppet/services/time/ntp.yaml

@@ -86,6 +86,20 @@ outputs:
       step_config: |
         include ::tripleo::profile::base::time::ntp
       host_prep_tasks:
+        - name: Populate service facts (ntp)
+          service_facts: # needed to make yaml happy
+        - name: Disable chronyd before configuring NTP
+          service:
+              name: chronyd
+              state: stopped
+              enabled: no
+          when: "'chronyd.service' in ansible_facts.services"
+        - name: Disable chrony-wait before configuring NTP
+          service:
+              name: chrony-wait
+              state: stopped
+              enabled: no
+          when: "'chrony-wait.service' in ansible_facts.services"
         - name: NTP settings
           set_fact:
             ntp_servers: {get_param: NtpServer}