Skip to content

Commit

Permalink
Merge pull request #206 from SUNET/patlu-use-chrony
Browse files Browse the repository at this point in the history
Replace ntp with chrony on our servers
  • Loading branch information
eest authored Oct 22, 2024
2 parents 2eb7b61 + ba3ea54 commit 8c37e81
Show file tree
Hide file tree
Showing 4 changed files with 95 additions and 49 deletions.
14 changes: 14 additions & 0 deletions facts.d/chrony_enabled.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
#!/bin/sh

enabled="no"

if [ -f /etc/sunet-chrony-opt-in ]; then
enabled="yes"
fi

vendor=$(lsb_release -is)
version=$(lsb_release -rs)
test "$vendor" = "Debian" && dpkg --compare-versions "${version}" "ge" "12" && enabled="yes"
test "$vendor" = "Ubuntu" && dpkg --compare-versions "${version}" "ge" "23.04" && enabled="yes"

echo "sunet_chrony_enabled=${enabled}"
22 changes: 22 additions & 0 deletions manifests/chrony.pp
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,28 @@
Array[String] $ntsservercerts = [],
Array[String] $ntsserverkeys = [],
) {

### BEGIN sunet::ntp cleanup
# Cleanup potential remains from previous usage of sunet::ntp
package { 'ntp': ensure => 'purged' }
package { 'ntpsec': ensure => 'purged' }

# Some files that are left behind even after purge because they are created
# manually by sunet::ntp on Ubuntu.
if $facts['os']['distro']['id'] == 'Ubuntu' {
include sunet::systemd_reload

file { '/etc/systemd/system/multi-user.target.wants/ntp.service':
ensure => 'absent',
notify => [Class['sunet::systemd_reload']]
}
file { '/etc/systemd/system/ntp.service':
ensure => 'absent',
notify => [Class['sunet::systemd_reload']]
}
}
### END sunet::ntp cleanup

package { 'chrony': ensure => 'installed' }

service { 'chrony':
Expand Down
102 changes: 54 additions & 48 deletions manifests/ntp.pp
Original file line number Diff line number Diff line change
Expand Up @@ -7,64 +7,70 @@

# Get facts for distro/release
$distro = $facts['os']['distro']['id']
$release = $facts['os']['distro']['release']['full']
$release = $facts['os']['distro']['release']['major']

# Help Puppet understand to use systemd for Ubuntu 16.04 hosts
if $distro == 'Ubuntu' and versioncmp($release, '15.04') >= 0 {
Service {
provider => 'systemd',
# Only do anything on older Ubuntu and Debian. For later versions
# sunet::server will use sunet::chrony instead. This if-statement is needed
# because not every ops-repo uses sunet::server to select what ntp class to
# use.
if $::facts['sunet_chrony_enabled'] != 'yes' {
# Help Puppet understand to use systemd for Ubuntu 16.04 hosts
if $distro == 'Ubuntu' and versioncmp($release, '15.04') >= 0 {
Service {
provider => 'systemd',
}
}
}

package { 'ntp': ensure => 'installed' }
service { 'ntp':
ensure => running,
name => 'ntp',
enable => true,
hasrestart => true,
require => Package['ntp'],
}
package { 'ntp': ensure => 'installed' }
service { 'ntp':
ensure => running,
name => 'ntp',
enable => true,
hasrestart => true,
require => Package['ntp'],
}

# Don't use pool.ntp.org servers, but rather DHCP provided NTP servers
$_disable_pool = $disable_pool_ntp_org ? {
true => ['rm pool[.]'],
false => [],
}
# Don't use pool.ntp.org servers, but rather DHCP provided NTP servers
$_disable_pool = $disable_pool_ntp_org ? {
true => ['rm pool[.]'],
false => [],
}

# in cases where DHCP does not provide servers, or the machinery doesn't
# work well (Ubuntu 16.04, looking at you), add some servers manually
$_set_servers = map(flatten([$set_servers, $add_servers])) |$index, $server| {
sprintf('set server[%s] %s', $index + 1, $server)
}
$changes = flatten([$_disable_pool,
$_set_servers ? {
[] => [],
default => ['rm server[.]',
$_set_servers],
},])
# in cases where DHCP does not provide servers, or the machinery doesn't
# work well (Ubuntu 16.04, looking at you), add some servers manually
$_set_servers = map(flatten([$set_servers, $add_servers])) |$index, $server| {
sprintf('set server[%s] %s', $index + 1, $server)
}
$changes = flatten([$_disable_pool,
$_set_servers ? {
[] => [],
default => ['rm server[.]',
$_set_servers],
},])

if $changes != [] {
include augeas
if $changes != [] {
include augeas

augeas { 'ntp.conf':
context => '/files/etc/ntp.conf',
changes => $changes,
require => Package['ntp'],
notify => Service['ntp'],
augeas { 'ntp.conf':
context => '/files/etc/ntp.conf',
changes => $changes,
require => Package['ntp'],
notify => Service['ntp'],
}
}
}

if $distro == 'Ubuntu' and versioncmp($release, '15.04') >= 0 {
include sunet::systemd_reload
if $distro == 'Ubuntu' and versioncmp($release, '15.04') >= 0 {
include sunet::systemd_reload

# replace init.d script with systemd service file to get Restart=always
file {
'/etc/systemd/system/ntp.service':
content => template('sunet/ntp/ntp.service.erb'),
notify => [Class['sunet::systemd_reload'],
Service['ntp'],
],
;
# replace init.d script with systemd service file to get Restart=always
file {
'/etc/systemd/system/ntp.service':
content => template('sunet/ntp/ntp.service.erb'),
notify => [Class['sunet::systemd_reload'],
Service['ntp'],
],
;
}
}
}
}
6 changes: 5 additions & 1 deletion manifests/server.pp
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,11 @@
}

if $ntpd_config {
include sunet::ntp
if $::facts['sunet_chrony_enabled'] == 'yes' {
include sunet::chrony
} else {
include sunet::ntp
}
}

if $scriptherder {
Expand Down

0 comments on commit 8c37e81

Please sign in to comment.