out with the ntp, in with the chrony
This commit is contained in:
Kevin Fenzi
parent
f5aca677c3
commit
0258bf95c7
3 changed files with 79 additions and 1 deletions
|
|
@ -1,5 +1,5 @@
|
||||||
---
|
---
|
||||||
dependencies:
|
dependencies:
|
||||||
- { role: basessh }
|
- { role: basessh }
|
||||||
- { role: ntp }
|
- { role: chrony }
|
||||||
- { role: dnf-automatic }
|
- { role: dnf-automatic }
|
||||||
|
|
|
||||||
27
roles/chrony/tasks/main.yml
Normal file
27
roles/chrony/tasks/main.yml
Normal file
|
|
@ -0,0 +1,27 @@
|
||||||
|
- name: install chrony
|
||||||
|
package: name=chrony state=present
|
||||||
|
tags:
|
||||||
|
- chrony
|
||||||
|
- package
|
||||||
|
- base
|
||||||
|
|
||||||
|
- name: install chrony.conf
|
||||||
|
template: src=chrony.conf.j2 dest=/etc/chrony.conf
|
||||||
|
tags:
|
||||||
|
- chrony
|
||||||
|
- config
|
||||||
|
- base
|
||||||
|
|
||||||
|
- name: disable and stop ntp
|
||||||
|
service: name=ntp state=stopped enabled=no
|
||||||
|
tags:
|
||||||
|
- chrony
|
||||||
|
- service
|
||||||
|
- base
|
||||||
|
|
||||||
|
- name: Start and enable chrony
|
||||||
|
service: name=chrony state=started enabled=yes
|
||||||
|
tags:
|
||||||
|
- ntp
|
||||||
|
- service
|
||||||
|
- base
|
||||||
51
roles/chrony/templates/chrony.conf.j2
Normal file
51
roles/chrony/templates/chrony.conf.j2
Normal file
|
|
@ -0,0 +1,51 @@
|
||||||
|
# setup our servers
|
||||||
|
{% if datacenter == 'phx2' %}
|
||||||
|
server bastion01.phx2.fedoraproject.org iburst
|
||||||
|
server bastion02.phx2.fedoraproject.org iburst
|
||||||
|
{% elif datacenter == 'cloud' and not ansible_hostname.startswith('cloud-noc') %}
|
||||||
|
server cloud-noc01.cloud.fedoraproject.org port 124
|
||||||
|
{% else %}
|
||||||
|
server 0.rhel.pool.ntp.org iburst
|
||||||
|
server 1.rhel.pool.ntp.org iburst
|
||||||
|
server 2.rhel.pool.ntp.org iburst
|
||||||
|
server 3.rhel.pool.ntp.org iburst
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
# Record the rate at which the system clock gains/losses time.
|
||||||
|
driftfile /var/lib/chrony/drift
|
||||||
|
|
||||||
|
# Allow the system clock to be stepped in the first three updates
|
||||||
|
# if its offset is larger than 1 second.
|
||||||
|
makestep 1.0 3
|
||||||
|
|
||||||
|
# Enable kernel synchronization of the real-time clock (RTC).
|
||||||
|
rtcsync
|
||||||
|
|
||||||
|
# Enable hardware timestamping on all interfaces that support it.
|
||||||
|
#hwtimestamp *
|
||||||
|
|
||||||
|
# Increase the minimum number of selectable sources required to adjust
|
||||||
|
# the system clock.
|
||||||
|
minsources 1
|
||||||
|
|
||||||
|
# Allow NTP client access from local network.
|
||||||
|
{% if ansible_hostname.startswith('bastion') %}
|
||||||
|
allow 10.0.0.0/16
|
||||||
|
{% elif ansible_hostname.startswith('cloud-noc') %}
|
||||||
|
allow 209.132.184.0/24
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
# Serve time even if not synchronized to a time source.
|
||||||
|
local stratum 10
|
||||||
|
|
||||||
|
# Specify file containing keys for NTP authentication.
|
||||||
|
keyfile /etc/chrony.keys
|
||||||
|
|
||||||
|
# Get TAI-UTC offset and leap seconds from the system tz database.
|
||||||
|
leapsectz right/UTC
|
||||||
|
|
||||||
|
# Specify directory for log files.
|
||||||
|
logdir /var/log/chrony
|
||||||
|
|
||||||
|
# Select which information is logged.
|
||||||
|
#log measurements statistics tracking
|
||||||
Loading…
Add table
Add a link
Reference in a new issue