Switch on ntp service as TungstenFabric requires it for time checking
TF NodeMgr service has internal time check by issuing local ntp service
using ntpq utility. Currently, we have systemd-timesyncd service installed
on nodes, which does not provide local ntp service, so that we need to switch
on using ntpd daemon.
Related-PROD: PRODX-6314
Change-Id: I36fe9227153c517184b90a6204981b3da5c1c661
diff --git a/de/heat-templates/scripts/instance_boot.sh b/de/heat-templates/scripts/instance_boot.sh
index 859f182..4d36ca4 100644
--- a/de/heat-templates/scripts/instance_boot.sh
+++ b/de/heat-templates/scripts/instance_boot.sh
@@ -121,7 +121,7 @@
function install_retry {
apt update
- export DEBIAN_FRONTEND=noninteractive; apt install -y apt-transport-https ca-certificates curl software-properties-common jq unzip atop iptables-persistent socat
+ export DEBIAN_FRONTEND=noninteractive; apt install -y apt-transport-https ca-certificates curl software-properties-common jq unzip atop iptables-persistent socat ntp
}
retry 10 "Failed to install required packages" install_retry
}
@@ -251,29 +251,41 @@
}
function configure_ntp {
- cat << EOF > /etc/systemd/timesyncd.conf
-# This file is part of systemd.
-#
-# systemd is free software; you can redistribute it and/or modify it
-# under the terms of the GNU Lesser General Public License as published by
-# the Free Software Foundation; either version 2.1 of the License, or
-# (at your option) any later version.
-#
-# Entries in this file show the compile time defaults.
-# You can change settings by editing this file.
-# Defaults can be restored by simply deleting this file.
-#
-# See timesyncd.conf(5) for details.
+ cat << EOF > /etc/ntp.conf
+# ntpd will only synchronize your clock.
-[Time]
-NTP=${NTP_SERVERS}
-#FallbackNTP=ntp.ubuntu.com
-#RootDistanceMaxSec=5
-#PollIntervalMinSec=32
-#PollIntervalMaxSec=2048
+# For details, see:
+# - the ntp.conf man page
+# - http://support.ntp.org/bin/view/Support/GettingStarted
+
+# Specify one or more NTP servers.
EOF
- systemctl restart systemd-timesyncd
+ for server in $NTP_SERVERS; do
+cat << EOF >> /etc/ntp.conf
+server ${server} iburst
+EOF
+ done
+
+ cat << EOF >> /etc/ntp.conf
+# Set general access to this service
+restrict -4 default kod nomodify notrap nopeer noquery
+restrict -6 default kod nomodify notrap nopeer noquery
+
+# Allow access from localhost
+restrict 127.0.0.1
+restrict ::1
+
+# Do not listen on any interface address by default
+interface ignore wildcard
+interface listen lo
+interface listen ${DEFAULT_INTERFACE}
+
+# Location of drift file
+driftfile /var/lib/ntp/ntp.drift
+EOF
+
+ systemctl restart ntp
}
function prepare_network {
@@ -285,8 +297,6 @@
systemctl restart systemd-resolved
# Make sure local hostname is present in /etc/hosts
sed -i "s/127.0.0.1 localhost/127.0.0.1 localhost\n${CONTROL_IP_ADDRESS} $(hostname)/" /etc/hosts
-
- configure_ntp
}
function workaround_default_forward_policy {
@@ -487,6 +497,7 @@
prepare_network
prepare_docker_config
install_required_packages
+ configure_ntp
configure_atop
workaround_default_forward_policy
install_docker
@@ -510,6 +521,7 @@
prepare_network
prepare_docker_config
install_required_packages
+ configure_ntp
configure_atop
workaround_default_forward_policy
install_docker
@@ -530,6 +542,7 @@
prepare_network
prepare_docker_config
install_required_packages
+ configure_ntp
configure_atop
workaround_default_forward_policy
install_docker
@@ -549,6 +562,7 @@
prepare_network
prepare_docker_config
install_required_packages
+ configure_ntp
configure_atop
install_docker
download_bundles