From d808e37c64d2c78d7678b41c3824e2e48ab0bee3 Mon Sep 17 00:00:00 2001 From: Jagan Mohan Kavva Date: Tue, 22 Jun 2021 15:11:20 +0000 Subject: [PATCH] Revert "Add chrony config" This reverts commit bf7c04d13f3c456c4d7fd29c30e83cfb6d66712a. Reason for revert: We just realized that passing NTP and chrony.conf both is not needed so reverting this changes. Change-Id: Ifa3ee40316871addb05cd8196baf9e4daa5eb8a6 --- .../ephemeral/replacements/networking.yaml | 41 ------------------ manifests/function/ephemeral/secret.yaml | 37 ---------------- .../function/k8scontrol/controlplane.yaml | 43 +++---------------- .../k8scontrol/replacements/networking.yaml | 36 ---------------- .../workers-capm3/kubeadmconfigtemplate.yaml | 36 ---------------- .../replacements/networking.yaml | 40 ----------------- 6 files changed, 6 insertions(+), 227 deletions(-) diff --git a/manifests/function/ephemeral/replacements/networking.yaml b/manifests/function/ephemeral/replacements/networking.yaml index 30559b7f4..13c700ef9 100644 --- a/manifests/function/ephemeral/replacements/networking.yaml +++ b/manifests/function/ephemeral/replacements/networking.yaml @@ -49,44 +49,3 @@ replacements: name: ephemeral-bmc-secret kind: Secret fieldrefs: ["stringData.userData%REPLACEMENT_POD_CIDR%"] -# Replace the k8s controlplane NTP servers -- source: - objref: - kind: NetworkCatalogue - name: networking - fieldref: spec.ntp.servers[0] - target: - objref: - name: ephemeral-bmc-secret - kind: Secret - fieldrefs: ["stringData.userData%REPLACEMENT_NTP_SERVER1%"] -- source: - objref: - kind: NetworkCatalogue - name: networking - fieldref: spec.ntp.servers[1] - target: - objref: - name: ephemeral-bmc-secret - kind: Secret - fieldrefs: ["stringData.userData%REPLACEMENT_NTP_SERVER2%"] -- source: - objref: - kind: NetworkCatalogue - name: networking - fieldref: spec.ntp.servers[2] - target: - objref: - name: ephemeral-bmc-secret - kind: Secret - fieldrefs: ["stringData.userData%REPLACEMENT_NTP_SERVER3%"] -- source: - objref: - kind: NetworkCatalogue - name: networking - fieldref: spec.ntp.servers[3] - target: - objref: - name: ephemeral-bmc-secret - kind: Secret - fieldrefs: ["stringData.userData%REPLACEMENT_NTP_SERVER4%"] diff --git a/manifests/function/ephemeral/secret.yaml b/manifests/function/ephemeral/secret.yaml index 2e71ce448..2e6abbcd7 100644 --- a/manifests/function/ephemeral/secret.yaml +++ b/manifests/function/ephemeral/secret.yaml @@ -34,43 +34,6 @@ stringData: - kubeadm init --config /tmp/kubeadm.yaml - mkdir -p /opt/metal3-dev-env/ironic/html/images write_files: - - path: "/etc/chrony/chrony.conf" - permissions: '0644' - owner: root:root - content: | - # This directive specify the location of the file containing ID/key pairs for - # NTP authentication. - keyfile /etc/chrony/chrony.keys - - # This directive specify the file into which chronyd will store the rate - # information. - driftfile /var/lib/chrony/chrony.drift - - # Uncomment the following line to turn logging on. - #log tracking measurements statistics - - # Log files location. - logdir /var/log/chrony - - # Stop bad estimates upsetting machine clock. - maxupdateskew 100.0 - - # This directive enables kernel synchronisation (every 11 minutes) of the - # real-time clock. Note that it can’t be used along with the 'rtcfile' directive. - rtcsync - - # Step the system clock instead of slewing it if the adjustment is larger than - # one second, but only in the first three clock updates. - makestep 1 3 - - server REPLACEMENT_NTP_SERVER1 iburst - server REPLACEMENT_NTP_SERVER2 iburst - server REPLACEMENT_NTP_SERVER3 iburst - server REPLACEMENT_NTP_SERVER4 iburst - - #Enable Chrony to operate as an NTP server for local applications e.g. Prometheus. - allow 127.0.0.0/8 - - path: /etc/systemd/system/docker.service.d/http-proxy.conf permissions: '0644' owner: root:root diff --git a/manifests/function/k8scontrol/controlplane.yaml b/manifests/function/k8scontrol/controlplane.yaml index 154425f8a..705bde3bb 100644 --- a/manifests/function/k8scontrol/controlplane.yaml +++ b/manifests/function/k8scontrol/controlplane.yaml @@ -24,40 +24,6 @@ spec: # any adjustments and settings for docker anymore. However, if for # some reason docker has to be presented in the system, we need to # create http-proxy.conf. - - path: "/etc/chrony/chrony.conf" - content: | - # This directive specify the location of the file containing ID/key pairs for - # NTP authentication. - keyfile /etc/chrony/chrony.keys - - # This directive specify the file into which chronyd will store the rate - # information. - driftfile /var/lib/chrony/chrony.drift - - # Uncomment the following line to turn logging on. - #log tracking measurements statistics - - # Log files location. - logdir /var/log/chrony - - # Stop bad estimates upsetting machine clock. - maxupdateskew 100.0 - - # This directive enables kernel synchronisation (every 11 minutes) of the - # real-time clock. Note that it can’t be used along with the 'rtcfile' directive. - rtcsync - - # Step the system clock instead of slewing it if the adjustment is larger than - # one second, but only in the first three clock updates. - makestep 1 3 - - server REPLACEMENT_NTP_SERVER1 iburst - server REPLACEMENT_NTP_SERVER2 iburst - server REPLACEMENT_NTP_SERVER3 iburst - server REPLACEMENT_NTP_SERVER4 iburst - - #Enable Chrony to operate as an NTP server for local applications e.g. Prometheus. - allow 127.0.0.0/8 # TODO: add download sources to the versions catalogue preKubeadmCommands: # Restart docker to apply any proxy settings @@ -66,8 +32,6 @@ spec: - containerd config default | sed -r -e '/\[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc\]$/a\ SystemdCgroup = true' | tee /etc/containerd/config.toml - systemctl daemon-reload - systemctl restart containerd - - systemctl restart chrony.service - - systemctl is-active --quiet chrony.service && echo "Chrony service was restarted!" initConfiguration: nodeRegistration: name: '{{ ds.meta_data.local_hostname }}' @@ -85,7 +49,12 @@ spec: cgroup-driver: "systemd" container-runtime: remote criSocket: "unix:///run/containerd/containerd.sock" - + ntp: + servers: + - 0.pool.ntp.org + - 1.pool.ntp.org + - 2.pool.ntp.org + - 3.pool.ntp.org users: - name: deployer sshAuthorizedKeys: diff --git a/manifests/function/k8scontrol/replacements/networking.yaml b/manifests/function/k8scontrol/replacements/networking.yaml index 76128410d..4d9957594 100644 --- a/manifests/function/k8scontrol/replacements/networking.yaml +++ b/manifests/function/k8scontrol/replacements/networking.yaml @@ -54,39 +54,3 @@ replacements: objref: kind: KubeadmControlPlane fieldrefs: ["spec.kubeadmConfigSpec.ntp"] -- source: - objref: - kind: NetworkCatalogue - name: networking - fieldref: spec.ntp.servers[0] - target: - objref: - kind: KubeadmControlPlane - fieldrefs: ["spec.kubeadmConfigSpec.files[*].content%REPLACEMENT_NTP_SERVER1%"] -- source: - objref: - kind: NetworkCatalogue - name: networking - fieldref: spec.ntp.servers[1] - target: - objref: - kind: KubeadmControlPlane - fieldrefs: ["spec.kubeadmConfigSpec.files[*].content%REPLACEMENT_NTP_SERVER2%"] -- source: - objref: - kind: NetworkCatalogue - name: networking - fieldref: spec.ntp.servers[2] - target: - objref: - kind: KubeadmControlPlane - fieldrefs: ["spec.kubeadmConfigSpec.files[*].content%REPLACEMENT_NTP_SERVER3%"] -- source: - objref: - kind: NetworkCatalogue - name: networking - fieldref: spec.ntp.servers[3] - target: - objref: - kind: KubeadmControlPlane - fieldrefs: ["spec.kubeadmConfigSpec.files[*].content%REPLACEMENT_NTP_SERVER4%"] diff --git a/manifests/function/workers-capm3/kubeadmconfigtemplate.yaml b/manifests/function/workers-capm3/kubeadmconfigtemplate.yaml index dea43107f..5e6b7f878 100644 --- a/manifests/function/workers-capm3/kubeadmconfigtemplate.yaml +++ b/manifests/function/workers-capm3/kubeadmconfigtemplate.yaml @@ -26,40 +26,6 @@ spec: # any adjustments and settings for docker anymore. However, if for # some reason docker has to be presented in the system, we need to # create http-proxy.conf. - - path: "/etc/chrony/chrony.conf" - content: | - # This directive specify the location of the file containing ID/key pairs for - # NTP authentication. - keyfile /etc/chrony/chrony.keys - - # This directive specify the file into which chronyd will store the rate - # information. - driftfile /var/lib/chrony/chrony.drift - - # Uncomment the following line to turn logging on. - #log tracking measurements statistics - - # Log files location. - logdir /var/log/chrony - - # Stop bad estimates upsetting machine clock. - maxupdateskew 100.0 - - # This directive enables kernel synchronisation (every 11 minutes) of the - # real-time clock. Note that it can’t be used along with the 'rtcfile' directive. - rtcsync - - # Step the system clock instead of slewing it if the adjustment is larger than - # one second, but only in the first three clock updates. - makestep 1 3 - - server REPLACEMENT_NTP_SERVER1 iburst - server REPLACEMENT_NTP_SERVER2 iburst - server REPLACEMENT_NTP_SERVER3 iburst - server REPLACEMENT_NTP_SERVER4 iburst - - #Enable Chrony to operate as an NTP server for local applications e.g. Prometheus. - allow 127.0.0.0/8 preKubeadmCommands: # Restart docker and containerd to apply any proxy settings - export HOME=/root @@ -67,8 +33,6 @@ spec: - containerd config default | sed -r -e '/\[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc\]$/a\ SystemdCgroup = true' | tee /etc/containerd/config.toml - systemctl daemon-reload - systemctl restart containerd - - systemctl restart chrony.service - - systemctl is-active --quiet chrony.service && echo "Chrony service was restarted!" users: - name: deployer sshAuthorizedKeys: diff --git a/manifests/function/workers-capm3/replacements/networking.yaml b/manifests/function/workers-capm3/replacements/networking.yaml index e2942a450..15a4c7a3d 100644 --- a/manifests/function/workers-capm3/replacements/networking.yaml +++ b/manifests/function/workers-capm3/replacements/networking.yaml @@ -17,43 +17,3 @@ replacements: kind: KubeadmConfigTemplate name: worker-1 fieldrefs: ["spec.template.spec.ntp"] -- source: - objref: - kind: NetworkCatalogue - name: networking - fieldref: spec.ntp.servers[0] - target: - objref: - kind: KubeadmConfigTemplate - name: worker-1 - fieldrefs: ["spec.template.spec.files[*].content%REPLACEMENT_NTP_SERVER1%"] -- source: - objref: - kind: NetworkCatalogue - name: networking - fieldref: spec.ntp.servers[1] - target: - objref: - kind: KubeadmConfigTemplate - name: worker-1 - fieldrefs: ["spec.template.spec.files[*].content%REPLACEMENT_NTP_SERVER2%"] -- source: - objref: - kind: NetworkCatalogue - name: networking - fieldref: spec.ntp.servers[2] - target: - objref: - kind: KubeadmConfigTemplate - name: worker-1 - fieldrefs: ["spec.template.spec.files[*].content%REPLACEMENT_NTP_SERVER3%"] -- source: - objref: - kind: NetworkCatalogue - name: networking - fieldref: spec.ntp.servers[3] - target: - objref: - kind: KubeadmConfigTemplate - name: worker-1 - fieldrefs: ["spec.template.spec.files[*].content%REPLACEMENT_NTP_SERVER4%"] \ No newline at end of file