Update doc to use chrony instead of ntp

ansible-hardening defaults to using chrony rather than ntp. Installing
ntp in the target host preparation step results in it being
uninstalled later by ansible-hardning in favor of chrony.

Change-Id: I04165292b8f013f0948f154041bd90b0fccb5c5f
This commit is contained in:
Maxime Guyot 2018-11-27 15:30:29 +01:00
parent eb44c85e03
commit 0b2b7c99ae

View File

@ -55,7 +55,7 @@ Configure Ubuntu
.. code-block:: shell-session .. code-block:: shell-session
# apt-get install bridge-utils debootstrap ifenslave ifenslave-2.6 \ # apt-get install bridge-utils debootstrap ifenslave ifenslave-2.6 \
lsof lvm2 ntp ntpdate openssh-server sudo tcpdump vlan python lsof lvm2 chrony openssh-server sudo tcpdump vlan python
#. Install the kernel extra package if you have one for your kernel version \ #. Install the kernel extra package if you have one for your kernel version \
@ -71,12 +71,12 @@ Configure Ubuntu
# echo 'bonding' >> /etc/modules # echo 'bonding' >> /etc/modules
# echo '8021q' >> /etc/modules # echo '8021q' >> /etc/modules
#. Configure Network Time Protocol (NTP) in ``/etc/ntp.conf`` to #. Configure Network Time Protocol (NTP) in ``/etc/chrony/chrony.conf`` to
synchronize with a suitable time source and restart the service: synchronize with a suitable time source and restart the service:
.. code-block:: shell-session .. code-block:: shell-session
# service ntp restart # service chrony restart
#. Reboot the host to activate the changes and use the new kernel. #. Reboot the host to activate the changes and use the new kernel.
@ -102,7 +102,7 @@ Configure CentOS
.. code-block:: shell-session .. code-block:: shell-session
# yum install bridge-utils iputils lsof lvm2 \ # yum install bridge-utils iputils lsof lvm2 \
ntp ntpdate openssh-server sudo tcpdump python chrony openssh-server sudo tcpdump python
#. Add the appropriate kernel modules to the ``/etc/modules-load.d`` file to #. Add the appropriate kernel modules to the ``/etc/modules-load.d`` file to
enable VLAN and bond interfaces: enable VLAN and bond interfaces:
@ -112,13 +112,13 @@ Configure CentOS
# echo 'bonding' >> /etc/modules-load.d/openstack-ansible.conf # echo 'bonding' >> /etc/modules-load.d/openstack-ansible.conf
# echo '8021q' >> /etc/modules-load.d/openstack-ansible.conf # echo '8021q' >> /etc/modules-load.d/openstack-ansible.conf
#. Configure Network Time Protocol (NTP) in ``/etc/ntp.conf`` to #. Configure Network Time Protocol (NTP) in ``/etc/chrony.conf`` to
synchronize with a suitable time source and start the service: synchronize with a suitable time source and start the service:
.. code-block:: shell-session .. code-block:: shell-session
# systemctl enable ntpd.service # systemctl enable chronyd.service
# systemctl start ntpd.service # systemctl start chronyd.service
#. (Optional) Reduce the kernel log level by changing the printk #. (Optional) Reduce the kernel log level by changing the printk
value in your sysctls: value in your sysctls:
@ -152,7 +152,7 @@ Configure openSUSE
.. code-block:: shell-session .. code-block:: shell-session
# zypper install bridge-utils iputils lsof lvm2 \ # zypper install bridge-utils iputils lsof lvm2 \
ntp opensshr sudo tcpdump python chrony opensshr sudo tcpdump python
#. Add the appropriate kernel modules to the ``/etc/modules-load.d`` file to #. Add the appropriate kernel modules to the ``/etc/modules-load.d`` file to
enable VLAN and bond interfaces: enable VLAN and bond interfaces:
@ -162,13 +162,13 @@ Configure openSUSE
# echo 'bonding' >> /etc/modules-load.d/openstack-ansible.conf # echo 'bonding' >> /etc/modules-load.d/openstack-ansible.conf
# echo '8021q' >> /etc/modules-load.d/openstack-ansible.conf # echo '8021q' >> /etc/modules-load.d/openstack-ansible.conf
#. Configure Network Time Protocol (NTP) in ``/etc/ntp.conf`` to #. Configure Network Time Protocol (NTP) in ``/etc/chrony.conf`` to
synchronize with a suitable time source and start the service: synchronize with a suitable time source and start the service:
.. code-block:: shell-session .. code-block:: shell-session
# systemctl enable ntpd.service # systemctl enable chronyd.service
# systemctl start ntpd.service # systemctl start chronyd.service
#. Reboot the host to activate the changes and use the new kernel. #. Reboot the host to activate the changes and use the new kernel.