Resolved ntp issue

1. ntp is required by contrail, so checking for
   ntp package and starting ntpd service by configuring the
   /etc/ntp.conf file.
   If ntpserver is provided by user in the ose-install that will
   be used as ntp server and will be configured on all nodes
   including master, else master will be ntpserver

Change-Id: I3a6989f14b5581e1906010d1a059deec2bb01802
Closes-Bug: #1784085

roles/contrail_master/tasks/main.yaml

@@ -1,5 +1,15 @@
 ---
 - block:
+  - name: Set master as ntp server
+    include_tasks: ntp.yml
+    when: ntpserver is not defined
+
+  - name: Set master as client to provided ntp server
+    include_role:
+      name: contrail_node
+      tasks_from: ntp.yml
+    when: ntpserver is defined
+
   - name: Stat for Contrail docker images
     stat:
       path: "/tmp/{{ item }}-{{ contrail_os_release }}-{{ contrail_version }}.tar.gz"

roles/contrail_master/tasks/ntp.yml

@@ -0,0 +1,31 @@
+---
+- name: install ntp packages
+  package:
+    name: "{{ item }}"
+    state: present
+  with_items:
+  - ntp
+
+- name: open ntp port 123 on masters
+  command: iptables -I INPUT 4 -j ACCEPT -p udp --dport 123
+
+- name: stop ntp service
+  service: name="ntpd" state=stopped enabled=yes
+
+- name: set ntp server
+  template:
+    src: ntp.conf.j2
+    dest: /etc/ntp.conf
+
+- name: start ntp service
+  service: name="ntpd" state=started enabled=yes
+
+- name: set fact that this master is an ntp server
+  set_fact:
+    is_ntp_server: true
+
+- name: disable service chronyd
+  systemd:
+    name: chronyd
+    enabled: no
+  ignore_errors: yes

roles/contrail_master/templates/ntp.conf.j2

@@ -0,0 +1,12 @@
+tinker panic 0
+
+disable monitor
+restrict default kod nomodify notrap nopeer noquery
+restrict -6 default kod nomodify notrap nopeer noquery
+restrict 127.0.0.1
+restrict -6 ::1
+
+server 127.127.1.0
+
+# Driftfile.
+driftfile /var/lib/ntp/drift

roles/contrail_node/tasks/main.yaml

@@ -1,26 +1,6 @@
 ---
-- name: Install ntp service on all nodes
-  hosts: all
-  yum:
-    name: "ntp"
-    state: installed
-
-- name: Start ntp service on all nodes
-  hosts: all
-  service: name=ntpd state=started
-
-- name: enable insecure_repos
-  hosts: all
-  lineinfile:
-        path: /etc/sysconfig/docker
-        line: "INSECURE_REGISTRY='--insecure-registry {{ contrail_registry }}'"
-  when:
-     - contrail_registry_insecure is defined
-     - contrail_registry_insecure | bool
-
-- name: restart docker service on all nodes
-  hosts: all
-  service: name=docker state=restarted
+- name: Set ntp on nodes
+  include_tasks: ntp.yml
 
 - name: Stat for Contrail docker images
   stat:

roles/contrail_node/tasks/ntp.yml

@@ -0,0 +1,26 @@
+---
+- name: install ntp packages
+  package:
+    name: "{{ item }}"
+    state: present
+  with_items:
+  - ntp
+
+- name: stop ntp service
+  service: name="ntpd" state=stopped enabled=yes
+
+- name: set ntp conf file
+  template:
+    src: ntp.conf.j2
+    dest: /etc/ntp.conf
+  when:
+    - is_ntp_server is not defined
+
+- name: start ntp service
+  service: name="ntpd" state=started enabled=yes
+
+- name: disable service chronyd
+  systemd:
+    name: chronyd
+    enabled: no
+  ignore_errors: yes

roles/contrail_node/templates/ntp.conf.j2

@@ -0,0 +1,18 @@
+tinker panic 0
+
+disable monitor
+restrict default kod nomodify notrap nopeer noquery
+restrict -6 default kod nomodify notrap nopeer noquery
+restrict 127.0.0.1
+restrict -6 ::1
+
+{% if ntpserver is not defined %}
+{% for master in groups.masters %}
+server {{ master | ipaddr }} iburst
+{% endfor %}
+{% else %}
+server {{ ntpserver | ipaddr }} iburst
+{% endif %}
+
+# Driftfile.
+driftfile /var/lib/ntp/drift