Skip to content

Latest commit

 

History

History
165 lines (121 loc) · 4.19 KB

README.md

File metadata and controls

165 lines (121 loc) · 4.19 KB

puppet-chrony

License Build Status Puppet Forge Puppet Forge - downloads Puppet Forge - scores

Table of Contents

  1. Overview
  2. Module Description - What the module does and why it is useful
  3. Setup - The basics of getting started with chrony
  4. Usage - Configuration options and additional functionality
  5. Reference - An under-the-hood peek at what the module is doing and how
  6. Limitations - OS compatibility, etc.
  7. Copyright and License

Overview

Chrony Puppet Module

Manage chrony time daemon on Archlinux and Redhat

Module Description

The Chrony module handles running chrony in Archlinux and Redhat systems with systemd.

Setup

What chrony affects

  • chrony package.
  • chrony configuration file.
  • chrony key file.
  • chrony service.

Requirements

Please review metadata.json for a list of requirements.

Beginning with chrony

include 'chrony' is all you need to get it running. If you wish to pass in parameters like which servers to use then you can use:

class { 'chrony':
  servers => ['ntp1.corp.com', 'ntp2.corp.com' ],
}

Usage

All interaction with the chrony module can be done through the main chrony class.

I just want chrony, what's the minimum I need?

include 'chrony'

I just want to tweak the servers, nothing else

class { 'chrony':
  servers => [ 'ntp1.corp.com', 'ntp2.corp.com', ],
}

I'd like to make sure a secret password is used for chronyc

class { 'chrony':
  servers         => [ 'ntp1.corp.com', 'ntp2.corp.com', ],
  chrony_password => 'secret_password',
}

I'd like to use NTP authentication

class { 'chrony':
  keys    => ['25 SHA1 HEX:1dc764e0791b11fa67efc7ecbc4b0d73f68a070c'],
  servers => {
    'ntp1.corp.com' => ['key 25', 'iburst'],
    'ntp2.corp.com' => ['key 25', 'iburst'],
  },
}

I'd like chronyd to auto generate a command key at startup

class { 'chrony':
   chrony_password    => 'unset',
   config_keys_manage => false,
}

Allow some hosts

class { 'chrony':
  queryhosts  => [ '192.168/16', ],
}

How to configure leap second

class { 'chrony':
  leapsecmode  => 'slew',
  smoothtime   => '400 0.001 leaponly',
  maxslewrate  => 1000.0
}

Enable chrony-wait.service

RedHat and Suse provide a default disabled chrony-wait.service to block the time-sync.target until node is synchronised.

To enable it:

class { 'chrony':
  wait_enable => true,
  wait_ensure => true,
}

Reference

Reference documentation for the chrony module is generated using puppet-strings and available in REFERENCE.md

Limitations

This module has been built on and tested against Puppet 5.5 and higher.

The module has been tested on:

  • Arch Linux
  • Red Hat
  • Debian 9, 10
  • Ubuntu 18.04, 20.04
  • Suse 12.3
  • Gentoo 2.7

Copyright and License

This module is distributed under the Apache License 2.0. Copyright belongs to the module's authors, including Niels Abspoel and others.

The module was originally written by Niels Abspoel and released as aboe76/chrony. Since version 0.4.0, it is maintained by Vox Pupuli.