With the move to composable services, the hieradata which was used to configure the NTP servers on overcloud nodes was configured incorrectly.
This update uses the correct hieradata so the overcloud nodes get the NTP servers configured.
Description of problem:
NTP server provided via --ntp-server doesn't get set on overcloud nodes /etc/ntp.conf
Version-Release number of selected component (if applicable):
openstack-tripleo-heat-templates-5.0.0-0.20160907212643.90c852e.2.el7ost.noarch
How reproducible:
100%
Steps to Reproduce:
1. Deploy overcloud
source ~/stackrc
export THT=/home/stack/templates/openstack-tripleo-heat-templates
openstack overcloud deploy --templates $THT \
-e $THT/environments/network-isolation.yaml \
-e $THT/environments/network-management.yaml \
-e ~/templates/network-environment.yaml \
-e $THT/environments/storage-environment.yaml \
-e ~/templates/disk-layout.yaml \
-e ~/templates/wipe-disk-env.yaml \
--control-scale 3 \
--control-flavor controller-d75f3dec-c770-5f88-9d4c-3fea1bf9c484 \
--compute-scale 1 \
--compute-flavor compute-b634c10a-570f-59ba-bdbf-0c313d745a10 \
--ceph-storage-scale 1 \
--ceph-storage-flavor ceph-cf1f074b-dadb-5eb8-9eb0-55828273fab7 \
--ntp-server clock.redhat.com
2. SSH to one of the overcloud nodes and check /etc/ntp.conf
Actual results:
cat /etc/ntp.conf
# ntp.conf: Managed by puppet.
#
# Enable next tinker options:
# panic - keep ntpd from panicking in the event of a large clock skew
# when a VM guest is suspended and resumed;
# stepout - allow ntpd change offset faster
tinker panic 0
disable monitor
# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
restrict default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery
restrict 127.0.0.1
restrict -6 ::1
# Set up servers for ntpd with next options:
# server - IP address or DNS name of upstream NTP server
# iburst - allow send sync packages faster if upstream unavailable
# prefer - select preferrable server
# minpoll - set minimal update frequency
# maxpoll - set maximal update frequency
server 0.centos.pool.ntp.org
server 1.centos.pool.ntp.org
server 2.centos.pool.ntp.org
# Driftfile.
driftfile /var/lib/ntp/drift
Expected results:
server clock.redhat.com in /etc/ntp.conf
Additional info:
I can see that clock.redhat.com ends up in ntp::ntpservers hieradata:
hiera ntp::ntpservers
["clock.redhat.com"]
but the puppet module looks to be using ntp::servers.
After applying the following patch the ntp server got properly set in ntp.conf:
git diff puppet/services/time/ntp.yaml
diff --git a/puppet/services/time/ntp.yaml b/puppet/services/time/ntp.yaml
index 7aa3706..eb5237f 100644
--- a/puppet/services/time/ntp.yaml
+++ b/puppet/services/time/ntp.yaml
@@ -32,7 +32,7 @@ outputs:
value:
service_name: ntp
config_settings:
- ntp::ntpservers: {get_param: NtpServer}
+ ntp::servers: {get_param: NtpServer}
tripleo.ntp.firewall_rules:
'105 ntp':
dport: 123
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.
https://rhn.redhat.com/errata/RHEA-2016-2948.html
Description of problem: NTP server provided via --ntp-server doesn't get set on overcloud nodes /etc/ntp.conf Version-Release number of selected component (if applicable): openstack-tripleo-heat-templates-5.0.0-0.20160907212643.90c852e.2.el7ost.noarch How reproducible: 100% Steps to Reproduce: 1. Deploy overcloud source ~/stackrc export THT=/home/stack/templates/openstack-tripleo-heat-templates openstack overcloud deploy --templates $THT \ -e $THT/environments/network-isolation.yaml \ -e $THT/environments/network-management.yaml \ -e ~/templates/network-environment.yaml \ -e $THT/environments/storage-environment.yaml \ -e ~/templates/disk-layout.yaml \ -e ~/templates/wipe-disk-env.yaml \ --control-scale 3 \ --control-flavor controller-d75f3dec-c770-5f88-9d4c-3fea1bf9c484 \ --compute-scale 1 \ --compute-flavor compute-b634c10a-570f-59ba-bdbf-0c313d745a10 \ --ceph-storage-scale 1 \ --ceph-storage-flavor ceph-cf1f074b-dadb-5eb8-9eb0-55828273fab7 \ --ntp-server clock.redhat.com 2. SSH to one of the overcloud nodes and check /etc/ntp.conf Actual results: cat /etc/ntp.conf # ntp.conf: Managed by puppet. # # Enable next tinker options: # panic - keep ntpd from panicking in the event of a large clock skew # when a VM guest is suspended and resumed; # stepout - allow ntpd change offset faster tinker panic 0 disable monitor # Permit time synchronization with our time source, but do not # permit the source to query or modify the service on this system. restrict default kod nomodify notrap nopeer noquery restrict -6 default kod nomodify notrap nopeer noquery restrict 127.0.0.1 restrict -6 ::1 # Set up servers for ntpd with next options: # server - IP address or DNS name of upstream NTP server # iburst - allow send sync packages faster if upstream unavailable # prefer - select preferrable server # minpoll - set minimal update frequency # maxpoll - set maximal update frequency server 0.centos.pool.ntp.org server 1.centos.pool.ntp.org server 2.centos.pool.ntp.org # Driftfile. driftfile /var/lib/ntp/drift Expected results: server clock.redhat.com in /etc/ntp.conf Additional info: I can see that clock.redhat.com ends up in ntp::ntpservers hieradata: hiera ntp::ntpservers ["clock.redhat.com"] but the puppet module looks to be using ntp::servers. After applying the following patch the ntp server got properly set in ntp.conf: git diff puppet/services/time/ntp.yaml diff --git a/puppet/services/time/ntp.yaml b/puppet/services/time/ntp.yaml index 7aa3706..eb5237f 100644 --- a/puppet/services/time/ntp.yaml +++ b/puppet/services/time/ntp.yaml @@ -32,7 +32,7 @@ outputs: value: service_name: ntp config_settings: - ntp::ntpservers: {get_param: NtpServer} + ntp::servers: {get_param: NtpServer} tripleo.ntp.firewall_rules: '105 ntp': dport: 123