diff --git a/README.markdown b/README.markdown index 79579a4e3..55304997a 100644 --- a/README.markdown +++ b/README.markdown @@ -195,6 +195,14 @@ Provides one or more keys to be trusted by NTP. Valid options: array of keys. De Specifies a log file for NTP to use instead of syslog. Valid options: string containing an absolute path. Default value: ' ' +####`minpoll` + +Tells Puppet to use non-standard minimal poll interval of upstream servers. Valid options: 3 to 16. Default option: undef. + +####`maxpoll` + +Tells Puppet to use non-standard maximal poll interval of upstream servers. Valid options: 3 to 16. Default option: undef, except FreeBSD (on FreeBSD `maxpoll` set 9 by default). + ####`package_ensure` Tells Puppet whether the NTP package should be installed, and what version. Valid options: 'present', 'latest', or a specific version number. Default value: 'present' @@ -209,7 +217,7 @@ Tells Puppet what NTP package to manage. Valid options: string. Default value: ' ####`panic` -Specifies whether NTP should "panic" in the event of a very large clock skew. Valid options: 'true' or 'false'. Default value: 'true' (except on virtual machines, where major time shifts are normal) +Specifies whether NTP should "panic" in the event of a very large clock skew. Applies only if `tinker` option set to "true" or in case your environment is in virtual machine. Valid options: unsigned shortint digit. Default value: 0 if environment is virtual, undef in all other cases. ####`peers` @@ -261,6 +269,14 @@ Tells Puppet whether to manage the NTP service. Valid options: 'true' or 'false' Tells Puppet what NTP service to manage. Valid options: string. Default value: varies by operating system +####`stepout` + +Tells puppet to change stepout. Applies only if `tinker` value is 'true'. Valid options: unsigned shortint digit. Default value: undef. + +####`tinker` + +Tells Puppet to enable tinker options. Valid options: 'true' of 'false'. Default value: 'false' + ####`udlc` Specifies whether to configure ntp to use the undisciplined local clock as a time source. Valid options: 'true' or 'false'. Default value: 'false' diff --git a/manifests/init.pp b/manifests/init.pp index 4c822c4a4..71072c362 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -14,6 +14,8 @@ $keys_controlkey = $ntp::params::keys_controlkey, $keys_requestkey = $ntp::params::keys_requestkey, $keys_trusted = $ntp::params::keys_trusted, + $minpoll = $ntp::params::minpoll, + $maxpoll = $ntp::params::maxpoll, $package_ensure = $ntp::params::package_ensure, $package_manage = $ntp::params::package_manage, $package_name = $ntp::params::package_name, @@ -27,6 +29,8 @@ $service_ensure = $ntp::params::service_ensure, $service_manage = $ntp::params::service_manage, $service_name = $ntp::params::service_name, + $stepout = $ntp::params::stepout, + $tinker = $ntp::params::tinker, $udlc = $ntp::params::udlc, ) inherits ntp::params { @@ -42,10 +46,12 @@ validate_re($keys_controlkey, ['^\d+$', '']) validate_re($keys_requestkey, ['^\d+$', '']) validate_array($keys_trusted) + if $minpoll { validate_numeric($minpoll, 16, 3) } + if $maxpoll { validate_numeric($maxpoll, 16, 3) } validate_string($package_ensure) validate_bool($package_manage) validate_array($package_name) - validate_bool($panic) + if $panic { validate_numeric($panic, 65535, 0) } validate_array($preferred_servers) validate_array($restrict) validate_array($interfaces) @@ -55,6 +61,8 @@ validate_string($service_ensure) validate_bool($service_manage) validate_string($service_name) + if $stepout { validate_numeric($stepout, 65535, 0) } + validate_bool($tinker) validate_bool($udlc) validate_array($peers) diff --git a/manifests/params.pp b/manifests/params.pp index 06ccfef25..5716b797d 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -8,12 +8,14 @@ $keys_requestkey = '' $keys_trusted = [] $logfile = undef + $minpoll = undef $package_ensure = 'present' $peers = [] $preferred_servers = [] $service_enable = true $service_ensure = 'running' $service_manage = true + $stepout = undef $udlc = false $interfaces = [] $disable_auth = false @@ -22,14 +24,6 @@ # Allow a list of fudge options $fudge = [] - # On virtual machines allow large clock skews. - # TODO Change this to str2bool($::is_virtual) when stdlib dependency is >= 4.0.0 - # NOTE The "x${var}" is just to avoid lint quoted variable warning. - $panic = "x${::is_virtual}" ? { - 'xtrue' => false, - default => true, - } - $default_config = '/etc/ntp.conf' $default_keys_file = '/etc/ntp/keys' $default_driftfile = '/var/lib/ntp/drift' @@ -41,6 +35,15 @@ default => true, } + if str2bool($::is_virtual) { + $tinker = true + $panic = 0 + } + else { + $tinker = false + $panic = undef + } + case $::osfamily { 'AIX': { $config = $default_config @@ -59,6 +62,7 @@ '2.debian.pool.ntp.org', '3.debian.pool.ntp.org', ] + $maxpoll = undef } 'Debian': { $config = $default_config @@ -79,6 +83,7 @@ '2.debian.pool.ntp.org', '3.debian.pool.ntp.org', ] + $maxpoll = undef } 'RedHat': { $config = $default_config @@ -98,6 +103,7 @@ '1.centos.pool.ntp.org', '2.centos.pool.ntp.org', ] + $maxpoll = undef } 'Suse': { if $::operatingsystem == 'SLES' and $::operatingsystemmajrelease == '12' @@ -124,6 +130,7 @@ '2.opensuse.pool.ntp.org', '3.opensuse.pool.ntp.org', ] + $maxpoll = undef } 'FreeBSD': { $config = $default_config @@ -139,11 +146,12 @@ $service_name = $default_service_name $iburst_enable = true $servers = [ - '0.freebsd.pool.ntp.org maxpoll 9', - '1.freebsd.pool.ntp.org maxpoll 9', - '2.freebsd.pool.ntp.org maxpoll 9', - '3.freebsd.pool.ntp.org maxpoll 9', + '0.freebsd.pool.ntp.org', + '1.freebsd.pool.ntp.org', + '2.freebsd.pool.ntp.org', + '3.freebsd.pool.ntp.org', ] + $maxpoll = 9 } 'Archlinux': { $config = $default_config @@ -163,6 +171,7 @@ '1.pool.ntp.org', '2.pool.ntp.org', ] + $maxpoll = undef } 'Solaris': { $config = '/etc/inet/ntp.conf' @@ -186,6 +195,7 @@ '2.pool.ntp.org', '3.pool.ntp.org', ] + $maxpoll = undef } # Gentoo was added as its own $::osfamily in Facter 1.7.0 'Gentoo': { @@ -207,6 +217,7 @@ '2.gentoo.pool.ntp.org', '3.gentoo.pool.ntp.org', ] + $maxpoll = undef } 'Linux': { # Account for distributions that don't have $::osfamily specific settings. @@ -231,6 +242,7 @@ '2.gentoo.pool.ntp.org', '3.gentoo.pool.ntp.org', ] + $maxpoll = undef } default: { fail("The ${module_name} module is not supported on an ${::operatingsystem} distribution.") diff --git a/spec/classes/ntp_spec.rb b/spec/classes/ntp_spec.rb index aa645777c..169442f50 100644 --- a/spec/classes/ntp_spec.rb +++ b/spec/classes/ntp_spec.rb @@ -87,11 +87,12 @@ context "when set" do let(:params) {{ :servers => ['a', 'b', 'c', 'd'], - :preferred_servers => ['a', 'b'] + :preferred_servers => ['a', 'b'], + :iburst_enable => false, }} it { should contain_file('/etc/ntp.conf').with({ - 'content' => /server a( iburst)? prefer\nserver b( iburst)? prefer\nserver c( iburst)?\nserver d( iburst)?/}) + 'content' => /server a prefer( maxpoll 9)?\nserver b prefer( maxpoll 9)?\nserver c( maxpoll 9)?\nserver d( maxpoll 9)?/}) } end context "when not set" do @@ -247,7 +248,7 @@ it do should contain_file('/etc/ntp.conf').with({ - 'content' => /iburst\n/, + 'content' => /iburst/, }) end end @@ -265,6 +266,154 @@ end end + describe 'with tinker parameter changed' do + describe 'when set to false' do + context 'when panic or stepout not overriden' do + let(:params) {{ + :tinker => false, + }} + + it do + should_not contain_file('/etc/ntp.conf').with({ + 'content' => /^tinker /, + }) + end + end + + context 'when panic overriden' do + let(:params) {{ + :tinker => false, + :panic => 257, + }} + + it do + should_not contain_file('/etc/ntp.conf').with({ + 'content' => /^tinker /, + }) + end + end + + context 'when stepout overriden' do + let(:params) {{ + :tinker => false, + :stepout => 5, + }} + + it do + should_not contain_file('/etc/ntp.conf').with({ + 'content' => /^tinker /, + }) + end + end + + context 'when panic and stepout overriden' do + let(:params) {{ + :tinker => false, + :panic => 257, + :stepout => 5, + }} + + it do + should_not contain_file('/etc/ntp.conf').with({ + 'content' => /^tinker /, + }) + end + end + end + describe 'when set to true' do + context 'when only tinker set to true' do + let(:params) {{ + :tinker => true, + }} + + it do + should_not contain_file('/etc/ntp.conf').with({ + 'content' => /^tinker /, + }) + end + end + + context 'when panic changed' do + let(:params) {{ + :tinker => true, + :panic => 257, + }} + + it do + should contain_file('/etc/ntp.conf').with({ + 'content' => /^tinker panic 257\n/, + }) + end + end + + context 'when stepout changed' do + let(:params) {{ + :tinker => true, + :stepout => 5, + }} + + it do + should contain_file('/etc/ntp.conf').with({ + 'content' => /^tinker stepout 5\n/, + }) + end + end + + context 'when panic and stepout changed' do + let(:params) {{ + :tinker => true, + :panic => 257, + :stepout => 5, + }} + + it do + should contain_file('/etc/ntp.conf').with({ + 'content' => /^tinker panic 257 stepout 5\n/, + }) + end + end + end + end + + describe 'with parameters minpoll or maxpoll changed from default' do + context 'when minpoll changed from default' do + let(:params) {{ + :minpoll => 3, + }} + + it do + should contain_file('/etc/ntp.conf').with({ + 'content' => /minpoll 3/, + }) + end + end + + context 'when maxpoll changed from default' do + let(:params) {{ + :maxpoll => 12, + }} + + it do + should contain_file('/etc/ntp.conf').with({ + 'content' => /maxpoll 12\n/, + }) + end + end + + context 'when minpoll and maxpoll changed from default simultaneously' do + let(:params) {{ + :minpoll => 3, + :maxpoll => 12, + }} + + it do + should contain_file('/etc/ntp.conf').with({ + 'content' => /minpoll 3 maxpoll 12\n/, + }) + end + end + end + describe 'with parameter logfile' do context 'when set to true' do let(:params) {{ @@ -390,7 +539,7 @@ it 'uses the freebsd ntp servers by default' do should contain_file('/etc/ntp.conf').with({ - 'content' => /server \d.freebsd.pool.ntp.org maxpoll 9 iburst/, + 'content' => /server \d.freebsd.pool.ntp.org iburst maxpoll 9/, }) end end diff --git a/templates/ntp.conf.erb b/templates/ntp.conf.erb index 8e21f5f47..59cda8ff9 100644 --- a/templates/ntp.conf.erb +++ b/templates/ntp.conf.erb @@ -1,9 +1,11 @@ # ntp.conf: Managed by puppet. # -<% if @panic == false -%> -# Keep ntpd from panicking in the event of a large clock skew -# when a VM guest is suspended and resumed. -tinker panic 0 +<% if @tinker == true and (@panic or @stepout) -%> +# Enable next tinker options: +# panic - keep ntpd from panicking in the event of a large clock skew +# when a VM guest is suspended and resumed; +# stepout - allow ntpd change offset faster +tinker<% if @panic -%> panic <%= @panic %><% end %><% if @stepout -%> stepout <%= @stepout %><% end %> <% end -%> <% if @disable_monitor == true -%> @@ -34,8 +36,14 @@ interface listen <%= interface %> broadcastclient <% end -%> +# Set up servers for ntpd with next options: +# server - IP address or DNS name of upstream NTP server +# iburst - allow send sync packages faster if upstream unavailable +# prefer - select preferrable server +# minpoll - set minimal update frequency +# maxpoll - set maximal update frequency <% [@servers].flatten.each do |server| -%> -server <%= server %><% if @iburst_enable == true -%> iburst<% end %><% if @preferred_servers.include?(server) -%> prefer<% end %> +server <%= server %><% if @iburst_enable == true -%> iburst<% end %><% if @preferred_servers.include?(server) -%> prefer<% end %><% if @minpoll -%> minpoll <%= @minpoll %><% end %><% if @maxpoll -%> maxpoll <%= @maxpoll %><% end %> <% end -%> <% if @udlc -%>