cookbook 'ntp', '= 1.9.2'
ntp
(90) Versions
1.9.2
-
-
5.1.2
-
5.1.1
-
5.1.0
-
5.0.17
-
5.0.16
-
5.0.15
-
5.0.14
-
5.0.13
-
5.0.12
-
5.0.11
-
5.0.10
-
5.0.9
-
5.0.8
-
5.0.7
-
5.0.6
-
5.0.5
-
5.0.4
-
5.0.3
-
5.0.2
-
5.0.1
-
5.0.0
-
4.0.0
-
3.12.5
-
3.12.4
-
3.12.3
-
3.12.2
-
3.12.1
-
3.12.0
-
3.11.0
-
3.10.2
-
3.10.1
-
3.10.0
-
3.9.1
-
3.9.0
-
3.8.0
-
3.7.0
-
3.6.2
-
3.6.1
-
3.6.0
-
3.5.6
-
3.5.5
-
3.5.4
-
3.5.3
-
3.5.2
-
3.5.1
-
3.5.0
-
3.4.0
-
3.3.1
-
3.3.0
-
3.2.0
-
3.1.0
-
3.0.0
-
2.0.3
-
2.0.2
-
2.0.1
-
2.0.0
-
1.11.1
-
1.11.0
-
1.10.1
-
1.10.0
-
1.9.2
-
1.9.1
-
1.9.0
-
1.8.6
-
1.8.4
-
1.8.2
-
1.8.0
-
1.7.0
-
1.6.8
-
1.6.6
-
1.6.5
-
1.6.4
-
1.6.2
-
1.6.0
-
1.5.4
-
1.5.0
-
1.4.0
-
1.3.2
-
1.3.0
-
1.2.0
-
1.1.8
-
1.1.6
-
1.1.4
-
1.1.2
-
1.1.0
-
1.0.1
-
1.0.0
-
0.8.2
-
0.8.1
-
0.7.0
Follow251
- 5.1.2
- 5.1.1
- 5.1.0
- 5.0.17
- 5.0.16
- 5.0.15
- 5.0.14
- 5.0.13
- 5.0.12
- 5.0.11
- 5.0.10
- 5.0.9
- 5.0.8
- 5.0.7
- 5.0.6
- 5.0.5
- 5.0.4
- 5.0.3
- 5.0.2
- 5.0.1
- 5.0.0
- 4.0.0
- 3.12.5
- 3.12.4
- 3.12.3
- 3.12.2
- 3.12.1
- 3.12.0
- 3.11.0
- 3.10.2
- 3.10.1
- 3.10.0
- 3.9.1
- 3.9.0
- 3.8.0
- 3.7.0
- 3.6.2
- 3.6.1
- 3.6.0
- 3.5.6
- 3.5.5
- 3.5.4
- 3.5.3
- 3.5.2
- 3.5.1
- 3.5.0
- 3.4.0
- 3.3.1
- 3.3.0
- 3.2.0
- 3.1.0
- 3.0.0
- 2.0.3
- 2.0.2
- 2.0.1
- 2.0.0
- 1.11.1
- 1.11.0
- 1.10.1
- 1.10.0
- 1.9.2
- 1.9.1
- 1.9.0
- 1.8.6
- 1.8.4
- 1.8.2
- 1.8.0
- 1.7.0
- 1.6.8
- 1.6.6
- 1.6.5
- 1.6.4
- 1.6.2
- 1.6.0
- 1.5.4
- 1.5.0
- 1.4.0
- 1.3.2
- 1.3.0
- 1.2.0
- 1.1.8
- 1.1.6
- 1.1.4
- 1.1.2
- 1.1.0
- 1.0.1
- 1.0.0
- 0.8.2
- 0.8.1
- 0.7.0
Installs and configures ntp as a client or server
cookbook 'ntp', '= 1.9.2', :supermarket
knife supermarket install ntp
knife supermarket download ntp
NTP Cookbook
Installs and configures ntp. On Windows systems it uses the Meinberg port of the standard NTPd client to Windows.
Requirements
Platforms
- Debian-family Linux Distributions
- RedHat-family Linux Distributions
- Gentoo Linux
- FreeBSD
- Windows
Chef
- Chef 11+
Cookbooks
- windows
Attributes
Recommended tunables
-
ntp['servers']
- (applies to NTP Servers and Clients)- Array, should be a list of upstream NTP servers that will be considered authoritative by the local NTP daemon. The local NTP daemon will act as a client, adjusting local time to match time data retrieved from the upstream NTP servers.
The NTP protocol works best with at least 4 servers. The ntp daemon will disregard any server after the 10th listed, but will continue monitoring all listed servers. For more information, see Upstream Server Time Quantity at support.ntp.org.
-
ntp['peers']
- (applies to NTP Servers ONLY)- Array, should be a list of local NTP peers. For more information, see Designing Your NTP Network at support.ntp.org.
-
ntp['restrictions']
- (applies to NTP Servers only)- Array, should be a list of restrict lines to define access to NTP clients on your LAN.
-
ntp['sync_clock']
(applies to NTP Servers and Clients)- Boolean. Defaults to false. Forces the ntp daemon to be halted, an ntp -q command to be issued, and the ntp daemon to be restarted again on every Chef-client run. Will have no effect if drift is over 1000 seconds.
-
ntp['sync_hw_clock']
(applies to NTP Servers and Clients)- Boolean. Defaults to false. On *nix-based systems, forces the 'hwclock --systohc' command to be issued on every Chef-client run. This will sync the hardware clock to the system clock.
- Not available on Windows.
-
ntp['restrict_default']
- String. Defaults to 'kod notrap nomodify nopeer noquery'. Set to 'ignore' to further lock down access.
-
ntp["listen_network"]
/ntp["listen"]
- String, optional attribute. Default is for NTP to listen on all addresses.
-
ntp["listen_network"]
should be set to 'primary' to listen on the node's primary IP address as determined by ohai, or set to a CIDR (eg: '192.168.4.0/24') to listen on the last node address on that CIDR. -
ntp["listen"]
can be set to a specific address (eg: '192.168.4.10') instead ofntp["listen_network"]
to force listening on a specific address. - If both
ntp["listen"]
andntp["listen_network"]
are set thenntp["listen"]
will always win.
-
ntp["ignore"]
- Array, interface names to ignore from listening. Can be used to disable listening wildcard interfaces (eg: ['wildcard', '::1']), can be combined with
ntp["listen"]
- Array, interface names to ignore from listening. Can be used to disable listening wildcard interfaces (eg: ['wildcard', '::1']), can be combined with
-
ntp["statistics"]
- Boolean. Default to true. Enable/disable statistics data logging into
ntp['statsdir']
. - Not available on Windows.
- Boolean. Default to true. Enable/disable statistics data logging into
-
ntp['conf_restart_immediate']
- Boolean. Defaults to false. Restarts NTP service immediately after a config update if true. Otherwise it is a delayed restart.
-
ntp['peer']['disable_tinker_panic_on_virtualization_guest']
(applies to virtualized hosts only)- Boolean. Defaults to true. Sets tinker panic to 0. NTP default it 1000. (See http://www.vmware.com/vmtn/resources/238 p. 23 for explanation on disabling panic) (Note: this overrides
ntp['tinker']['panic']
attribute)
- Boolean. Defaults to true. Sets tinker panic to 0. NTP default it 1000. (See http://www.vmware.com/vmtn/resources/238 p. 23 for explanation on disabling panic) (Note: this overrides
-
ntp['peer']['use_iburst']
(applies to NTP Servers ONLY)- Boolean. Defaults to true. Enables iburst in peer declaration.
-
ntp['peer']['use_burst']
(applies to NTP Servers ONLY)- Boolean. Defaults to false. Enables burst in peer declaration.
-
ntp['peer']['minpoll']
(applies to NTP Servers ONLY)- Boolean. Defaults to 6 (ntp default). Specify the minimum poll intervals for NTP messages, in seconds to the power of two.
-
ntp['peer']['maxpoll']
(applies to NTP Servers ONLY)- Boolean. Defaults to 10 (ntp default). Specify the maximum poll intervals for NTP messages, in seconds to the power of two.
-
ntp['server']['prefer']
(applies to NTP Servers and Clients)- String. Defaults to emtpy string. The server from
ntp['servers']
to prefer getting the time from.
- String. Defaults to emtpy string. The server from
-
ntp['server']['use_iburst']
(applies to NTP Servers and Clients)- Boolean. Defaults to true. Enables iburst in server declaration.
-
ntp['server']['use_burst']
(applies to NTP Servers and Clients)- Boolean. Defaults to false. Enables burst in server declaration.
-
ntp['server']['minpoll']
(applies to NTP Servers and Clients)- Boolean. Defaults to 6 (ntp default). Specify the minimum poll intervals for NTP messages, in seconds to the power of two.
-
ntp['server']['maxpoll']
(applies to NTP Servers and Clients)- Boolean. Defaults to 10 (ntp default). Specify the maximum poll intervals for NTP messages, in seconds to the power of two.
-
ntp['tinker']['allan']
- Number. Defaults to 1500 (ntp default). Spedifies the Allan intercept, which is a parameter of the PLL/FLL clock discipline algorithm, in seconds.
-
ntp['tinker']['dispersion']
- Number. Defaults to 15 (ntp default). Specifies the dispersion increase rate in parts-per-million (PPM).
-
ntp['tinker']['panic']
- Number. Defaults to 1000 (ntp default). Spedifies the panic threshold in seconds. If set to zero, the panic sanity check is disabled and a clock offset of any value will be accepted.
-
ntp['tinker']['step']
- Number. Defaults to 0.128 (ntp default). Spedifies the step threshold in seconds. If set to zero, step adjustments will never occur. Note: The kernel time discipline is disabled if the step threshold is set to zero or greater than 0.5 s.
-
ntp['tinker']['stepout']
- Number. Defaults to 900 (ntp default). Specifies the stepout threshold in seconds. If set to zero, popcorn spikes will not be suppressed.
-
ntp['localhost']['noquery']
(applies to NTP Servers and Clients)- Boolean. Defaults to false. Set to true if using ntp < 4.2.8 or any unpatched ntp version to mitigate CVE-2014-9293 / CVE-2014-9294 / CVE-2014-9295
Platform specific
-
ntp['packages']
- Array, the packages to install
- Default, ntp for everything, ntpdate depending on platform. Not applicable for
- Windows nodes
-
ntp['service']
- String, the service to act on
- Default, ntp, NTP, or ntpd, depending on platform
-
ntp['varlibdir']
- String, the path to /var/lib files such as the driftfile.
- Default, platform-specific location. Not applicable for Windows nodes
-
ntp['driftfile']
- String, the path to the frequency file.
- Default, platform-specific location.
-
ntp['conffile']
- String, the path to the ntp configuration file.
- Default, platform-specific location.
-
ntp['statsdir']
- String, the directory path for files created by the statistics facility.
- Default, platform-specific location. Not applicable for Windows nodes
-
ntp['conf_owner'] and ntp['conf_group']
- String, the owner and group of the sysconf directory files, such as /etc/ntp.conf.
- Default, platform-specific root:root or root:wheel.
-
ntp['var_owner'] and ntp['var_group']
- String, the owner and group of the /var/lib directory files, such as /var/lib/ntp.
- Default, platform-specific ntp:ntp or root:wheel. Not applicable for Windows nodes
-
ntp['leapfile']
- String, the path to the ntp leapfile.
- Default, /etc/ntp.leapseconds.
-
ntp['package_url']
- String, the URL to the the Meinberg NTPd client installation package.
- Default, Meinberg site download URL
- Windows platform only
-
ntp['vs_runtime_url']
- String, the URL to the the Visual Studio C++ 2008 runtime libraries that are required for the Meinberg NTP client.
- Default, Microsoft site download URL
- Windows platform only
-
ntp['vs_runtime_productname']
- String, the installation name of the Visual Studio C++ Runtimes file.
- Default, "Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022"
- Windows platform only
-
ntp['sync_hw_clock']
- Boolean, determines if the ntpdate command is issued to sync the hardware clock
- Default, false
- Not applicable for Windows nodes
-
ntp['apparmor_enabled']
- Boolean, enables configuration of apparmor if set to true
- Defaults to false and will make no provisions for apparmor.
- If a platform has apparmor enabled (currently Ubuntu) default will become true.
-
ntp['use_cmos']
- Boolean, uses a high stratum undisciplined clock for machines with real CMOS clock.
- Defaults to true unless a platform appears to be virtualized according to Ohai.
Usage
default recipe
Set up the ntp attributes in a role. For example in a base.rb role applied to all nodes:
name 'base' description 'Role applied to all systems' default_attributes( 'ntp' => { 'servers' => ['time0.int.example.org', 'time1.int.example.org'] } )
Then in an ntpserver.rb role that is applied to NTP servers (e.g., time.int.example.org):
name 'ntp_server' description 'Role applied to the system that should be an NTP server.' default_attributes( 'ntp' => { 'servers' => ['0.pool.ntp.org', '1.pool.ntp.org'], 'peers' => ['time0.int.example.org', 'time1.int.example.org'], 'restrictions' => ['10.0.0.0 mask 255.0.0.0 nomodify notrap'] } )
The timeX.int.example.org used in these roles should be the names or IP addresses of internal NTP servers. Then simply add ntp, or ntp::default
to your run_list to apply the ntp daemon's configuration.
undo recipe
If for some reason you need to stop and remove the ntp daemon, you can apply this recipe by adding ntp::undo
to your run_list. The undo recipe is not supported on Windows at the moment.
windows_client recipe
Windows only. Apply on a Windows host to install the Meinberg NTPd client.
Testing
In addition to providing interfaces to the ntp time service, this recipe is also designed to provide a simple community cookbook with broad cross-platform support to serve as a testing documentation reference. This cookbook utilizes Foodcritic, Test-Kitchen, Vagrant, Chefspec, bats, Rubocop, and Travis-CI to provide a comprehensive suite of automated test coverage.
More information on the testing strategy used in this cookbook is available in the TESTING.md file, along with information on how to use this type of testing in your own cookbooks.
Development
This section details "quick development" steps.
- Clone this repository from GitHub:
$ git clone git@github.com:gmiranda23/ntp.git
- Create a git branch
$ git checkout -b my_bug_fix
- Install dependencies:
$ bundle install
- Write tests
- Make your changes/patches/fixes, committing appropriately
- Run the tests:
bundle exec rake
bundle exec rake kitchen
In detail:
- Foodcritic will catch any Chef-specific style errors
- RSpec will run the unit tests
- Rubocop will check for Ruby-specific style errors
- Test Kitchen will run and converge the recipes
License & Authors
- Author:: Joshua Timberman (joshua@chef.io)
- Contributor:: Eric G. Wolfe (wolfe21@marshall.edu)
- Contributor:: Fletcher Nichol (fletcher@nichol.ca)
- Contributor:: Tim Smith (tsmith@chef.io)
- Contributor:: Charles Johnson (charles@chef.io)
- Contributor:: Brad Knowles (bknowles@momentumsi.com)
Copyright 2009-2015, Chef Software, Inc. Copyright 2012, Eric G. Wolfe Copyright 2012, Fletcher Nichol Copyright 2012, Webtrends, Inc. Copyright 2013, Limelight Networks, Inc. Copyright 2013, Brad Knowles Copyright 2013, Brad Beam Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
ntp Cookbook CHANGELOG
This file is used to list changes made in each version of the ntp cookbook.
v1.9.2 (2016-02-04)
- PR [#121] - Remove nomodify config from loopback
v1.9.1 (2016-01-07)
- PR [#132] - Update ntp.leapseconds
v1.9.0 (2015-12-16)
- PR [#111] - Fix duplication of localhost listen directive in template
-
PR [#127] - Set
var_owner
on FreeBSD to root instead of default ntp - PR [#117] - Document node['ntp']['ignore']
- PR [#118] - Add attributes to support pld-linux
- PR [#120] - Fix links to Github PRs in the Changelog
- PR [#124] - Additional fix for apparmor issue gmiranda23#103
- Depend on windows cookbook instead of suggesting. Suggests doesn't actually do anything
- Fix / expand apparmor specs to pass and test the auto apparmor config logic
- Enable Travis CI and update the travis.yml file to run full integration tests with Kitchen Docker so we test all PRs on Ubuntu 12.04/14.04 and CentOS 6.7 / 7.1
- Reformat all markdown files
- Update all references to Opscode to be Chef Software.
- Update copyright dates and contact e-mails
- Expanded platforms in the Test Kitchen config
- Added new supermarket issues_url and source_url metadata
- Update the Berkfile API url and removed version pins on the testing cookbooks
- Remove yum from the Berksfile as it isn't actually used
- Use the standard Chef testing Rakefile
- Remove the attribute documentation from the metadata as it is quickly out of sync
- Resolve rubocop warnings and include the standard Chef rubocop.yml file
- Update development deps in the Gemfile to the latest releases
- Remove the outdated contributing.md doc from the Opscode days
v1.8.6 (2015-05-14)
- PR [#102]( 102) - Update leapseconds file to 3660249600 (through C49)
- Gemfile parity with ChefDK 0.5.1
- .kitchen.yml platform updates to current bento boxes
v1.8.4 (2015-04-17)
- PR [#101] - add logfile attribute
v1.8.2 (2015-04-15)
- PR [#100] - Sort peers & servers for consistency
v1.8.0 (2015-04-13)
- Chefspec 4.0 updates
- Rubocop updates
- PR [#85] - Update leapseconds for June 2015 leapsecond
- PR [#70] - Allow setting tinker options in attributes
- PR [#84] - Add attributes for tinker option customization
- PR [#88] - Attribute sets noquery for localhost lines
- PR [#89] - ntp.leapseconds notifies ntp service with delayed restart
- PR [#91] - Allow ntp.conf update to restart immediate
- PR [#95] - Add preferred ntp server support
- PR [#96] - Add restrict default attribute
- PR [#72] - Move high stratum real CMOs to an attribute
- PR [#98] - Bump test-kitchen gem version
- PR [#99] - Lazy attribute for leapfile_enabled
v1.7.0 (2014-12-10)
- Added CentOS 7 support for test-kitchen
- PR [#37] - Check that apparmor exists before enabling service
- PR [#45] - Statistics logging switch (not available for Windows)
- PR [#57] - Move include statement on helper outside 'windows?' check
- PR [#71] - Ability to listen more than one interface
- PR [#73] - Fix appamor configuration for Ubuntu
- PR [#74] - Remove is_server from example
- PR [#75] - Add more settings for server and peer declarations
- PR [#83] - Fix apparmor spec tests
v1.6.8 (2014-12-04)
- PR [#81] - Update to berkshelf3
v1.6.6 (2014-12-02)
- PR [#76] - Overhauled Testing
- PR [#68] - Updated Leapseconds
- PR [#51] - Berksfile source deprecation
v1.6.5 (2014-09-25)
- Ensure that ntp version is captured
v1.6.4 (2014-07-02)
- Leapseconds File Expired, update to 3626380800
- COOK-3887 - Trivial changes to achieve Gentoo support
- COOK-1876 - ntp leapfile assumes ntpd >= 4.2.6 syntax
v1.6.2 (2014-03-19)
- [COOK-4162] - change "No NTP servers specified" message to :debug
v1.6.0 (2014-02-21)
Improvement
- COOK-4346 - Solaris 11 support for ntp
- COOK-4339 - Disable Monitoring by Default
- COOK-3604 - Enable listening on specific interfaces
Bug
- COOK-4106 - Check for default content in ntp.conf
- COOK-4087 - quote option in readme
- COOK-3797 - Cookbook fails to upload due to 1.9.x syntax
- COOK-3023 - NTP leapseconds file denied by Ubuntu apparmor profile
v1.5.4 (2013-12-29)
[COOK-4007]- update to 3612902400
v1.5.2
Bug
- COOK-3797 - Add /spec to Chefignore
v1.5.0
Improvement
- COOK-3651 - Refactor and clean up
- COOK-3630 - Switch NTP cookbook linting from Tailor to Rubocop
- COOK-3273 - Add tests
New Feature
- COOK-3636 - Allow ntp cookbook to update clock to ntp servers
Bug
- COOK-3410 - Remove redundant ntpdate/disable recipes
- COOK-1170 - Allow redefining NTP servers in a role
v1.4.0
Improvement
v1.3.2
- [COOK-2024] - update leapfile for IERS Bulletin C
v1.3.0
- [COOK-1404] - add leapfile for handling leap seconds
v1.2.0
- [COOK-1184] - Add recipe to disable NTP completely
- [COOK-1298] - Refactor into a reference cookbook for testing
v1.1.8
- [COOK-1158] - RHEL family >= 6 has ntpdate package
v1.1.6
- Related to changes in COOK-1124, fix group for freebsd and else
v1.1.4
- [COOK-1124] - parameterised driftfile and statsdir to be configurable by platform
v1.1.2
- [COOK-952] - freebsd support
- [COOK-949] - check for any virtual system not just vmware
v1.1.0
- Fixes COOK-376 (use LAN peers, iburst option, LAN restriction attribute)
v1.0.1
- Support scientific linux
- Use service name attribute in resource (fixes EL derivatives)
Foodcritic Metric
1.9.2 passed this metric
1.9.2 passed this metric