search

att-comdev / promenade

This project has moved to OpenStack.
https://www.airshipit.org/
Apache License 2.0
11 stars 15 forks source link

Remove NTP package #32

Closed mark-burnett closed 6 years ago

mark-burnett commented 7 years ago

If NTP is running, it will conflict with the MaaS rack controller's NTP process. This prevents the rack controller from functioning.

intlabs commented 7 years ago

Why remove it? would it not be better to simply stop it - or disable ntp in the mass container - as we will surely be wanting ntp/chronyd to be running on all hosts?

mark-burnett commented 7 years ago

@intlabs MaaS is somewhat picky, and monitors that its ntp service is running, so it's not trivial to disable there. There is some question about whether the root issue isn't that ntp is running in two places, but that there is possibly some apparmor config being applied.

I pushed this to try and help provide a quick integration path, though we may not need to merge it if it can be fixed on the MaaS side.

@sh8121att Were you ever able to test the apparmor hypothesis? I see some MaaS launchpad bugs related to ntp and apparmor.

alanmeadows commented 7 years ago

@intlabs Pete this was at my request as without this we are introducing the potential for hard to debug issues later for end users, but as @mark-burnett points out, it is a brutish temporary hack.

If the apparmor hypothesis turns out to be a wrong turn @mark-burnett @sh8121att @larryrensing A simple fix here may be to customize the MaaS container a bit further with a "phantom" NTP process (and an ENV var to control whether real NTP or the phantom NTP process is leveraged) to trick MaaS into believing ntpd is running with a fake cat /dev/null systemd process (or whatever is appropriate). This means we do not need to modify MaaS code to turn on and off ntpd within MaaS. We need to leverage the "use external ntp for everything" feature in MaaS however to avoid hosts wanting to point at the rack controller, which may not be the same host as where our official undercloud ntp (pods) are running.

https://docs.ubuntu.com/maas/2.1/en/installconfig-network-ntp

For issues with this approach see https://askubuntu.com/questions/927055/maas-deploys-16-04-with-pool-ntp-server-despite-settings

intlabs commented 7 years ago

If possible I'd recommend using the approach @alanmeadows has suggested - this is what I ended up having to do when containerising foreman. When I get time I'll try to have a look at the MaaS containers as there looks to be quite a bit we can do to tighten up the systemd config.

mark-burnett commented 6 years ago

Closing as we have moved to gerrithub.