chrony

pdk
Install and configure the chrony NTP daemon.

Jens Örtenholm

jorten

16,925 downloads

2,488 latest version

5.0 quality score

Version information

  • 0.4.1 (latest)
  • 0.4.0
  • 0.3.0
  • 0.2.0
  • 0.1.1
  • 0.1.0
released Oct 1st 2020
This version is compatible with:
  • Puppet Enterprise 2019.8.x, 2019.7.x, 2019.5.x, 2019.4.x, 2019.3.x, 2019.2.x, 2019.1.x, 2019.0.x, 2018.1.x, 2017.3.x, 2017.2.x, 2016.4.x
  • Puppet >= 4.10.0 < 7.0.0
  • CentOS
    ,
    OracleLinux
    ,
    RedHat
    ,
    Scientific
    ,
    Debian
    ,
    Ubuntu
    ,
    Fedora
    ,
    SLES

Start using this module

Documentation

jorten/chrony — version 0.4.1 Oct 1st 2020

chrony

Installs and configures chrony NTP client/server.

Table of Contents

  1. Description
  2. Setup - The basics of getting started with chrony
  3. Usage - Configuration options and additional functionality
  4. Limitations - OS compatibility, etc.
  5. Development - Guide for contributing to the module

Description

This module sets up the chrony NTP client/server on the system.

Module development has been based on chrony versions 3.2 - 3.5.

Setup

What chrony affects

  • Installs chrony package(s).
  • Sets up the chrony configuration file from provided data, or using OS default data bundled with module.
  • Sets up the chrony keyfile from provided data.
  • Manages the chrony service.

Setup Requirements

  • Supported OS with chrony package available in a configured package repository.
  • puppetlabs/stdlib module.

Beginning with chrony

To install and configure chrony as a client with OS default settings, simply define the class.

class { 'chrony': }

Usage

Installs and configures chrony as a client with default settings

class { 'chrony': }

Installs and configures chrony with customized source servers

class { 'chrony':
  servers => [
    { hostname => 'ntp1.mydomain.tld' },
    { hostname => 'ntp2.mydomain.tld' }
  ]
}

Installs and configures chrony to serve time to clients on the 192.168.1.0/24 network.

class { 'chrony':
  access_rules => [
    {
      access => 'allow',
      subnet => '192.168.1'
    }
  ]
}

Example using three pool.ntp.org servers as sources, while serving time to the 192.168.0.0/16 network - except for 192.168.2.0/24.

class { 'chrony':
  servers      => [
    {
      hostname => '0.pool.ntp.org',
      iburst   => true,
    },
    {
      hostname => '1.pool.ntp.org',
      iburst   => true,
    },
    {
      hostname => '2.pool.ntp.org',
      iburst   => true,
    },
  ],
  access_rules => [
    {
      access => 'deny',
      subnet => '192.168.2.',
    },
    {
      access => 'allow',
      subnet => '192.168.',
    }
  ],
}

Previous example repeated, but with data provided through hiera.

chrony::servers:
  - hostname: '0.pool.ntp.org'
    iburst:   true
  - hostname: '1.pool.ntp.org'
    iburst:   true
  - hostname: '2.pool.ntp.org'
    iburst:   true
chrony::access_rules:
  - access: 'deny'
    subnet: '192.168.2.'
  - access: 'allow'
    subnet: '192.168.'

include chrony

Example as a client but using a key for authentication

class { 'chrony':
  servers => [
    {
      hostname => 'ntp1.mydomain.tld',
      key      => 5,
    }
  ],
  keys    => [
    {
      id      => 5,
      hashalg => 'SHA1',
      hash    => 'HEX:EC56E6FC27CD0C9B5E6B867DD53F137985279B48',
    }
  ],
}

Limitations

Tested on CentOS 7 and 8, Debian 9, Fedora 29, SLES 15 and Ubuntu 18.04.

Development

All bugreports, suggestions and patches will be considered.