ntp: Add setting to configure options #3852
Conversation
There was a problem hiding this comment.
Thank you for the contribution! Overall this approach makes sense, left a few comments on implementation details.
Probably the toughest bit will be the migration, but you can just adapt the commit I shared to work for this case, keeping in mind that the migration will be for version 1.20.0 instead of 1.19.2. Feel free to reach out if you run into any problems with this, I'm happy to help!
packages/chrony/chrony-conf
Outdated
| @@ -2,7 +2,7 @@ | |||
| ntp = "v1" | |||
| +++ | |||
| {{#each settings.ntp.time-servers}} | |||
| pool {{this}} iburst | |||
| pool {{this}} {{#each settings.ntp.options}}{{this}} {{/each}} | |||
There was a problem hiding this comment.
minor, but this will avoid any additional whitespace:
| pool {{this}} {{#each settings.ntp.options}}{{this}} {{/each}} | |
| pool {{this}}{{#each settings.ntp.options}} {{this}}{{/each}} |
| @@ -119,6 +119,7 @@ template-path = "/usr/share/templates/hosts" | |||
|
|
|||
| [settings.ntp] | |||
| time-servers = ["169.254.169.123", "2.amazon.pool.ntp.org"] | |||
| options = ["iburst"] | |||
There was a problem hiding this comment.
this will require a migration so that on downgrade to an older version of bottlerocket this setting will be removed. here's an example commit that should be very similar to the migration needed here: 83b3e6a
There was a problem hiding this comment.
You will also need to add the migration to Release.toml, reference the above commit for an example.
| @@ -8,6 +8,7 @@ use std::convert::Infallible; | |||
| #[model(impl_default = true)] | |||
| pub struct NtpSettingsV1 { | |||
| time_servers: Vec<Url>, | |||
| options: Vec<str>, | |||
There was a problem hiding this comment.
You'll need to use an owned string here:
| options: Vec<str>, | |
| options: Vec<String>, |
| Url::try_from("minpool").unwrap(), | ||
| Url::try_from("1").unwrap(), | ||
| Url::try_from("maxpool").unwrap(), |
There was a problem hiding this comment.
| Url::try_from("minpool").unwrap(), | |
| Url::try_from("1").unwrap(), | |
| Url::try_from("maxpool").unwrap(), | |
| Url::try_from("minpoll").unwrap(), | |
| Url::try_from("1").unwrap(), | |
| Url::try_from("maxpoll").unwrap(), |
|
@sam-berning Thanks for the review, I've address them and added the migration - I think how I've done it is right |
There was a problem hiding this comment.
Hey @domgoodwin, thanks for following up! The migration looks good for the most part. Just have a couple more comments, noticed a few things I missed in my first review.
packages/chrony/chrony-conf
Outdated
| @@ -2,7 +2,7 @@ | |||
| ntp = "v1" | |||
| +++ | |||
| {{#each settings.ntp.time-servers}} | |||
| pool {{this}} iburst | |||
| pool {{this}} {{#each settings.ntp.options}}{{this}}{{/each}} | |||
There was a problem hiding this comment.
we still need a space within the {{#each}} so that each option is separated by a space, it should look like this:
| pool {{this}} {{#each settings.ntp.options}}{{this}}{{/each}} | |
| pool {{this}}{{#each settings.ntp.options}} {{this}}{{/each}} |
| @@ -119,6 +119,7 @@ template-path = "/usr/share/templates/hosts" | |||
|
|
|||
| [settings.ntp] | |||
| time-servers = ["169.254.169.123", "2.amazon.pool.ntp.org"] | |||
| options = ["iburst"] | |||
There was a problem hiding this comment.
You will also need to add the migration to Release.toml, reference the above commit for an example.
| time_servers: None | ||
| options: None |
There was a problem hiding this comment.
need commas after each of these items:
| time_servers: None | |
| options: None | |
| time_servers: None, | |
| options: None, |
| @@ -85,4 +87,22 @@ mod test { | |||
| let results = serde_json::to_string(&ntp).unwrap(); | |||
| assert_eq!(results, test_json); | |||
| } | |||
|
|
|||
| fn test_options_ntp() { | |||
| let test_json = r#"{"time-servers":["https://example.net","http://www.example.com"],"options": ["minpoll", "1", "maxpoll", "2"]}"#; | |||
There was a problem hiding this comment.
For testing serde_json::to_string() at the end of this test, you'll need to remove all of the extra whitespace from this string:
| let test_json = r#"{"time-servers":["https://example.net","http://www.example.com"],"options": ["minpoll", "1", "maxpoll", "2"]}"#; | |
| let test_json = r#"{"time-servers":["https://example.net","http://www.example.com"],"options":["minpoll","1","maxpoll","2"]}"#; |
| @@ -85,4 +87,22 @@ mod test { | |||
| let results = serde_json::to_string(&ntp).unwrap(); | |||
| assert_eq!(results, test_json); | |||
| } | |||
|
|
|||
| fn test_options_ntp() { | |||
There was a problem hiding this comment.
In order for Rust to recognize this as a unit test, you need to provide the #[test] macro here:
| fn test_options_ntp() { | |
| #[test] | |
| fn test_options_ntp() { |
| Url::try_from("minpoll").unwrap(), | ||
| Url::try_from("1").unwrap(), | ||
| Url::try_from("maxpoll").unwrap(), | ||
| Url::try_from("2").unwrap(), |
There was a problem hiding this comment.
These should be Strings, not Urls:
| Url::try_from("minpoll").unwrap(), | |
| Url::try_from("1").unwrap(), | |
| Url::try_from("maxpoll").unwrap(), | |
| Url::try_from("2").unwrap(), | |
| String::from("minpoll"), | |
| String::from("1"), | |
| String::from("maxpoll"), | |
| String::from("2"), |
| @@ -0,0 +1,10 @@ | |||
| [package] | |||
| name = "add-ntp-default-options" | |||
There was a problem hiding this comment.
the package name in Cargo.toml needs to be the same as the directory name or the build won't be able to find the package:
| name = "add-ntp-default-options" | |
| name = "add-ntp-default-options-v0-1-0" |
|
Comments addressed @sam-berning 🙏 , looks like the test is actually running now and passing - I had to remove the try_from stuff but I think that's fine as it's not a URL 🤦 |
Makefile.toml
Outdated
| @@ -24,7 +24,7 @@ TWOLITER_ALLOW_BINARY_INSTALL="true" | |||
|
|
|||
| # Allow Twoliter to be installed by building from sourcecode. | |||
| TWOLITER_ALLOW_SOURCE_INSTALL="true" | |||
|
|
|||
| TARGET_CC="x86_64-unknown-linux-gnu" | |||
There was a problem hiding this comment.
I didn't mean to add this, should be removed with the latest commit
|
CI is failing on |
There was a problem hiding this comment.
nice, thanks for updating it @domgoodwin. CI is now passing! I built this locally and tested on an EC2 instance and /etc/chrony.conf is not getting generated correctly:
Apr 02 23:14:28 ip-172-31-23-40.us-west-2.compute.internal apiserver[1791]: Configuration file 'chrony-conf' failed to render: Failed to render template file ('/usr/share/templates/chrony-conf'): Failed to render template 'Template { frontmatter: TemplateFrontmatter { required_extensions: {"ntp": Version("v1")} }, body: "{{#each settings.ntp.time-servers}}\npool {{this}}{{#each settings.ntp.options}} {{this}}{{/each}}\n{{/each}}\ndriftfile /var/lib/chrony/drift\nmakestep 1.0 3\ndumponexit\ndumpdir /var/lib/chrony\nuser chrony\nrtcsync\n" }': Error rendering "Unnamed template" line 2, col 14: Variable "settings.ntp.options" not found in strict mode.
Turns out within the each loop, you need to use ../ to access a variable outside of the scope of the loop. I've left a comment with the suggested change, but after that this should work as expected.
|
Thanks @domgoodwin, this is looking really good. Now I'll just need to test that the migrations are working as expected, I'll update you when I finish with that. In the meantime, can you squash your commits into one? |
domgoodwin
force-pushed
the
bottlerocket-ntp
branch
from
7ce0e3b
to
cfcc095
Compare
|
Thanks @sam-berning, commits squashed into 1 🙇 |
|
Tested the migration, it works as expected: Started an instance: after downgrade: after upgrade: |
| @@ -119,6 +119,7 @@ template-path = "/usr/share/templates/hosts" | |||
|
|
|||
| [settings.ntp] | |||
| time-servers = ["169.254.169.123", "2.amazon.pool.ntp.org"] | |||
| options = ["iburst"] | |||
There was a problem hiding this comment.
@yeazelm, this looks correct to me. The options setting is added by the migration and the defaults file will now include "iburst" such that behavior does not change on upgrade.
|
@domgoodwin this needs a rebase |
domgoodwin
force-pushed
the
bottlerocket-ntp
branch
from
cfcc095
to
862c0e2
Compare
|
@sam-berning done ✅ |
Description of changes:
Adds the ability to configure further options for the NTP servers. We would like to set
maxpollto a lower value so I've added the ability to specify options which get added to the servers too. I've removed the default optioniburstand added it to this setting default instead.Testing done:
Edit: Sam did the testing with Bottlerocket including migration testing, see comment below.
Terms of contribution:
By submitting this pull request, I agree that this contribution is dual-licensed under the terms of both the Apache License, version 2.0, and the MIT license.