Ntp-Through Puppet

[root@server ~]# puppet module search ntp
Notice: Searching https://forgeapi.puppetlabs.com
NAME DESCRIPTION AUTHOR KEYWORDS
ghoneycutt-ntp Manage NTP @ghoneycutt ntp time services sync
dhoppe-ntp This module installs, configures and manages the NTP service. @dhoppe ntp
puppetlabs-ntp Installs, configures, and manages the NTP service. @puppetlabs ntp time aix rhel centos ntpd
thias-ntp Network Time Protocol module @thias ntp ntpd
saz-ntp UNKNOWN @saz oel suse ntp time fedora ntpd
example42-ntp Puppet module for ntp @example42 ntp example42
diskstats-ntp Lean RedHat NTP module, with the most common settings. @diskstats hiera ntpd rhel time redhat ntp
erwbgy-ntp configure and manage ntpd @erwbgy centos ntp time services rhel
mthibaut-ntp NTP Module @mthibaut ntp hiera
kickstandproject-ntp UNKNOWN @kickstandproject ntp
aageyev-ntp Install ntp on ubuntu @aageyev ubuntu ntp
a2tar-ntp Install ntp on ubuntu @a2tar ubuntu ntp
csail-ntp Configures NTP servers and clients @csail ntp ntpd freebsd debian ubuntu
warriornew-ntp ntp setup @warriornew ntp
a2labs-ntp Install ntp on ubuntu @a2labs
mmitchell-puppetlabs_ntp UNKNOWN @mmitchell
tohuwabohu-openntp Puppet module for OpenNTPD @tohuwabohu openntp ntp time
hacking-ntpclient A module to enable easy configuration of an NTP client @hacking ntp
example42-openntpd Puppet module for openntpd @example42 openntpd ntp example42
evenup-time Manages the timezone and ntp. @evenup ntp
oppegaard-ntpd OpenNTP module for OpenBSD @oppegaard ntpd ntp openntpd openbsd
ringingliberty-chrony Manages the chrony network time daemon @ringingliberty fedora redhat ubuntu debian ntp
mikegleasonjr-server The Server module serves as a base configuration for all your … @mikegleasonjr swap rsyslog ntp timezone
erwbgy-system Manage Linux system resources and services from hiera configur… @erwbgy host fact rhel cron exec ntp

————————————————————————–

[root@server ~]# puppet module install puppetlabs-ntp
Notice: Preparing to install into /etc/puppet/modules …
Notice: Downloading from https://forgeapi.puppetlabs.com
Notice: Installing — do not interrupt …
/etc/puppet/modules
└─┬ puppetlabs-ntp (v4.2.0)
└── puppetlabs-stdlib (v4.12.0)
————————————————————————–
[root@server ~]# cat /var/lib/hiera/common.yaml

classes:
– ‘timezone’
– ‘ntp’

timezone::region: ‘America’
timezone::locality: ‘New_York’

ntp::autoupdate: false
ntp::enable: true
ntp::servers:
– 0.us.pool.ntp.org iburst
– 1.us.pool.ntp.org iburst
– 2.us.pool.ntp.org iburst
– 3.us.pool.ntp.org iburst
– ntp-a.boulder.nist.gov

————————————————————————–
[root@client ~]# cat /etc/ntp.conf
# For more information about this file, see the man pages
# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).

driftfile /var/lib/ntp/drift

# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
restrict default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery

# Permit all access over the loopback interface. This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1
restrict -6 ::1

# Hosts on local network are less restricted.
#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap

# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
server 0.centos.pool.ntp.org iburst
server 1.centos.pool.ntp.org iburst
server 2.centos.pool.ntp.org iburst
server 3.centos.pool.ntp.org iburst

#broadcast 192.168.1.255 autokey # broadcast server
#broadcastclient # broadcast client
#broadcast 224.0.1.1 autokey # multicast server
#multicastclient 224.0.1.1 # multicast client
#manycastserver 239.255.254.254 # manycast server
#manycastclient 239.255.254.254 autokey # manycast client

# Enable public key cryptography.
#crypto

includefile /etc/ntp/crypto/pw

# Key file containing the keys and key identifiers used when operating
# with symmetric key cryptography.
keys /etc/ntp/keys

# Specify the key identifiers which are trusted.
#trustedkey 4 8 42

# Specify the key identifier to use with the ntpdc utility.
#requestkey 8

# Specify the key identifier to use with the ntpq utility.
#controlkey 8

# Enable writing of statistics records.
#statistics clockstats cryptostats loopstats peerstats

————————————————————————–
[root@client ~]# puppet agent -t
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Loading facts
Info: Caching catalog for client.puppet.com
Info: Applying configuration version ‘1465743866’
Notice: /Stage[main]/Ntp::Config/File[/etc/ntp.conf]/content:
— /etc/ntp.conf 2015-04-28 06:11:52.000000000 -0400
+++ /tmp/puppet-file20160612-5345-15hk142-0 2016-06-12 11:08:50.784000034 -0400
@@ -1,53 +1,42 @@
-# For more information about this file, see the man pages
-# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
+# ntp.conf: Managed by puppet.
+#
+# Enable next tinker options:
+# panic – keep ntpd from panicking in the event of a large clock skew
+# when a VM guest is suspended and resumed;
+# stepout – allow ntpd change offset faster
+tinker panic 0

-driftfile /var/lib/ntp/drift
+disable monitor

# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
restrict default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery

-# Permit all access over the loopback interface. This could
-# be tightened as well, but to do so would effect some of
-# the administrative functions.
-restrict 127.0.0.1
+restrict 127.0.0.1
restrict -6 ::1

-# Hosts on local network are less restricted.
-#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap

-# Use public servers from the pool.ntp.org project.
-# Please consider joining the pool (http://www.pool.ntp.org/join.html).
-server 0.centos.pool.ntp.org iburst
-server 1.centos.pool.ntp.org iburst
-server 2.centos.pool.ntp.org iburst
-server 3.centos.pool.ntp.org iburst

-#broadcast 192.168.1.255 autokey # broadcast server
-#broadcastclient # broadcast client
-#broadcast 224.0.1.1 autokey # multicast server
-#multicastclient 224.0.1.1 # multicast client
-#manycastserver 239.255.254.254 # manycast server
-#manycastclient 239.255.254.254 autokey # manycast client

-# Enable public key cryptography.
-#crypto

-includefile /etc/ntp/crypto/pw

-# Key file containing the keys and key identifiers used when operating
-# with symmetric key cryptography.
-keys /etc/ntp/keys

-# Specify the key identifiers which are trusted.
-#trustedkey 4 8 42

-# Specify the key identifier to use with the ntpdc utility.
-#requestkey 8
+# Set up servers for ntpd with next options:
+# server – IP address or DNS name of upstream NTP server
+# iburst – allow send sync packages faster if upstream unavailable
+# prefer – select preferrable server
+# minpoll – set minimal update frequency
+# maxpoll – set maximal update frequency
+server 0.us.pool.ntp.org iburst
+server 1.us.pool.ntp.org iburst
+server 2.us.pool.ntp.org iburst
+server 3.us.pool.ntp.org iburst
+server ntp-a.boulder.nist.gov
+
+
+# Driftfile.
+driftfile /var/lib/ntp/drift
+
+
+
+
+
+

-# Specify the key identifier to use with the ntpq utility.
-#controlkey 8

-# Enable writing of statistics records.
-#statistics clockstats cryptostats loopstats peerstats

Info: Computing checksum on file /etc/ntp.conf
Info: /Stage[main]/Ntp::Config/File[/etc/ntp.conf]: Filebucketed /etc/ntp.conf to puppet with sum 7fda24f62b1c7ae951db0f746dc6e0cc
Notice: /Stage[main]/Ntp::Config/File[/etc/ntp.conf]/content: content changed ‘{md5}7fda24f62b1c7ae951db0f746dc6e0cc’ to ‘{md5}b536b8e573faafded17697c02f256b2e’
Info: Class[Ntp::Config]: Scheduling refresh of Class[Ntp::Service]
Info: Class[Ntp::Service]: Scheduling refresh of Service[ntp]
Notice: /Stage[main]/Ntp::Service/Service[ntp]/ensure: ensure changed ‘stopped’ to ‘running’
Info: /Stage[main]/Ntp::Service/Service[ntp]: Unscheduling refresh on Service[ntp]
Notice: Finished catalog run in 1.24 seconds

————————————————————————–
[root@client ~]# cat /etc/ntp.conf
# ntp.conf: Managed by puppet.
#
# Enable next tinker options:
# panic – keep ntpd from panicking in the event of a large clock skew
# when a VM guest is suspended and resumed;
# stepout – allow ntpd change offset faster
tinker panic 0

disable monitor

# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
restrict default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery
restrict 127.0.0.1
restrict -6 ::1

# Set up servers for ntpd with next options:
# server – IP address or DNS name of upstream NTP server
# iburst – allow send sync packages faster if upstream unavailable
# prefer – select preferrable server
# minpoll – set minimal update frequency
# maxpoll – set maximal update frequency
server 0.us.pool.ntp.org iburst
server 1.us.pool.ntp.org iburst
server 2.us.pool.ntp.org iburst
server 3.us.pool.ntp.org iburst
server ntp-a.boulder.nist.gov
# Driftfile.
driftfile /var/lib/ntp/drift

 

Advertisements
Posted in: Ntp

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s