From 190e4de8d05139f98cabcce1e00fe37bcbf640ec Mon Sep 17 00:00:00 2001 From: xenolinux Date: Fri, 28 Mar 2025 14:19:11 +0530 Subject: [PATCH] OCPBUGS#50642: NTP server configuration for HCP --- hosted_control_planes/hcp-machine-config.adoc | 8 + modules/hcp-configure-ntp.adoc | 175 ++++++++++++++++++ 2 files changed, 183 insertions(+) create mode 100644 modules/hcp-configure-ntp.adoc diff --git a/hosted_control_planes/hcp-machine-config.adoc b/hosted_control_planes/hcp-machine-config.adoc index 4434735c58..1a5479ac7d 100644 --- a/hosted_control_planes/hcp-machine-config.adoc +++ b/hosted_control_planes/hcp-machine-config.adoc @@ -27,3 +27,11 @@ include::modules/hcp-kubeconf-nodepool.adoc[leveloffset=+1] include::modules/node-tuning-hosted-cluster.adoc[leveloffset=+1] include::modules/sriov-operator-hosted-control-planes.adoc[leveloffset=+1] + +include::modules/hcp-configure-ntp.adoc[leveloffset=+1] + +[role="_additional-resources"] +.Additional resources + +* xref:../installing/install_config/installing-customizing.adoc#installation-special-config-butane_installing-customizing[Creating machine configs with Butane] +* link:https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.13/html-single/clusters/index#create-host-inventory-cli-steps[Creating a host inventory] diff --git a/modules/hcp-configure-ntp.adoc b/modules/hcp-configure-ntp.adoc new file mode 100644 index 0000000000..9bb83d0dd0 --- /dev/null +++ b/modules/hcp-configure-ntp.adoc @@ -0,0 +1,175 @@ +// Module included in the following assemblies: +// * hosted_control_planes/hcp-machine-config.adoc + +:_mod-docs-content-type: PROCEDURE +[id="hcp-configure-ntp_{context}"] += Configuring the NTP server for hosted clusters + +You can configure the Network Time Protocol (NTP) server for your hosted clusters by using Butane. + +.Procedure + +. Create a Butane config file, `99-worker-chrony.bu`, that includes the contents of the `chrony.conf` file. For more information about Butane, see "Creating machine configs with Butane". ++ +.Example `99-worker-chrony.bu` configuration +[source,yaml,subs="attributes+"] +---- +# ... +variant: openshift +version: {product-version}.0 +metadata: + name: 99-worker-chrony + labels: + machineconfiguration.openshift.io/role: worker +storage: + files: + - path: /etc/chrony.conf + mode: 0644 #<1> + overwrite: true + contents: + inline: | + pool 0.rhel.pool.ntp.org iburst #<2> + driftfile /var/lib/chrony/drift + makestep 1.0 3 + rtcsync + logdir /var/log/chrony +# ... +---- +<1> Specify an octal value mode for the `mode` field in the machine config file. After creating the file and applying the changes, the `mode` field is converted to a decimal value. +<2> Specify any valid, reachable time source, such as the one provided by your Dynamic Host Configuration Protocol (DHCP) server. ++ +[NOTE] +==== +For machine-to-machine communication, the NTP on the User Datagram Protocol (UDP) port is `123`. If you configured an external NTP time server, you must open UDP port `123`. +==== + +. Use Butane to generate a `MachineConfig` object file, `99-worker-chrony.yaml`, that contains a configuration that Butane sends to the nodes. Run the following command: ++ +[source,terminal] +---- +$ butane 99-worker-chrony.bu -o 99-worker-chrony.yaml +---- ++ +.Example `99-worker-chrony.yaml` configuration +[source,yaml] +---- +# Generated by Butane; do not edit +apiVersion: machineconfiguration.openshift.io/v1 +kind: MachineConfig +metadata: + labels: + machineconfiguration.openshift.io/role: worker + name: +spec: + config: + ignition: + version: 3.2.0 + storage: + files: + - contents: + source: data:... + mode: 420 + overwrite: true + path: /example/path +---- + +. Add the contents of the `99-worker-chrony.yaml` file inside of a config map in the management cluster: ++ +.Example config map +[source,yaml] +---- +apiVersion: v1 +kind: ConfigMap +metadata: + name: + namespace: #<1> +data: + config: | + apiVersion: machineconfiguration.openshift.io/v1 + kind: MachineConfig + metadata: + labels: + machineconfiguration.openshift.io/role: worker + name: + spec: + config: + ignition: + version: 3.2.0 + storage: + files: + - contents: + source: data:... + mode: 420 + overwrite: true + path: /example/path +# ... +---- +<1> Replace `` with the name of your namespace where you created the node pool, such as `clusters`. + +. Apply the config map to your node pool by running the following command: ++ +[source,terminal] +---- +$ oc edit nodepool --namespace +---- ++ +.Example `NodePool` configuration +[source,yaml] +---- +apiVersion: hypershift.openshift.io/v1alpha1 +kind: NodePool +metadata: +# ... + name: nodepool-1 + namespace: clusters +# ... +spec: + config: + - name: #<1> +# ... +---- +<1> Replace `` with the name of your config map. + +. Add the list of your NTP servers in the `infra-env.yaml` file, which defines the `InfraEnv` custom resource (CR): ++ +.Example `infra-env.yaml` file +[source,yaml] +---- +apiVersion: agent-install.openshift.io/v1beta1 +kind: InfraEnv +# ... +spec: + additionalNTPSources: + - #<1> + - + - +# ... +---- +<1> Replace `` with the name of your NTP server. For more details about creating a host inventory and the `InfraEnv` CR, see "Creating a host inventory". + +. Apply the `InfraEnv` CR by running the following command: ++ +[source,terminal] +---- +$ oc apply -f infra-env.yaml +---- + +.Verification + +* Check the following fields to know the status of your host inventory: ++ +** `conditions`: The standard Kubernetes conditions indicating if the image was created successfully. +** `isoDownloadURL`: The URL to download the Discovery Image. +** `createdTime`: The time at which the image was last created. If you modify the `InfraEnv` CR, ensure that you have updated the timestamp before downloading a new image. ++ +Verify that your host inventory is created by running the following command: ++ +[source,terminal] +---- +$ oc describe infraenv -n +---- ++ +[NOTE] +==== +If you modify the `InfraEnv` CR, confirm that the `InfraEnv` CR has created a new Discovery Image by looking at the `createdTime` field. If you already booted hosts, boot them again with the latest Discovery Image. +====