diff options
author | Zuul <zuul@review.opendev.org> | 2021-07-20 09:38:59 +0000 |
---|---|---|
committer | Gerrit Code Review <review@openstack.org> | 2021-07-20 09:38:59 +0000 |
commit | 9b42b08edd85933c3f96444a649b0d80f16ec8d0 (patch) | |
tree | b440142360c6174e7ba36a14737b63227a1d7324 | |
parent | 21c24abe6119083c739667ddc8dae5536e1b3c2e (diff) | |
parent | 5531d5cee744f90ff24231a9ef467282b254adc2 (diff) | |
download | ironic-python-agent-9b42b08edd85933c3f96444a649b0d80f16ec8d0.tar.gz |
Merge "Force immediate NTP time sync with chronyd at IPA startup"8.1.0
-rw-r--r-- | ironic_python_agent/tests/unit/extensions/test_standby.py | 8 | ||||
-rw-r--r-- | ironic_python_agent/tests/unit/test_utils.py | 31 | ||||
-rw-r--r-- | ironic_python_agent/utils.py | 20 | ||||
-rw-r--r-- | releasenotes/notes/fix_chronyd_time_sync-626a14b66ca37677.yaml | 6 |
4 files changed, 19 insertions, 46 deletions
diff --git a/ironic_python_agent/tests/unit/extensions/test_standby.py b/ironic_python_agent/tests/unit/extensions/test_standby.py index 97dffbe8..559a15bb 100644 --- a/ironic_python_agent/tests/unit/extensions/test_standby.py +++ b/ironic_python_agent/tests/unit/extensions/test_standby.py @@ -1385,15 +1385,15 @@ class TestStandbyExtension(base.IronicAgentTest): self.agent_extension._sync_clock() - calls = [mock.call('chronyd', check_exit_code=[0, 1]), - mock.call('chronyc', 'add', 'server', '192.168.1.1'), - mock.call('chronyc', 'makestep'), + calls = [mock.call('chronyc', 'shutdown', check_exit_code=[0, 1]), + mock.call("chronyd -q 'server 192.168.1.1 iburst'", + shell=True), mock.call('hwclock', '-v', '--systohc')] execute_mock.assert_has_calls(calls) execute_mock.reset_mock() execute_mock.side_effect = [ - ('', ''), ('', ''), ('', ''), + ('', ''), ('', ''), processutils.ProcessExecutionError('boop') ] diff --git a/ironic_python_agent/tests/unit/test_utils.py b/ironic_python_agent/tests/unit/test_utils.py index eb6520f0..bfad67f0 100644 --- a/ironic_python_agent/tests/unit/test_utils.py +++ b/ironic_python_agent/tests/unit/test_utils.py @@ -856,27 +856,8 @@ class TestClockSyncUtils(ironic_agent_base.IronicAgentTest): mock_time_method.return_value = 'chronyd' utils.sync_clock() mock_execute.assert_has_calls([ - mock.call('chronyd', check_exit_code=[0, 1]), - mock.call('chronyc', 'add', 'server', '192.168.1.1'), - mock.call('chronyc', 'makestep'), - ]) - - @mock.patch.object(utils, 'determine_time_method', autospec=True) - def test_sync_clock_chrony_already_present(self, mock_time_method, - mock_execute): - self.config(ntp_server='192.168.1.1') - mock_time_method.return_value = 'chronyd' - mock_execute.side_effect = [ - ('', ''), - processutils.ProcessExecutionError( - stderr='Source already present'), - ('', ''), - ] - utils.sync_clock() - mock_execute.assert_has_calls([ - mock.call('chronyd', check_exit_code=[0, 1]), - mock.call('chronyc', 'add', 'server', '192.168.1.1'), - mock.call('chronyc', 'makestep'), + mock.call('chronyc', 'shutdown', check_exit_code=[0, 1]), + mock.call("chronyd -q 'server 192.168.1.1 iburst'", shell=True), ]) @mock.patch.object(utils, 'determine_time_method', autospec=True) @@ -889,12 +870,8 @@ class TestClockSyncUtils(ironic_agent_base.IronicAgentTest): processutils.ProcessExecutionError(stderr='time verboten'), ] self.assertRaisesRegex(errors.CommandExecutionError, - 'Error occured adding ntp', - utils.sync_clock) - mock_execute.assert_has_calls([ - mock.call('chronyd', check_exit_code=[0, 1]), - mock.call('chronyc', 'add', 'server', '192.168.1.1'), - ]) + 'Failed to sync time using chrony to ntp ' + 'server:', utils.sync_clock) @mock.patch.object(utils, 'determine_time_method', autospec=True) def test_sync_clock_none(self, mock_time_method, mock_execute): diff --git a/ironic_python_agent/utils.py b/ironic_python_agent/utils.py index b5d0533a..2fc60ff1 100644 --- a/ironic_python_agent/utils.py +++ b/ironic_python_agent/utils.py @@ -835,21 +835,11 @@ def sync_clock(ignore_errors=False): raise errors.CommandExecutionError(msg) elif method == 'chronyd': try: - # 0 should be if chronyd started - # 1 if already running - execute('chronyd', check_exit_code=[0, 1]) - # NOTE(TheJulia): Once started, chronyd forks and stays in the - # background as a server service, it will continue to keep the - # clock in sync. - try: - execute('chronyc', 'add', 'server', CONF.ntp_server) - except processutils.ProcessExecutionError as e: - if 'Source already present' not in str(e): - msg = 'Error occured adding ntp server: %s' % e - LOG.error(msg) - raise errors.CommandExecutionError(msg) - # Force the clock to sync now. - execute('chronyc', 'makestep') + # stop chronyd, ignore if it ran before or not + execute('chronyc', 'shutdown', check_exit_code=[0, 1]) + # force a time sync now + query = "server " + CONF.ntp_server + " iburst" + execute("chronyd -q \'%s\'" % query, shell=True) LOG.debug('Set software clock using chrony') except (processutils.ProcessExecutionError, errors.CommandExecutionError) as e: diff --git a/releasenotes/notes/fix_chronyd_time_sync-626a14b66ca37677.yaml b/releasenotes/notes/fix_chronyd_time_sync-626a14b66ca37677.yaml new file mode 100644 index 00000000..cbe25dfc --- /dev/null +++ b/releasenotes/notes/fix_chronyd_time_sync-626a14b66ca37677.yaml @@ -0,0 +1,6 @@ +--- +fixes: + - | + Fixes an issue where the NTP time sync at the IPA startup via chronyd is + not immediate (which can break time sensitive components such as the + generation of a TLS certificate). |