Merge pull request 'chore: reorganise ntp server' (#69) from neoloc/ntp_cleanup into develop

Reviewed-on: unkinben/puppet-prod#69
2023-11-18 18:10:18 +09:30 · 2023-11-18 18:10:18 +09:30 · 59d29e3036
commit 59d29e3036
parent bae3d446b6 dffc97ad4c
6 changed files with 21 additions and 7 deletions
--- a/hieradata/common.yaml
+++ b/hieradata/common.yaml
@ -1,7 +1,10 @@
 ---
+profiles::ntp::client::ntp_role: 'roles::infra::ntp::server'
 profiles::ntp::client::peers:
-  - ntp01.main.unkin.net
-  - ntp02.main.unkin.net
+  - 0.pool.ntp.org
+  - 1.pool.ntp.org
+  - 2.pool.ntp.org
+  - 3.pool.ntp.org

 profiles::base::puppet_servers:
  - 'prodinf01n01.main.unkin.net'
--- a/hieradata/roles/infra/ntp/server.yaml
+++ b/hieradata/roles/infra/ntp/server.yaml
--- a/hieradata/roles/puppet/puppetmaster.yaml
+++ b/hieradata/roles/puppet/puppetmaster.yaml
@ -9,7 +9,7 @@ profiles::puppet::autosign::domains:
 #  - 'somenode.main.unkin.net'

 profiles::puppet::enc::repo: https://git.unkin.net/unkinben/puppet-enc.git
-profiles::puppet::enc::release: '0.6'
+profiles::puppet::enc::release: '0.7.1'
 profiles::puppet::enc::force: true
 profiles::puppet::r10k::r10k_repo: https://git.unkin.net/unkinben/puppet-r10k.git
 profiles::puppet::g10k::bin_path: '/opt/puppetlabs/bin/g10k'
--- a/site/profiles/manifests/ntp/client.pp
+++ b/site/profiles/manifests/ntp/client.pp
@ -2,6 +2,10 @@
 # use exported resources from profiles::ntp::server if they are available
 class profiles::ntp::client (
  Array     $peers,
+  Variant[
+    String,
+    Undef
+  ]         $ntp_role = undef,
  Boolean   $wait_enable = true,
  Enum[
    'running',
@ -14,16 +18,23 @@ class profiles::ntp::client (
  # through the profiles::ntp::server class.
  if $client_only {

+    # if ntp_role is set, find all hosts matching that enc_role
+    if $ntp_role == undef {
+      $ntpserver_array = $peers
+    }else{
+      $ntpserver_array = query_nodes("enc_role='${ntp_role}'", 'networking.fqdn')
+    }
+
    # Define the client configuration based on OS family
    if $facts['os']['family'] == 'RedHat' {
      class { 'chrony':
-        servers     => $peers,
+        servers     => $ntpserver_array,
        wait_enable => $wait_enable,
        wait_ensure => $wait_ensure,
      }
    } else {
      class { 'chrony':
-        servers    => $peers,
+        servers    => $ntpserver_array,
      }
    }
  }
--- a/site/profiles/manifests/ntp/server.pp
+++ b/site/profiles/manifests/ntp/server.pp
@ -19,7 +19,7 @@ class profiles::ntp::server (

  # check the enc_role has been set, it can take two puppet runs to do this
  # TODO: change away from external fact
-  if $facts['enc_role'] == 'roles::infra::ntpserver' {
+  if $facts['enc_role'] == 'roles::infra::ntp::server' {

    # define the server
    if $facts['os']['family'] == 'RedHat' {
--- a/site/roles/manifests/infra/ntp/server.pp
+++ b/site/roles/manifests/infra/ntp/server.pp
@ -1,5 +1,5 @@
 # a role to deploy a ntp server
-class roles::infra::ntpserver {
+class roles::infra::ntp::server {
  include profiles::defaults
  include profiles::base
  include profiles::ntp::server