Support time synchronization on hosts

This change introduces functionality to synchronize
infra/kube nodes' clock with external NTP authority.

Configuring external time source is optional, however
default behaviour will be to setup NTP time source on
infra-node and sync kube-nodes clock with it.

It's also possible to setup custom time zone.

Change-Id: I725ce9a306da1977628b6c03d5ff10fca77fb3b0
Issue-ID: OOM-1710
Signed-off-by:  Bartek Grzybowski <b.grzybowski@partner.samsung.com>

7 files changed, 113 insertions, 3 deletions

diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml
index 1dc938fd..f9d6726f 100755
--- a/ansible/group_vars/all.yml
+++ b/ansible/group_vars/all.yml
@@ -147,3 +147,12 @@ application_post_install_role:
 #  openStackDomain: "Default"
 #  openStackUserName: "admin"
 #  openStackEncryptedPassword: "f7920677e15e2678b0f33736189e8965"
+
+# Optional time synchronisation settings
+# timesync:
+#   servers:
+#     - <ip address of NTP_1>
+#     - <...>
+#     - <ip address of NTP_N>
+#   slewclock: false
+#   timezone: <timezone name from tz database>
diff --git a/ansible/infrastructure.yml b/ansible/infrastructure.yml
index 18290ae4..74a7b68b 100644
--- a/ansible/infrastructure.yml
+++ b/ansible/infrastructure.yml
@@ -8,6 +8,7 @@
 - name: Setup infrastructure servers
   hosts: infrastructure
   roles:
+    - chrony
     - certificates
     - docker
     - dns
@@ -18,6 +19,7 @@
 - name: Setup base for Kubernetes nodes
   hosts: kubernetes
   roles:
+    - chrony
     - docker
   tasks:
     - include_role:
diff --git a/ansible/roles/chrony/defaults/main.yml b/ansible/roles/chrony/defaults/main.yml
new file mode 100644
index 00000000..af433dac
--- /dev/null
+++ b/ansible/roles/chrony/defaults/main.yml
@@ -0,0 +1,16 @@
+---
+timesync: {}
+chrony:
+  servers: "{{ timesync.servers | default([hostvars[groups.infrastructure[0]].cluster_ip]) }}" # chronyd's NTP servers
+  slewclock: "{{ timesync.slewclock | default(false) }}" # chronyd's makestep property
+  timezone: "{{ timesync.timezone | default('Universal') }}" # Timezone name according to tz database
+  makestep: '1 -1'
+  maxjitter: 10 # Max allowed jitter if using infra as time source as it may by unstable due to pretending stratum 1 time source
+  initstepslew: 30
+  conf:
+    RedHat:
+      config_file: /etc/chrony.conf
+      driftfile: /var/lib/chrony/drift
+    Debian:
+      config_file: /etc/chrony/chrony.conf
+      driftfile: /var/lib/chrony/chrony.drift
diff --git a/ansible/roles/chrony/handlers/main.yml b/ansible/roles/chrony/handlers/main.yml
new file mode 100644
index 00000000..80ab9fa9
--- /dev/null
+++ b/ansible/roles/chrony/handlers/main.yml
@@ -0,0 +1,5 @@
+---
+- name: Restart chronyd
+  systemd:
+    name: chronyd
+    state: restarted
diff --git a/ansible/roles/chrony/tasks/main.yml b/ansible/roles/chrony/tasks/main.yml
new file mode 100644
index 00000000..69a11587
--- /dev/null
+++ b/ansible/roles/chrony/tasks/main.yml
@@ -0,0 +1,26 @@
+---
+- name: Check if server mode
+  set_fact:
+    chrony_mode: 'server'
+  when: "'infrastructure' in group_names and timesync.servers is not defined"
+
+- name: Check if client mode
+  set_fact:
+    chrony_mode: 'client'
+  when: "timesync.servers is defined or 'infrastructure' not in group_names"
+
+- name: "Upload chronyd {{ chrony_mode }} configuration"
+  template:
+    src: "chrony.conf.j2"
+    dest: "{{ chrony['conf'][ansible_os_family]['config_file'] }}"
+  notify: Restart chronyd
+
+- name: Ensure chronyd is enabled/running
+  systemd:
+    name: chronyd
+    state: started
+    enabled: true
+
+- name: Setup timezone
+  timezone:
+    name: "{{ chrony.timezone }}"
diff --git a/ansible/roles/chrony/templates/chrony.conf.j2 b/ansible/roles/chrony/templates/chrony.conf.j2
new file mode 100644
index 00000000..3bfb4e40
--- /dev/null
+++ b/ansible/roles/chrony/templates/chrony.conf.j2
@@ -0,0 +1,22 @@
+{% if chrony_mode == 'server' %}
+local stratum 1
+allow
+{% elif chrony_mode == 'client' %}
+{% for tserver in chrony.servers %}
+server {{ tserver }} iburst
+{% endfor %}
+{% if chrony.slewclock == false %}
+{# Step the time by default  #}
+makestep {{ chrony.makestep }}
+{% else %}
+{# Slew the clock but step at boot time if time error larger than 30 seconds #}
+initstepslew {{ chrony.initstepslew }}{% for tserver in chrony.servers %} {{ tserver }}{% endfor %}
+
+{% endif %}
+{% if timesync.servers is not defined %}
+maxjitter {{ chrony.maxjitter }}
+{% endif %}
+{% endif %}
+driftfile {{ chrony['conf'][ansible_os_family]['driftfile'] }}
+rtcsync
+logdir /var/log/chrony
diff --git a/docs/InstallGuide.rst b/docs/InstallGuide.rst
index e91c7bd7..fb292fb3 100644
--- a/docs/InstallGuide.rst
+++ b/docs/InstallGuide.rst
@@ -122,7 +122,7 @@ Change the current directory to the ``'ansible'``::
 
 You can see multiple files and directories inside - this is the *offline-installer*. It is implemented as a set of ansible playbooks.
 
-If you created the ``'sw'`` package according to the *Build Guide* then you should had have the ``'application'`` directory populated with at least the following files:
+If you created the ``'sw'`` package according to the *Build Guide* then you should have had the ``'application'`` directory populated with at least the following files:
 
 - ``application_configuration.yml``
 - ``hosts.yml``
@@ -250,6 +250,7 @@ Here, we will be interested in the following variables:
 - ``app_data_path``
 - ``aux_data_path``
 - ``app_name``
+- ``timesync``
 
 ``'resource_dir'``, ``'resources_filename'`` and ``'aux_resources_filename'`` must correspond to the file paths on the *resource-host* (variable ``'resource_host'``), which is in our case the *install-server*.
 
@@ -259,14 +260,43 @@ The ``'resource_dir'`` should be set to ``'/data'``, ``'resources_filename'`` to
 
 **NOTE:** As we mentioned in `Installer packages`_ - the auxiliary package is not mandatory and we will not utilize it in here either.
 
-The last variable ``'app_name'`` should be short and descriptive. We will set it simply to: ``onap``.
+The ``'app_name'`` variable should be short and descriptive. We will set it simply to: ``onap``.
 
-It can look all together something like this::
+The ``'timesync'`` variable is optional and controls synchronisation of the system clock on hosts. It should be configured only if a custom NTP server is available and needed. Such a time authority should be on a host reachable from all installation nodes. If this setting is not provided then the default behavior is to setup NTP daemon on infra-node and sync all kube-nodes' time with it.
+
+If you wish to provide your own NTP servers configure their IPs as follows::
+
+    timesync:
+      servers:
+       - <ip address of NTP_1>
+       - <...>
+       - <ip address of NTP_N>
+
+Another time adjustment related variables are ``'timesync.slewclock'`` and ``'timesync.timezone'`` .
+First one can have value of ``'true'`` or ``'false'`` (default). It controls whether (in case of big time difference compared to server) time should be adjusted gradually by slowing down or speeding up the clock as required (``'true'``) or in one step (``'false'``)::
+
+    timesync:
+      slewclock: true
+
+Second one controls time zone setting on host. It's value should be time zone name according to tz database names with ``'Universal'`` being the default one::
+
+    timesync.
+      timezone: UTC
+
+``'timesync.servers'``, ``'timesync.slewclock'`` and ``'timesync.timezone'`` settings can be used independently.
+
+Final configuration can resemble the following::
 
     resources_dir: /data
     resources_filename: offline-onap-3.0.1-resources.tar
     app_data_path: /opt/onap
     app_name: onap
+    timesync:
+      servers:
+        - 192.168.0.1
+        - 192.168.0.2
+      slewclock: true
+      timezone: UTC
 
 .. _oooi_installguide_config_ssh: