f78cb9c55c
* Add NTP YANG model Signed-off-by: Yevhen Fastiuk <yfastiuk@nvidia.com> * Extend NTP config generation mechanism Signed-off-by: Yevhen Fastiuk <yfastiuk@nvidia.com> * Add NTP YANG nodel tests Signed-off-by: Yevhen Fastiuk <yfastiuk@nvidia.com> * Add test for NTP Jinja templates Signed-off-by: Yevhen Fastiuk <yfastiuk@nvidia.com> * Add ntpdate package Signed-off-by: Yevhen Fastiuk <yfastiuk@nvidia.com> * Fix 'bad' when auth disabled Signed-off-by: Yevhen Fastiuk <yfastiuk@nvidia.com> * [NTP] Changed owner for ntp keys config file to root and remove read access for other. Signed-off-by: Yevhen Fastiuk <yfastiuk@nvidia.com> * Fix NTP warnings after restarting the service Signed-off-by: Yevhen Fastiuk <yfastiuk@nvidia.com> * Add ability to encrypt/decrypt NTP keys Signed-off-by: Yevhen Fastiuk <yfastiuk@nvidia.com> * Update Configuration reference Signed-off-by: Yevhen Fastiuk <yfastiuk@nvidia.com> * Fix NTP configuration template * Align the description for setting interface * Fix the usage of scoped variable Signed-off-by: Yevhen Fastiuk <yfastiuk@nvidia.com> * Fix YANG model description and tests Signed-off-by: Yevhen Fastiuk <yfastiuk@nvidia.com> * Align NTP test according to fixed condition Signed-off-by: Yevhen Fastiuk <yfastiuk@nvidia.com> * Allow eth0 to be as source ifc without defining it Signed-off-by: Yevhen Fastiuk <yfastiuk@nvidia.com> * Update sample config with NTP config Signed-off-by: Yevhen Fastiuk <yfastiuk@nvidia.com> --------- Signed-off-by: Yevhen Fastiuk <yfastiuk@nvidia.com>
58 lines
2.5 KiB
Bash
58 lines
2.5 KiB
Bash
#!/bin/sh
|
|
|
|
# This file was originally created automatically as part of default NTP application installation from debian package.
|
|
# This is now manually modified for supporting NTP in management VRF.
|
|
# When management VRF is enabled, the NTP application should be started using "ip vrf exec mgmt".
|
|
# Check has been added to verify the management VRF enabled status and use "ip vrf exec mgmt" when it is enabled.
|
|
# This file will be copied to /usr/lib/ntp/ntp-systemd-wrapper file that gets created during build process.
|
|
|
|
DAEMON=/usr/sbin/ntpd
|
|
PIDFILE=/var/run/ntpd.pid
|
|
|
|
if [ -r /etc/default/ntp ]; then
|
|
. /etc/default/ntp
|
|
fi
|
|
|
|
dhcp=$(/usr/local/bin/sonic-cfggen -d -v 'NTP["global"]["dhcp"]' 2> /dev/null)
|
|
if [ -e /run/ntp.conf.dhcp ] && [ "$dhcp" = "enabled" ]; then
|
|
NTPD_OPTS="$NTPD_OPTS -c /run/ntp.conf.dhcp"
|
|
fi
|
|
|
|
LOCKFILE=/run/lock/ntpdate
|
|
|
|
RUNASUSER=ntp
|
|
UGID=$(getent passwd $RUNASUSER | cut -f 3,4 -d:) || true
|
|
if test "$(uname -s)" = "Linux"; then
|
|
NTPD_OPTS="$NTPD_OPTS -u $UGID"
|
|
fi
|
|
|
|
(
|
|
flock -w 180 9
|
|
ntpEnabled=$(/usr/local/bin/sonic-cfggen -d -v 'NTP["global"]["admin_state"]' 2> /dev/null)
|
|
if [ "$ntpEnabled" = "disabled" ]
|
|
then
|
|
logger -p INFO -t "ntpd" "Stopping NTP daemon"
|
|
start-stop-daemon --stop --quiet --oknodo --pidfile $PIDFILE
|
|
exit 0
|
|
fi
|
|
|
|
# when mgmt vrf is configured, ntp starts in mgmt vrf by default unless user configures otherwise
|
|
vrfEnabled=$(/usr/local/bin/sonic-cfggen -d -v 'MGMT_VRF_CONFIG["vrf_global"]["mgmtVrfEnabled"]' 2> /dev/null)
|
|
vrfConfigured=$(/usr/local/bin/sonic-cfggen -d -v 'NTP["global"]["vrf"]' 2> /dev/null)
|
|
if [ "$vrfEnabled" = "true" ]
|
|
then
|
|
if [ "$vrfConfigured" = "default" ]
|
|
then
|
|
logger -p INFO -t "ntpd" "Starting NTP server in default-vrf for default set as NTP vrf" "ntpd"
|
|
start-stop-daemon --start --quiet --oknodo --pidfile $PIDFILE --startas $DAEMON -- -p $PIDFILE $NTPD_OPTS
|
|
else
|
|
logger -p INFO -t "ntpd" "Starting NTP server in mgmt-vrf"
|
|
ip vrf exec mgmt start-stop-daemon --start --quiet --oknodo --pidfile $PIDFILE --startas $DAEMON -- -p $PIDFILE $NTPD_OPTS
|
|
fi
|
|
else
|
|
logger -p INFO -t "ntpd" "Starting NTP server in default-vrf"
|
|
start-stop-daemon --start --quiet --oknodo --pidfile $PIDFILE --startas $DAEMON -- -p $PIDFILE $NTPD_OPTS
|
|
fi
|
|
) 9>$LOCKFILE
|
|
|