NTP Charm

Merge ~hloeung/ntp-charm:master into ntp-charm:master

  1. Git
  2. lp:~hloeung/ntp-charm
  3. master
  4. Merge into master
Proposed by Haw Loeung
Status: Merged
Approved by: Barry Price
Approved revision: a7058fd46f3f428d84bbf9f128c5ccaf4f3534ba
Merged at revision: 9543527ad8a294cce74cfb77be41b92a76076525
Proposed branch: ~hloeung/ntp-charm:master
Merge into: ntp-charm:master
Diff against target: 13 lines (+2/-0)
1 file modified
templates/ntp.conf (+2/-0)
Reviewer Review Type Date Requested Status
Barry Price Approve
Canonical IS Reviewers Pending
Paul Gear Pending
Canonical IS Reviewers Pending
Review via email: mp+374768@code.launchpad.net

This proposal supersedes a proposal from 2017-08-29.

Commit message

Ignore IPv6 link-local interfaces

Description of the change

Ignore IPv6 link-local interfaces

For hosts with lots of VMs (e.g. OpenStack compute nodes), this makes
ntp listen on a bunch of interfaces and restart whenever they change.

To post a comment you must log in.
Revision history for this message
Paul Gear (paulgear) wrote : Posted in a previous version of this proposal

Can you show an example of ntp restarting when these interfaces change? As I understand it, ntpd will listen when it finds a new interface, but this shouldn't require a restart.

review: Needs Information
Revision history for this message
Haw Loeung (hloeung) wrote : Posted in a previous version of this proposal

Ah, I was mis-remembering and that was ntpdate's ifup scripts that was bouncing ntpd on interface changes - LP: #1593907.

I still think this change should be landed reducing the interfaces ntpd listens on. It's not likely hosts would query ntp servers on the same network using their link-local address.

Revision history for this message
Paul Gear (paulgear) wrote : Posted in a previous version of this proposal

I'd have to look up the exact behaviour of the 'interface ignore' directive, but it may have implications for receiving replies sent to servers on such interfaces.

Revision history for this message
Haw Loeung (hloeung) wrote : Posted in a previous version of this proposal

Revisiting this:

Oct 27 21:44:51 bagon ntpd[148367]: Listen normally on 111928 qvbd9672bb7-c2 [fe80::5c2d:6eff:fea5:ccfb%641987]:123
Oct 27 21:44:51 bagon ntpd[148367]: Listen normally on 111929 tapd9672bb7-c2 [fe80::fc16:3eff:fe03:719a%641988]:123
Oct 27 21:44:51 bagon ntpd[148367]: Deleting interface #111876 qvo9c34b0d9-ce, fe80::bcb5:97ff:fe22:bf8c%641926#123, interface stats: received=0, sent=0, dropped=0, active_time=134 secs
Oct 27 21:44:51 bagon ntpd[148367]: Deleting interface #111877 qvb9c34b0d9-ce, fe80::c58:9dff:feb9:32ee%641927#123, interface stats: received=0, sent=0, dropped=0, active_time=134 secs
Oct 27 21:44:51 bagon ntpd[148367]: Deleting interface #111891 tapa2a325c3-04, fe80::fc16:3eff:fe41:bc52%641943#123, interface stats: received=0, sent=0, dropped=0, active_time=105 secs
Oct 27 21:44:51 bagon ntpd[148367]: Deleting interface #111919 tap9c34b0d9-ce, fe80::fc16:3eff:fed0:fbd6%641976#123, interface stats: received=0, sent=0, dropped=0, active_time=41 secs
Oct 27 21:44:51 bagon ntpd[148367]: new interface(s) found: waking up resolver
Oct 27 21:44:57 bagon ntpd[148367]: ./../lib/isc/unix/ifiter_getifaddrs.c:163: INSIST(ifa->ifa_name != ((void *)0)) failed
Oct 27 21:44:57 bagon ntpd[148367]: exiting (due to assertion failure)

Revision history for this message
🤖 Canonical IS Merge Bot (canonical-is-mergebot) wrote : Posted in a previous version of this proposal

This merge proposal is being monitored by mergebot. Change the status to Approved to merge.

Revision history for this message
🤖 Canonical IS Merge Bot (canonical-is-mergebot) wrote : Posted in a previous version of this proposal

Unable to determine commit message from repository - please click "Set commit message" and enter the commit message manually.

Revision history for this message
Haw Loeung (hloeung) wrote : Posted in a previous version of this proposal

Oct 27 22:19:26 bagon ntpd[27598]: Listen and drop on 0 v6wildcard [::]:123
Oct 27 22:19:26 bagon ntpd[27598]: Listen and drop on 1 v4wildcard 0.0.0.0:123
Oct 27 22:19:26 bagon ntpd[27598]: Listen normally on 2 lo 127.0.0.1:123
Oct 27 22:19:26 bagon ntpd[27598]: Listen normally on 3 enP5p9s0f0 10.189.0.37:123
Oct 27 22:19:26 bagon ntpd[27598]: Listen normally on 4 enP5p9s0f1 10.189.4.40:123
Oct 27 22:19:26 bagon ntpd[27598]: Listen normally on 5 qvbc2a16872-4b [fe80::6878:b2ff:feac:1e1e%178432]:123
Oct 27 22:19:26 bagon ntpd[27598]: Listen normally on 6 lo [::1]:123
Oct 27 22:19:26 bagon ntpd[27598]: Listen normally on 7 enP5p9s0f0 [fe80::9abe:94ff:fe01:4adc%2]:123
Oct 27 22:19:26 bagon ntpd[27598]: Listen normally on 8 qvo56d9a306-7c [fe80::f012:54ff:fe37:e8ed%233731]:123
Oct 27 22:19:26 bagon ntpd[27598]: Listen normally on 9 qvoe79559da-6c [fe80::f4b7:50ff:feb7:c857%69891]:123
Oct 27 22:19:26 bagon ntpd[27598]: Listen normally on 10 enP5p9s0f1 [fe80::9abe:94ff:fe01:4add%3]:123

vs.

Oct 27 22:27:54 bagon ntpd[60944]: Listen and drop on 0 v6wildcard [::]:123
Oct 27 22:27:54 bagon ntpd[60944]: Listen and drop on 1 v4wildcard 0.0.0.0:123
Oct 27 22:27:54 bagon ntpd[60944]: Listen normally on 2 lo 127.0.0.1:123
Oct 27 22:27:54 bagon ntpd[60944]: Listen normally on 3 enP5p9s0f0 10.189.0.37:123
Oct 27 22:27:54 bagon ntpd[60944]: Listen normally on 4 enP5p9s0f1 10.189.4.40:123
Oct 27 22:27:54 bagon ntpd[60944]: Listen normally on 5 lo [::1]:123
Oct 27 22:27:54 bagon ntpd[60944]: Listening on routing socket on fd #22 for interface updates

Revision history for this message
Barry Price (barryprice) wrote : Posted in a previous version of this proposal

Makes sense, +1

review: Approve
Revision history for this message
🤖 Canonical IS Merge Bot (canonical-is-mergebot) wrote : Posted in a previous version of this proposal

Merge proposal is approved, but source revision has changed, setting status to needs review.

Revision history for this message
🤖 Canonical IS Merge Bot (canonical-is-mergebot) wrote : Posted in a previous version of this proposal

Merge proposal is approved, but source revision has changed, setting status to needs review.

Revision history for this message
Barry Price (barryprice) wrote :

Yup

review: Approve
Revision history for this message
🤖 Canonical IS Merge Bot (canonical-is-mergebot) wrote :

This merge proposal is being monitored by mergebot. Change the status to Approved to merge.

Revision history for this message
🤖 Canonical IS Merge Bot (canonical-is-mergebot) wrote :

Change successfully merged at revision 9543527ad8a294cce74cfb77be41b92a76076525

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
diff --git a/templates/ntp.conf b/templates/ntp.conf
index 1a38ecf..6c64ca4 100644
--- a/templates/ntp.conf
+++ b/templates/ntp.conf
@@ -14,6 +14,8 @@ restrict -6 default kod notrap nomodify nopeer noquery limited
14restrict source notrap nomodify noquery14restrict source notrap nomodify noquery
15restrict 127.0.0.115restrict 127.0.0.1
16restrict ::116restrict ::1
17interface listen all
18interface ignore fe80::/10
1719
18{%- if is_container == 1 %}20{%- if is_container == 1 %}
19# running in a container - time adjustments disabled21# running in a container - time adjustments disabled

Subscribers

People subscribed via source and target branches