使用 RHEL 角色

  1. 查看 timesync 角色文件的範例:
    [deyu1@kvm19 ansible]$ grep ^Ex -A17 /usr/share/ansible/roles/\
    rhel-system-roles.timesync/README.md
    Example Playbook
    ----------------
    
    Install and configure ntp to synchronize the system clock with three NTP servers:
    
    “`yaml
    - hosts: targets
      vars:
        timesync_ntp_servers:
          - hostname: foo.example.com
            iburst: yes
          - hostname: bar.example.com
            iburst: yes
          - hostname: baz.example.com
            iburst: yes
      roles:
        - rhel-system-roles.timesync
    
  2. 要使用 RHEL 角色,可複製 rhel-system-roles 套件提供的 playbook 範例做修改,不用自己寫。例如:複製 timesync 角色 playbook 範例到 ansible 工作目錄。
    [deyu1@kvm19 ansible]$ cp /usr/share/doc/rhel-system-roles/timesync/\
    example-timesync-playbook.yml timesync.yml
    
  3. 編輯複製來的 timesync.yml,所有受管主機使用 timesync 角色啟動校時服務,時間伺服器 192.168.122.1,啟用 iburst 參數。
    [deyu1@kvm19 ansible]$ vim timesync.yml
    [deyu1@kvm19 ansible]$ cat timesync.yml
    ---
    - hosts: all
      vars:
        timesync_ntp_servers:
          - hostname: 192.168.122.1
            iburst: yes
      roles:
        - rhel-system-roles.timesync
    
  4. ansible-playbook 執行 timesync.yml 腳本,以下是只做 dev 主機的結果,最後輸出 failed=0 表示成功,過程中有些錯誤是可被忽略 (ignored=6)。
    [deyu1@kvm19 ansible]$ ansible-playbook timesync.yml
    
    PLAY [dev] *********************************************************************
    
    TASK [Gathering Facts] *********************************************************
    ok: [kvm11]
    
    TASK [rhel-system-roles.timesync : Check if only NTP is needed] ****************
    ok: [kvm11]
    
    TASK [rhel-system-roles.timesync : Check if single PTP is needed] **************
    skipping: [kvm11]
    
    TASK [rhel-system-roles.timesync : Check if both NTP and PTP are needed] *******
    skipping: [kvm11]
    
    TASK [rhel-system-roles.timesync : Determine current NTP provider] *************
    ok: [kvm11]
    
    TASK [rhel-system-roles.timesync : Select NTP provider] ************************
    [DEPRECATION WARNING]: Using tests as filters is deprecated. Instead of using 
    `result|version_compare` use `result is version_compare`. This feature will be 
    removed in version 2.9. Deprecation warnings can be disabled by setting 
    deprecation_warnings=False in ansible.cfg.
    ok: [kvm11]
    
    TASK [rhel-system-roles.timesync : Install chrony] *****************************
    ok: [kvm11]
    
    TASK [rhel-system-roles.timesync : Install ntp] ********************************
    skipping: [kvm11]
    
    TASK [rhel-system-roles.timesync : Install linuxptp] ***************************
    skipping: [kvm11]
    
    TASK [rhel-system-roles.timesync : Run phc_ctl on PTP interface] ***************
    skipping: [kvm11]
    
    TASK [rhel-system-roles.timesync : Check if PTP interface supports HW timestamping] ***
    skipping: [kvm11]
    
    TASK [rhel-system-roles.timesync : Get chrony version] *************************
    ok: [kvm11]
    
    TASK [rhel-system-roles.timesync : Get ntp version] ****************************
    skipping: [kvm11]
    
    TASK [rhel-system-roles.timesync : Generate chrony.conf file] ******************
    [DEPRECATION WARNING]: Using tests as filters is deprecated. Instead of using 
    `result|version_compare` use `result is version_compare`. This feature will be 
    removed in version 2.9. Deprecation warnings can be disabled by setting 
    deprecation_warnings=False in ansible.cfg.
    changed: [kvm11]
    
    TASK [rhel-system-roles.timesync : Generate chronyd sysconfig file] ************
    changed: [kvm11]
    
    TASK [rhel-system-roles.timesync : Generate ntp.conf file] *********************
    skipping: [kvm11]
    
    TASK [rhel-system-roles.timesync : Generate ntpd sysconfig file] ***************
    skipping: [kvm11]
    
    TASK [rhel-system-roles.timesync : Generate ptp4l.conf file] *******************
    skipping: [kvm11]
    
    TASK [rhel-system-roles.timesync : Generate ptp4l sysconfig file] **************
    skipping: [kvm11]
    
    TASK [rhel-system-roles.timesync : Generate phc2sys sysconfig file] ************
    skipping: [kvm11]
    
    TASK [rhel-system-roles.timesync : Generate timemaster.conf file] **************
    skipping: [kvm11]
    
    TASK [rhel-system-roles.timesync : Update network sysconfig file] **************
    changed: [kvm11]
    
    TASK [rhel-system-roles.timesync : Disable chronyd] ****************************
    skipping: [kvm11]
    
    TASK [rhel-system-roles.timesync : Disable ntpd] *******************************
    fatal: [kvm11]: FAILED! => {"changed": false, "msg": "Could not find the requested service ntpd: host"}
    ...ignoring
    
    TASK [rhel-system-roles.timesync : Disable ntpdate] ****************************
    fatal: [kvm11]: FAILED! => {"changed": false, "msg": "Could not find the requested service ntpdate: host"}
    ...ignoring
    
    TASK [rhel-system-roles.timesync : Disable sntp] *******************************
    fatal: [kvm11]: FAILED! => {"changed": false, "msg": "Could not find the requested service sntp: host"}
    ...ignoring
    
    TASK [rhel-system-roles.timesync : Disable ptp4l] ******************************
    fatal: [kvm11]: FAILED! => {"changed": false, "msg": "Could not find the requested service ptp4l: host"}
    ...ignoring
    
    TASK [rhel-system-roles.timesync : Disable phc2sys] ****************************
    fatal: [kvm11]: FAILED! => {"changed": false, "msg": "Could not find the requested service phc2sys: host"}
    ...ignoring
    
    TASK [rhel-system-roles.timesync : Disable timemaster] *************************
    fatal: [kvm11]: FAILED! => {"changed": false, "msg": "Could not find the requested service timemaster: host"}
    ...ignoring
    
    TASK [rhel-system-roles.timesync : Enable chronyd] *****************************
    ok: [kvm11]
    
    TASK [rhel-system-roles.timesync : Enable ntpd] ********************************
    skipping: [kvm11]
    
    TASK [rhel-system-roles.timesync : Enable ptp4l] *******************************
    skipping: [kvm11]
    
    TASK [rhel-system-roles.timesync : Enable phc2sys] *****************************
    skipping: [kvm11]
    
    TASK [rhel-system-roles.timesync : Enable timemaster] **************************
    skipping: [kvm11]
    
    RUNNING HANDLER [rhel-system-roles.timesync : restart chronyd] *****************
    changed: [kvm11]
    
    PLAY RECAP *********************************************************************
    kvm11 : ok=17 changed=4 unreachable=0 failed=0 skipped=18 rescued=0 ignored=6
    
  5. 登入 kvm11 查看 chrony.conf 是否依 timesync.yml 腳本配置校時伺服器及參數?
    [deyu1@kvm19 ansible]$ ssh kvm11 "grep ^server /etc/chrony.conf"
    server 192.168.122.1 iburst