Subscribe to the feed

Configure your Chrony daemon with an Ansible playbook

July 29, 2021Jörg Kastning1-minute read
Linux Automation and management 

Chrony is a Network Time Protocol (NTP) daemon and a replacement for the ntpd (Network Time Protocol daemon) that's standard on most *nix systems. Chrony is a newer implementation of the NTP that usually updates time faster and is more accurate than ntpd.

In this example, you've set all necessary settings in your /etc/chrony.conf, and now you want to use this configuration on all your hosts. You can turn the configuration file into an Ansible template and deploy it.

Create a playbook

Assuming that your /etc/chrony.conf looks similar to the following:

server 192.168.0.1 iburst
server 192.168.0.2 iburst
stratumweight 0
driftfile /var/lib/chrony/drift
rtcsync
makestep 10 3
bindcmdaddress 127.0.0.1
bindcmdaddress ::1
keyfile /etc/chrony.keys
commandkey 1
generatecommandkey
noclientlog
logchange 0.5
logdir /var/log/chrony

To deploy this configuration to other hosts using Ansible, copy this file to /some/full/path/chrony.conf.j2 on your Ansible control node. Then you can use the following playbook to deploy it to all your managed hosts.

---
- hosts: all
  tasks:
  - name: make sure chronyd is installed
    yum:
     name: chrony
     state: latest
     update_cache: yes

  - name: deploy chrony.conf template
    template:
     src: /some/full/path/chrony.conf.j2
     dest: /etc/chrony.conf
     owner: root
     group: root
     mode: 0644
     backup: yes

  - name: Restart chronyd
    service:
      name: chronyd
      state: restarted

This playbook first makes sure that chrony is installed. That's important because you won't have a /etc/chrony.conf if the service is missing. The second task uses the Ansible template module to deploy your configuration to your hosts. In this example, it copies the exact file to the hosts and sets owner and permission settings. It makes a backup from an existing file before replacing it. And last but not least, the service restarts to make sure the desired configuration file will be used.

Wrap up

Of course, you could use a cron job to run this playbook, once a day or every 30 minutes, for example, to be sure any changes to the file get reset to your desired configuration. You can do this for any system service or configuration file on your systems where consistency is required among all hosts.

[ Need more on Ansible? Take a free technical overview course from Red Hat. Ansible Essentials: Simplicity in Automation Technical Overview. ] 

About the author

Jörg Kastning

Jörg Kastning

Jörg has been a Sysadmin for over ten years now. His fields of operation include Virtualization (VMware), Linux System Administration and Automation (RHEL), Firewalling (Forcepoint), and Loadbalancing (F5). He is a member of the Red Hat Accelerators Community and author of his personal blog at https://www.my-it-brain.de.

Read full bio
UI_Icon-Red_Hat-Close-A-Black-RGB

More like this

Blog post

Telenor offers a slice of 5G at the edge for AI apps

Blog post

Network observability: Optimized anomaly detection with AI/ML

Original shows

Transforming Your Acquisition

Original shows

Transforming Your Timelines | Code Comments

Browse by channel

Explore all channels
automation icon

Automation

The latest on IT automation for tech, teams, and environments
AI icon

Artificial intelligence

Updates on the platforms that free customers to run AI workloads anywhere
open hybrid cloud icon

Open hybrid cloud

Explore how we build a more flexible future with hybrid cloud
security icon

Security

The latest on how we reduce risks across environments and technologies
edge icon

Edge computing

Updates on the platforms that simplify operations at the edge
Infrastructure icon

Infrastructure

The latest on the world’s leading enterprise Linux platform
application development icon

Applications

Inside our solutions to the toughest application challenges
Original series icon

Original shows

Entertaining stories from the makers and leaders in enterprise tech