Skip to main content

Configure your Chrony daemon with an Ansible playbook

Ansible can be used to manage daemon configuration files. In this example, you'll see how to manage your Chrony configuration with Ansible.
Configure your Chrony daemon with Ansible

Image by Alexas_Fotos from Pixabay

Chrony is a Network Time Protocol (NTP) daemon and a replacement for the ntpd (Network Time Protocol daemon) that's standard on most *nix systems. Chrony is a newer implementation of the NTP that usually updates time faster and is more accurate than ntpd.

In this example, you've set all necessary settings in your /etc/chrony.conf, and now you want to use this configuration on all your hosts. You can turn the configuration file into an Ansible template and deploy it.

Create a playbook

Assuming that your /etc/chrony.conf looks similar to the following:

server iburst
server iburst
stratumweight 0
driftfile /var/lib/chrony/drift
makestep 10 3
bindcmdaddress ::1
keyfile /etc/chrony.keys
commandkey 1
logchange 0.5
logdir /var/log/chrony

To deploy this configuration to other hosts using Ansible, copy this file to /some/full/path/chrony.conf.j2 on your Ansible control node. Then you can use the following playbook to deploy it to all your managed hosts.

- hosts: all
  - name: make sure chronyd is installed
     name: chrony
     state: latest
     update_cache: yes

  - name: deploy chrony.conf template
     src: /some/full/path/chrony.conf.j2
     dest: /etc/chrony.conf
     owner: root
     group: root
     mode: 0644
     backup: yes

  - name: Restart chronyd
      name: chronyd
      state: restarted

This playbook first makes sure that chrony is installed. That's important because you won't have a /etc/chrony.conf if the service is missing. The second task uses the Ansible template module to deploy your configuration to your hosts. In this example, it copies the exact file to the hosts and sets owner and permission settings. It makes a backup from an existing file before replacing it. And last but not least, the service restarts to make sure the desired configuration file will be used.

Wrap up

Of course, you could use a cron job to run this playbook, once a day or every 30 minutes, for example, to be sure any changes to the file get reset to your desired configuration. You can do this for any system service or configuration file on your systems where consistency is required among all hosts.

[ Need more on Ansible? Take a free technical overview course from Red Hat. Ansible Essentials: Simplicity in Automation Technical Overview. ] 

Topics:   Linux   Linux administration   Ansible  
Author’s photo

Jörg Kastning

Jörg has been a Sysadmin for over ten years now. His fields of operation include Virtualization (VMware), Linux System Administration and Automation (RHEL), Firewalling (Forcepoint), and Loadbalancing (F5). More about me

Try Red Hat Enterprise Linux

Download it at no charge from the Red Hat Developer program.