[NTP] 🐞 Fix config template to init default parameters #18736
Conversation
fastiuk
changed the title
fastiuk
requested review from
saiarcot895,
qiluo-msft,
lguohan and
oleksandrivantsiv
|
You mentioned "The NTP_SERVER configuration generated from the minigraph doesn't meet the new schema requirements" in the issue. To solve the problem, it is better to fix the schema (https://github.com/sonic-net/sonic-buildimage/blob/master/src/sonic-yang-models/yang-models/sonic-ntp.yang) instead of fixing the config generation behavior. The behavior is old from 2017. Any new schema design should be backward-compatible. #Closed |
|
Please check db_migrator, https://github.com/sonic-net/sonic-utilities/blob/master/scripts/db_migrator.py |
Minigraph doesn't use YANG to generate config, because there are default values in YANG. Anyway I already changed ntp.conf.j2 template according to your request, so it will preserve backward compatibility |
No need according to changes @qiluo-msft requested |
fastiuk
changed the title
|
/azpw run Azure.sonic-buildimage |
|
/AzurePipelines run Azure.sonic-buildimage |
|
Azure Pipelines successfully started running 1 pipeline(s). |
|
The PR checker was failed because ntpsec does not support |
|
/azpw run Azure.sonic-buildimage |
|
/AzurePipelines run Azure.sonic-buildimage |
|
Azure Pipelines successfully started running 1 pipeline(s). |
fastiuk
force-pushed
the
dev-ntp-fix
branch
2 times, most recently
from
5210cce to
214d453
Compare
Signed-off-by: Yevhen Fastiuk <[email protected]>
|
How do we configure some of the config params like config.iburst, config.resolve_as, etc. for NTP server used in this j2 file via sonic-mgmt? Is there any document to refer to? |
|
@oleksandrivantsiv @dgsudharsan could you please help to review this fix? |
|
/azpw run Azure.sonic-buildimage |
| {% if global.server_role == 'disabled' %} | ||
| restrict {{ config_as }} kod limited nomodify notrap noquery{{ aoptions }} |
There was a problem hiding this comment.
Can you please clarify why notrap and aoptions are removed?
There was a problem hiding this comment.
nopeer and notrap is not supported by ntp-sec anymore. You can check its reference here: https://docs.ntpsec.org/latest/accopt.html
aoptions was used to add nopeer based on condition (if server is not a pool), but now it is not needed anymore.
There was a problem hiding this comment.
@fastiuk Then we may need to raise a separate PR for 202311 as 202311 doesn't use bookworm. @saiarcot895 FYI
|
/azpw run Azure.sonic-buildimage |
|
/AzurePipelines run Azure.sonic-buildimage |
|
Azure Pipelines successfully started running 1 pipeline(s). |
|
@oleksandrivantsiv @dgsudharsan : checkers are passed. All comments handled, please approve if looks good |
|
@qiluo-msft the PR was approved. Could you please merge it? |
fixes sonic-net#17906 #### Why I did it To fix NTP config generation from the minigraph and save backward compatability #### How I did it Align `ntp.conf.j2` template to generate config out of empty `NTP_SERVER` DB configuration #### How to verify it Out of that NTP_SERVER configuration: ```json { "10.210.25.32": {}, "10.75.202.2": {} } ``` The next config in `ntp.conf` file should be produced: ``` server 10.210.25.32 restrict 10.210.25.32 kod limited nomodify notrap noquery nopeer server 10.75.202.2 restrict 10.75.202.2 kod limited nomodify notrap noquery nopeer ```
fixes sonic-net#17906 To fix NTP config generation from the minigraph and save backward compatability Align `ntp.conf.j2` template to generate config out of empty `NTP_SERVER` DB configuration Out of that NTP_SERVER configuration: ```json { "10.210.25.32": {}, "10.75.202.2": {} } ``` The next config in `ntp.conf` file should be produced: ``` server 10.210.25.32 restrict 10.210.25.32 kod limited nomodify notrap noquery nopeer server 10.75.202.2 restrict 10.75.202.2 kod limited nomodify notrap noquery nopeer ``` Signed-off-by: Yevhen Fastiuk <[email protected]>
fixes #17906 To fix NTP config generation from the minigraph and save backward compatability Align `ntp.conf.j2` template to generate config out of empty `NTP_SERVER` DB configuration Out of that NTP_SERVER configuration: ```json { "10.210.25.32": {}, "10.75.202.2": {} } ``` The next config in `ntp.conf` file should be produced: ``` server 10.210.25.32 restrict 10.210.25.32 kod limited nomodify notrap noquery nopeer server 10.75.202.2 restrict 10.75.202.2 kod limited nomodify notrap noquery nopeer ``` Signed-off-by: Yevhen Fastiuk <[email protected]>
fixes #17906
Why I did it
To fix NTP config generation from the minigraph and save backward compatability
Work item tracking
How I did it
Align
ntp.conf.j2template to generate config out of emptyNTP_SERVERDB configurationHow to verify it
Out of that NTP_SERVER configuration:
{ "10.210.25.32": {}, "10.75.202.2": {} }The next config in
ntp.conffile should be produced:Which release branch to backport (provide reason below if selected)
Tested branch (Please provide the tested image version)
Description for the changelog
Link to config_db schema for YANG module changes
A picture of a cute animal (it is my cat Finn)