Write_files to NTP container

sjiveson · October 11, 2016, 10:03am

I’m using RancherOS v0.6.0 and v0.6.1 and attempting to write an alternative ntp.conf file using write_files. It’s simply not working. Here’s what I put in my user_config.yml file:

write_files:
  - container: ntp
    path: /etc/ntp.conf
    permissions: "0644"
    owner: root
    content: |
      server x.x.x.x iburst
      # Allow only time queries, at a limited rate, sending KoD when in excess.
      # Allow all local queries (IPv4, IPv6)
      restrict default nomodify nopeer noquery limited kod
      restrict 127.0.0.1
      restrict [::1]
      interface ignore wildcard #Don't listen on all interfaces
      interface listen ipv4 127.0.0.1
      interface listen ipv6 ::1
      # Docker/Rancher Bridge Interfaces
      interface listen ipv4 172.17.0.1
      interface listen ipv4 10.42.0.1

But on reboot, the file is unchanged:

-rw-r--r--   21 root     root           317 Aug 17 16:22 /etc/ntp.conf

Writing files to the default console container works just fine and I’ve tried removing that in case it was interfering - no difference.

joshwget · October 14, 2016, 5:59am

Can you show the output of system-docker logs ntp and system-docker exec ntp cat /etc/ntp.conf?

sjiveson · October 14, 2016, 9:15am

Hey @joshwget, thanks for taking a look.

Here’s the start of the ntp container log:

 5 Oct 16:26:13 ntpd[1]: ntpd 4.2.8p7@1.3265-o Wed Aug 17 16:22:57 UTC 2016 (1): Starting
 5 Oct 16:26:13 ntpd[1]: Command line: ntpd --nofork -g
 5 Oct 16:26:13 ntpd[1]: proto: precision = 0.100 usec (-23)
 5 Oct 16:26:13 ntpd[1]: Listen and drop on 0 v6wildcard [::]:123
 5 Oct 16:26:13 ntpd[1]: Listen and drop on 1 v4wildcard 0.0.0.0:123
 5 Oct 16:26:13 ntpd[1]: Listen normally on 2 lo 127.0.0.1:123
 5 Oct 16:26:13 ntpd[1]: Listen normally on 3 app0 192.168.65.231:123
 5 Oct 16:26:13 ntpd[1]: Listen normally on 4 lo [::1]:123
 5 Oct 16:26:13 ntpd[1]: bind(21) AF_INET6 fe80::215:5dff:fec8:760b%5#123 flags 0x11 failed: Cannot assign requested address
 5 Oct 16:26:13 ntpd[1]: unable to create socket on app0 (5) for fe80::215:5dff:fec8:760b%5#123
 5 Oct 16:26:13 ntpd[1]: failed to init interface for address fe80::215:5dff:fec8:760b%5
 5 Oct 16:26:13 ntpd[1]: Listening on routing socket on fd #21 for interface updates
 5 Oct 16:26:17 ntpd[1]: Listen normally on 6 mgmt0 192.168.82.231:123
 5 Oct 16:26:17 ntpd[1]: bind(25) AF_INET6 fe80::215:5dff:fec8:760c%3#123 flags 0x11 failed: Cannot assign requested address
 5 Oct 16:26:17 ntpd[1]: unable to create socket on mgmt0 (7) for fe80::215:5dff:fec8:760c%3#123
 5 Oct 16:26:17 ntpd[1]: failed to init interface for address fe80::215:5dff:fec8:760c%3

The rest is just this sort of thing (which is why I want to change the config :-):

 7 Oct 22:08:34 ntpd[1]: failed to init interface for address fe80::215:5dff:fec8:760c%3
 7 Oct 22:08:34 ntpd[1]: failed to init interface for address fe80::215:5dff:fec8:760b%5
 8 Oct 19:47:14 ntpd[1]: bind(39) AF_INET6 fe80::215:5dff:fec8:760c%3#123 flags 0x11 failed: Cannot assign requested address
 8 Oct 19:47:14 ntpd[1]: unable to create socket on mgmt0 (2200) for fe80::215:5dff:fec8:760c%3#123
 7 Oct 22:08:36 ntpd[1]: failed to init interface for address fe80::215:5dff:fec8:760c%3
 8 Oct 19:47:14 ntpd[1]: bind(39) AF_INET6 fe80::215:5dff:fec8:760b%5#123 flags 0x11 failed: Cannot assign requested address
 8 Oct 19:47:14 ntpd[1]: unable to create socket on app0 (2201) for fe80::215:5dff:fec8:760b%5#123
 8 Oct 19:48:29 ntpd[1]: bind(39) AF_INET6 fe80::215:5dff:fec8:760c%3#123 flags 0x11 failed: Cannot assign requested address

The output of the cat is:

server 192.168.82.254 iburst
# Allow only time queries, at a limited rate, sending KoD when in excess.
# Allow all local queries (IPv4, IPv6)
restrict default nomodify nopeer noquery limited kod
restrict 127.0.0.1
restrict [::1]
interface ignore wildcard #Don't listen on all interfaces
interface listen ipv4 127.0.0.1
interface listen ipv6 ::1
# Docker/Rancher Bridge Interfaces
interface listen ipv4 172.17.0.1
interface listen ipv4 10.42.0.1

joshwget · October 17, 2016, 5:39pm

Did you put #cloud-config at the top of your file? I tested your exact cloud-config (with that added to the top) and was able to see the file changed.

sjiveson · October 18, 2016, 10:03am

OK, so I’ve just noticed the exec command shows the correct configuration (as I posted earlier) with or without that in place. So Presumably I can ignore the /etc/ntp.conf file as seen in the console container.

I’m not seeing the desired affect but that’s another problem for me, not you. Many thanks.

sjiveson · November 24, 2016, 4:42pm

OK, was looking in the wrong place. Have this working now. For the benefit of others, my configuration file was wrong too, here the corrected version;

write_files:
  - container: ntp
    path: /etc/ntp.conf
    permissions: "0644"
    owner: root
    content: |
      server x.x.x.x iburst
      # Allow only time queries, at a limited rate, sending KoD when in excess.
      # Allow all local queries (IPv4, IPv6)
      restrict default nomodify nopeer noquery limited kod
      restrict 127.0.0.1
      restrict [::1]
      interface ignore wildcard #Don't listen on all interfaces
      interface listen 127.0.0.1
      interface listen ::1
      # Docker/Rancher Bridge Interfaces
      interface listen 172.17.0.1
      interface listen 10.42.0.1

Ledezzz3 · November 25, 2020, 9:11pm

I put same code from manual and yours and still /etc/ntp.conf is not created by the system and filled out with settings.

Perhaps, you know what else should I look for on my OS?