add chronyd

This commit is contained in:
Joseph Hanson 2024-10-22 11:26:30 -05:00
parent 347aa68119
commit 1f6a00c005
Signed by: jahanson
SSH key fingerprint: SHA256:vy6dKBECV522aPAwklFM3ReKAVB086rT3oWwiuiFG7o
5 changed files with 116 additions and 0 deletions

View file

@ -0,0 +1,56 @@
---
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: &app chronyd
spec:
chart:
spec:
chart: app-template
version: 3.5.1
interval: 30m
sourceRef:
kind: HelmRepository
name: bjw-s
namespace: flux-system
interval: 30m
values:
controllers:
chronyd:
type: daemonset
strategy: RollingUpdate
annotations:
reloader.stakater.com/auto: "true"
pod:
tolerations:
- key: node-role.kubernetes.io/master
effect: NoSchedule
containers:
app:
image:
repository: docker.io/library/rockylinux
tag: 9
args:
- "/bin/bash"
- "-c"
- "dnf install -y chrony iputils dnsutils && chronyd -n -d"
resources:
requests:
cpu: 23m
memory: 50M
securityContext:
privileged: true
persistence:
config:
type: configMap
name: chronyd-configmap
globalMounts:
- path: /etc/chrony.conf
subPath: chrony.conf
readOnly: true
data:
type: emptyDir
globalMounts:
- path: /var/lib/chrony

View file

@ -0,0 +1,12 @@
---
# yaml-language-server: $schema=https://json.schemastore.org/kustomization
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ./helmrelease.yaml
configMapGenerator:
- name: chronyd-configmap
files:
- chrony.conf=./resources/chrony.conf
generatorOptions:
disableNameSuffixHash: true

View file

@ -0,0 +1,27 @@
# Cloudflare time servers
server time.cloudflare.com iburst
# Record the rate at which the system clock gains/losses time.
driftfile /var/lib/chrony/drift
# Allow the system clock to be stepped in the first three updates
# if its offset is larger than 1 second.
makestep 1.0 3
# Enable kernel synchronization of the real-time clock (RTC).
rtcsync
# Specify file containing keys for NTP authentication.
keyfile /etc/chrony.keys
# Save NTS keys and cookies.
ntsdumpdir /var/lib/chrony
# Insert/delete leap seconds by slewing instead of stepping.
#leapsecmode slew
# Get TAI-UTC offset and leap seconds from the system tz database.
leapsectz right/UTC
# Specify directory for log files.
logdir /var/log/chrony

View file

@ -0,0 +1,20 @@
---
# yaml-language-server: $schema=https://ks.hsn.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
name: &app chronyd
namespace: flux-system
spec:
targetNamespace: kube-system
commonMetadata:
labels:
app.kubernetes.io/name: *app
path: ./kubernetes/apps/kube-system/chronyd/app
prune: true
sourceRef:
kind: GitRepository
name: theshire
wait: false
interval: 30m
timeout: 5m

View file

@ -6,6 +6,7 @@ resources:
# Pre Flux-Kustomizations
- ./namespace.yaml
# Flux-Kustomizations
- ./chronyd/ks.yaml
- ./cilium/ks.yaml
- ./coredns/ks.yaml
- ./descheduler/ks.yaml