[Why] By container to provide network time synchronization service for virtual and physical machines.
Signed-off-by: Wang Chenglong 18509160991@163.com --- container/ntp-server/Dockerfile | 16 ++++++++ container/ntp-server/build | 5 +++ container/ntp-server/ntp.conf | 57 ++++++++++++++++++++++++++++ container/ntp-server/start | 16 ++++++++ container/ntp-server/start-server.sh | 7 ++++ 5 files changed, 101 insertions(+) create mode 100644 container/ntp-server/Dockerfile create mode 100755 container/ntp-server/build create mode 100644 container/ntp-server/ntp.conf create mode 100755 container/ntp-server/start create mode 100755 container/ntp-server/start-server.sh
diff --git a/container/ntp-server/Dockerfile b/container/ntp-server/Dockerfile new file mode 100644 index 0000000..6d95bf2 --- /dev/null +++ b/container/ntp-server/Dockerfile @@ -0,0 +1,16 @@ +# SPDX-License-Identifier: MulanPSL-2.0+ +# Copyright (c) 2020 Huawei Technologies Co., Ltd. All rights reserved. + +FROM centos:7 + +RUN yum repolist +RUN yum -y install ntp \ + && yum clean all + +COPY ntp.conf /etc/ntp.conf +COPY start-server.sh / + +EXPOSE 123 + +ENTRYPOINT ["/start-server.sh"] +CMD ["sh"] diff --git a/container/ntp-server/build b/container/ntp-server/build new file mode 100755 index 0000000..c02152a --- /dev/null +++ b/container/ntp-server/build @@ -0,0 +1,5 @@ +#!/bin/bash +# SPDX-License-Identifier: MulanPSL-2.0+ +# Copyright (c) 2020 Huawei Technologies Co., Ltd. All rights reserved. + +docker build -t ntp_server . diff --git a/container/ntp-server/ntp.conf b/container/ntp-server/ntp.conf new file mode 100644 index 0000000..3152fd3 --- /dev/null +++ b/container/ntp-server/ntp.conf @@ -0,0 +1,57 @@ +For more information about this file, see the ntp.conf(5) man page. + +# Record the frequency of the system clock. +driftfile /var/lib/ntp/drift + +# Permit time synchronization with our time source, but do not +# permit the source to query or modify the service on this system. +restrict default nomodify notrap nopeer noepeer noquery + +# Permit association with pool servers. +restrict source nomodify notrap noepeer noquery + +# Permit all access over the loopback interface. This could +# be tightened as well, but to do so would effect some of +# the administrative functions. +restrict 127.0.0.1 +restrict ::1 + +# Hosts on local network are less restricted. +restrict 172.0.0.0 mask 255.0.0.0 nomodify notrap + +# Use public servers from the pool.ntp.org project. +# Please consider joining the pool (http://www.pool.ntp.org/join.html). +# pool 2.openEuler.pool.ntp.org iburst +server 0.centos.pool.ntp.org +server 1.centos.pool.ntp.org +server 2.centos.pool.ntp.org +server 3.centos.pool.ntp.org + +server 127.127.1.0 +fudge 127.127.1.0 stratum 8 + + +# Reduce the maximum number of servers used from the pool. +tos maxclock 5 + +# Enable public key cryptography. +# crypto + +includefile /etc/ntp/crypto/pw + +# Key file containing the keys and key identifiers used when operating +# with symmetric key cryptography. +keys /etc/ntp/keys + +# Specify the key identifiers which are trusted. +# trustedkey 4 8 42 + +# Specify the key identifier to use with the ntpdc utility. +# requestkey 8 + +# Specify the key identifier to use with the ntpq utility. +# controlkey 8 + +# Enable writing of statistics records. +# statistics clockstats cryptostats loopstats peerstats + diff --git a/container/ntp-server/start b/container/ntp-server/start new file mode 100755 index 0000000..6e7479e --- /dev/null +++ b/container/ntp-server/start @@ -0,0 +1,16 @@ +#!/bin/bash +# SPDX-License-Identifier: MulanPSL-2.0+ +# Copyright (c) 2020 Huawei Technologies Co., Ltd. All rights reserved. + +. ../defconfig.sh + +docker_rm ntp_server +cmd=( + docker run + -id + --name=ntp_server + -p 123:123/udp + ntp_server:latest +) + +"${cmd[@]}" diff --git a/container/ntp-server/start-server.sh b/container/ntp-server/start-server.sh new file mode 100755 index 0000000..8f35f22 --- /dev/null +++ b/container/ntp-server/start-server.sh @@ -0,0 +1,7 @@ +#!/bin/sh +# SPDX-License-Identifier: MulanPSL-2.0+ +# # Copyright (c) 2020 Huawei Technologies Co., Ltd. All rights reserved. + +/usr/sbin/ntpd -g -l /var/log/ntpstats/ntpd.log + +exec "$@"
On Thu, Oct 29, 2020 at 12:33:42PM +0800, Wang Chenglong wrote:
[Why] By container to provide network time synchronization service for virtual and physical machines.
Signed-off-by: Wang Chenglong 18509160991@163.com
container/ntp-server/Dockerfile | 16 ++++++++ container/ntp-server/build | 5 +++ container/ntp-server/ntp.conf | 57 ++++++++++++++++++++++++++++ container/ntp-server/start | 16 ++++++++ container/ntp-server/start-server.sh | 7 ++++ 5 files changed, 101 insertions(+) create mode 100644 container/ntp-server/Dockerfile create mode 100755 container/ntp-server/build create mode 100644 container/ntp-server/ntp.conf create mode 100755 container/ntp-server/start create mode 100755 container/ntp-server/start-server.sh
diff --git a/container/ntp-server/Dockerfile b/container/ntp-server/Dockerfile new file mode 100644 index 0000000..6d95bf2 --- /dev/null +++ b/container/ntp-server/Dockerfile @@ -0,0 +1,16 @@ +# SPDX-License-Identifier: MulanPSL-2.0+ +# Copyright (c) 2020 Huawei Technologies Co., Ltd. All rights reserved.
+FROM centos:7
+RUN yum repolist +RUN yum -y install ntp \
- && yum clean all
+COPY ntp.conf /etc/ntp.conf +COPY start-server.sh /
+EXPOSE 123
+ENTRYPOINT ["/start-server.sh"] +CMD ["sh"] diff --git a/container/ntp-server/build b/container/ntp-server/build new file mode 100755 index 0000000..c02152a --- /dev/null +++ b/container/ntp-server/build @@ -0,0 +1,5 @@ +#!/bin/bash +# SPDX-License-Identifier: MulanPSL-2.0+ +# Copyright (c) 2020 Huawei Technologies Co., Ltd. All rights reserved.
+docker build -t ntp_server . diff --git a/container/ntp-server/ntp.conf b/container/ntp-server/ntp.conf new file mode 100644 index 0000000..3152fd3 --- /dev/null +++ b/container/ntp-server/ntp.conf @@ -0,0 +1,57 @@ +For more information about this file, see the ntp.conf(5) man page.
+# Record the frequency of the system clock. +driftfile /var/lib/ntp/drift
+# Permit time synchronization with our time source, but do not +# permit the source to query or modify the service on this system. +restrict default nomodify notrap nopeer noepeer noquery
+# Permit association with pool servers. +restrict source nomodify notrap noepeer noquery
+# Permit all access over the loopback interface. This could +# be tightened as well, but to do so would effect some of +# the administrative functions. +restrict 127.0.0.1 +restrict ::1
+# Hosts on local network are less restricted. +restrict 172.0.0.0 mask 255.0.0.0 nomodify notrap
+# Use public servers from the pool.ntp.org project. +# Please consider joining the pool (http://www.pool.ntp.org/join.html). +# pool 2.openEuler.pool.ntp.org iburst +server 0.centos.pool.ntp.org +server 1.centos.pool.ntp.org +server 2.centos.pool.ntp.org +server 3.centos.pool.ntp.org
+server 127.127.1.0 +fudge 127.127.1.0 stratum 8
+# Reduce the maximum number of servers used from the pool. +tos maxclock 5
+# Enable public key cryptography. +# crypto
+includefile /etc/ntp/crypto/pw
+# Key file containing the keys and key identifiers used when operating +# with symmetric key cryptography. +keys /etc/ntp/keys
+# Specify the key identifiers which are trusted. +# trustedkey 4 8 42
+# Specify the key identifier to use with the ntpdc utility. +# requestkey 8
+# Specify the key identifier to use with the ntpq utility. +# controlkey 8
+# Enable writing of statistics records. +# statistics clockstats cryptostats loopstats peerstats
diff --git a/container/ntp-server/start b/container/ntp-server/start new file mode 100755 index 0000000..6e7479e --- /dev/null +++ b/container/ntp-server/start @@ -0,0 +1,16 @@ +#!/bin/bash +# SPDX-License-Identifier: MulanPSL-2.0+ +# Copyright (c) 2020 Huawei Technologies Co., Ltd. All rights reserved.
+. ../defconfig.sh
+docker_rm ntp_server +cmd=(
- docker run
- -id
-d is enough?
Thanks, Shenwei
- --name=ntp_server
- -p 123:123/udp
- ntp_server:latest
+)
+"${cmd[@]}" diff --git a/container/ntp-server/start-server.sh b/container/ntp-server/start-server.sh new file mode 100755 index 0000000..8f35f22 --- /dev/null +++ b/container/ntp-server/start-server.sh @@ -0,0 +1,7 @@ +#!/bin/sh +# SPDX-License-Identifier: MulanPSL-2.0+ +# # Copyright (c) 2020 Huawei Technologies Co., Ltd. All rights reserved.
+/usr/sbin/ntpd -g -l /var/log/ntpstats/ntpd.log
+exec "$@"
2.23.0
-
Wang Chenglong -
Xiao Shenwei