This section describes how to enable Network Time Protocol (NTP) authentication in a deployment model and apply it to your environment.
To configure authentication for NTP:
Log in to the Salt Master node.
Create the
classes/cluster/<cluster_name>/infra/ntp_auth.yml
file with the
following configuration as an example:
ntp:
client:
enabled: true
auth:
enabled: true
secrets:
1:
secret_type: 'M'
secret: '<Runrabbitrundigthath>'
trustedkey: true
2:
secret_type: 'M'
secret: '<Howiwishyouwereherew>'
trustedkey: true
stratum:
primary:
server: <ntp1.example.com>
key_id: 1
secondary:
server: <ntp2.example.com>
key_id: 2
In the secrets
and stratum
sections, specify your own keys and
strata servers accordingly.
The key_id
parameter for each strata server represents the id
of a
secret from the secrets
section.
The above configuration example enables authentication for two servers. For a specific use case, see README.rst at NTP Salt formula.
In the classes/cluster/<cluster_name>/infra/init.yml
file, include
the following class to distribute the settings across all nodes:
classes:
- cluster.<cluster_name>.infra.ntp_auth
Apply the ntp state on the Salt Master node:
salt '*' state.sls ntp