Andrey Bychkov via FreeIPA-users wrote: > /->>There is no description about what the abstraction layer should be. > What basic functions are there for an NTP server and how does each > server map into that abstraction? What basic methods are required?/ > > An abstract module is the parent basentpconf module, which contains the > base ntp classes for the server and the client, from which ntpdlib, > ontpdlib, and chronylib are inherited. The parent client and server > classes contain methods for configuring, synchronizing, and restoring > the initial state of the ntp server. It uses common functions from > ntpmethods. As for ntpdlib, ontpdlib, and chronylib, they contain > classes for configuring their ntp server directly, inherited from > basentpconf, and override the desired properties.
Right, so I realize we sort of backed into this Design document from a PR. The purpose of the design review is to hash things out before they are implemented so I'm commenting only on what is in the doc and not in the PR. There are no details of this abstraction in the design. > /->>Do all servers support the options server and pool?/ > > All the ntp servers listed here support the server and pool options, the > values of which are written to the configuration file with the > appropriate field. Ok cool. > > /->>How will dependencies be managed? Is there a common way to do this > with both Fedora-like and Debian-like distributions?/ > > Each package with freeipa ntp lib contains a dependency on the ntp > server that it uses. To use freeipa ntp lib, it is enough to install a > package with an appropriate ntp server. Right but using what mechanism? rpm has this weak dependencies thing which I haven't had a chance to look at (and I don't know about other distros). How is the appropriate time package going to be installed? Are we relying on the end-user to install the time package they want, so if they install none then there is no time sync? > /->>Is it an error if no NTP servers are installed? Is this what is > meant by "default ntp configuration"? Is that functionally equivalent to > "no NTP service is configured"?/ > > If the system does not detect the ntp server, and the user does not use > the option '--no-ntp', then the installation of freeipa will end with > information about this. If the ntp server or ntp pool options are not > specified by the user, then the ntp server is set by default, that is, > configured on the basis of the ntp server that was laid down. Ok, this is a change in current behavior. Right now just a warning is displayed if there is no NTP server found. > > /->>Could there be service-specific options that would need to be passed > or set?/ > > You can set options for the ntp service such as ntp pool and ntp server. But there is no feature that one server provides that others don't, for example? It's fine to limit it to only pools and servers, I'm just trying to anticipate future RFEs. > /->>How will this impact testing? Will all possible options need to be > tested or is spot-checking or a single server adequate?/ > > For testing, it is necessary to start the installation of freeipa both > with the --ntp-server and --ntp-pool options, and without them, on all > supported time servers. What I mean is there will be say 3 NTP servers supported. Do all three need to be tested or is it sufficient to test the abstraction? > /->>Will backup/restore need to be extended to pick up the > service-specific files?/ > > For backup and restore, standard freeipa methods are used, which are > used to preserve the original state of the service and the configuration > file. After freeipa is removed, the service is restored to its original > state. To do this, freeipa ntp using the createntp.uninstall_client and > createntp.uninstall_server methods for the client and server, respectively. Yes but configuration files need to be baked in, for example. They don't all share the same config file. > /->>Upon restore there will need to be some sort of check that the > required NTP service is installed which means that the service needs to > be recorded somewhere./ > > If another ntp service is installed, the service will not be restored, > since the required service will not be available in the system. Right, I think this needs to be spelled out in the design. rob _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
