kudos/check_health
kudos/check_health
2
1
Fork 0
Code Issues 7 Pull Requests Projects Releases 1 Wiki Activity

added support for systemd-timesyncd, new force_systemd configuration parameter

Browse Source
This commit is contained in:
Patrick Van der Veken 2022-02-16 21:10:26 +01:00
parent f2e52dc4ff
commit 45225e7799
2 changed files with 303 additions and 218 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
etc/opt/hc/check_linux_ntp_status.conf.dist
View File

@ -19,6 +19,11 @@ force_chrony="no"
# [default: no]
force_ntp="no"
# whether to force the use of systemd-timesyncd?
# [default: no]
# [release >20220129]
force_systemd="no"
# maximum allowed offset (in milliseconds (positive integers only)
# [default: 500]
max_offset=500

122
opt/hc/lib/platform/linux/check_linux_ntp_status.sh
View File

@ -36,6 +36,8 @@
# @(#) 2019-01-24: arguments fix [Patrick Van der Veken]
# @(#) 2019-03-24: set dynamic path to client tools [Patrick Van der Veken]
# @(#) 2020-12-21: fixes for --log-healthy [Patrick Van der Veken]
# @(#) 2022-01-30: added support for systemd-timesyncd, new force_systemd
# @(#) configuration parameter [Patrick Van der Veken]
# -----------------------------------------------------------------------------
# DO NOT CHANGE THIS FILE UNLESS YOU KNOW WHAT YOU ARE DOING!
#------------------------------------------------------------------------------
@ -51,7 +53,7 @@ typeset _CHRONYD_SYSTEMD_SERVICE="chronyd.service"
typeset _NTPD_SYSTEMD_SERVICE="ntpd.service"
typeset _CHRONYD_USER="chrony"
typeset _NTPD_USER="ntp"
typeset _VERSION="2020-12-21" # YYYY-MM-DD
typeset _VERSION="2022-01-30" # YYYY-MM-DD
typeset _SUPPORTED_PLATFORMS="Linux" # uname -s match
typeset _NTPQ_OPTS="-pn"
# ------------------------- CONFIGURATION ends here ---------------------------
@ -75,8 +77,11 @@ typeset _NTP_PEER=""
typeset _CHECK_OFFSET=0
typeset _USE_CHRONYD=0
typeset _USE_NTPD=0
typeset _USE_SYSTEMD=0
typeset _CHRONYC_BIN=""
typeset _NTPQ_BIN=""
typeset _TIMEDATECTL_BIN=""
typeset _IS_SYNCHRONIZED=0
# handle arguments (originally comma-separated)
for _ARG in ${_ARGS}
@ -93,6 +98,10 @@ do
log "forcing ntp since force_ntp was used"
_USE_NTPD=1
;;
force_systemd)
log "forcing systemd-timesyncd since force_systemd was used"
_USE_SYSTEMD=1
;;
esac
done
@ -141,6 +150,17 @@ case "${_CFG_FORCE_NTP}" in
: # not set
;;
esac
# force_systemd (optional)
_CFG_FORCE_SYSTEMD=$(_CONFIG_FILE="${_CONFIG_FILE}" data_get_lvalue_from_config 'force_systemd')
case "${_CFG_FORCE_SYSTEMD}" in
yes|YES|Yes)
log "forcing systemd-timesyncd since force_systemd was set"
_USE_SYSTEMD=1
;;
*)
: # not set
;;
esac
_CFG_NTPQ_IPV4=$(_CONFIG_FILE="${_CONFIG_FILE}" data_get_lvalue_from_config 'ntpq_use_ipv4')
case "${_CFG_NTPQ_IPV4}" in
yes|YES|Yes)
@ -156,6 +176,16 @@ then
warn "you cannot force chrony and ntp at the same time"
return 1
fi
if (( _USE_CHRONYD > 0 && _USE_SYSTEMD > 0 ))
then
warn "you cannot force chrony and systemd at the same time"
return 1
fi
if (( _USE_NTPD > 0 && _USE_SYSTEMD > 0 ))
then
warn "you cannot force ntp and systemd at the same time"
return 1
fi
# log_healthy
(( ARG_LOG_HEALTHY > 0 )) && _LOG_HEALTHY=1
@ -173,16 +203,17 @@ fi
#------------------------------------------------------------------------------
# check for client tools
_CHRONYC_BIN="$(command -v chronyc 2>>${HC_STDERR_LOG})"
_NTPQ_BIN="$(command -v ntpq 2>>${HC_STDERR_LOG})"
_CHRONYC_BIN=$(command -v chronyc 2>>"${HC_STDERR_LOG}")
_NTPQ_BIN=$(command -v ntpq 2>>"${HC_STDERR_LOG}")
_TIMEDATECTL_BIN=$(command -v timedatectl 2>>"${HC_STDERR_LOG}")
#------------------------------------------------------------------------------
# chronyd (prefer) or ntpd (fallback)
# but do not check if _USE_CHRONYD or _USE_NTPD is already set
if (( _USE_CHRONYD == 0 && _USE_NTPD == 0 ))
# but do not check if _USE_CHRONYD, _USE_NTPD or _USE_SYSTEMD is already set
if (( _USE_CHRONYD == 0 && _USE_NTPD == 0 && _USE_SYSTEMD == 0 ))
then
linux_get_init
_CHRONYC_BIN="$(command -v chronyc 2>>${HC_STDERR_LOG})"
_CHRONYC_BIN=$(command -v chronyc 2>>"${HC_STDERR_LOG}")
if [[ -n "${_CHRONYC_BIN}" && -x ${_CHRONYC_BIN} ]]
then
# check that chrony is actually enabled
@ -192,14 +223,14 @@ then
_CHECK_SYSTEMD_SERVICE=$(linux_has_systemd_service "${_CHRONYD_SYSTEMD_SERVICE}")
if (( _CHECK_SYSTEMD_SERVICE > 0 ))
then
systemctl --quiet is-enabled ${_CHRONYD_SYSTEMD_SERVICE} 2>>${HC_STDERR_LOG} && _USE_CHRONYD=1
systemctl --quiet is-enabled ${_CHRONYD_SYSTEMD_SERVICE} 2>>"${HC_STDERR_LOG}" && _USE_CHRONYD=1
else
warn "systemd unit file not found {${_CHRONYD_SYSTEMD_SERVICE}}"
_USE_CHRONYD=0
fi
;;
'sysv')
chkconfig chronyd >>${HC_STDOUT_LOG} 2>>${HC_STDERR_LOG}
chkconfig chronyd >>"${HC_STDOUT_LOG}" 2>>"${HC_STDERR_LOG}"
# shellcheck disable=SC2181
if (( $? == 0 ))
then
@ -214,14 +245,14 @@ then
esac
(( ARG_DEBUG > 0 )) && debug "chronyd service state: ${_USE_CHRONYD}"
fi
_NTPQ_BIN="$(command -v ntpq 2>>${HC_STDERR_LOG})"
_NTPQ_BIN=$(command -v ntpq 2>>"${HC_STDERR_LOG}")
if (( _USE_CHRONYD == 0 )) && [[ -n "${_NTPQ_BIN}" && -x ${_NTPQ_BIN} ]]
then
# shellcheck disable=SC2034
_USE_NTPD=1
(( ARG_DEBUG > 0 )) && debug "ntpd service state: ${_USE_NTPD}"
fi
if (( _USE_CHRONYD == 0 && _USE_NTPD == 0 ))
if (( _USE_CHRONYD == 0 && _USE_NTPD == 0 && _USE_SYSTEMD == 0 ))
then
_MSG="unable to find chronyd or ntpd (or they are not enabled)"
log_hc "$0" 1 "${_MSG}"
@ -232,7 +263,9 @@ then
fi
#------------------------------------------------------------------------------
# check ntp service
# check ntp service (unless _USE_SYSTEMD is explicitly set)
if (( _USE_SYSTEMD == 0 ))
then
# 1) try using the init ways
linux_get_init
case "${LINUX_INIT}" in
@ -268,7 +301,7 @@ case "${LINUX_INIT}" in
then
if [[ -x ${_CHRONY_INIT_SCRIPT} ]]
then
if (( $(${_CHRONY_INIT_SCRIPT} status 2>>${HC_STDERR_LOG} | grep -c -i 'is running' 2>/dev/null) == 0 ))
if (( $(${_CHRONY_INIT_SCRIPT} status 2>>"${HC_STDERR_LOG}" | grep -c -i 'is running' 2>/dev/null) == 0 ))
then
_STC=1
fi
@ -279,7 +312,7 @@ case "${LINUX_INIT}" in
else
if [[ -x ${_NTPD_INIT_SCRIPT} ]]
then
if (( $(${_NTPD_INIT_SCRIPT} status 2>>${HC_STDERR_LOG} | grep -c -i 'is running' 2>/dev/null) == 0 ))
if (( $(${_NTPD_INIT_SCRIPT} status 2>>"${HC_STDERR_LOG}" | grep -c -i 'is running' 2>/dev/null) == 0 ))
then
_STC=1
fi
@ -299,9 +332,9 @@ if (( _RC > 0 ))
then
if (( _USE_CHRONYD > 0 ))
then
(( $(pgrep -u "${_CHRONYD_USER}" 'chronyd' 2>>${HC_STDERR_LOG} | wc -l 2>/dev/null) == 0 )) && _STC=1
(( $(pgrep -u "${_CHRONYD_USER}" 'chronyd' 2>>"${HC_STDERR_LOG}" | wc -l 2>/dev/null) == 0 )) && _STC=1
else
(( $(pgrep -u "${_NTPD_USER}" 'ntpd' 2>>${HC_STDERR_LOG} | wc -l 2>/dev/null) == 0 )) && _STC=1
(( $(pgrep -u "${_NTPD_USER}" 'ntpd' 2>>"${HC_STDERR_LOG}" | wc -l 2>/dev/null) == 0 )) && _STC=1
fi
fi
@ -337,12 +370,11 @@ then
log_hc "$0" ${_STC} "${_MSG}"
fi
#------------------------------------------------------------------------------
# check chronyc/ntpq results
_STC=0
if (( _USE_CHRONYD > 0 ))
then
${_CHRONYC_BIN} -nc sources 2>>${HC_STDERR_LOG} >>${HC_STDOUT_LOG}
${_CHRONYC_BIN} -nc sources 2>>"${HC_STDERR_LOG}" >>"${HC_STDOUT_LOG}"
# shellcheck disable=SC2181
if (( $? > 0 ))
then
@ -412,9 +444,8 @@ then
;;
esac
fi
else
${_NTPQ_BIN} ${_NTPQ_OPTS} 2>>${HC_STDERR_LOG} >>${HC_STDOUT_LOG}
${_NTPQ_BIN} ${_NTPQ_OPTS} 2>>"${HC_STDERR_LOG}" >>"${HC_STDOUT_LOG}"
# RC is always 0
# 1) active server
@ -468,6 +499,54 @@ else
esac
fi
fi
fi
#------------------------------------------------------------------------------
# check systemd-timesyncd results
_STC=0
if (( _USE_SYSTEMD > 0 ))
then
${_TIMEDATECTL_BIN} show 2>"${HC_STDERR_LOG}" >"${HC_STDOUT_LOG}"
# shellcheck disable=SC2181
if (( $? > 0 ))
then
_MSG="unable to execute {${_TIMEDATECTL_BIN}}"
log_hc "$0" 1 "${_MSG}"
# dump debug info
(( ARG_DEBUG > 0 && ARG_DEBUG_LEVEL > 0 )) && dump_logs
return 1
fi
# check if NTP is active
_STC=0
_IS_ACTIVE=$(grep -c "^NTP=yes" "${HC_STDOUT_LOG}" 2>/dev/null)
if (( _IS_ACTIVE == 0 ))
then
_MSG="NTP is not synchronizing"
_STC=1
else
_MSG="NTP is synchronizing"
fi
if (( _LOG_HEALTHY > 0 || _STC > 0 ))
then
log_hc "$0" ${_STC} "${_MSG}"
fi
# check if clock is synchronized
_STC=0
_IS_SYNCHRONIZED=$(grep -c "^NTPSynchronized=yes" "${HC_STDOUT_LOG}" 2>/dev/null)
if (( _IS_SYNCHRONIZED == 0 ))
then
_MSG="NTP is not synchronizing"
_STC=1
else
_MSG="NTP is synchronizing"
fi
if (( _LOG_HEALTHY > 0 || _STC > 0 ))
then
log_hc "$0" ${_STC} "${_MSG}"
fi
fi
return 0
}
@ -483,10 +562,11 @@ CONFIG : $3 with:
max_offset=<max_offset (ms)>
force_chrony=<yes|no>
force_ntp=<yes|no>
force_systemd=<yes|no>
ntpq_use_ipv4=<yes|no>
EXTRA OPTS : --hc-args=force_chrony, --hc-args=force_ntp
EXTRA OPTS : --hc-args=force_chrony, --hc-args=force_ntp, --hc-args=force_systemd
PURPOSE : Checks the status of NTP service & synchronization.
Supports chronyd & ntpd.
Supports chronyd, ntpd & systemd-timesyncd
Assumes chronyd is the preferred time synchronization.
LOG HEALTHY : Supported