Custom chrony.conf

Product support balenaOS
1

References https://www.balena.io/docs/reference/OS/time/ and https://www.balena.io/docs/reference/OS/configuration/#ntpservers

I can see that config.json provides the ability to dynamically set the list of ntp servers used by chrony in the hostOS.

However I desire to do additional configuration changes in chrony.conf <- does this mean I must compile a custom image with modified chrony.conf? Or is there a way to still use a stock image downloaded from balena but with a custom chrony.conf? Or dynamically change chrony.conf somehow (not sure how since its on the read-only partition).

My end goal is to allow the balena device to serve its system time (because it has an RTC) to other NTP clients on the network (so I have to configure to allow local etc… in chrony.conf).
I’m also open to other ways of achieve this via the hostOS if anyone has a suggestion (I’ve already considered running an NTP server in an application container but was preferring to leverage the hostOS since it already has most of the infrastructure).

8

Hi Jonathan, the architecture that fits better in BalenaOS is to keep the hostOS chrony client setup untouched and run a chrony server in a container. Apart from having to perform any hostOS customization per device, they would get lost when performing hostOS updates and Balena would not support devices with custom hostOS changes. Having said that, you could very well build your own custom hostOS and we could even provide convoluted hostOS update instructions from the dashboards, but support-wise you would mostly be on your own.
Please let us know if you find any problem with running a chrony server in a container app.

10

Would running a chrony service in an application container interfere with the chrony service running in the hostOS? Which would a client get connected to when querying?

11

Another possible solution I thought was to extend config.json to support setting other chrony options than just server list. Would that be sensible/feasible?

1 Like
12

@jpk, we run chrony in a container for devices where we want to provide an NTP server to the network. By running chronyd with the -x, you’re getting the chrony daemon to start without touching the system clock, so the BalenaOS one runs as normal. Try the following files:

chrony.conf

pool pool.ntp.org iburst
initstepslew 10 pool.ntp.org
driftfile /var/lib/chrony/chrony.drift
local stratum 10

allow 0.0.0.0/0

Dockerfile

FROM alpine:3.11

RUN apk add --no-cache chrony && \
    rm -rf /tmp/* /var/cache/apk/*

COPY chrony.conf /etc/chrony/chrony.conf
COPY start /start
EXPOSE 123/udp

CMD ["/start"]

start

#!/bin/sh

rm -f /var/run/chrony/chronyd.pid
/usr/sbin/chronyd -d -x

docker-compose.yml

chrony:
  build: ./services/chrony
  restart: unless-stopped
  ports:
    - 123:123/udp
2 Likes