Add support for ntpsec

docs/advanced/ntp.md

@@ -48,3 +48,10 @@ Force sync time immediately by NTP after the ntp installed, which is useful in n
 ```ShellSession
 ntp_force_sync_immediately: true
 ```
+
+When using Ubuntu 24.04 or a distribution that already has `systemd-timesyncd` installed, use the `ntpsec` package.
+
+```ShellSession
+ntp_package: ntpsec
+ntp_driftfile: /var/lib/ntpsec/ntp.drift
+```

roles/kubernetes/preinstall/defaults/main.yml

@@ -64,7 +64,7 @@ ping_access_ip: true
 ntp_enabled: false
 # The package to install which provides NTP functionality.
 # The default is ntp for most platforms, or chrony on RHEL/CentOS 7 and later.
-# The ntp_package can be one of ['ntp', 'chrony']
+# The ntp_package can be one of ['ntp', 'ntpsec', 'chrony']
 ntp_package: >-
       {% if ansible_os_family == "RedHat" -%}
       chrony
@@ -95,6 +95,7 @@ ntp_filter_interface: false
 #   - listen xxx
 # The NTP driftfile path
 # Only takes effect when ntp_manage_config is true.
+# For ntpsec use '/var/lib/ntpsec/ntp.drift'
 ntp_driftfile: /var/lib/ntp/ntp.drift
 # Enable tinker panic is useful when running NTP in a VM environment.
 # Only takes effect when ntp_manage_config is true.

roles/kubernetes/preinstall/tasks/0081-ntp-configurations.yml

@@ -21,6 +21,8 @@
     ntp_config_file: >-
       {% if ntp_package == "ntp" -%}
       /etc/ntp.conf
+      {%- elif ntp_package == "ntpsec" -%}
+      /etc/ntpsec/ntp.conf
       {%- elif ansible_os_family in ['RedHat', 'Suse'] -%}
       /etc/chrony.conf
       {%- else -%}
@@ -56,10 +58,10 @@
   # noqa: jinja[spacing]
   command: >-
       timeout -k 60s 60s
-      {% if ntp_package == "ntp" -%}
-      ntpd -gq
-      {%- else -%}
+      {% if ntp_package == "chrony" -%}
       chronyd -q
+      {%- else -%}
+      ntpd -gq
       {%- endif -%}
   when:
     - ntp_force_sync_immediately