kubernetes部署内网NTP服务

因工作需要在kubernetes集群中部署ntp服务，查找了很多网上资料基本都是基于外网的，基于内网部署的实在是太少了，经过不断实验找到一个不太完美的方案，记录一下，以便各位大佬在临时需要的时候可以参考一下，话不多说，见下文：

ntp-deploy.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: ntp
  name: ntp
  namespace: default
spec:
  replicas: 1
  selector:
    matchLabels:
      app: ntp
  strategy:
    rollingUpdate:
      maxSurge: 25%
      maxUnavailable: 25%
    type: RollingUpdate
  template:
    metadata:
      labels:
        app: ntp
    spec:
      containers:
      - image: seznam/ntpd:latest
        imagePullPolicy: IfNotPresent
        name: ntpd
        ports:
        - containerPort: 123
          hostPort: 123       ##之前总是想通过service暴露但是结果不太理想选择这个方式希望##各位大佬有更好的方法给予评论，阿弥陀佛！！！
          protocol: UDP
        volumeMounts:
        - mountPath: /etc/ntp.conf
          name: conf
          subPath: ntp.conf
      dnsPolicy: ClusterFirst
      restartPolicy: Always
      schedulerName: default-scheduler
      securityContext: {}
      terminationGracePeriodSeconds: 30
      volumes:
      - configMap:
          defaultMode: 420
          name: ntp-config
        name: conf

ntp.conf   配置文件没有去过多学习，如上文仅仅是应急使用，后期再好好学一下

# For more information about this file, see the man pages
# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).

driftfile /var/lib/ntp/drift

# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
restrict default nomodify notrap nopeer noquery

# Permit all access over the loopback interface.  This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1 
restrict ::1

# Hosts on local network are less restricted.
#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap

# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
#server 0.centos.pool.ntp.org iburst
#server 1.centos.pool.ntp.org iburst
#server 2.centos.pool.ntp.org iburst
#server 3.centos.pool.ntp.org iburst
server 127.127.1.0 prefer       ####内网本地ntp这个需要加上

#broadcast 192.168.1.255 autokey  # broadcast server
#broadcastclient                      # broadcast client
#broadcast 224.0.1.1 autokey        # multicast server
#multicastclient 224.0.1.1          # multicast client
#manycastserver 239.255.254.254     # manycast server
#manycastclient 239.255.254.254 autokey # manycast client

# Enable public key cryptography.
#crypto

includefile /etc/ntp/crypto/pw

# Key file containing the keys and key identifiers used when operating
# with symmetric key cryptography. 
keys /etc/ntp/keys

# Specify the key identifiers which are trusted.
#trustedkey 4 8 42

# Specify the key identifier to use with the ntpdc utility.
#requestkey 8

# Specify the key identifier to use with the ntpq utility.
#controlkey 8

# Enable writing of statistics records.
#statistics clockstats cryptostats loopstats peerstats

# Disable the monitoring facility to prevent amplification attacks using ntpdc
# monlist command when default restrict does not include the noquery flag. See
# CVE-2013-5211 for more details.
# Note: Monitoring will not be disabled with the limited restriction flag.
disable monitor 

创建configmap不用过多解释：

kubectl create cm ntp-config --from-file=ntp.conf 

创建pod

kubectl apply -f ntp-deploy.yaml

 

linux主机测试：

windows再测试一下：

 

这样内网本地ntp服务 kubernetes部署好了，请各位大佬在线指正！阿弥陀佛。