m/n/time: add time service This adds a bare-minimum time service based on chrony/NTP for keeping the system clock and RTC on Metropolis nodes accurate. It also introduces a UID/GID registry in the Metropolis node code as this is the first unprivileged service to run on the node itself. It does not yet use a secure time source, this is tracked as #73. Change-Id: I873971e6d3825709bc8c696e227bece4cfbda93a Reviewed-on: https://review.monogon.dev/c/monogon/+/319 Reviewed-by: Sergiusz Bazanski <serge@monogon.tech>

commit: e306d780504ae3ddfad3eb852c7adc5ec9757d89 [log] [tgz]
author: Lorenz Brun <lorenz@monogon.tech> Wed Sep 01 13:01:06 2021 +0200
committer: Lorenz Brun <lorenz@monogon.tech> Mon Sep 06 09:05:40 2021 +0000
tree: 3e8e2c7a21430777db525c9ed4717a2cab1c114a
parent: d7d6e0284de38cbeeb185ca17c0853b4b2c10ee9 [diff] [blame]
diff --git a/metropolis/node/BUILD.bazel b/metropolis/node/BUILD.bazel
index ee86523..feade24 100644
--- a/metropolis/node/BUILD.bazel
+++ b/metropolis/node/BUILD.bazel

@@ -3,7 +3,10 @@
 
 go_library(
     name = "go_default_library",
-    srcs = ["ports.go"],
+    srcs = [
+        "ids.go",
+        "ports.go",
+    ],
     importpath = "source.monogon.dev/metropolis/node",
     visibility = ["//metropolis:__subpackages__"],
 )
@@ -78,6 +81,7 @@
         # runc runtime, with cgo
         "@com_github_opencontainers_runc//:runc": "/containerd/bin/runc",
         "@xfsprogs//:mkfs": "/bin/mkfs.xfs",
+        "@chrony//:chrony": "/time/chrony",
     },
     symlinks = {
         "/ephemeral/machine-id": "/etc/machine-id",
commit	e306d780504ae3ddfad3eb852c7adc5ec9757d89	[log] [tgz]
author	Lorenz Brun <lorenz@monogon.tech>	Wed Sep 01 13:01:06 2021 +0200
committer	Lorenz Brun <lorenz@monogon.tech>	Mon Sep 06 09:05:40 2021 +0000
tree	3e8e2c7a21430777db525c9ed4717a2cab1c114a
parent	d7d6e0284de38cbeeb185ca17c0853b4b2c10ee9 [diff] [blame]