General Information

Synchronizing time to a central time server and also keeping in sync with a peer server.

This type of setup is a tier two NTP setup, allowing for redundancy if the central source of time is lost. The two peers then agree on a time and provide it locally to other servers.

The following virtual machines will be used:

• ipa.example.com (192.168.1.152) → Central Time Server
• server1.example.com (192.168.1.150) → NTP Server1 syncs with central (also peers with server2)
• server2.example.com (192.168.1.151) → NTP Server2 syncs with central (also peers with server1)

Setting up the “central time server” to allow the other servers to sync to it.

• Server: ipa.example.com (192.168.1.152)
  • This server should already have ntpd installed and working if FreeIPA has been setup.

Ensure that the firewall allows NTP in

firewall-cmd --permanent --add-service=ntp
firewall-cmd --reload

Setup the NTP clients to sync with the central NTP server and also peer with each other to provide a tier two redundancy. This would allow other servers to sync with them.

• Servers
  • server1.example.com (192.168.1.150)
  • server2.example.com (192.168.1.151)

Install required package

yum install chrony

Enable and start the service

systemctl enable chronyd
systemctl start chronyd

Edit the config file

vim /etc/chrony.conf
 
# Comment out all server lines, add a new one
server ipa.example.com iburst
 
# On server1: Peer with server2
peer 192.168.1.151
 
# On server2: Peer with server1
peer 192.168.1.150

Ensure that the firewall allows NTP in (on both server1 and server2)

firewall-cmd --permanent --add-service=ntp
firewall-cmd --reload

Restart the service

systemctl restart chronyd

Ensure NTP time sync is enabled

timedatectl set-ntp true

Check status

chronyc sources -v

• Note: It may take a few minutes for the servers to enter a synced state on the peers.