Differences
This shows you the differences between two versions of the page.
|
linux_wiki:synchronize_time_using_other_ntp_peers [2018/04/20 11:27] billdozor [NTP: Client Peering] |
linux_wiki:synchronize_time_using_other_ntp_peers [2019/05/25 23:50] |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | ====== Synchronize Time Using Other NTP Peers ====== | ||
| - | |||
| - | **General Information** | ||
| - | |||
| - | Synchronizing time to a central time server and also keeping in sync with a peer server. | ||
| - | |||
| - | This type of setup is a tier two NTP setup, allowing for redundancy if the central source of time is lost. The two peers then agree on a time and provide it locally to other servers. | ||
| - | |||
| - | ---- | ||
| - | |||
| - | ====== Lab Setup ====== | ||
| - | |||
| - | The following virtual machines will be used: | ||
| - | * ipa.example.com (192.168.1.152) -> Central Time Server | ||
| - | * server1.example.com (192.168.1.150) -> NTP Server1 syncs with central (also peers with server2) | ||
| - | * server2.example.com (192.168.1.151) -> NTP Server2 syncs with central (also peers with server1) | ||
| - | |||
| - | ---- | ||
| - | |||
| - | ====== NTP: Central Time Server ====== | ||
| - | |||
| - | Setting up the " | ||
| - | |||
| - | * Server: ipa.example.com (192.168.1.152) | ||
| - | * This server should already have ntpd installed and working if FreeIPA has been setup. | ||
| - | |||
| - | \\ | ||
| - | Ensure that the firewall allows NTP in | ||
| - | <code bash> | ||
| - | firewall-cmd --permanent --add-service=ntp | ||
| - | firewall-cmd --reload | ||
| - | </ | ||
| - | |||
| - | ---- | ||
| - | |||
| - | ====== NTP: Client Peering ====== | ||
| - | |||
| - | Setup the NTP clients to sync with the central NTP server and also peer with each other to provide a tier two redundancy. This would allow other servers to sync with them. | ||
| - | |||
| - | * Servers | ||
| - | * server1.example.com (192.168.1.150) | ||
| - | * server2.example.com (192.168.1.151) | ||
| - | |||
| - | \\ | ||
| - | Install required package | ||
| - | <code bash> | ||
| - | yum install chrony | ||
| - | </ | ||
| - | |||
| - | \\ | ||
| - | Enable and start the service | ||
| - | <code bash> | ||
| - | systemctl enable chronyd | ||
| - | systemctl start chronyd | ||
| - | </ | ||
| - | |||
| - | \\ | ||
| - | Edit the config file | ||
| - | <code bash> | ||
| - | vim / | ||
| - | |||
| - | # Comment out all server lines, add a new one | ||
| - | server ipa.example.com iburst | ||
| - | |||
| - | # On server1: Peer with server2 | ||
| - | peer 192.168.1.151 | ||
| - | |||
| - | # On server2: Peer with server1 | ||
| - | peer 192.168.1.150 | ||
| - | </ | ||
| - | |||
| - | \\ | ||
| - | Ensure that the firewall allows NTP in (on both server1 and server2) | ||
| - | <code bash> | ||
| - | firewall-cmd --permanent --add-service=ntp | ||
| - | firewall-cmd --reload | ||
| - | </ | ||
| - | |||
| - | \\ | ||
| - | Restart the service | ||
| - | <code bash> | ||
| - | systemctl restart chronyd | ||
| - | </ | ||
| - | |||
| - | \\ | ||
| - | Ensure NTP time sync is enabled | ||
| - | <code bash> | ||
| - | timedatectl set-ntp true | ||
| - | </ | ||
| - | |||
| - | \\ | ||
| - | Check status | ||
| - | <code bash> | ||
| - | chronyc sources -v | ||
| - | </ | ||
| - | * Note: It may take a few minutes for the servers to enter a synced state. | ||
| - | |||
| - | ---- | ||