Differences
This shows you the differences between two versions of the page.
Next revision | Previous revision | ||
linux_wiki:synchronize_time_using_other_ntp_peers [2016/09/10 16:19] billdozor created |
linux_wiki:synchronize_time_using_other_ntp_peers [2019/05/25 23:50] (current) |
||
---|---|---|---|
Line 3: | Line 3: | ||
**General Information** | **General Information** | ||
- | About this page/how-to/script. | + | Synchronizing time to a central time server and also keeping in sync with a peer server. |
+ | |||
+ | This type of setup is a tier two NTP setup, allowing for redundancy if the central source of time is lost. The two peers then agree on a time and provide it locally to other servers. | ||
---- | ---- | ||
- | ====== NTP: Time Server ====== | + | ====== Lab Setup ====== |
+ | |||
+ | The following virtual machines will be used: | ||
+ | * ipa.example.com (192.168.1.152) -> Central Time Server | ||
+ | * server1.example.com (192.168.1.150) -> NTP Server1 syncs with central (also peers with server2) | ||
+ | * server2.example.com (192.168.1.151) -> NTP Server2 syncs with central (also peers with server1) | ||
+ | |||
+ | ---- | ||
+ | |||
+ | ====== NTP: Central | ||
+ | |||
+ | Setting up the " | ||
- | Setting up a local NTP server | + | * Server: ipa.example.com (192.168.1.152) |
+ | * This server | ||
\\ | \\ | ||
- | Install | + | Ensure that the firewall allows NTP in |
<code bash> | <code bash> | ||
- | yum install | + | firewall-cmd --permanent --add-service=ntp |
+ | firewall-cmd --reload | ||
</ | </ | ||
+ | |||
+ | ---- | ||
+ | |||
+ | ====== NTP: Client Peering ====== | ||
+ | |||
+ | Setup the NTP clients to sync with the central NTP server and also peer with each other to provide a tier two redundancy. This would allow other servers to sync with them. | ||
+ | |||
+ | * Servers | ||
+ | * server1.example.com (192.168.1.150) | ||
+ | * server2.example.com (192.168.1.151) | ||
\\ | \\ | ||
- | Enable and start ntpd | + | Install required package |
<code bash> | <code bash> | ||
- | systemctl enable ntpd | + | yum install chrony |
- | systemctl start ntpd | + | |
</ | </ | ||
\\ | \\ | ||
- | Query NTP to view status | + | Enable and start the service |
<code bash> | <code bash> | ||
- | ntpq -p | + | systemctl enable chronyd |
+ | systemctl start chronyd | ||
</ | </ | ||
- | * -p -> | ||
\\ | \\ | ||
- | NTP Statistics | + | Edit the config file |
<code bash> | <code bash> | ||
- | ntpstat | + | vim / |
+ | |||
+ | # Comment out all server lines, add a new one | ||
+ | server ipa.example.com iburst | ||
+ | |||
+ | # On server1: Peer with server2 | ||
+ | peer 192.168.1.151 | ||
+ | |||
+ | # On server2: Peer with server1 | ||
+ | peer 192.168.1.150 | ||
</ | </ | ||
\\ | \\ | ||
- | Configure | + | Ensure that the firewall allows |
<code bash> | <code bash> | ||
- | vim / | + | firewall-cmd --permanent --add-service=ntp |
- | + | firewall-cmd --reload | |
- | # Comment out other servers, | + | |
- | server 127.127.1.0 | + | |
</ | </ | ||
- | * 127.127.1.0 -> Special IP address that syncs to the local server' | ||
\\ | \\ | ||
- | Restart the service | + | Restart the service |
<code bash> | <code bash> | ||
- | systemctl restart | + | systemctl restart |
</ | </ | ||
\\ | \\ | ||
- | Open the firewall for NTP | + | Ensure |
<code bash> | <code bash> | ||
- | firewall-cmd --permanent --add-service=ntp | + | timedatectl set-ntp true |
- | firewall-cmd --reload | + | |
</ | </ | ||
- | |||
- | ---- | ||
- | |||
- | ====== NTP: Client Peering ====== | ||
- | |||
- | Setup a NTP client to peer with the NTP server. | ||
\\ | \\ | ||
- | Install required package | + | Check status |
<code bash> | <code bash> | ||
- | yum install | + | chronyc sources -v |
</ | </ | ||
+ | * Note: It may take a few minutes for the servers to enter a synced state on the peers. | ||
---- | ---- | ||