Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
linux_wiki:synchronize_time_using_other_ntp_peers [2016/10/08 17:30] billdozor [Synchronize Time Using Other NTP Peers] |
linux_wiki:synchronize_time_using_other_ntp_peers [2019/05/25 23:50] (current) |
||
---|---|---|---|
Line 5: | Line 5: | ||
Synchronizing time to a central time server and also keeping in sync with a peer server. | Synchronizing time to a central time server and also keeping in sync with a peer server. | ||
- | This type of setup would be a tier two NTP setup, allowing for redundancy if the central source of time is lost. The two peers could agree on a time and provide it locally to other servers. | + | This type of setup is a tier two NTP setup, allowing for redundancy if the central source of time is lost. The two peers then agree on a time and provide it locally to other servers. |
---- | ---- | ||
- | ====== | + | ====== |
- | Setting up a local NTP server in order to practice the objective of synchronizing time. | + | The following virtual machines will be used: |
+ | * ipa.example.com (192.168.1.152) -> Central Time Server | ||
+ | * server1.example.com (192.168.1.150) -> NTP Server1 syncs with central (also peers with server2) | ||
+ | * server2.example.com (192.168.1.151) -> NTP Server2 syncs with central (also peers with server1) | ||
- | \\ | + | ---- |
- | Install the ntp package | + | |
- | <code bash> | + | |
- | yum install ntp | + | |
- | </ | + | |
- | \\ | + | ====== NTP: Central Time Server ====== |
- | Enable and start ntpd | + | |
- | <code bash> | + | |
- | systemctl enable ntpd | + | |
- | systemctl start ntpd | + | |
- | </ | + | |
- | \\ | + | Setting up the " |
- | Query NTP to view status | + | |
- | <code bash> | + | |
- | ntpq -p | + | |
- | </ | + | |
- | * -p -> | + | |
- | \\ | + | * Server: ipa.example.com (192.168.1.152) |
- | NTP Statistics | + | * This server should already have ntpd installed and working if FreeIPA has been setup. |
- | <code bash> | + | |
- | ntpstat | + | |
- | </ | + | |
\\ | \\ | ||
- | Configure NTP Pool Sources | + | Ensure |
- | <code bash> | + | |
- | vim / | + | |
- | + | ||
- | # Comment out other servers, add the below | + | |
- | server 127.127.1.0 | + | |
- | </ | + | |
- | * 127.127.1.0 -> Special IP address | + | |
- | + | ||
- | \\ | + | |
- | Restart the service for the change to apply | + | |
- | <code bash> | + | |
- | systemctl restart ntpd | + | |
- | </ | + | |
- | + | ||
- | \\ | + | |
- | Open the firewall | + | |
<code bash> | <code bash> | ||
firewall-cmd --permanent --add-service=ntp | firewall-cmd --permanent --add-service=ntp | ||
Line 66: | Line 36: | ||
====== NTP: Client Peering ====== | ====== NTP: Client Peering ====== | ||
- | Setup a NTP client | + | Setup the NTP clients |
+ | |||
+ | * Servers | ||
+ | * server1.example.com (192.168.1.150) | ||
+ | * server2.example.com (192.168.1.151) | ||
\\ | \\ | ||
Install required package | Install required package | ||
<code bash> | <code bash> | ||
- | yum install | + | yum install |
</ | </ | ||
Line 77: | Line 51: | ||
Enable and start the service | Enable and start the service | ||
<code bash> | <code bash> | ||
- | systemctl enable | + | systemctl enable |
- | systemctl start ntpd | + | systemctl start chronyd |
</ | </ | ||
\\ | \\ | ||
- | Edit the NTP config file | + | Edit the config file |
<code bash> | <code bash> | ||
- | vim /etc/ntp.conf | + | vim /etc/chrony.conf |
- | # Comment out all server lines, add peer for the newly created NTP server | + | # Comment out all server lines, add a new one |
- | peer 192.168.1.200 | + | server |
+ | |||
+ | # On server1: Peer with server2 | ||
+ | peer 192.168.1.151 | ||
+ | |||
+ | # On server2: Peer with server1 | ||
+ | peer 192.168.1.150 | ||
+ | </ | ||
+ | |||
+ | \\ | ||
+ | Ensure that the firewall allows NTP in (on both server1 and server2) | ||
+ | <code bash> | ||
+ | firewall-cmd --permanent --add-service=ntp | ||
+ | firewall-cmd --reload | ||
</ | </ | ||
Line 93: | Line 80: | ||
Restart the service | Restart the service | ||
<code bash> | <code bash> | ||
- | systemctl restart | + | systemctl restart |
</ | </ | ||
\\ | \\ | ||
- | Open the firewall for ntp | + | Ensure NTP time sync is enabled |
<code bash> | <code bash> | ||
- | firewall-cmd --permanent --add-service=ntp | + | timedatectl set-ntp true |
- | firewall-cmd --reload | + | </ |
+ | |||
+ | \\ | ||
+ | Check status | ||
+ | <code bash> | ||
+ | chronyc sources | ||
</ | </ | ||
+ | * Note: It may take a few minutes for the servers to enter a synced state on the peers. | ||
---- | ---- | ||