{"id":17,"date":"2007-05-13T07:17:54","date_gmt":"2007-05-13T13:17:54","guid":{"rendered":"http:\/\/blogs.cae.tntech.edu\/mwr\/2007\/05\/13\/time-synchronization\/"},"modified":"2024-10-27T14:26:20","modified_gmt":"2024-10-27T14:26:20","slug":"time-synchronization","status":"publish","type":"post","link":"https:\/\/sites.tntech.edu\/renfro\/2007\/05\/13\/time-synchronization\/","title":{"rendered":"Time Synchronization"},"content":{"rendered":"<p><a href=\"http:\/\/www.infrastructures.org\/bootstrap\/time.shtml\">Time synchronization<\/a> makes lots of things work better, including:<\/p>\n<ul>\n<li>make<\/li>\n<li>Kerberos<\/li>\n<li>tar<\/li>\n<li>syslog<\/li>\n<\/ul>\n<p>We&#8217;ve got a central NTP server on campus, and I&#8217;m using that to sync from. Puppet handles ntp and ntpdate configuration on the managed systems. Components of that setup:<\/p>\n<ul>\n<li>ntp.pp and ntpdate.pp classes imported from puppet\/classes<\/li>\n<li>Virtualization-detecting facter recipe (<a href=\"http:\/\/reductivelabs.com\/trac\/puppet\/wiki\/VirtualRecipe\">originally from here<\/a>, but also included below since it&#8217;s short and in case the original gets moved). This does two things: first, Xen <a href=\"http:\/\/wiki.xensource.com\/xenwiki\/DomU\">domU<\/a>s get their time from the <a href=\"http:\/\/wiki.xensource.com\/xenwiki\/Dom0\">dom0<\/a> by default. They won&#8217;t fail running ntp, but if dom0 has the wrong time, you&#8217;ll have a hard time getting any of the domUs to ever get the right time. So we&#8217;ll make sure ntp isn&#8217;t running there, as a reminder. Second, according to the virtualization recipe&#8217;s author, VMWare guests can&#8217;t run ntp at all. So we&#8217;ll disable it there, too.<\/li>\n<\/ul>\n<p>\/etc\/puppet\/facts\/virtual.rb<\/p>\n<pre>\nFacter.add(\"virtual\") do\n  confine :kernel =&gt; :linux\n  result = \"physical\"\n  setcode do\n    lspciexists = system \"which lspci &gt;&amp;\/dev\/null\"\n    if $?.exitstatus == 0\n      output = %x{lspci}\n      output.each {|p|\n        # --- look for the vmware video card to determine\n        # if it is virtual =&gt; vmware.\n        # ---     00:0f.0 VGA compatible controller: VMware ...\n        result = \"vmware\" if p =~ \/VMware\/\n        }\n    end\n    # VMware server 1.0.3 rpm places vmware-vmx in this place,\n    # other versions or platforms may not.\n    if FileTest.exists?(\"\/usr\/lib\/vmware\/bin\/vmware-vmx\")\n      result = \"vmware_server\"\n    end\n    if FileTest.exists?(\"\/proc\/sys\/xen\/independent_wallclock\")\n      result = \"xenu\"\n    elsif FileTest.exists?(\"\/proc\/xen\/capabilities\")\n      txt = File.read(\"\/proc\/xen\/capabilities\")\n      if txt =~ \/control_d\/i\n        result = \"xen0\"\n      end\n    end\n    result\n  end\nend\n<\/pre>\n<p>\/etc\/puppet\/manifests\/classes\/ntp.pp<\/p>\n<pre>\nclass ntp {\n  $ntppackage = $operatingsystem ? {\n      Solaris =&gt; \"SUNWntpu\",\n      default =&gt; \"ntp\"\n  }\n  package { $ntppackage:\n      ensure =&gt; installed,\n      provider =&gt; $operatingsystem ? {\n          Solaris =&gt; \"sun\",\n          default =&gt; \"apt\"\n      }\n  }\n\n  file { ntpconf:\n    path =&gt; $operatingsystem ? {\n      Solaris =&gt; \"\/etc\/inet\/ntp.conf\",\n      default =&gt; \"\/etc\/ntp.conf\"\n    },\n    owner =&gt; root, group =&gt; root, mode =&gt; 644,\n    source =&gt; \"puppet:\/\/REDACTED\/ntp.conf\",\n    require =&gt; Package[$ntppackage],\n  }\n\n  service { ntp:\n    ensure =&gt; $virtual ? {\n      vmware =&gt; stopped,\n      xenu =&gt; stopped,\n      default =&gt; running\n    },\n    enable =&gt; $virtual ? {\n      vmware =&gt; false,\n      xenu =&gt; false,\n      default =&gt; true\n    },\n    subscribe =&gt; [Package[$ntppackage], File[ntpconf]]\n  }\n}\n\n<\/pre>\n<p>\/etc\/puppet\/manifests\/classes\/ntpdate.pp<\/p>\n<pre>\nclass ntpdate {\n  package { ntpdate: ensure =&gt; installed }\n}\n<\/pre>\n<p>and one entry from \/etc\/puppet\/manifests\/site.pp:<\/p>\n<pre>\nnode ch405l {\n  include ntp, ntpdate\n}\n<\/pre>\n<p>Minor annoyances or deviations from the way things used to be configured: as of Debian 4.0, ntpdate is run when network interfaces are brought up, rather than at a user-defined time via the SysV init system. So if a system was installed with a bad time (most commonly on our dual-boot systems)  and you want to avoid reboots, you&#8217;ll have to run <code>ntpdate-debian<\/code> once to get the clock in sync with the NTP server before ntpd will do anything right.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Time synchronization makes lots of things work better, including: make Kerberos tar syslog We&#8217;ve got a central NTP server on campus, and I&#8217;m using that to sync from. Puppet handles ntp and ntpdate configuration on the managed systems. Components of that setup: ntp.pp and ntpdate.pp classes imported from puppet\/classes Virtualization-detecting facter recipe (originally from here, &hellip; <\/p>\n<p class=\"link-more\"><a href=\"https:\/\/sites.tntech.edu\/renfro\/2007\/05\/13\/time-synchronization\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;Time Synchronization&#8221;<\/span><\/a><\/p>\n","protected":false},"author":87,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4,7,16,24],"tags":[],"class_list":["post-17","post","type-post","status-publish","format-standard","hentry","category-debian","category-infrastructures","category-puppet","category-xen","entry"],"_links":{"self":[{"href":"https:\/\/sites.tntech.edu\/renfro\/wp-json\/wp\/v2\/posts\/17","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sites.tntech.edu\/renfro\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sites.tntech.edu\/renfro\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sites.tntech.edu\/renfro\/wp-json\/wp\/v2\/users\/87"}],"replies":[{"embeddable":true,"href":"https:\/\/sites.tntech.edu\/renfro\/wp-json\/wp\/v2\/comments?post=17"}],"version-history":[{"count":1,"href":"https:\/\/sites.tntech.edu\/renfro\/wp-json\/wp\/v2\/posts\/17\/revisions"}],"predecessor-version":[{"id":504,"href":"https:\/\/sites.tntech.edu\/renfro\/wp-json\/wp\/v2\/posts\/17\/revisions\/504"}],"wp:attachment":[{"href":"https:\/\/sites.tntech.edu\/renfro\/wp-json\/wp\/v2\/media?parent=17"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sites.tntech.edu\/renfro\/wp-json\/wp\/v2\/categories?post=17"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sites.tntech.edu\/renfro\/wp-json\/wp\/v2\/tags?post=17"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}