Ensuring server time synchronization with NTP on SLES
Synchronize your SUSE Linux Enterprise Server times using NTP time server. Two servers are recommended for enterprise situations, as redundancy will save the day in case of a disaster.
In a modern networked environment, having the right time setting is very important for many services. Maintaining time synchronization is key to the functioning of your entire system. You could choose to rely on Internet time sources, but what if the Internet connection goes down? Here, you'll learn how to set up a redundant solution to guarantee synchronization, even during a disaster.
SUSE Linux Enterprise Server utilizes the network time protocol (NTP) time service to configure time. This is a well-tuned and enterprise grade time service requiring a simple configuration for set-up. First, I will show you how to create this configuration from the Bash command line.
All modern operating systems use the network time protocol to enforce time synchronization. The concept is simple; NTP works according to a hierarchy in which the importance of each time server is indicated by a stratum assignment. At the top of this hierarchy is the stratum 1 time server. Typically, these are atomic clocks and very accurate. If you synchronize your server with a stratum 1 time server, it will automatically be in stratum 2. The server that synchronizes with your stratum 2 server will get assigned to stratum 3, and so on. Stratum 16 means that time could not properly be synchronized.
If you choose to set up your time synchronization environment for redundancy, you can also choose to set up your server with more than one time synchronization source. If this is the case, your server will receive different stratums and all servers will automatically synchronize with the server at the top of the hierarchy because the stratum concept dictates that this is the most reliable server. To set up a redundant and a reliable time synchronization hierarchy among your servers, synchronize with an Internet time server first. The servers in pool.ntp.org are a good source for this. To make sure that you have a redundant setup, it is a good idea to synchronize two servers in your network with an external internet time source.
In case the Internet connection goes down, you should have an internal backup time source. You want to be able to rely on more than one time server so that you have more than a single point of failure in your network., I recommend configuring the two servers that synchronize with the Internet with a specific stratum as well, which is high enough to serve as a reliable time source if no Internet time servers are available. In Listing 1 you can see how to configure a NTP time server to synchronize with Internet first. but also to give itself stratum 5 in case the Internet time source fails to answer. Make sure to use this configuration on two servers in your network so that you have redundancy in the case that one of these two servers goes down.
Listing 1: /etc/ntp.conf on the servers that maintain Internet time
server pool.ntp.org server 127.127.1.0 fudge 127.127.1.0 stratum 5
By using the /etc/ntp.conf as described above, your server will normally be placed in stratum 2 (as it synchronizes with a stratum 1 Internet time source). If the time source fails, the fudge line makes sure that the server starts synchronizing with itself, and therefore it will get stratum 6. You can verify this using the NTPTRACE command.
It doesn't make sense to direct all servers in your network directly to an Internet time source. For management purposes, it is a much better idea to have just two servers that are responsible for this connection. On all other servers, you only need to use the internal time servers. Assuming that these are server1.example.com and server2.example.com, and that you also want them to maintain a minimal time configuration if all other servers go down, you can use the configuration as in Listing 2 to accomplish this goal:
Listing 2: Configuration on the secondary level time servers in your network
server server1.example.com server server2.example.com server 127.127.1.0 fudge 127.127.1.0 stratum 10
Don't forget to use the rcntp restart command on your servers after changing the /etc/ntp.conf configuration file. Otherwise your server won't pick up the changes.
SUSE Linux Enterprise Server offers an enterprise level NTP time solution. We have covered how to create a simple-to-understand yet versatile time server configuration. By using such a configuration in your environment, you'll ensure that essential services continue working -- even if the Internet connection goes down.
ABOUT THE AUTHOR: Sander van Vugt is an author and independent technical trainer, specializing in Linux since 1994. Vugt is also a technical consultant for high-availability (HA) clustering and performance optimization, as well as an expert on SUSE Linux Enterprise Desktop 10 (SLED 10) administration.