Rechercher
SupportConsoleDéveloppeursCommencer un essaiContact

Ce contenu n'est pas disponible dans la langue sélectionnée.

Chapter 12. Network Time Protocol

download PDF

You need to ensure that systems within your Red Hat OpenStack Platform cluster have accurate and consistent timestamps between systems.

Red Hat OpenStack Platform on Red Hat Enterprise Linux 9 supports Chrony for time management. For more information, see Using the Chrony suite to configure NTP.

12.1. Why consistent time is important

Consistent time throughout your organization is important for both operational and security needs:

Identifying a security event
Consistent timekeeping helps you correlate timestamps for events on affected systems so that you can understand the sequence of events.
Authentication and security systems

Security systems can be sensitive to time skew, for example:

  • A kerberos-based authentication system might refuse to authenticate clients that are affected by seconds of clock skew.
  • Transport layer security (TLS) certificates depend on a valid source of time. A client to server TLS connection fails if the difference between client and server system times exceeds the Valid From date range.
Red Hat OpenStack Platform services
Some core OpenStack services are especially dependent on accurate timekeeping, including High Availability (HA) and Ceph.

12.2. NTP design

Network time protocol (NTP) is organized in a hierarchical design. Each layer is called a stratum. At the top of the hierarchy are stratum 0 devices such as atomic clocks. In the NTP hierarchy, stratum 0 devices provide reference for publicly available stratum 1 and stratum 2 NTP time servers.

Do not connect your data center clients directly to publicly available NTP stratum 1 or 2 servers. The number of direct connections would put unnecessary strain on the public NTP resources. Instead, allocate a dedicated time server in your data center, and connect the clients to that dedicated server.

Configure instances to receive time from your dedicated time servers, not the host on which they reside.

Note

Service containers running within the Red Hat OpenStack Platform environment still receive time from the host on which they reside.

Red Hat logoGithubRedditYoutubeTwitter

Apprendre

Essayez, achetez et vendez

Communautés

À propos de la documentation Red Hat

Nous aidons les utilisateurs de Red Hat à innover et à atteindre leurs objectifs grâce à nos produits et services avec un contenu auquel ils peuvent faire confiance.

Rendre l’open source plus inclusif

Red Hat s'engage à remplacer le langage problématique dans notre code, notre documentation et nos propriétés Web. Pour plus de détails, consultez leBlog Red Hat.

À propos de Red Hat

Nous proposons des solutions renforcées qui facilitent le travail des entreprises sur plusieurs plates-formes et environnements, du centre de données central à la périphérie du réseau.

© 2024 Red Hat, Inc.