Red Hat Summit Red Hat SummitSupportoConsoleSviluppatoriInizia una provaContatti

Questo contenuto non è disponibile nella lingua selezionata.

Chapter 21. Configuring time synchronization by using the timesync RHEL System Role

With the timesync RHEL System Role, you can manage time synchronization on multiple target machines on RHEL using Red Hat Ansible Automation Platform.

21.1. The timesync RHEL System Role
Copia collegamento

You can manage time synchronization on multiple target machines using the timesync RHEL System Role.

The timesync role installs and configures an NTP or PTP implementation to operate as an NTP client or PTP replica in order to synchronize the system clock with NTP servers or grandmasters in PTP domains.

Note that using the timesync role also facilitates the migration to chrony, because you can use the same playbook on all versions of Red Hat Enterprise Linux starting with RHEL 6 regardless of whether the system uses ntp or chrony to implement the NTP protocol.

21.2. Applying the timesync System Role for a single pool of servers
Copia collegamento

The following example shows how to apply the timesync role in a situation with just one pool of servers.

Warning

The timesync role replaces the configuration of the given or detected provider service on the managed host. Previous settings are lost, even if they are not specified in the role variables. The only preserved setting is the choice of provider if the timesync_ntp_provider variable is not defined.

Prerequisites

  • The Ansible Core package is installed on the control machine.
  • You have the rhel-system-roles package installed on the system from which you want to run the playbook.
  • You have an inventory file which lists the systems on which you want to deploy timesync System Role.

Procedure

  1. Create a new playbook.yml file with the following content: 

    ---
- hosts: timesync-test
  vars:
    timesync_ntp_servers:
      - hostname: 2.rhel.pool.ntp.org
        pool: yes
        iburst: yes
  roles:
    - rhel-system-roles.timesync
    Copy to Clipboard Toggle word wrap

  2. Optional: Verify playbook syntax. 

    # ansible-playbook --syntax-check playbook.yml
    Copy to Clipboard Toggle word wrap

  3. Run the playbook on your inventory file: 

    # ansible-playbook -i inventory_file /path/to/file/playbook.yml
    Copy to Clipboard Toggle word wrap

21.3. Applying the timesync System Role on client servers
Copia collegamento

You can use the timesync role to enable Network Time Security (NTS) on NTP clients. Network Time Security (NTS) is an authentication mechanism specified for Network Time Protocol (NTP). It verifies that NTP packets exchanged between the server and client are not altered.

Warning

The timesync role replaces the configuration of the given or detected provider service on the managed host. Previous settings are lost even if they are not specified in the role variables. The only preserved setting is the choice of provider if the timesync_ntp_provider variable is not defined.

Prerequisites

  • You do not have to have Red Hat Ansible Automation Platform installed on the systems on which you want to deploy the timesync solution.
  • You have the rhel-system-roles package installed on the system from which you want to run the playbook.
  • You have an inventory file which lists the systems on which you want to deploy the timesync System Role.
  • The chrony NTP provider version is 4.0 or later.

Procedure

  1. Create a playbook.yml file with the following content: 

    ---
- hosts: timesync-test
  vars:
    timesync_ntp_servers:
      - hostname: ptbtime1.ptb.de
        iburst: yes
        nts: yes
  roles:
    - rhel-system-roles.timesync
    Copy to Clipboard Toggle word wrap

    ptbtime1.ptb.de is an example of public server. You may want to use a different public server or your own server.

  2. Optional: Verify playbook syntax. 

    # ansible-playbook --syntax-check playbook.yml
    Copy to Clipboard Toggle word wrap

  3. Run the playbook on your inventory file: 

    # ansible-playbook -i inventory_file /path/to/file/playbook.yml
    Copy to Clipboard Toggle word wrap

Verification

  1. Perform a test on the client machine: 

    # chronyc -N authdata

Name/IP address         Mode KeyID Type KLen Last Atmp  NAK Cook CLen
=====================================================================
ptbtime1.ptb.de         NTS     1   15  256  157    0    0    8  100
    Copy to Clipboard Toggle word wrap
  2. Check that the number of reported cookies is larger than zero.

21.4. timesync System Roles variables
Copia collegamento

You can pass the following variable to the timesync role:

  • timesync_ntp_servers:
Expand
Role variable settingsDescription

hostname: host.example.com

Hostname or address of the server

minpoll: number

Minimum polling interval. Default: 6

maxpoll: number

Maximum polling interval. Default: 10

iburst: yes

Flag enabling fast initial synchronization. Default: no

pool: yes

Flag indicating that each resolved address of the hostname is a separate NTP server. Default: no

nts: yes

Flag to enable Network Time Security (NTS). Default: no. Supported only with chrony >= 4.0.

Torna in cima
Red Hat logoGithubredditYoutubeTwitter

Formazione

Prova, acquista e vendi

Community

Informazioni sulla documentazione di Red Hat

Aiutiamo gli utenti Red Hat a innovarsi e raggiungere i propri obiettivi con i nostri prodotti e servizi grazie a contenuti di cui possono fidarsi. Esplora i nostri ultimi aggiornamenti.

Rendiamo l’open source più inclusivo

Red Hat si impegna a sostituire il linguaggio problematico nel codice, nella documentazione e nelle proprietà web. Per maggiori dettagli, visita il Blog di Red Hat.

Informazioni su Red Hat

Forniamo soluzioni consolidate che rendono più semplice per le aziende lavorare su piattaforme e ambienti diversi, dal datacenter centrale all'edge della rete.

Theme

© 2025 Red Hat