I have an email server running on top of CentOS7. This is a new server and has been in production for 2 days. It seems that chronyd is losing it's connection to the ntp servers that it contacts at pool.ntp.org. I have set up 0.pool through 3.pool in chrony.conf. When it fails I receive an error that no synchronization servers can be reached. There is no local firewall running on the server and the primary firewall allows all ntp request traffic out. Worse, when it loses its connection it is reverting to GMT instead of EST where I am located and throws off the time by 5 hours which has a catastrophic effect on email timestamping. I have put a kludge in place to stop/start chronyd hourly but I am at a loss as to why it continues to stop synchronizing. Any help appreciated.
Asked
Active
Viewed 223 times
0
-
Is this a virtual machine? How did you install CentOS? – Michael Hampton Jul 03 '19 at 16:34
-
Please edit your question to add `chronyc sources` output. – John Mahowald Jul 03 '19 at 16:36
-
Yes it is a virtual machine running under ESX6.5u2. I installed CentOS using the iso downloaded from CentOS.org. I have made a couple changes since my last post. First I have set the time server to use only NorthAmerica as we have geo-policies that may affect access to overseas servers. Second I have ensured that ntp is functioning on ESX, it apears it was not configured correctly so I assume that when chronyd went offline it grabbed the time from ESX which was wrong. – tgz Jul 03 '19 at 18:24
-
Current output of chronyc sources output: – tgz Jul 03 '19 at 18:24
-
210 Number of sources = 4 MS Name/IP address Stratum Poll Reach LastRx Last sample =============================================================================== ^- you.dontlike.us 3 8 377 46 -839us[ -839us] +/- 122ms ^+ zero.gotroot.ca 2 8 377 114 -436us[ -417us] +/- 48ms ^+ ntp.xtom.com 2 7 377 43 -5271us[-5271us] +/- 65ms ^* sombrero.spiderspace.co.> 2 7 377 51 +1529us[+1549us] +/- 32ms – tgz Jul 03 '19 at 18:31
1 Answers
1
I have ensured that ntp is functioning on ESX, it apears it was not configured correctly so I assume that when chronyd went offline it grabbed the time from ESX which was wrong.
Yes, you need to configure ESXi hosts to NTP sync from the same time service as everything else. It is not chrony that is messing up the time in this situation, but VMware tools. If host time is close to guest time you will not get these giant leaps.
Edit: NTP does not manage time zone at all, it effectively sets UTC time. Possibly your host was 5 hours wrong or so, which is a familiar offset from UTC to local conversion.
Your sources output shows typical Internet time, with all reachable and errors in the tens of milliseconds.
John Mahowald
- 30,009
- 1
- 17
- 32
-
Sorting out the NTP server connections on both host and guest has corrected the issue. The guest was attempting to resolve ntp queries with servers in conflict with geo-policies in place and timing out. The result was RTC synching with the host which also was not reporting the correct time due to ntp issues as well as presenting the time to the guest in UTC which also was not desired behavior. – tgz Jul 08 '19 at 16:23