One of the aspect that determines the correct functioning of different computing resources or Hosts on the Network is to make sure all of these Hosts can synchronize against a stable Time Server. The Nutanix cluster from this perspective is no exception. In this article we’ll explore the steps on how to configure Nutanix Time Server client using the command line. The need to configure Nutanix Time Server will also make sure that the interaction between components which requires synchronization with other hosts is working as expected.
For example in the case of Data Protection solutions this will ensure the operations on the correct files on the storage can be performed like snapshots and files to backup. Equally, accurate time synchronization is helpful when retrieving the data to display on the various dashboards
In the previous articles we have seen the steps on how to deploy, install and configure Nutanix CE for first time setup in our home lab. what we might have noticed is the list of alarms is number of warning alerting us on the synchronization with external servers not working as expected.
In this case both the Nutanix Cluster and the Host are trying to contact the NTP Servers when they are configured into the Home Dashboard settings. Chances are the Nutanix Time Server details are properly configured or missing. But what if the proper servers names are setup but not working as expected?
In this article we’ll explore the steps on how to configure Nutanix Time Server client and troubleshoot connection issues.
Configure Nutanix Time Server client
When browsing the list of alerts from the Home Dashboard we might see something similar to this where in the list of Warnings a few items notify us of the missing communication between the Nutanix Time Server client on the Host and Hypervisor with external Network Time Servers (NTP Server).
The first thing we need to make sure of course is to specify which NTP Servers we want to use. From the Home Dashboard > Settings > NTP Servers let’s add and verify the configured Servers.
There are multiple options and assuming we do not have an internal NTP Server in our home lab we can always benefit from the Public ones. For a long time I have always used the NTP Servers pools from pool.ntp.org from which it is possible to choose the NTP servers closer to the our location.
In this particular instance I want to try a new service from Google which provides public Network Time Servers.
As a best practice we can add up to 4 different sources which will guarantee accuracy and avoid isolation in case of failing servers. In this case I will go for the main name of the NTP Server pool simply adding “time.google.com”
At this point let’s start an SSH connection to the Nutanix Controller VM and verify the NTP configuration. Default username and password are:
- user: nutanix
- password: nutanix/4u
At this point we can use the “ntpq” utility to query about the status of the NTP client. All we have to do is to issue the command:
“ntpq -p”
to query the actual status and discover the NTP sources.
The only NTP source available is the LOCAL one which of course cannot be accurate from a synchronization perspective.
We definitely included the NTP Server information in the Home Dashboard settings. How comes this is not showing up and working as expected? Let’s take a look and stop the NTP demon by running:
“sudo service ntpd stop”
and check the result as per screenshot below.
At this point let’s try to run a manual update and force a manual synchronization. We can issue the command:
“sudo ntpdate -u time.google.com”
This command will basically trigger an update from the time.google.com NTP servers.
From the command prompt we can see the update is failing with the message “no server suitable for synchronization found”.
Let’s try at this point to run a quick diagnostic and see what’s currently happening. Let’s run a new command:
“ntpdate -d time.google.com”
In this case as the screenshot is showing we can see the following:
- the time.google.com pool name is correctly resolved
- the time server currenlty in use is time3.google.com
- the server dropped no data
- the NTP client is connecting to the lowest stratum (stratum 0) essentially the source
- no information are exchanged with the NTP server
Since connectivity seems to be working and NTP protocol uses UPD on port 123, it could be either of these two cases:
- the ISP is blocking the UDP packets
- an internal firewall is blocking the UDP packets
After allowing a rule to the internal firewall to accept UDP packets on port 123 I get the following result: Definitely better looking!
The rule I have used for iptables is:
“$IPTABLES -I FORWARD -p udp –dport 123 -j ACCEPT”
At this point repeating the command to manually update the NTP client we can see something similar to the screenshot below.
As a confirmation we can now see the correct time appearing by simply running the command:
“date”
At this point we can restart the NTP demon and check the status with the these commands:
“sudo service ntpd start”
and
“sudo service ntpd status”
and finally
“date”
And finally when querying the NTP demon again we can see the new NTP Server appearing with pertinent stats.
This concludes a quick overview on how to configure Nutanix Time Server client using the command line. As part of the initial Nutanix CE setup we’ll cover the steps to configure Nutanix timezone.
Add Comment