Ntp server/chrony

[d_G]

Hi,
on proxmox in a lxc with some containers,
I would add a ntp server for them:
so apt install chrony

The following packages will be REMOVED:
  systemd-timesyncd

added allow IP/24 to the chrony.conf



but testing it specifying the IP of the lxc and 123 as port it NOT works.
Any idea/suggestion ?

installing ntp:
after apt install ntp
but where is located ntp.conf ?

Thank you!

 

[Kingneutron]

Forget about ntp and stick with chrony

Firewall? If you do ' netstat -plant ' in the container, does it list port 123 as Listening? If not you may have to enable --now the daemon

Do a search for ' install chrony time server on $YOURDISTRO ' and follow a HOWTO

 

[BobhWasatch]

Did you do any troubleshooting at all before posting? What is the output of "chronyc sources" for example?

There is a fundamental problem here. Chrony (and NTPd as well) won't serve time if it isn't synced, or rather it will tell clients that it isn't synchronized and they will refuse to use it. But in a container it can't set the clock and therefore can't be synced. The output of "chronyc sources" would have told you that.

You need to either configure chrony on the host as a server (it is probably already installed) or else read the man page to learn about the "local" directive to force chrony to serve unsynchronized time from the container.

 

[BobhWasatch]

Also, containers don't need their own NTP. They get time from the host. So really if the host has a working NTP you are done unless you also want to serve time to VMs.

 

[d_G]

Did you do any troubleshooting at all before posting? What is the output of "chronyc sources" for example?

Thank you your reply,
this is a screeshot:


and also systemctl status chronyd doesn't prompt any error : "warning..." like here : https://forum.proxmox.com/threads/ntp-server-best-practice-ct-ubuntu-chrony.107367/post-461585

So it "works" (in someways in the lxc, but not acts as server ) maybe is it not feasible what I would like to achieve...

 

[d_G]

Forget about ntp and stick with chrony

Firewall? If you do ' netstat -plant ' in the container, does it list port 123 as Listening? If not you may have to enable --now the daemon

Do a search for ' install chrony time server on $YOURDISTRO ' and follow a HOWTO

Thank you for your reply !

I tryed to lok for the port 123.. with netstat (but
# netstat -plant
-bash: netstat: command not found
exists instead ss but no 123 port is shown.

ss -lnup | grep 123
UNCONN 0      0            0.0.0.0:123       0.0.0.0:*    users:(("chronyd",pid=2523347,fd=7))

Does suggest you something ?

 

[d_G]

Ok, my bad:
ALL the following lines are mandatory at the end of the conf file!
local stratum 8
manual
allow IP/24 # change with 192.168.1.0 for example.

So now it works! As I hoped: ntp server avalaible for the lan (from the lxc container).

Of course check all clients with : chronyc -N clients -k

 

[cymesa]

Hello, recommendations for running chrony in lxc (correct me if i'm wrong):

1) Setting up chronyc on the pve host correctly ( It is already installed and running for default)

2) Adjust daemon execution to tell that should not adjust the local clock:
nano /etc/default/chrony
DAEMON_OPTS="-x -F 1"

3) systemctl restart chrony

-x
This option disables the control of the system clock. chronyd will not try to make any adjustments of the clock.

 

[UdoB]

1) Setting up chronyc on the pve host correctly ( It is already installed and running for default)

This!

(Usually) it makes absolutely no sense to have a different clock in a container (or a VM).

You may have different Timezones, but the "hardware"-time is usually the very same for all guests on a single host - and for all nodes of a cluster.