Time synchronisation between PVE node/host and VM/guest without access to the Internet

jsabater

Member
Oct 25, 2021
115
11
23
48
Palma, Mallorca, Spain
Hey everyone!

As far as I understand, my Proxmox 7 cluster, installed on top of a Debian 11 Bullseye, uses systemd-timesyncd to keep the clock in sync via external NTP servers, configured either in /etc/systemd/timesyncd.conf or in a separate file inside /etc/systemd/timesyncd.conf.d/. All of my nodes have such configuration and it seems to be working well-enough so far.

In case that the guest is an LXC, I have read in these forums that, since it's the same kernel, the guest is reading the value from the actual value of the kernel of the node/host when calling gettimeofday(). Therefore, no NTP client is required in the LXC. But I have not found documentation about this.

In case that the guest is a VM, I have read in these forums that the host/node synchronises the virtual clock (kvm-clock [1]) of the guest when starting it up, but afterwards the NTP client inside the VM should take care of keeping it synchronised. But I have not found documentation about this either.

Questions:
  1. Are these two assumptions correct?
  2. If my VM does not have access to the Internet [2], is there a way to keep the clock inside the VM in sync via the node/host instead of the Internet?
  3. I could also set up a NTP server where my HTTP proxy resides, which is an LXC in one of the nodes of the cluster. Or in a separate LXC. The VM would use that server. Would that work, given the NTP server would be inside an LXC? (as per @czechsys' response below)
Thanks in advance.

[1] cat /sys/devices/system/clocksource/clocksource0/current_clocksource
[2] Except via a HTTP proxy, which could lead me to use HTP, but I'd rather avoid it.
 
Last edited:
HI, @czechsys, and thanks for your reply.

Yes, one of my pending tasks is to disable systemd-timesyncd and install and configure Chrony. It just never manages to move to the top of that list, heh :)

Regarding setting up a NTP server, I take it that it would have to be a physical machine, but that would be a waste. I can't be the only one with VMs that have no connection to the Internet, can I? :(