Configure Chrony NTP Service on OpenShift 4.x / OKD 4.x

By Posted on 254 views

This guide will show you simple steps to Configure Chrony time synchronization with a remote server over the Network Time Protocol (NTP) on your OpenShift / OKD 4.x Cluster. OpenShift 4.x is based on CoreOS – RHCOS/FCOS and server modifications is via MachineConfig. So let’s configure Chrony time synchronization on our OpenShift / OKD cluster.

The first step is to create a base64 encoded contents of the chrony.conf file.

cat >chrony.conf<

If you have your own NTP servers, edit the file and update server sections. 

$ vi chrony.conf

Then encode it as base64 

$ base64 -w0 chrony.conf

-- Saving to file ---
base64 -w0 chrony.conf> chrony.64

We can save the base64 value to variable: 

chrony_base64=`base64 -w0 chrony.conf`

Create the MachineConfig files – for master / worker nodes. 

for i in master worker; do
cat << EOF > ./$i-chrony-configuration.yml
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
metadata:
  labels:
    machineconfiguration.openshift.io/role: $i
  name: $i-chrony-configuration
spec:
  config:
    ignition:
      config: 
      security:
        tls: 
      timeouts: 
      version: 2.2.0
    networkd: 
    passwd: 
    storage:
      files:
      - contents:
          source: data:text/plain;charset=utf-8;base64,$chrony_base64
          verification: 
        filesystem: root
        mode: 420
        path: /etc/chrony.conf
  osImageURL: ""
EOF
done

Apply configuration files. 

oc apply -f ./master-chrony-configuration.yml
oc apply -f ./worker-chrony-configuration.yml

The MachineConfig operator will apply Chrony configurations on all master and worker nodes then reboot them.

Wait for them to come up the confirm the settings. 

$ oc adm debug node/
  chroot /host

sh-4.4# cat /etc/chrony.conf 
server 0.africa.pool.ntp.org iburst
server 1.africa.pool.ntp.org iburst
server 2.africa.pool.ntp.org iburst
driftfile /var/lib/chrony/drift
makestep 1.0 3
rtcsync
logdir /var/log/chrony
keyfile /etc/chrony.keys

The Chrony is now configured on OpenShift Cluster.

To set correct timezone you can ssh to the node and use timedatectl command: 

$ sudo timedatectl set-timezone Africa/Nairobi
$ date
Sat Oct 31 19:57:23 EAT 2020

The output of the timedatectl command: 

$ timedatectl 
               Local time: Sat 2020-10-31 20:02:12 EAT
           Universal time: Sat 2020-10-31 17:02:12 UTC
                 RTC time: Sat 2020-10-31 17:02:13
                Time zone: Africa/Nairobi (EAT, +0300)
System clock synchronized: yes
              NTP service: active
          RTC in local TZ: no
coffee

Related posts:

Gravatar Image
Ben Bennett
A systems engineer with excellent skills in systems administration, cloud computing, systems deployment, virtualization, containers, and a certified ethical hacker.