1 |
On 26/04/13 07:57, staticsafe wrote: |
2 |
> On 4/25/2013 19:50, Alan McKinnon wrote: |
3 |
>> On 26/04/2013 01:42, William Kenworthy wrote: |
4 |
>>> Does anyone know a good guide to using time sync in VM's, for both |
5 |
>>> windows and linux (gentoo) guests using libvirt? Especially for guests |
6 |
>>> that are resumed, or the whole virtualisation system is hibernated? (ntp |
7 |
>>> refuses to resync after guest pause/save/restore/resume (known problem), |
8 |
>>> even with "tinker panic 0" |
9 |
>> |
10 |
>> |
11 |
>> That's not a bug, it's by design. |
12 |
>> |
13 |
>> If ntpd detects the clock is out by more than X seconds [1], it will not |
14 |
>> try to correct the difference, concluding that something is wrong and a |
15 |
>> human must decide. It can't easily tell the difference between a resumed |
16 |
>> guest (or even that it was resumed at all) and a severe problem. |
17 |
>> |
18 |
>> We fixed this by taking the easy route of least resistance; |
19 |
>> |
20 |
>> 1. run ntpdate on startup/restart once before ntpd starts |
21 |
>> 2. start ntpd as normal |
22 |
>> 3. a colleague wrote a $MAGIC_HOOK to detect resumed guests that runs |
23 |
>> ntpdate once |
24 |
>> |
25 |
>> True, it's a brutal solution and uses a baseball bat where some finesse |
26 |
>> might be less ugly, but it suits our needs just fine. |
27 |
>> |
28 |
>> [1] I forget what X is and am too lazy to look it up. Is it 30 seconds |
29 |
>> or thereabouts? |
30 |
>> |
31 |
>> |
32 |
> |
33 |
> "When first started, the daemon normally polls the servers listed in the |
34 |
> configuration file at 64-s intervals. In order to allow a sufficient |
35 |
> number of samples for the NTP algorithms to reliably discriminate |
36 |
> between correctly operating servers and possible intruders, at least |
37 |
> four valid messages from the majority of servers and peers listed in the |
38 |
> configuration file is required before the daemon can set the local |
39 |
> clock. However, if the difference between the client time and server |
40 |
> time is greater than the panic threshold, which defaults to 1000 s, the |
41 |
> daemon will send a message to the system log and shut down without |
42 |
> setting the clock." [0] |
43 |
> |
44 |
> [0] - http://doc.ntp.org/4.1.1/debug.htm |
45 |
> |
46 |
|
47 |
|
48 |
Keep reading :) |
49 |
|
50 |
Check out "tinker panic o" I mentioned, or the -g argument to ntpd |
51 |
|
52 |
The docs say its a "once only" adjustment in one place, but I am not |
53 |
sure thats actually the case. |
54 |
|
55 |
BillK |