Use custom NTP server(s)

hostos

#1

In some networks time synchronization using public NTP servers is prohibited (NTP protocol is usually blocked in corporated firewalls). How can we set custom NTP servers in host config in this case?


#3

Have a look at Chrony - it may provide a workaround for your particular requirements.

https://chrony.tuxfamily.org/comparison.html


#4

Hi, currently that’s not possible, but we are working on adding this to the platform at the moment, see the linked issue below.

https://github.com/resin-os/resinos/issues/328

Probably would not recommend using Chrony as mentioned above, since then there will be two ntp services competing with each other, and unsure what might be the outcome.


#5

You can always remove the NTP service completely and just use Chrony.


#6

Not from the hostOS, you can’t remove it from there per se (systemd-timesyncd running there).

Having said that, could possibly tell the hostOS systemd service over the dbus interface not to sync, and use the in-container anything (e.g. in-container systemd-timesyncd, or chrony) to replace it… This would worth a try, we will also check it out as a workaround! Cheers for provoking more thoughts! :slight_smile:


#7

A follow-up to this:

I tried to disable the hostOS systemd service, but encountered the following error:

“Error System.Error.EROFS: File /etc/systemd/system/sysinit.target.wants/systemd-timesyncd.service: Read-only file system”

The command was:

DBUS_SYSTEM_BUS_ADDRESS=unix:path=/host/run/dbus/system_bus_socket
dbus-send
–system
–print-reply
–reply-timeout=2000
–type=method_call
–dest=org.freedesktop.timedate1
/org/freedesktop/timedate1
org.freedesktop.timedate1.SetNTP
boolean:false boolean:false


#8

Hey @timo,

A quick update on this.

NOW

Hi there,

Starting from resinOS 2.1.0, you can configure your own NTP servers in the config.json on the boot partition, for example:

"ntpServers": "0.resinio.pool.ntp.org 1.resinio.pool.ntp.org"

You can also check https://docs.resin.io/reference/resinOS/time/ for more details

Best, Kostas


#9

I have few questions
1.Is it possible to use iburst option in config.json.
for example ntp1.northamerica.delphiauto.net iburst
as per documentation Starting from resinOS 2.0.7, the devices connect the following NTP servers:
0.resinio.pool.ntp.org
1.resinio.pool.ntp.org
2.resinio.pool.ntp.org
3.resinio.pool.ntp.org
whereas I do not see ant entry something like above in config.json ? so how does it uses these servers? or giving custom entry in config.json how does ntp sync happens ?

2 I have tried custom servers via setting in /etc/ntp.conf
but i received something like


I do see two processes? Is it possible to use ntp servers by using /etc/ntp.conf directly ?
with default /etc/ntp.conf we do see


#10

@vickyshelke

What resinOS version are you using? 2.13.6 and newer is using chrony, and the default settings for the OS are (e.g. checked on 2.15.1 just now):

root@965e9af:/etc# cat /etc/chrony.conf
initstepslew 30 0.resinio.pool.ntp.org
server 0.resinio.pool.ntp.org iburst
server 1.resinio.pool.ntp.org iburst
server 2.resinio.pool.ntp.org iburst
server 3.resinio.pool.ntp.org iburst
driftfile /var/lib/chrony/drift
makestep 1 3
rtcsync

so iburst is enabled by default.

For your screenshots, are you running a secondary NTP client inside your application? Or can you tell more what are you showing? Since we are not using /etc/ntp.conf, so not sure what are you doing in that step.

I’ve tried the "ntpServers": "..." in config.json, and with chrony it works, don’t check the config file, but the runtime setup will have the right servers: chronyc sources.

We are checking adding bursting to the initial server setup with that config, will keep you posted about that.

Let us know what you think about all this.


#11

It was Resin OS 2.9.7+rev1 , I will update the devices in fleet to latest
yes I think I installed ntp with docker and was running ntp via app container. and screen-shots were taken from container.
as per your guidance
1.there is no need to add ntp in container(which will be otherwise Secondary)
2. Adding custom entries along with default entries in host os at /etc/chrony.conf will do for me.
let me check on chrony .
I added entries in config.json on same device running Resin OS 2.9.7+rev1 , it looks something went wrong not able to get hostos terminal.


will updating to latest solve this automatically?


#12

@vickyshelke as for your checks:

  1. yeah, no need for NTP server in the container (in general), all resinOS versions as much as I can check going back have NTP connectivity
  2. that is not correct, you don’t need to change anything on /etc/chrony.conf. What the setting in config.json does is that those servers will be added to chrony's setup at runtime. You won’t see any changes in the default config, but you’ll see the servers listed in chronyc sources.

It seems like the addition to config.json wasn’t correct, SSH into the device checks the config.json on login whether it’s the right UUID, and if not, logs out. If the config.json is incorrect/unreadable, then that won’t work :confused:

Is it a remote device, or a device at hand? If at hand, then check whether the config.json is edited correctly? How did you do that? If remote, we’ll have to sort you out to fix up your file remotely

We are actually making these changes more robust, so that no config.json manual editing is required:

It’s work in progress…


#14

Hello thank you for information , I updated devices in fleet to latest Resin OS 2.15.1+rev1. since then device went offline (the one which messed up with config.json) .I do not have control of device as it is at remote location.
I have granted support access to resin.io team.
dashboard link : https://dashboard.resin.io/apps/580496/devices
uuid : f7c2b5a


#15

Hello any update on device status it is off-line since 3 days.we have checked the device is on in factory shop but it looks it is off-line on dashboard.