NTP, the Network Time Protocol, is used to keep computer clocks accurate by synchronizing them over the Internet or a local network, or by following an accurate hardware receiver that interprets GPS, DCF-77, NIST or similar time signals. . This charm can be deployed alongside principal charms to enable NTP management across deployed services.
- misc ›
Network Time Protocol (NTP) is a network-based time service to ensure synchronization of time across a network of computers. It is defined in RFC5905.
The ntp charm is a subordinate charm which is designed for use with other principal charms. In its basic mode, the ntp charm is used to configure NTP in service units to talk directly to a set of NTP time sources:
juju deploy cs:ntp juju add-relation ntp myservice
By default this charm uses the standard set of NTP pool servers which are configured in Ubuntu. In the event that you don't wish every juju unit on your network to talk directly to the public NTP pool on the Internet, there are several options.
If you already have a set of reliable, non-juju NTP servers in your network, simply configure them as sources or peers and disable the default list of pool servers. For example:
juju set ntp source="myatomicclock.local.net" juju set ntp peers="ntp1.local.net ntp2.local.net ntp3.local.net" juju set ntp pools=""
Sources, peers, and pools should be space-separated.
In network environments where general outbound network access to the Internet is not avaliable or you don't have a good internal time source such as an atomic clock, you can use selected juju units to act as an NTP service for other units.
On machines which do have outbound NTP access to the Internet:
juju deploy cs:ubuntu --num-units=4 juju deploy cs:ntp ntp-stratum2 juju add-relation ubuntu ntp-stratum2
On other juju units which do not have outbound NTP access:
juju deploy my-service juju deploy cs:ntp ntp-stratum3 juju add-relation my-service ntp-stratum3 juju add-relation ntp-stratum2 ntp-stratum3 juju set ntp source="" peers="" pools=""
Auto peers implements multiple strata automatically, by testing upstream NTP connectivity, selecting the units with the best connectivity to comprise the upstream stratum, and configuring the remaining hosts to receive time from those units.
juju deploy my-service juju deploy cs:ntp juju add-relation my-service ntp juju set ntp auto_peers=true
By default, ntpd puts a per-IP rate-limit on client requests. This can be
problematic if, for example, you have a lot of hosts NATed behind a single IP.
You can configure ntpd to not rate-limit requests coming from specific IPs or
networks by using the
unlimited_clients config option. It is a comma-separated
list of IPs and networks. Networks must be specified in the
mask <network_mask> form. For example :
juju config ntp unlimited_clients="126.96.36.199,192.168.0.0 mask 255.255.0.0"
Note that this option is ignored when the NTP implementation is chrony.
Under Ubuntu 17.10 (Artful Aardvark) and earlier, the default implementation of NTP is ntpd, from the Network Time Foundation. Ubuntu 18.04 (Bionic Beaver) moves to chrony as the default NTP implementation. These decisions are also reflected in this charm.
This charm may be related to the NRPE charm for monitoring by Nagios. The telegraf charm also includes support for gathering NTP metrics.
- (boolean) DEPRECATED - please DO NOT use if you have more than approximately 20 units in this service. Automatically select the most appropriate units in the service to be a service stratum connecting with upstream NTP servers, and use those units as time sources for the remaining units.
- (int) DEPRECATED - please DO NOT use if you have more than approximately 20 units in this service. How many units should attempt to connect with upstream NTP servers?
- (string) Used by the nrpe subordinate charms. A string that will be prepended to instance name to set the host name in nagios. So for instance the hostname would be something like: juju-myservice-0 If you're running multiple environments with the same services in them this allows you to differentiate between them.
- (string) A space-separated list of nagios ntpmon checks to enable. Default is to enable all checks except trace; leave empty for no checks.
- offset peers reach sync proc vars
- (string) A comma-separated list of nagios servicegroups. If left empty, the nagios_context will be used as the servicegroup
- (string) If set to "ntp" the ntp package will be installed and configured, or if set to "chrony" the chrony package will be installed and configured. If unspecified the appropriate package will be selected based on the operating system. Please note that the use of ntp on Ubuntu bionic or later is not recommended as it does not receive security updates.
- (int) The stratum at which NTP must lose connectivity to before it considers itself orphaned, and starts determining the reference time with local peers. A typical value is 6, which will enable orphaned operation when there are no stratum 6 servers or servers of a higher stratum available, which is two strata below most Internet NTP hosts. Set to 0 to disable orphan mode entirely. You must enable at least one peer in order to use orphan mode, but four or more is recommended for best results.
- (string) Space-separated list of NTP servers to use as peers. Under ntpd, peers are allowed to query the local NTP server via ntpq.
- (string) Space-separated list of NTP servers to use as pool sources. These are recommended over normal sources for their self-healing capabilities. Leave empty to disable pool sources.
- 0.ubuntu.pool.ntp.org 1.ubuntu.pool.ntp.org 2.ubuntu.pool.ntp.org 3.ubuntu.pool.ntp.org ntp.ubuntu.com
- (string) Space-separated list of NTP servers to use as time sources.
- (string) Comma-separated list of IPs or networks for which requests will not be rate-limited. Example value "188.8.131.52,184.108.40.206 mask 255.0.0.0" This is implemented for ntpd only - chrony doesn't do rate limiting by default.
- (boolean) Use iburst for all peers/sources, not just those received via the master relation.
- (boolean) If configured to True, charm will automatically try to verify that given NTP servers are accessible and raise an error, if they aren't.