Proxmox VE Cluster - Chapter 014 - Configure NTP on the Proxmox Cluster

Proxmox VE Cluster - Chapter 014 - Configure NTP on the Proxmox Cluster

A voyage of adventure, moving a diverse workload running on OpenStack, Harvester, and RKE2 K8S clusters over to a Proxmox VE cluster.

The NTP architecture here uses the E800 nodes as a central NTP source for the entire network.  Those six nodes are the only NTP servers that get time from the internet or from the local GPS refclock, and the rest of the network syncs time off those six.  Helpfully, a long time ago, I set up DNS aliases ntp1 thru ntp6 for these clocks so I don't need to change any configurations after I alter the DNS ... probably.

Basically, today I am converting from classic NTP on the OpenStack servers to Chrony on the Proxmox servers.

References

https://pve.proxmox.com/wiki/Time_Synchronization

https://ubuntu.com/server/docs/how-to-serve-the-network-time-protocol-with-chrony

https://ubuntu.com/server/docs/how-to-serve-the-network-time-protocol-with-chrony

The Big Picture Plan

1. Configure proxmox001-003 to get time from the local GPS clock, from the other proxmox servers, and one internet time pool source.
2. Configure proxmox001-003 to serve time.
3. Modify dns such that ntp1-ntp3 will now point to proxmox001-003.  Note some devices will require manual configuration such as the Ethernet switches, maybe the Ubiquity wifi, maybe the TrueNAS, who knows?
4. After proxmox004-006 are set up, the DNS hosts ntp4-ntp6 will need to be updated.

I will set this up manually because its simple and I have not integrated proxmox with Ansible yet.  But eventually Proxmox will be configured via Ansible.

Manually configuring chrony on Proxmox VE

1. Create (or copy) the files for sources into "/etc/chrony/sources.d" I put exactly one clock in each file.  Files in sources.d can be re-read without restarting the entire service by running "chronyc reload sources".  If successful you should see the other clocks are now accessible when running "chronyc sources".
2. Remove the default clocks shipped by Proxmox and enable NTP serving.  Edit /etc/chrony/chrony.conf and comment out the "pool" directive and add a line underneath "allow 10.0.0.0/8"  This will require a service restart not a mere reload, so "service chrony restart" and verify Chrony operation after a few minutes using "chronyc sources"
3. Edit DNS for ntp1 (or as appropriate) to point to the new proxmox node IP address.
4. Test NTP from various VMs and hardware to verify NTP is working.

List of clocks in /etc/chrony/sources.d:

• gpsclock.sources = the local, on LAN, "stratum 1-ish" GPS clock
• proxmox001.sources = should be five files pointing to the other five E800 nodes
• pool.sources = "server 0.pool.ntp.org" as an external reference.

Cool, the new Proxmox nodes are now providing NTP time service to the network.  Next blog post will be about moving all the workload off the old OpenStack OS2 cluster so as to repurpose that hardware as yet more Proxmox capacity.