Little Plastic Castle

 
    
23
Aug 2008
5:34 AM PDT
   

Saturday 8/23/2008

Call from Cartman:

Problems with NTP in nonprod, he's locking firewalls and sees some strange calls.�

Investigation / background

- All of nonprod syncs ntp with a vip named 'ntp' in DMZ and 'time' in CORE

- CORE/time vip points to NW for time

- DMZ/ntp vip points to non-prod server skylla on mage

%%

With the dmx migration Slick and I shut down NTP on all vms and instructed them to sync time with their ESX host.� All ESX hosts were pointed to 'ntp' for their time, under the mistaken assumption that the 'ntp' vip also pointed to NW for time.

We also shut down ntp on skylla.� This effectively left all of nonprod without a timesource.� It will drift.

%%

I asked Cartman this:

"If it's a known issue that Virtual Guests don't sync time properly using the NTP protocol, did it ever make sense to use a Virtual Guest as a primary time source?"

He agreed that it does not.

Cartman volunteered to assign NTP duties to our nonprod Cisco switch and to point the ntp VIP to it.

That means all of our Virtual Guests will sync time with their ESX host and the ESX host will sync time with the 'ntp' VIP, which will use the nonprod Cisco switch as its time authority.

%%%

Cartman will get this set up "sometime next week" because he's "busy".

Meanwhile, time on these machines will drift.� I ran through today and punched it down for all of the nonprod boxes and found them all .5 sec off.� Apollo was 15sec off.�

 Add comment
Add Comment:

Add Tags:
To add multiple tags, please separate them with comma ( , )





coraline's Profile

  • Username: coraline
  • Gender / Age: Female, 54
  • Location: USA - Arizona
    •  
     
     
    CORALINE's Interests:

    About Me: Little Plastic Castle is an extension of This Child's Life which is not hosted at inboxjournal. This blog will make little sense to anyone other than myself. It's a stream of consciousness log of what I do on a daily basis in my job as a UNIX computer systems engineer. o/~ "They say goldfish have no memory, I guess their lives are much like mine...so the little plastic castle is a surprise every time, and its hard to say if they're happy, but they don't seem much to mind." o/~ I endeavor to respect confidentiality and thus I use nicknames for the people I work with. (Mr. T, Ratface, Jerry, Cartman, Grandpa Simpson, Slick, and so on.) I drop system names in here and abbreviations, but any note that requires something like a FQDN will always be marked private. You can comment if you like, but I'll only respond if I feel like it.

    Interests: Cast of Characters: Just a few of the names I use for people, this is the nickname and what their job responsibility is. Mr. T - My Direct Manager (Engineering) Slick - ESX Specialist Cartman - Network Engineering Lead Grandpa Simpson - Network Engineer Becky - WebSphere Engineer Ratface - Developer/Architect Jerry - Project Manager (BTI) Matt T. - Project Manager (Blackbird) The Martian - Application Developer AVP Ice Queen - Engineering AVP Chez - Assistant to Ice Queen Watts - Engineering/Development Sr. Mgr. Hoppy - I.T. Security LDAP Squirrelface - I.T. Security Accts Woodchuck - I.T. Security Accts Russian Bride - Application Tester Trisha - Testing AVP Tequila - UNIX Admin OPS Chops - UNIX Admin OPS Mac - UNIX Engineer (Contractor, works with Tequila & Chops) Margie - SAN specialist (ch)InkPen - Backup Specialist Chimpy - OPS Mgr Duke - UNIX Lead even though he knows nothing about UNIX