Mengonfigurasi relai NTP eksternal

Halaman ini menjelaskan cara mengonfigurasi pemutaran ulang NTP eksternal untuk perlengkapan air-gapped Google Distributed Cloud (GDC).

Langkah-langkah ini hanya diperlukan jika Anda ingin menyinkronkan perangkat dengan waktu eksternal setelah koneksi terputus.

Sebelum memulai

Untuk menyinkronkan appliance dengan NTP eksternal, selesaikan langkah-langkah berikut:

1. Mengonfigurasi perangkat dan menginstal software

2. Sebelum memulai, pastikan hanya ada satu relay NTP. Untuk memverifikasi, jalankan perintah berikut di mesin bootstrapper:

   kubectl get ntprelay -A
   

   Outputnya akan terlihat seperti contoh berikut:

   NAMESPACE    NAME           AGE
   gpc-system   bi-ntp-relay   4d21h
   

Mengonfigurasi relai NTP

1. Hubungkan bootstrapper ke perangkat appliance dan tentukan alamat IP antarmuka yang terhubung:

   ifconfig
   mgmt: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
       inet 198.18.0.30   netmask 255.255.255.224  broadcast 198.18.0.31
       inet6 fe80::20c:29ff:fea8:fc35  prefixlen 64  scopeid 0x20&lt;link&gt;
   ...
   

2. Edit CR ntprelay dengan menyertakan IP pengelolaan bootstrapper sebagai IP upstream.

   kubectl edit ntprelay bi-ntp-relay -n gpc-system
   ntprelay.system.private.gdc.goog/bi-ntp-relay edited
   kubectl get ntprelay bi-ntp-relay -n gpc-system -oyaml
   

   Outputnya akan terlihat seperti contoh berikut. Dalam contoh ini, alamat IP untuk upstreamServers diubah:

   apiVersion: system.private.gdc.goog/v1alpha1
   kind: NTPRelay
   metadata:
     creationTimestamp: "2025-05-16T08:44:21Z"
     generation: 2
     name: bi-ntp-relay
     namespace: gpc-system
     resourceVersion: "10871409"
     uid: 6cde8e65-791c-4bc6-9a8b-d5c9bf103f8b
   spec:
     upstreamServers:
     - 192.0.2.030
   

3. Verifikasi sinkronisasi NTP:

   kubectl get pods -l app.kubernetes.io/name=ntp -n ntp-system -o name | xargs -I {} kubectl exec {} -n ntp-system -- chronyc sources -v; echo
   

   Outputnya akan terlihat seperti berikut:

     .-- Source mode  '^' = server, '=' = peer, '#' = local clock.
   / .- Source state '*' = current best, '+' = combined, '-' = not combined,
   | /             'x' = may be in error, '~' = too variable, '?' = unusable.
   ||                                                 .- xxxx [ yyyy ] +/- zzzz
   ||      Reachability register (octal) -.           |  xxxx = adjusted offset,
   ||      Log2(Polling interval) --.      |          |  yyyy = measured offset,
   ||                                \     |          |  zzzz = estimated error.
   ||                                 |    |           \
   MS Name/IP address         Stratum Poll Reach LastRx Last sample
   ===============================================================================
   ^* 192.0.2.026                   1   6    17    43   +286ns[  +36us] +/- 1160us
   =? 192.0.2.029                 0   6     0     -     +0ns[   +0ns] +/-    0ns
   =? 192.0.2.051                 0   6     0     -     +0ns[   +0ns] +/-    0ns
   =? 192.0.2.059            0   6     0     -     +0ns[   +0ns] +/-    0ns
   
     .-- Source mode  '^' = server, '=' = peer, '#' = local clock.
   / .- Source state '*' = current best, '+' = combined, '-' = not combined,
   | /             'x' = may be in error, '~' = too variable, '?' = unusable.
   ||                                                 .- xxxx [ yyyy ] +/- zzzz
   ||      Reachability register (octal) -.           |  xxxx = adjusted offset,
   ||      Log2(Polling interval) --.      |          |  yyyy = measured offset,
   ||                                \     |          |  zzzz = estimated error.
   ||                                 |    |           \
   MS Name/IP address         Stratum Poll Reach LastRx Last sample
   ===============================================================================
   ^* 192.0.2.026                 1   6    37     2     +2ns[  +90us] +/-   84us
   =? 192.0.2.029                 2   6     1     8   +368us[ +449us] +/- 3761us
   =? 192.0.2.051                 0   6     1     -     +0ns[   +0ns] +/-    0ns
   =? 192.0.2.059                 2   6     1     8   +663us[ +744us] +/-   11ms
   
     .-- Source mode  '^' = server, '=' = peer, '#' = local clock.
   / .- Source state '*' = current best, '+' = combined, '-' = not combined,
   | /             'x' = may be in error, '~' = too variable, '?' = unusable.
   ||                                                 .- xxxx [ yyyy ] +/- zzzz
   ||      Reachability register (octal) -.           |  xxxx = adjusted offset,
   ||      Log2(Polling interval) --.      |          |  yyyy = measured offset,
   ||                                \     |          |  zzzz = estimated error.
   ||                                 |    |           \
   MS Name/IP address         Stratum Poll Reach LastRx Last sample
   ===============================================================================
   ^* 192.0.2.026                   1   6    37    29     -6ns[ -759us] +/-   92us
   =? 192.0.2.029                   2   6     1    36   +334us[ -346us] +/- 3775us
   =? 192.0.2.051                   2   6     1    35   -125us[ -813us] +/- 5839us
   =? 192.0.2.059                   0   6     1     -     +0ns[   +0ns] +/-    0ns
   

4. Verifikasi apakah chronyc di pod NTP merujuk ke IP yang baru ditambahkan.

   kubectl exec -it -n ntp-system ntp2-84ddf7cd99-96vqn -- sh
   

   Outputnya akan terlihat seperti contoh berikut:

   Defaulted container "ntp-image" out of: ntp-image, ntp-node-exporter
   # chronyc tracking
   Reference ID    : C612001E (198.18.0.30)
   Stratum         : 2
   Ref time (UTC)  : Wed May 21 07:28:38 2025
   System time     : 0.000000005 seconds slow of NTP time
   Last offset     : +0.000025645 seconds
   RMS offset      : 0.000082131 seconds
   Frequency       : 15.671 ppm slow
   Residual freq   : +0.024 ppm
   Skew            : 0.628 ppm
   Root delay      : 0.000164273 seconds
   Root dispersion : 0.000180630 seconds
   Update interval : 64.8 seconds
   Leap status     : Normal
   # exit