First, let us understand what NTP (Network time protocol) is. An NTP server is a time server that is used to keep/sync the time in your cluster.
An NTP server can be public or private depending on the strictness of your environment.
To know how to configure NTP in your Nutanix cluster, take a look at- https://support-portal.nutanix.com/#/page/docs/details?targetId=Web-Console-Guide-Prism-v5_16:wc-system-ntp-servers-wc-t.html
After the NTP server is configured, the genesis leader becomes the NTP leader, which means that the genesis leader is syncing time to the NTP server and other CVMs are syncing time with the genesis leader.
How NTP works in AHV:-
It’s as simple as it gets. The AHV hypervisor takes the same server configured on the cluster and syncs the time with it individually. There are no extra steps required to configure the NTP server on the AHV hosts.
How NTP works in ESXi:-
The ESXi cluster does not take the server configured on the Nutanix cluster and it needs to be set separately from vCenter for each host. Although servers different from the Nutanix cluster can be configured on the ESXi host, the best practice here is to keep the consistency.
How do we check if NTP is working properly:-
There is an NCC check “check_ntp” in place to verify the NTP status on the CVMs and the hosts.
The plugin check_ntp contains multiple checks that focus on NTP-related scenarios:
NTP configuration check - Checks the NTP configuration on the CVM and the hypervisor.
CVM NTP time synchronization - Determines whether the CVM is able to sync time with any of the NTP servers.
Hypervisor NTP time synchronization (AHV + ESXi only) - Determines whether the host is able to sync time with any of the NTP servers.
To know more about the NCC check, take a look at https://support-portal.nutanix.com/#/page/kbs/details?targetId=kA032000000bmjeCAA
To read about recommendations for NTP server time synchronization, take a look at https://support-portal.nutanix.com/#/page/docs/details?targetId=Web-Console-Guide-Prism-v5_16:wc-ntp-server-time-sync-recommendations-c.html
I have three time servers configured in Prism Element: DNS alias time1, time2, & time3. The physical time servers are retiring (though they are currently still up and running). They have been replaced with new time servers and the new time servers have different IP addresses, but the time1, time2 & time3 DNS aliases now point to the new time servers.
When I run “
ntpstat” on a CVM the OLD IP is still being used by NTPD.
synchronised to NTP server (xx.xx.xx.58) at stratum 4 « Note: this is an OLD time server IP
time correct to within 70 ms
polling server every 1024 s
Also, when I run “
ncli cluster get-ntp-servers” a list of the three OLD ip addresses is produced.
Do I need to restart NTPD manually on all CVMs and AHV/ESXi hosts to get NTPD to use the new IP addresses before removing the old time servers?
Answering my question above: running
via ssh on one of the CVMs in each cluster restarted ntpd on the CVMs, AHV hosts, and I believe even our Files servers.