#4669 [RFE] Client should configure chrony in favor of ntpd when available
Closed: fixed 2 years ago Opened 5 years ago by mkosek.

Ticket #2974 updated server and client installers to detect configured chrony and act based on it:

  • Server installer warns and disables chrony in favor of ntpd. This should not be changed as server needs to run NTP server, chrony is "just" client
  • Client installers warns and skips ntpd configuration if not told otherwise

However, given that chrony is the preferred time synchronization client ([source 1], http://rhelblog.redhat.com/2014/08/20/precision-time-synchronization-network-latency/ source2), the Client should be enhanced to instead configure chrony, if available. We may also change Requires on Client to chrony from ntpd.


If chrony configuration is deferred, we should at least extend http://www.freeipa.org/page/NTP_Server with instructions how to configure chrony instead of ntpd.

Closer look gives us few more facts:

I believe we should discuss and triage this ticket again.

Constrains for Atomic should be also checked.

Requires for containers. People are also asking about it.

This is still work in progress. Given how close we are to 4.2 GA, I am postponing this one.

This RFE is no longer critical, RHEL downstream stopped requesting this one for immediate future.

Some aspects of ntp are hard to debug/notice in ipaclient-install.log.

When doing this change it would be nice if it would contain these improvements:

  • cleanly tell why the time service is not configured because of other time service. E.g. right now if chronyd is configured initial time sync/ntpd configuration is not done. The fact why it is not done is not clearly reported in the log (there is a print in stdout which is not in the log). E.g. add "other time service is configured(ntpd), disabling chronyd configuration)".
  • when doing initial sync, report the ntp server for each attempt in a log. Right now this could be only seen in ntpd output when ipa-client-install is run with -d option(enables ntp debugging).

the comment above is based on experience with bz 1255102

FreeIPA 4.2.1 was released, moving to 4.2.x.

shall we also remove rpm dependency for 'ntp' from ipa-client?

Metadata Update from @mkosek:
- Issue assigned to dkupka
- Issue set to the milestone: FreeIPA 4.5 backlog

3 years ago

Metadata Update from @mkosek:
- Issue close_status updated to: None

2 years ago

Metadata Update from @tdudlak:
- Issue assigned to tdudlak (was: dkupka)

2 years ago

Metadata Update from @tdudlak:
- Issue close_status updated to: fixed

2 years ago

Login to comment on this ticket.

Metadata