From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) by lore.proxmox.com (Postfix) with ESMTPS id 2C8671FF16D for ; Mon, 19 Aug 2024 16:58:10 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id E51101B39F; Mon, 19 Aug 2024 16:58:25 +0200 (CEST) Date: Mon, 19 Aug 2024 14:57:52 +0000 To: gaio@lilliput.linux.it In-Reply-To: <46ebpk-rqm.ln1@leia.lilliput.linux.it> References: <46ebpk-rqm.ln1@leia.lilliput.linux.it> MIME-Version: 1.0 Message-ID: List-Id: Proxmox VE user list List-Post: From: Alwin Antreich via pve-user Precedence: list Cc: Alwin Antreich , Proxmox VE user list X-Mailman-Version: 2.1.29 X-BeenThere: pve-user@lists.proxmox.com List-Subscribe: , List-Unsubscribe: , List-Archive: Reply-To: Proxmox VE user list List-Help: Subject: Re: [PVE-User] NTP on PVE8... Content-Type: multipart/mixed; boundary="===============7001139547838998063==" Errors-To: pve-user-bounces@lists.proxmox.com Sender: "pve-user" --===============7001139547838998063== Content-Type: message/rfc822 Content-Disposition: inline Return-Path: X-Original-To: pve-user@lists.proxmox.com Delivered-To: pve-user@lists.proxmox.com Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 03725C51F0 for ; Mon, 19 Aug 2024 16:58:24 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id D665D1B25A for ; Mon, 19 Aug 2024 16:57:53 +0200 (CEST) Received: from mx.antreich.com (mx.antreich.com [173.249.42.230]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS for ; Mon, 19 Aug 2024 16:57:52 +0200 (CEST) Received: from mail2.antreich.com (unknown [172.16.9.25]) by mx.antreich.com (Postfix) with ESMTPS id 95E436E2E20; Mon, 19 Aug 2024 16:57:52 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=antreich.com; s=2018; t=1724079472; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=rIn2nMLEM5TJzi52zlNpQ8nEWOUe1P96vRgvYjp4cIY=; b=RMghpzkA/u74GrCZEcHvJ75CMH/uDK3e6TuPkvIUFGF3R3GSdMxIkr1mhuIBZKZJ3s3jrD 38j6lW5C6jEqvFPghtYYzVv0yqUDtWuO8JCcszPoJ2mF/BNEI9AtWlG4zfmqx2tAJp/WWO 3FrC2dAHWHtWPEesytkEkX5yoFZjC00oUm6VYk4F6//gcUSES3G+YDU2LvQcg30cByCvYO Oy8nrR53vMQ1fr0d+iLkgZl41MW78aVykMpMLklazjyh5cvlDbgbKDu8znRgR12qRkUd9r p5zshXBGCF4aZgENZTt6xM0j7RYMyjejQDIFBzgrGt2aIym7GF9VfU5CIPEFlQ== MIME-Version: 1.0 Date: Mon, 19 Aug 2024 14:57:52 +0000 From: "Alwin Antreich" Message-ID: <6f37f0399dca2a68bf3129aefc8a5843799654bd@antreich.com> TLS-Required: No Subject: Re: [PVE-User] NTP on PVE8... To: gaio@lilliput.linux.it Cc: "Proxmox VE user list" In-Reply-To: <46ebpk-rqm.ln1@leia.lilliput.linux.it> References: <46ebpk-rqm.ln1@leia.lilliput.linux.it> X-SPAM-LEVEL: Spam detection results: 0 AWL 0.124 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DKIM_SIGNED 0.1 Message has a DKIM or DK signature, not necessarily valid DKIM_VALID -0.1 Message has at least one valid DKIM or DK signature DKIM_VALID_AU -0.1 Message has a valid DKIM or DK signature from author's domain DKIM_VALID_EF -0.1 Message has a valid DKIM or DK signature from envelope-from domain DMARC_PASS -0.1 DMARC pass policy HTML_MESSAGE 0.001 HTML included in message RCVD_IN_VALIDITY_CERTIFIED_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. RCVD_IN_VALIDITY_RPBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. RCVD_IN_VALIDITY_SAFE_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. SPF_HELO_PASS -0.001 SPF: HELO matches SPF record SPF_PASS -0.001 SPF: sender matches SPF record T_SCC_BODY_TEXT_LINE -0.01 - Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.29 Hi Marco, August 19, 2024 at 11:00 AM, "Marco Gaiarin" wro= te: >=20 >=20Running 'pve7to8' i've catch: >=20 >=20 INFO: Checking for supported & active NTP service.. > WARN: systemd-timesyncd is not the best choice for time-keeping on ser= vers, due to only applying updates on boot. > While not necessary for the upgrade it's recommended to use one of: > * chrony (Default in new Proxmox VE installations) > * ntpsec > * openntpd >=20 >=20This is indeed mostly true, and in a cluster using a NTP daemon is a = must. > No doubt on that. >=20 >=20But for a standalone server, systemd-timesyncd seems sufficient to me= ; and > surely NOT 'only applying updates on boot': systemd-timesyncd sync time= at > regilar interval! >=20 >=20 PollIntervalMinSec=3D, PollIntervalMaxSec=3D > The minimum and maximum poll intervals for NTP messages. Polling start= s at the minimum poll interval, and is adjusted within the specified limi= ts in response to received > packets. >=20 >=20 Each setting takes a time span value. The default unit is seconds, b= ut other units may be specified, see systemd.time(5). PollIntervalMinSec= =3D defaults to 32 seconds and > must not be smaller than 16 seconds. PollIntervalMaxSec=3D defaults to= 34 min 8 s (2048 seconds) and must be larger than PollIntervalMinSec=3D. >=20 systemd-timesyncd=20only uses one server to update its time, which can le= ad to time jumps when this NTP can't be accessed reliably. NTPs (eg. ntpd= /chrony) are usually using 3+ servers to calculate a mean time and compen= sate for jitter and other delays. This allows to keep the time more stabl= e and especially helps when Ceph or HA is enabled. ;) I do recommend chrony for servers (physical or virtual). Cheers, Alwin --===============7001139547838998063== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ pve-user mailing list pve-user@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-user --===============7001139547838998063==--