Bug #13518: ecours' system clock is wrong

Bug #13518

ecours' system clock is wrong

Added by intrigeri 2017-07-26 08:29:01 . Updated 2017-08-20 17:36:46 .

Status:

Resolved

Priority:

Normal

Assignee:

intrigeri

Category:

Infrastructure

Target version:

Tails_3.2

Start date:

2017-07-26

Due date:

% Done:

100%

Feature Branch:

Type of work:

Sysadmin

Blueprint:

Starter:

Affected tool:

Deliverable for:

Description

Reported a month ago (Bug #11557#note-12) and it’s still wrong:

$ date --utc
Wed Jul 26 08:16:05 UTC 2017
$ ssh lizard.tails.boum.org date --utc
Wed Jul 26 08:16:05 UTC 2017
$ ssh ecours.tails.boum.org date --utc
Wed Jul 26 09:46:07 UTC 2017

This makes it really painful to debug problems raised by our monitoring system: one has to find out what offset to apply to the date/time seen on the Icinga2 dashboard before one can correlate it with other system events & logs.

In ecours’ Journal I see a lot of:

systemd-timesyncd[19757]: Timed out waiting for reply from 66.228.54.198:123 (0.debian.pool.ntp.org).

Subtasks

Related issues

Blocks Tails - ~~Feature #13233~~: Core work 2017Q3: Sysadmin (Maintain our already existing services)

Resolved

2017-06-29

History

#1 Updated by intrigeri 2017-07-26 08:29:15

blocks ~~Feature #13233~~: Core work 2017Q3: Sysadmin (Maintain our already existing services) added

#2 Updated by intrigeri 2017-07-27 11:04:30

Status changed from Confirmed to In Progress
% Done changed from 0 to 10

Asked some questions to the admins of the virtualization host where ecours runs.

#3 Updated by bertagaz 2017-07-27 15:48:59

intrigeri wrote:
> Asked some questions to the admins of the virtualization host where ecours runs.

I had a quick look too today, and it may be that the systemd-timedated service is not setup correctly on ecours:

~# timedatectl status
      Local time: Thu 2017-07-27 17:13:45 UTC
  Universal time: Thu 2017-07-27 17:13:45 UTC
        RTC time: Thu 2017-07-27 17:13:46
       Time zone: Etc/UTC (UTC, +0000)
 Network time on: yes
NTP synchronized: no
 RTC in local TZ: no

While on Lizard:

~$ timedatectl status
      Local time: jeu. 2017-07-27 15:42:39 UTC
  Universal time: jeu. 2017-07-27 15:42:39 UTC
        RTC time: jeu. 2017-07-27 15:42:39
       Time zone: Etc/UTC (UTC, +0000)
 Network time on: yes
NTP synchronized: yes
 RTC in local TZ: no

So NTP sync is not set on ecours. Running timedatectl set-ntp 1 may fix the issue. That’s probably a leftover from the Jessie time, where we had the ntp service installed on ecours, which disables ntp sync in systemd-timedated.

#4 Updated by intrigeri 2017-07-27 16:07:53

One of us is very confused.

The only difference between the 2 outputs you’ve pasted is whether the time was successfully sync’ed with NTP (NTP synchronized): it was on lizard, it wasn’t on ecours, which is precisely the problem this ticket is about. But in both cases NTP time sync’ is enabled: “Network time on: yes”, and as expected, running timedatectl set-ntp 1 on ecours doesn’t change this output whatsoever.

#5 Updated by intrigeri 2017-08-06 12:23:06

Target version changed from Tails_3.1 to Tails_3.2

#6 Updated by intrigeri 2017-08-12 21:56:08

% Done changed from 10 to 20

The explanation is simple: NTP/UDP is blocked in the datacenter where ecours lives. Solution (left to implement): point timesyncd to a set of private, not blocked NTP servers we were given. I should handle that during my next sysadmin shift, latest.

#7 Updated by intrigeri 2017-08-20 17:36:46

Status changed from In Progress to Resolved
% Done changed from 20 to 100

Aug 20 17:35:34 ecours systemd-timesyncd[3763]: Synchronized to time server [REMOVED] :)