Discussion:
Solaris 10 and NTP on Global and zones
(too old to reply)
Spook
2006-10-17 18:55:44 UTC
Permalink
Raw Message
All,
Why is it possible for me to configure NTP on a regular zone as well as
the Global Zone when setting the NTP on the Global zone should suffice?

Shouldn't this be one of the things that SUN disallowes to be
configured on a regular zone?

See below:

I can create /etc/inet/ntp.conf and I can also svcadm enable and
start the /network/ntp service on all the individual zones !!!
This is the Global Zone Info<<<<<
[***@GLOBAL /]# ntpq -p
remote refid st t when poll reach delay offset
disp
==============================================================================
*XXXX.CDMA. 1 u 15 64 377 48.65 0.073 0.41
XXXX 0.0.0.0 16 - - 1024 0 0.00 0.000 16000.0
LOCAL(0) LOCAL(0) 9 l 5 64 377 0.00 0.000
10.01

[***@GLOBAL /]# svcs -a|grep -i ntp
online 11:48:01 svc:/network/ntp:default
Log into Zone<<<<<
[***@GLOBAL /sbin]# zlogin DEV11_machine-1
[Connected to zone 'DEV11_machine-1' pts/24]

[***@DEV11 /]# cat /etc/inet/ntp.conf
#
# NTP client
#
server xxx.xxx.xxx.254 prefer
server xxx.xxx.xxx.254
#
server 127.127.1.0
fudge 127.127.1.0 stratum 9
#
enable auth monitor
driftfile /var/ntp/ntp.drift
statsdir /var/ntp/ntpstats/
filegen peerstats file peerstats type day enable
filegen loopstats file loopstats type day enable
filegen clockstats file clockstats type day enable



[***@DEV11 /]# ps -ef|grep xntpd
root 9172 9157 0 16:58:45 pts/24 0:00 grep xntpd
root 27249 10241 0 Oct 13 ? 0:27 /usr/lib/inet/xntpd


[***@DEV11 /]# ntpq -p
remote refid st t when poll reach delay offset
disp
==============================================================================
*xxx.xxx.xxx.xxx 1 u 22 64 377 49.24 0.594 0.18
xxx.xxx.xxx.xxx 0.0.0.0 16 - - 1024 0 0.00
0.000 16000.0
LOCAL(0) LOCAL(0) 9 l 4 64 377 0.00 0.000
10.01
Which produces all the following xntpd process on the global zone.<<<<<<
[***@GLOBAL /sbin]# ps -ef|grep ntp
root 21187 1 0 Oct 13 ? 0:32 /usr/lib/inet/xntpd
root 28293 1 0 Oct 13 ? 0:27 /usr/lib/inet/xntpd
root 27500 1 0 Oct 13 ? 0:26 /usr/lib/inet/xntpd
root 26218 1 0 Oct 13 ? 0:27 /usr/lib/inet/xntpd
root 27944 1 0 Oct 13 ? 0:27 /usr/lib/inet/xntpd
root 26461 1 0 Oct 13 ? 0:26 /usr/lib/inet/xntpd
root 29619 1 0 Apr 26 ? 31:08 /usr/lib/inet/xntpd
root 27249 1 0 Oct 13 ? 0:27 /usr/lib/inet/xntpd
root 25957 1 0 Oct 13 ? 0:27 /usr/lib/inet/xntpd
root 26981 1 0 Oct 13 ? 0:28 /usr/lib/inet/xntpd
root 29181 1 0 Oct 13 ? 0:27 /usr/lib/inet/xntpd
root 25801 1 0 Oct 13 ? 0:29 /usr/lib/inet/xntpd
root 27605 1 0 Oct 13 ? 0:25 /usr/lib/inet/xntpd
root 21426 1 0 Oct 13 ? 0:26 /usr/lib/inet/xntpd
root 26799 1 0 Oct 13 ? 0:28 /usr/lib/inet/xntpd
root 25428 1 0 Oct 13 ? 0:28 /usr/lib/inet/xntpd
root 29089 1 0 Oct 13 ? 0:30 /usr/lib/inet/xntpd
root 21703 1 0 Oct 13 ? 0:27 /usr/lib/inet/xntpd
root 22088 1 0 Oct 13 ? 0:27 /usr/lib/inet/xntpd
root 22393 1 0 Oct 13 ? 0:30 /usr/lib/inet/xntpd
root 22188 1 0 Oct 13 ? 0:30 /usr/lib/inet/xntpd
root 1000 1 0 Oct 13 ? 0:27 /usr/lib/inet/xntpd
root 9132 18810 0 16:57:08 pts/18 0:00 grep ntp
root 28573 1 0 Oct 13 ? 0:28 /usr/lib/inet/xntpd
root 761 1 0 Oct 13 ? 0:28 /usr/lib/inet/xntpd


Can anyone explain why I should be able to do this as... Sun Support
says I shouldn't be able to do this?

Thanks in advance-
Frank Cusack
2006-10-17 19:32:44 UTC
Permalink
Raw Message
Post by Spook
All,
Why is it possible for me to configure NTP on a regular zone as well as
the Global Zone when setting the NTP on the Global zone should suffice?
Shouldn't this be one of the things that SUN disallowes to be
configured on a regular zone?
No, Sun shouldn't disallow CONFIGURATION of a service on a zone, the
service should simply return error.

You'll find that ntp in a non-global zone doesn't actually work. This
is because adjtime(2) is restricted to the global zone.

-frank
Darren Dunham
2006-10-18 06:05:25 UTC
Permalink
Raw Message
Post by Spook
All,
Why is it possible for me to configure NTP on a regular zone as well
as the Global Zone when setting the NTP on the Global zone should
suffice?
Since you're root, you can do most things.
Post by Spook
Shouldn't this be one of the things that SUN disallowes to be
configured on a regular zone?
What is disallowed is to actually set the time. xntpd will realize
this, but does not actually stop when it happens....

Oct 17 18:33:21 zone1 xntpd[6471]: [ID 953130 daemon.error] loop_config: ntp_adjtime() failed: Not owner
Oct 17 18:33:21 zone1 xntpd[6471]: [ID 266339 daemon.notice] using kernel phase-lock loop 0041, drift correction 0.00000
Oct 17 18:37:38 zone1 xntpd[6471]: [ID 471322 daemon.error] Can't set time of day: Not owner
Oct 17 18:37:38 zone1 xntpd[6471]: [ID 774427 daemon.notice] time reset (step) 70.308999 s
Oct 17 18:37:39 zone1 xntpd[6471]: [ID 534068 daemon.error] Can't adjust time: Not owner

So it can talk on the network and continue to run as a process, but it
cannot actually set the time.
Post by Spook
I can create /etc/inet/ntp.conf and I can also svcadm enable and
start the /network/ntp service on all the individual zones !!!
Yes. None of those things are disallowed.
Post by Spook
Which produces all the following xntpd process on the global zone.<<<<<<
root 21187 1 0 Oct 13 ? 0:32 /usr/lib/inet/xntpd
root 28293 1 0 Oct 13 ? 0:27 /usr/lib/inet/xntpd
root 27500 1 0 Oct 13 ? 0:26 /usr/lib/inet/xntpd
root 26218 1 0 Oct 13 ? 0:27 /usr/lib/inet/xntpd
root 27944 1 0 Oct 13 ? 0:27 /usr/lib/inet/xntpd
[snip]

Yes. Zone processes always appear in the global zone.

You can either disable them, or convince your zone owners not to enable
them.
--
Darren Dunham ***@taos.com
Senior Technical Consultant TAOS http://www.taos.com/
Got some Dr Pepper? San Francisco, CA bay area
< This line left intentionally blank to confuse you. >
Loading...