Synchronizing Clocks with NTP Servers

You can synchronize an event broker’s clock with a networked Network Time Protocol (NTP) server. This is especially helpful for event brokers that are using redundancy and replication. For example, if your event brokers are synchronized with the same NTP server, message expiry times will be consistent across all of them.

The procedure for synchronizing with an NTP server differs for appliances and software event brokers.

At any point, use the show clock command to display the current date and time on appliances or software event brokers.

Appliances

An appliance can be time synchronized using either the setup commands explained in Initial Setup, or the clock synchronization CLI commands shown below:

enable 
   configure 
      clock 
         synchronization 
            [create|no] ntp-source <host>
               [no] nts 
               [no] shutdown 
            [no] protocol {ntp | ptp}
            [no] shutdown

Where:

[create|no] ntp-source <host> allows you to configure up to eight NTP sources (if you're using NTP).

[no] nts allows you to enable or disable NTS (Network Time Security) on any or all of these protocols.

[no] protocol {ntp | ptp} allows you to select the synchronization protocol (NTP or PTP).

Using mixed authentication modes for clock synchronization is not recommended. In scenarios where mixed authentication modes are required (for example, if you have multiple NTP servers where some use authenticated connections with NTS and some do not), Solace uses the chrony implementation of NTP, which uses the mix mode for authentication selection and favors NTP servers that use authenticated connections with NTS. For more information, see the Chrony Project Documentation.

For appliances using SolOS 10.6.0 or earlier, the ntp-server command is used as shown below:

solace(configure)# clock
solace(configure/clock)# synchronization
solace(configure/clock/synchronization)# shutdown
solace(configure/clock/synchronization)# protocol ntp
solace(configure/clock/synchronization)# ntp-server <ip-addr>
solace(configure/clock/synchronization)# no shutdown

Where:

ip-addr is the IP address or fully qualified domain name (FQDN) of a reachable NTP server.

The no version of this command, no ntp-server, removes the NTP server information.

The ntp-server command configures only one non-authenticated NTP server connection. In this way, it replaces existing configuration (no matter how many sources you have previously configured).

Software Event Brokers

Software event broker clocks can be synchronized with one of the three methods shown in the following list.

With the PubSub+ AWS AMI, clock synchronization is preconfigured to use AWS time servers. Use chronyd to change the clock server.

In your hypervisor or cloud environment:
Use DHCP to configure NTP. This requires no host configuration.
For software event broker machine images:
Set up NTP through the event broker host.
To do so, perform the following steps:
1. Log in to your event broker's host as the root user.
2. Edit the /etc/ntp.conf file and enter the following configuration.
  tinker panic 0
  disable monitor
  restrict default ignore
  restrict 127.0.0.1
  restrict ::1
  server <server-ip>
  restrict <server-ip>
3. Enable ntpd.
4. Then reboot the event broker.
5. In the event broker host shell, enter the following command to check whether the NTPD status is working:
  systemctl status ntpd
  In the displayed output, to confirm ntpd is active, check for a line that looks like this:
  "Active: active (running)" portion.
6. Once NTPD is confirmed active, wait several minutes and enter the following command to verify that the event broker is now in sync.
  ntpstat
  In the displayed output, to confirm that the event broker is in sync, check the output for a line that looks like this:
  synchronised to NTP server (192.168.40.80) at stratum 3

Use Cloud-Init:

Set up NTP with the same configuration information provided in steps 2.2 and 2.3 above.

Provide feedback