VMware ESXi のうるう秒について

さて、最後にVMware ESXiのうるう秒についてです。

VMware ESXi and Leap Seconds (2121190)
http://kb.vmware.com/selfservice/search.do?cmd=displayKC&docType=kc&docTypeID=DT_KB_1_1&externalId=2121190

Resolution
ESX/ESXi utilizes the RFC-1589 clock model, appropriately handling leap seconds.

It is not necessary to enable Slew Mode for NTP in ESX/ESXi’s NTP client, or to otherwise work around leap seconds by disabling and re-enabling the NTP client before and after the leap second’s occurrence. For more information, see Enabling Slew Mode for NTP (2121016).

However, while ESX/ESXi server is not expected to experience negative impact from a leap second taking place, it remains possible for Guest Operating Systems and/or running applications to experience an impact, independent of ESX/ESXi, if it is not designed to handle one. VMware recommends customers to test their complete solutions.

ESX/ESXiはうるう秒を適切に扱うRFC-1589の同期システムを採用してるよ。
ntpクライアントのSlewモードを有効にする必要はない。
また他の方法で回避するにはうるう秒の実施前にntpクライアントを止めて、うるう秒実施後にntpクライアントを起動すればいい。
(※なんか変な日本語^^; 英語の拙さを暴露だな)

でもね、うるう秒が起きてからESXiが1秒を戻す間に、仮想マシンやアプリケーションが1秒戻ることを想定して設計されていない場合はESX/ESXiと関係なく影響を受けるかもしれない。

だからVMware社はお客さんで完全なソリューションのテストを勧めます。

ESX/ESXiは大丈夫だけど、その上で動作している仮想マシンはお客さんで対処してくれってことでいいのかな?

~ # vmware -lv
VMware ESXi 5.5.0 build-2302651
VMware ESXi 5.5.0 Update 2

~ # ps -c | grep ntpd
33747 33747 ntpd                 /sbin/ntpd -g -n -c /etc/ntp.conf -f /etc/ntp.drift

~ # ntpq -p
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
*ntp2.jst.mfeed. 133.243.236.17   2 u  50m 1024  374    5.250    2.723   3.843

~ # ntpq -c rv
associd=0 status=0688 leap_none, sync_ntp, 8 events, no_sys_peer,
version="ntpd 4.2.6p2@1.2194-o Tue Jan 21 05:49:29 UTC 2014 (1)",
processor="x86_64", system="VMkernel/5.5.0", leap=00, stratum=3,
precision=-21, rootdelay=58.058, rootdisp=105.853, refid=210.173.160.57,
reftime=d9349f40.98ef6de4  Wed, Jun 24 2015  3:15:12.597,
clock=d934a487.daf123d7  Wed, Jun 24 2015  3:37:43.855, peer=19038,
tc=10, mintc=3, offset=-0.596, frequency=48.693, sys_jitter=2.639,
clk_jitter=2.744, clk_wander=0.189

~ # vmware -lv

VMware ESXi 5.5.0 build-2302651

VMware ESXi 5.5.0 Update 2

~ # ps -c | grep ntpd

33747 33747 ntpd /sbin/ntpd -g -n -c /etc/ntp.conf -f /etc/ntp.drift

~ # ntpq -p

remote refid st t when poll reach delay offset jitter

==============================================================================

*ntp2.jst.mfeed. 133.243.236.17 2 u 50m 1024 374 5.250 2.723 3.843

~ # ntpq -c rv

associd=0 status=0688 leap_none, sync_ntp, 8 events, no_sys_peer,

version="ntpd 4.2.6p2@1.2194-o Tue Jan 21 05:49:29 UTC 2014 (1)",

processor="x86_64", system="VMkernel/5.5.0", leap=00, stratum=3,

precision=-21, rootdelay=58.058, rootdisp=105.853, refid=210.173.160.57,

reftime=d9349f40.98ef6de4 Wed, Jun 24 2015 3:15:12.597,

clock=d934a487.daf123d7 Wed, Jun 24 2015 3:37:43.855, peer=19038,

tc=10, mintc=3, offset=-0.596, frequency=48.693, sys_jitter=2.639,

clk_jitter=2.744, clk_wander=0.189

slewモードで起動してみる。
起動スクリプトの/etc/init.d/ntpd に

NTPD_OPTS="-g -n -c ${NTPD_CONFIG} -f /etc/ntp.drift"

1	NTPD_OPTS="-g -n -c ${NTPD_CONFIG} -f /etc/ntp.drift"

があって、ここに-xを追加しようとしたら/etcはマウントがread onlyで書換えられなかったので/etc/ntp.conに下記を追加してみました。

~ # vi /etc/ntp.conf
~ # cat /etc/ntp.conf
tinker step 0
restrict default kod nomodify notrap nopeer
restrict 127.0.0.1
server ntp.jst.mfeed.ad.jp
driftfile /etc/ntp.drift

~ # /etc/init.d/ntpd restart
Stopping ntpd
watchdog-ntpd: Terminating watchdog process with PID 39829229
Starting ntpd

~ # vi /etc/ntp.conf

~ # cat /etc/ntp.conf

tinker step 0

restrict default kod nomodify notrap nopeer

restrict 127.0.0.1

server ntp.jst.mfeed.ad.jp

driftfile /etc/ntp.drift

~ # /etc/init.d/ntpd restart

Stopping ntpd

watchdog-ntpd: Terminating watchdog process with PID 39829229

Starting ntpd

そもそも”tinker step 0″が有効なのかな…
slew modeになっているか確認するコマンドがあればいいのだけど見つけられなかった。

【2015/06/25 追記】
下記のサイトに記述がありました。今回の件で凄く参考になります。

2012年7月1日のうるう秒調整時の ntpd の挙動観測データ
http://luna2-linux.blogspot.jp/2012/07/201271-ntpd.html

実際にSlewモードが確認してみるとKernelがありませんでした。

~ # ntpdc -c sysinfo
(snip)
system flags:         auth monitor ntp stats
(snip)

~ # ntpdc -c sysinfo

(snip)

system flags: auth monitor ntp stats

(snip)

ちなみにSETPモードだとKernelがあります。

[root@host01 ~]# ps ax | grep ntp
 6475 ?        SLs    0:00 ntpd -u ntp:ntp -p /var/run/ntpd.pid -g
[root@host01 ~]# ntpdc -c sysinfo
system flags:         auth monitor ntp kernel stats
(snip)

[root@host01 ~]# ps ax | grep ntp

6475 ? SLs 0:00 ntpd -u ntp:ntp -p /var/run/ntpd.pid -g

[root@host01 ~]# ntpdc -c sysinfo

system flags: auth monitor ntp kernel stats

(snip)

VMware ESXi 5.5のntpd

ntpd - NTP daemon program - Ver. 4.2.6p2
USAGE:  ntpd [ -<flag> [<val>] | --<name>[{=| }<val>] ]...
  Flg Arg Option-Name    Description
   -4 no  ipv4           Force IPv4 DNS name resolution
   -6 no  ipv6           Force IPv6 DNS name resolution
   -a no  authreq        Require crypto authentication
   -A no  authnoreq      Do not require crypto authentication
   -b no  bcastsync      Allow us to sync to broadcast servers
   -c Str configfile     configuration file name
   -f Str driftfile      frequency drift file name
   -g no  panicgate      Allow the first adjustment to be Big
   -I Str interface      Listen on an interface name or address
   -k Str keyfile        path to symmetric keys
   -l Str logfile        path to the log file
   -L no  novirtualips   Do not listen to virtual interfaces
   -n no  nofork         Do not fork
   -N no  nice           Run at high priority
   -p Str pidfile        path to the PID file
   -P Num priority       Process priority
   -q no  quit           Set the time and quit
   -r Str propagationdelay Broadcast/propagation delay
      Str saveconfigquit Save parsed configuration and quit
   -s Str statsdir       Statistics file location
   -t Str trustedkey     Trusted key number
   -U Num updateinterval interval in seconds between scans for new or dropped interfaces
      Str var            make ARG an ntp variable (RW)
      Str dvar           make ARG an ntp variable (RW|DEF)
   -x no  slew           Slew up to 600 seconds
      opt version        Output version information and exit
   -? no  help           Display extended usage information and exit
   -! no  more-help      Extended usage information passed thru pager

ntpd - NTP daemon program - Ver. 4.2.6p2

USAGE: ntpd [ -<flag> [<val>] | --<name>[{=| }<val>] ]...

Flg Arg Option-Name Description

-4 no ipv4 Force IPv4 DNS name resolution

-6 no ipv6 Force IPv6 DNS name resolution

-a no authreq Require crypto authentication

-A no authnoreq Do not require crypto authentication

-b no bcastsync Allow us to sync to broadcast servers

-c Str configfile configuration file name

-f Str driftfile frequency drift file name

-g no panicgate Allow the first adjustment to be Big

-I Str interface Listen on an interface name or address

-k Str keyfile path to symmetric keys

-l Str logfile path to the log file

-L no novirtualips Do not listen to virtual interfaces

-n no nofork Do not fork

-N no nice Run at high priority

-p Str pidfile path to the PID file

-P Num priority Process priority

-q no quit Set the time and quit

-r Str propagationdelay Broadcast/propagation delay

Str saveconfigquit Save parsed configuration and quit

-s Str statsdir Statistics file location

-t Str trustedkey Trusted key number

-U Num updateinterval interval in seconds between scans for new or dropped interfaces

Str var make ARG an ntp variable (RW)

Str dvar make ARG an ntp variable (RW|DEF)

-x no slew Slew up to 600 seconds

opt version Output version information and exit

-? no help Display extended usage information and exit

-! no more-help Extended usage information passed thru pager

RootLinks Co., Ltd.

VMware ESXi のうるう秒について

Leave a Reply Cancel Reply

2015年6月
日	月	火	水	木	金	土
	1	2	3	4	5	6
7	8	9	10	11	12	13
14	15	16	17	18	19	20
21	22	23	24	25	26	27
28	29	30

RootLinks Co., Ltd.

VMware ESXi のうるう秒について

Related posts:

Leave a Reply Cancel Reply