It does that already, and monitors that seem to be off too much with respect to external references are ignored. But that should only be a safeguard for exceptional circumstances, e.g., networking or local system issues, but not compensate for a lack of basic good timekeeping performance.
Sure, there is no guarantee. But just because there are other sources of instability doesn’t mean that the implementation itself should unnecessarily be one, too.
The basic timekeeping setup should be as stable as possible, including the timekeeping daemon having typically known good performance, so that the rest of the system only has to deal with unavoidable external issues.
As @MagicNTP said the intention is that you can! The environment variable configuration is supposed to be shared as long as you run one with -e test and the other with -e prod. The runtime configuration is stored in a subdirectory in the state directory.
I think it’s an artifact from when I was running most of the monitors (and I’ve been using Ubuntu for most, so I had forgotten about this). I prefer using a mix of time synchronization daemons.
I believe I added the dependency after finding a monitor was acting poorly and realizing it was because it didn’t have a proper time sync agent.
I’ll disable it for the RPM packages since I couldn’t get the options to work; and I agree limiting the option to just chronyd is unhelpful to the overall system.
As @MagicNTP said, the system does crosscheck the local time with external references, but it’s intended as a last resort safety mechanism and to catch local network trouble.
We’ll see how long we go down the current path of lots of monitors before we’re building a whole other layer of monitoring of the monitors.
Loaded plugins: fastestmirror
Determining fastest mirrors
Resolving Dependencies
--> Running transaction check
---> Package ntppool-agent.x86_64 0:4.0.2-1 will be installed
--> Processing Dependency: (ntp or chrony or ntpsec or ntpd-rs) for package: ntppool-agent-4.0.2-1.x86_64
--> Finished Dependency Resolution
You could try using --skip-broken to work around the problem
Error: Package: ntppool-agent-4.0.2-1.x86_64 (ntppool)
Requires: (ntp or chrony or ntpsec or ntpd-rs)
You could try running: rpm -Va --nofiles --nodigest
It looks like the yum utility takes the line(ntp or chrony or ntpsec or ntpd-rs) literally from the package configuration.
That’s always welcome, for a number of reasons. Though there is the caveat that it could be used, e.g., to circumvent the requirements on basic timekeeping performance discussed in this thread (though nothing prevents anyone from building their own custom container, apart from the effort to do so, and the challenges involved).
E.g., not sure I would want a monitor that as a server exhibits the kind of timekeeping behavior shown below (OpenNTPD explicitly states timekeeping performance is a secondary goal only).
The OS, CentOS 7, is not supported any more, but not since so long: the latest patch dates back 4 years:
# rpm --changelog -q rpm | head
* Mon Nov 01 2021 Michal Domonkos <mdomonko@redhat.com> - 4.11.3-48
- Fix double-free in previously added patch (#2004228)
* Thu Oct 21 2021 Michal Domonkos <mdomonko@redhat.com> - 4.11.3-47
- Improve range checks on signature and main header tags (#2004228)
- Fixes CVE-2021-20271
* Fri Sep 17 2021 Michal Domonkos <mdomonko@redhat.com> - 4.11.3-46
- Bump up the limit of signature header to 64MB (#1993242)
The OS is running on an old hardware (Dell R710). Newer version of CentOS does not support this hardware, driver for the old RAID controller is missing.
Would it be okay to use the .tar.gz files for now? I’m not sure if the systemd unit files are compatible with the CentOS 7 systemd either, but the ones from ntppool-monitor (the v3 version) were.
