외부 NTP 릴레이 구성
컬렉션을 사용해 정리하기
내 환경설정을 기준으로 콘텐츠를 저장하고 분류하세요.
이 페이지에서는 Google Distributed Cloud (GDC) 오프라인 어플라이언스의 외부 NTP 리플레이를 구성하는 방법을 설명합니다.
이 단계는 연결이 끊긴 후 어플라이언스를 외부 시간과 동기화하려는 경우에만 필요합니다.
시작하기 전에
어플라이언스를 외부 NTP와 동기화하려면 다음 단계를 완료하세요.
시작하기 전에 NTP 릴레이가 하나만 있는지 확인하세요. 확인하려면 부트스트래퍼 머신에서 다음 명령어를 실행하세요.
kubectl get ntprelay -A
출력은 다음 예시와 같이 표시됩니다.
NAMESPACE NAME AGE
gpc-system bi-ntp-relay 4d21h
부트스트래퍼를 어플라이언스 기기에 연결하고 연결된 인터페이스의 IP 주소를 확인합니다.
ifconfig
mgmt: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 198.18.0.30 netmask 255.255.255.224 broadcast 198.18.0.31
inet6 fe80::20c:29ff:fea8:fc35 prefixlen 64 scopeid 0x20<link>
...
부트스트래퍼 관리 IP를 업스트림 IP로 포함하여 ntprelay CR을 수정합니다.
kubectl edit ntprelay bi-ntp-relay -n gpc-system
ntprelay.system.private.gdc.goog/bi-ntp-relay edited
kubectl get ntprelay bi-ntp-relay -n gpc-system -oyaml
출력은 다음과 같이 표시됩니다. 이 예시에서는 upstreamServers의 IP 주소가 변경됩니다.
apiVersion: system.private.gdc.goog/v1alpha1
kind: NTPRelay
metadata:
creationTimestamp: "2025-05-16T08:44:21Z"
generation: 2
name: bi-ntp-relay
namespace: gpc-system
resourceVersion: "10871409"
uid: 6cde8e65-791c-4bc6-9a8b-d5c9bf103f8b
spec:
upstreamServers:
- 192.0.2.030
NTP 동기화를 확인합니다.
kubectl get pods -l app.kubernetes.io/name=ntp -n ntp-system -o name | xargs -I {} kubectl exec {} -n ntp-system -- chronyc sources -v; echo
출력은 다음과 같이 표시됩니다.
.-- Source mode '^' = server, '=' = peer, '#' = local clock.
/ .- Source state '*' = current best, '+' = combined, '-' = not combined,
| / 'x' = may be in error, '~' = too variable, '?' = unusable.
|| .- xxxx [ yyyy ] +/- zzzz
|| Reachability register (octal) -. | xxxx = adjusted offset,
|| Log2(Polling interval) --. | | yyyy = measured offset,
|| \ | | zzzz = estimated error.
|| | | \
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* 192.0.2.026 1 6 17 43 +286ns[ +36us] +/- 1160us
=? 192.0.2.029 0 6 0 - +0ns[ +0ns] +/- 0ns
=? 192.0.2.051 0 6 0 - +0ns[ +0ns] +/- 0ns
=? 192.0.2.059 0 6 0 - +0ns[ +0ns] +/- 0ns
.-- Source mode '^' = server, '=' = peer, '#' = local clock.
/ .- Source state '*' = current best, '+' = combined, '-' = not combined,
| / 'x' = may be in error, '~' = too variable, '?' = unusable.
|| .- xxxx [ yyyy ] +/- zzzz
|| Reachability register (octal) -. | xxxx = adjusted offset,
|| Log2(Polling interval) --. | | yyyy = measured offset,
|| \ | | zzzz = estimated error.
|| | | \
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* 192.0.2.026 1 6 37 2 +2ns[ +90us] +/- 84us
=? 192.0.2.029 2 6 1 8 +368us[ +449us] +/- 3761us
=? 192.0.2.051 0 6 1 - +0ns[ +0ns] +/- 0ns
=? 192.0.2.059 2 6 1 8 +663us[ +744us] +/- 11ms
.-- Source mode '^' = server, '=' = peer, '#' = local clock.
/ .- Source state '*' = current best, '+' = combined, '-' = not combined,
| / 'x' = may be in error, '~' = too variable, '?' = unusable.
|| .- xxxx [ yyyy ] +/- zzzz
|| Reachability register (octal) -. | xxxx = adjusted offset,
|| Log2(Polling interval) --. | | yyyy = measured offset,
|| \ | | zzzz = estimated error.
|| | | \
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* 192.0.2.026 1 6 37 29 -6ns[ -759us] +/- 92us
=? 192.0.2.029 2 6 1 36 +334us[ -346us] +/- 3775us
=? 192.0.2.051 2 6 1 35 -125us[ -813us] +/- 5839us
=? 192.0.2.059 0 6 1 - +0ns[ +0ns] +/- 0ns
NTP 포드의 chronyc이 새로 추가된 IP를 참조하는지 확인합니다.
kubectl exec -it -n ntp-system ntp2-84ddf7cd99-96vqn -- sh
출력은 다음 예시와 같이 표시됩니다.
Defaulted container "ntp-image" out of: ntp-image, ntp-node-exporter
# chronyc tracking
Reference ID : C612001E (198.18.0.30)
Stratum : 2
Ref time (UTC) : Wed May 21 07:28:38 2025
System time : 0.000000005 seconds slow of NTP time
Last offset : +0.000025645 seconds
RMS offset : 0.000082131 seconds
Frequency : 15.671 ppm slow
Residual freq : +0.024 ppm
Skew : 0.628 ppm
Root delay : 0.000164273 seconds
Root dispersion : 0.000180630 seconds
Update interval : 64.8 seconds
Leap status : Normal
# exit
달리 명시되지 않는 한 이 페이지의 콘텐츠에는 Creative Commons Attribution 4.0 라이선스에 따라 라이선스가 부여되며, 코드 샘플에는 Apache 2.0 라이선스에 따라 라이선스가 부여됩니다. 자세한 내용은 Google Developers 사이트 정책을 참조하세요. 자바는 Oracle 및/또는 Oracle 계열사의 등록 상표입니다.
최종 업데이트: 2025-09-04(UTC)
[[["이해하기 쉬움","easyToUnderstand","thumb-up"],["문제가 해결됨","solvedMyProblem","thumb-up"],["기타","otherUp","thumb-up"]],[["이해하기 어려움","hardToUnderstand","thumb-down"],["잘못된 정보 또는 샘플 코드","incorrectInformationOrSampleCode","thumb-down"],["필요한 정보/샘플이 없음","missingTheInformationSamplesINeed","thumb-down"],["번역 문제","translationIssue","thumb-down"],["기타","otherDown","thumb-down"]],["최종 업데이트: 2025-09-04(UTC)"],[],[],null,["# Configure an external NTP relay\n\nThis page describes how to configure an external NTP replay for\nGoogle Distributed Cloud (GDC) air-gapped appliance.\n\nThese steps are only required if you want to synchronize the appliance\nwith external time after being disconnected.\n\n### Before you begin\n\nTo sync the appliance with external NTP, complete the following steps:\n\n1. Before you begin, make sure that there is only one NTP relay. To verify, run\n the following command on the bootstrapper machine:\n\n kubectl get ntprelay -A\n\n The output looks like the following example: \n\n NAMESPACE NAME AGE\n gpc-system bi-ntp-relay 4d21h\n\nConfigure the NTP relay\n-----------------------\n\n1. Connect the bootstrapper to the appliance device and determine the IP\n address of the connected interface:\n\n ifconfig\n mgmt: flags=4163\u003cUP,BROADCAST,RUNNING,MULTICAST\u003e mtu 1500\n inet 198.18.0.30 netmask 255.255.255.224 broadcast 198.18.0.31\n inet6 fe80::20c:29ff:fea8:fc35 prefixlen 64 scopeid 0x20<link>\n ...\n\n2. Edit the `ntprelay` CR by including the bootstrapper mgmt IP as the upstream IP.\n\n kubectl edit ntprelay bi-ntp-relay -n gpc-system\n ntprelay.system.private.gdc.goog/bi-ntp-relay edited\n kubectl get ntprelay bi-ntp-relay -n gpc-system -oyaml\n\n The output looks like the following example. In this example the IP address\n for `upstreamServers` is changed: \n\n apiVersion: system.private.gdc.goog/v1alpha1\n kind: NTPRelay\n metadata:\n creationTimestamp: \"2025-05-16T08:44:21Z\"\n generation: 2\n name: bi-ntp-relay\n namespace: gpc-system\n resourceVersion: \"10871409\"\n uid: 6cde8e65-791c-4bc6-9a8b-d5c9bf103f8b\n spec:\n upstreamServers:\n - 192.0.2.030\n\n3. Verify the NTP synchronization:\n\n **Note:** Wait about three minutes before running the following command as chrony takes some time for the first sync and adjust. Check that the IP address added in the previous step starts with \\^\\*. Verify that the adjusted offset (+286ns in the first output) is the amount of difference between the time of the appliance and the external time source. \n\n kubectl get pods -l app.kubernetes.io/name=ntp -n ntp-system -o name | xargs -I {} kubectl exec {} -n ntp-system -- chronyc sources -v; echo\n\n The output looks like the following: \n\n .-- Source mode '^' = server, '=' = peer, '#' = local clock.\n / .- Source state '*' = current best, '+' = combined, '-' = not combined,\n | / 'x' = may be in error, '~' = too variable, '?' = unusable.\n || .- xxxx [ yyyy ] +/- zzzz\n || Reachability register (octal) -. | xxxx = adjusted offset,\n || Log2(Polling interval) --. | | yyyy = measured offset,\n || \\ | | zzzz = estimated error.\n || | | \\\n MS Name/IP address Stratum Poll Reach LastRx Last sample\n ===============================================================================\n \\^\\* 192.0.2.026 1 6 17 43 +286ns\\[ +36us\\] +/- 1160us\n =? 192.0.2.029 0 6 0 - +0ns[ +0ns] +/- 0ns\n =? 192.0.2.051 0 6 0 - +0ns[ +0ns] +/- 0ns\n =? 192.0.2.059 0 6 0 - +0ns[ +0ns] +/- 0ns\n\n .-- Source mode '^' = server, '=' = peer, '#' = local clock.\n / .- Source state '*' = current best, '+' = combined, '-' = not combined,\n | / 'x' = may be in error, '~' = too variable, '?' = unusable.\n || .- xxxx [ yyyy ] +/- zzzz\n || Reachability register (octal) -. | xxxx = adjusted offset,\n || Log2(Polling interval) --. | | yyyy = measured offset,\n || \\ | | zzzz = estimated error.\n || | | \\\n MS Name/IP address Stratum Poll Reach LastRx Last sample\n ===============================================================================\n \\^\\* 192.0.2.026 1 6 37 2 +2ns\\[ +90us\\] +/- 84us\n =? 192.0.2.029 2 6 1 8 +368us[ +449us] +/- 3761us\n =? 192.0.2.051 0 6 1 - +0ns[ +0ns] +/- 0ns\n =? 192.0.2.059 2 6 1 8 +663us[ +744us] +/- 11ms\n\n .-- Source mode '^' = server, '=' = peer, '#' = local clock.\n / .- Source state '*' = current best, '+' = combined, '-' = not combined,\n | / 'x' = may be in error, '~' = too variable, '?' = unusable.\n || .- xxxx [ yyyy ] +/- zzzz\n || Reachability register (octal) -. | xxxx = adjusted offset,\n || Log2(Polling interval) --. | | yyyy = measured offset,\n || \\ | | zzzz = estimated error.\n || | | \\\n MS Name/IP address Stratum Poll Reach LastRx Last sample\n ===============================================================================\n \\^\\* 192.0.2.026 1 6 37 29 -6ns\\[ -759us\\] +/- 92us\n =? 192.0.2.029 2 6 1 36 +334us[ -346us] +/- 3775us\n =? 192.0.2.051 2 6 1 35 -125us[ -813us] +/- 5839us\n =? 192.0.2.059 0 6 1 - +0ns[ +0ns] +/- 0ns\n\n4. Verify if the `chronyc` in the NTP pods refers to the newly added IP.\n\n kubectl exec -it -n ntp-system ntp2-84ddf7cd99-96vqn -- sh\n\n The output looks like the following example: \n\n Defaulted container \"ntp-image\" out of: ntp-image, ntp-node-exporter\n # chronyc tracking\n Reference ID : C612001E (198.18.0.30)\n Stratum : 2\n Ref time (UTC) : Wed May 21 07:28:38 2025\n System time : 0.000000005 seconds slow of NTP time\n Last offset : +0.000025645 seconds\n RMS offset : 0.000082131 seconds\n Frequency : 15.671 ppm slow\n Residual freq : +0.024 ppm\n Skew : 0.628 ppm\n Root delay : 0.000164273 seconds\n Root dispersion : 0.000180630 seconds\n Update interval : 64.8 seconds\n Leap status : Normal\n # exit"]]
