Thursday, February 24, 2011

You shouldn't virtualize *everything*

VMWare says you can virtualize everything, but that doesn't mean you should. One of those things you actually shouldn't (dare I say can't) virtualize, is NTP. If someone asks you to virtualize the NTP server, here are two nice links to give you why that's a bad idea:

9.2.2. Xen, VMware, and Other Virtual Machine Implementations

NTP was not designed to run inside of a virtual machine. It requires a high resolution system clock, with response times to clock interrupts that are serviced with a high level of accuracy. No known virtual machine is capable of meeting these requirements.

Run NTP on the base OS of the machine, and then have your various guest OSes take advantage of the good clock that is created on the system. Even that may not be enough, as there may be additional tools or kernel options that you need to enable so that virtual machine clients can adequately synchronize their virtual clocks to the physical system clock.

Page  18:
Using NTP in Linux and Other Guests
The Network Time Protocol is usable in a virtual machine with proper configuration of the NTP daemon.
The following points are important:

Do not configure the virtual machine to synchronize to its own (virtual) hardware clock, not even as a fallback with a high stratum number. Some sample ntpd.conf files contain a section specifying the local clock as a potential time server, often marked with the comment “undisciplined local clock.” Delete any such server specification from your ntpd.conf file

No comments:

Post a Comment