VLT-Website-Heading

How to set Network Time Protocol (NTP) on your servers with Puppet Enterprise

Nov 2, 2020 9:57:29 PM / by Vu Long Tran

What is Network Time Protocol (NTP)? 

FIrst off, network Time Protocol (NTP) is a protocol used to synchronize computer clock times in a network.

Why is it important to synchronize computer clock times?

It is important to synchronize computer clock times via the network time protocol (NTP) on server clocks across your network as this  helps t prevent data loss and eliminate SSL problems .

How to Set the Network Time Protocol (NTP) on your servers with Puppet Enterprise (PE)

How you can use Puppet Enterprise software to set the same time for your servers across your network with the network time protocol.

Specifically I will be showing you how you can use Puppet Enterprise software to manage your network time protocol across your network. This includes:

  • Install NTP module from the PuppetForge
  • Create an NTP node group
  • Add the NTP class from the module to your agent nodes
  • View changes to infrastructure on the events page
  • Edit parameters of the main NTP class

Prerequisites:

  • Puppet Enterprise version 2018.1 or later
  • Test or staging environment with an internet connection (e.g. AWS, GCP, Azure)
  • At least one agent server node running Linux or Windows

To manage your NTP (network time protocol) with Puppet Enterprise, you will need access to the following modules from Puppet Forge.

  • On Linux, puppetlabs-ntp module.
  • On Windows, tse-winntp module.

How to set Network Time Protocol on your servers with Puppet Enterprise

In this guide, I will show you how to do this for your Linux server nodes. 

Step 1 - Install the Linux NTP module onto your server with Puppet Enterprise installed

Step 2 - Create the Linux NTP node group in your Puppet Enterprise

Step 3 - Add a NTP class to the Linux NTP node group that you have created

Step 4 - Confirm that the NTP changes are reflected in your Puppet Enterprise

Step 5 - Let's set our preferred NTP servers by editing our class parameters

Step 6 - Check to see that our NTP servers have been updated to our preferences

Step 7 - All set, well done!

 

Step 1 - Install the Linux NTP module onto your server with Puppet Enterprise installed

Install the Linux NTP module onto your server where you have Puppet Enterprise installed. If you have not installed Puppet Enterprise, you can follow my guide on installing Puppet Enterprise on your Linux Server.

We will run the following commands on our server with Puppet Enterprise installed. For simplicity, I will call this server the, "Puppet Master server". 

On your Puppet Master server, run the following commands:

$ puppet module install puppetlabs/stdlib

$ puppet module install puppetlabs/ntp

add-ntp-module

By running these commands we are installing the stdlib module first, and then our NTP module. As the NTP has dependency requirements that are met when we install the stdlib dependency library first.

You can check that it is installed by running the modules list command.

$ puppet module list --tree

Puppet list modules

We can also run this command to see where the module path is:

$ puppet config print modulepath

Puppet print modulepath

/home/centos/.puppetlabs/etc/code/modules:/opt/puppetlabs/puppet/modules

 

Step 2 - Create the Linux NTP node group in your Puppet Enterprise

We will now create a Linux NTP node group to our Puppet Master server. We will do this using our Puppet Enterprise (PE) console in our web browser.

So in your Puppet Enterprise console on your web browser, we will want to find Node groups* (It is under "Inventory> Node Groups").

Inventory> Node Groups

*Note - "Node Groups" in previous versions of Puppet Enterprise may be referred to as "Classification" option. Previously this was located under the "Configure" header. That is, "Configure> Classification". 

Click on Add Group link

Name the new node group to "Linux NTP" or similar. You can leave the default values for the other settings.

Add NTP to node groups

Click Add button.

Click the name of the group you just created.

On the Rules tab, enter "kernel" in the Fact Field and enter Linux in the Value field. 

Note - The word "Linux" is case sensitive, please make sure you have capital L for Linux (and not "linux")

Add NTP to node groups

Add NTP to node groups

Click Add rule button

Click Commit 1 change button at the bottom right of the page.

 

Step 3 - Add a NTP class to the Linux NTP node group that you have created

Let's add a NTP class to the Linux NTP node group that you have created.

In the Puppet Enterprise (PE) console, click Node Groups

Select the name of the node group you created in the previous step.

On the Class tab, let's add a new class.

Add NTP class

In the Add new class field, enter ntp.

Add NTP class

If you do not see any ntp class listed, click the refresh link on the right.

Refresh classes

NTP add class

NTP add class

Click Add class

Click Commit 1 change button at the bottom right of the page.

Add NTP class

We will now run Puppet run by going to the Run menu near the upper right, select Puppet, and then selecting Puppet. (Run> Puppet).

Run puppet run

Run puppet run

On the "Run Puppet" page, review details and when you are ready.

add-ntp-class-08

Click Run job button.

add-ntp-class-09

Then you will see the job details page (Jobs > Job details).

add-ntp-class-09-1

 

Step 4 - Confirm that the NTP changes are reflected in your Puppet Enterprise

In the Puppet Enterprise (PE) console sidebar, click Events.

Click Intentional Changes under Classes with events.

add-ntp-events-summary

As needed, you can adjust the settings so you can focus on the new NTP changes we have made. This includes:

  • the time period by using the Show list until the number of events is not zero
  • In the Filter by class name field enter ntp and click  Apply.

Explore the events by clicking one of the class names as you would like. To view more details, you can click on a class name, you can view the nodes where the class was applied.

You can view specific resources applied to a node by clicking on a node name, on Linux for example:

When you click on the class: Ntp::Config

You will see: File[/etc/ntp.conf]

class-ntp-config

Step 5 - Let's set our preferred NTP servers by editing our class parameters

We can set our preferred NTP servers by editing class parameters of our class. As by default, the NTP module from Puppet Forge has been set to use public NTP servers, and your company may have it's own preferred internal pool of NTP servers that you need to set this to.

To set this, we can edit or add class parameters in the Puppet Enterprise console. Rather than editing the module code which is also an option.

Let's change our servers NTP class

In the Puppet Enterprise (PE) console, click Node Groups

Select the name of the node group you created in the previous step.

On the Class tab, locate the ntp class in the list of classes.

Under the Parameter column for the class, click on the dropdown menu and choose servers.

Edit parameterSet the ntp servers value to your preferred server.

For example, we can enter ["time.google.com","time1.google.com"] in the Value box.

Make sure you put the full details in there with the square brackets, as the system will be looking for an array.

["time.google.com", "time1.google.com"]

edit-parameters-ntp-brackets

Click Add parameter.

Click Commit 1 change button at the bottom of the page.

After the run completes, we can verify the time on the system and ensure that it is accurate.

Step 6 - Check to see that our NTP servers have been updated to our preferences

For further verification that the service is configured correctly, open the /etc/ntp.conf file to check the list of NTP servers. Alternatively, we can also run the following command.

$ cat etc/ntp.conf

Edit parameters to set new NTP servers

If you scroll down this page you will see the NTP servers we set listed.

Edit parameters to set new NTP servers

If it did not work, you will see this in the following default NTP servers when running the command:

$ cat etc/ntp.conf

Default NTP servers on Puppet

Optional. If we want to check that the ntp is alive and running at any time we can run the following command.

$ puppet resource service ntpd

Puppet resource service ntpd

Step 7 - You're set, well done!

You're set now, well done!

You have learned how to download a Puppet Forge module and configure it for your preferred set up. You also would have noticed that we made changes to the Puppet Master server only, yet the changes would update to the nodes in the node group that we created. That is, our Linux server nodes.

We essentially:

  • Installed NTP module from the PuppetForge
  • Created an NTP node group
  • Added the NTP class from the module to your agent nodes
  • Viewed changes to infrastructure on our events page
  • Edited parameters of our main NTP class

So with the same NTP (network time protocol) servers set, we now can enjoy having our Linux servers synchronised with the same times. All managed from our Puppet Master server machine, so we do not need to manually log into each agent server node to make this change. Perfect!

Additional resources:

Topics: puppet, linux

Vu Long Tran

Written by Vu Long Tran

Sales Engineer APAC @Puppet. ex-@Forrester consultant. Writing on #cloud, #automation, and #tech tinkering!