I am creating a simple debian-based docker (php:7-apache). To create it I use:
docker run -d -p 80:80 --name myname -v "$PWD":/var/www/html php:7-apache
I noticed that my docker is possibly suffering from this issue, therefore now, each time I run the container, I also run:
docker run -it --rm --privileged --pid=host php:7-apache nsenter -t 1 -m -u -n -i date -u $(date -u +%m%d%H%M%Y)
This fixed my issue. The clock is now ok. However, before trying this, I simply tried to install ntp on the docker and set it up:
# apt-get install ntp
# vi /etc/ntp.conf # commented pools and added these servers http://www.pool.ntp.org/zone/europe
# /etc/init.d/ntp start
# /usr/bin/ntpq -p
remote refid st t when poll reach delay offset jitter
==============================================================================
v.bsod.fr 193.190.230.66 2 u 24 64 1 32.924 -117284 0.004
tomia.ordimatic 62.210.36.58 3 u 23 64 1 26.158 -117286 0.004
pacifica.ufp.ne 162.23.41.10 2 u 25 64 1 27.922 -117281 0.004
aquila.init7.ne 189.247.1.117 2 u 24 64 1 34.736 -117291 0.004
# date
...WRONG DATE!!!
So, why isn't ntp working?
I would assume it's better to get NTP to work so that if drifts occur they are correct automatically, instead of setting by hand once the clock from my host system.
Thanks
EDIT: Second Try
apt-get install ntp
# setting time
sed 's/pool /#pool /g' /etc/ntp.conf > /tmp/ntp.conf.tmp
echo "server 0.europe.pool.ntp.org" >> /tmp/ntp.conf.tmp
echo "server 1.europe.pool.ntp.org" >> /tmp/ntp.conf.tmp
echo "server 2.europe.pool.ntp.org" >> /tmp/ntp.conf.tmp
echo "server 3.europe.pool.ntp.org" >> /tmp/ntp.conf.tmp
mv /tmp/ntp.conf.tmp /etc/ntp.conf
ntpd -qxg | grep "ntpd:"
/etc/init.d/ntp start
echo "Date on ws container: `date` - correct: `(curl time.correct.com?iso)2>/dev/null`"
Gives me:
13 Apr 11:40:47 ntpd[922]: ntpd: time slew +14.502687 s
ntpd: time slew +14.502687s
[ ok ] Starting NTP server: ntpd.
Date on ws container: Fri Apr 13 11:40:47 UTC 2018 - correct: 2018-04-13T11:41:02Z
So, despite trying to set the time manually with ntpd (ntpdate is deprecated as per http://doc.ntp.org/4.1.0/ntpd.htm), and do getting that I'm 14 seconds behind, the container doesn't get the time set. Any idea on my mistake?
The script above is run with a docker exec (with or without –privilege doesn't make a difference).
The full output of ntpd -qxg is as follows:
13 Apr 12:52:43 ntpd[922]: ntpd 4.2.8p10@1.3728-o Sun Feb 25 21:22:55 UTC 2018 (1): Starting
13 Apr 12:52:43 ntpd[922]: Command line: ntpd -qxg
13 Apr 12:52:43 ntpd[922]: proto: precision = 3.398 usec (-18)
13 Apr 12:52:43 ntpd[922]: Listen and drop on 0 v6wildcard [::]:123
13 Apr 12:52:43 ntpd[922]: Listen and drop on 1 v4wildcard 0.0.0.0:123
13 Apr 12:52:43 ntpd[922]: Listen normally on 2 lo 127.0.0.1:123
13 Apr 12:52:43 ntpd[922]: Listen normally on 3 eth0 172.17.0.3:123
13 Apr 12:52:43 ntpd[922]: Listening on routing socket on fd #21 for interface updates
13 Apr 12:52:50 ntpd[922]: ntpd: time slew -2.923397 s
ntpd: time slew -2.923397s
EDIT2: Found solution!
Solution follows. The answer by @kubanczyk is correct, but in the specifics of Docker we need to super-power the manual time update:
# apt-get install ntp
# nsenter -t 1 -m -u -n -i ntpd -qxg
# /etc/init.d/ntp start
Best Answer
The
ntpqoffset is in milliseconds, for exampleoffset -117291translates to about 117 seconds difference.The UDP connectivity is correct. If it wasn't, you wouldn't get an offset.
The
ntpdconservatively refuses to set the clock. Generally, it only works by slowing/speeding the clock slightly. (And when the time offset is larger than 1000 seconds, it ignores the source completely).You need to stop
ntpdand runntpdateto set your clock. Now startntpdback up. The offset would be smaller, so it will synchronize much faster. The time is precisely synchronized whenntpqdisplays a*like this: