Time Drift on VM servers, need a reliable solution

ntptime-synchronizationvirtualizationwindows-server-2008

We have some windows server 2008 VMware instances on multiple physical servers (hosted) and an application which requires the time to be synced across the server instances.

Obviously, VMware has problems with this and we really have never gotten it working any better, we have setup the servers to poll for an NTP update every minute which mitigates the problem (in a fairly crude way). Except that every once in a while, the update will fail (because there's already too much drift) and then windows never does an NTP update afterwards which eventually allows the servers to drift far enough apart that our application breaks, and we notice.

We are thinking about changing hosts to Xen servers on approximately the same setup, and I anticipate similar problems.

  1. can anyone tell me if Xen has the same time-drift issues VMware does, for guests?
  2. can anyone tell me what the best windows server settings are for syncing with an external NTP server to keep things in sync:
    1. how frequently do you recommend syncing? (assuming every minute)
    2. do you recommend running our own NTP server – even if it has to be on a virtual instance? (assuming not)
    3. is there any way to tell windows to sync with the NTP server no matter what the time difference is?
    4. any other suggestions for keeping windows servers time in sync?

I have become familiar with [ http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1318 ] and it's helped, but it's not been totally effective (see above).

thanks much!

Best Answer

Using NTP intermittently (even as often as once per minute) is not going to help a lot. NTP is designed for constant updates/tweaks and is not intended for discrete clock jumps.

If you install a proper NTP daemon you will have better luck. I have found http://www.meinberg.de/english/sw/ntp.htm (a Windows build of the "standard" NTPd implementation) to be reliable in VMs running Windows Server 2003 and 2008.

Four things to note though:

  1. Make sure the VMWare time sync methods or turned off for the guests NTP is running, or they and NTP will fight each other. The installer for the NTP build linked above will turn off common time sync software found in the guest, but it can not turn of VMWare's so you'll need to do that yourself.

  2. Make sure you have tinker panic 0 specified at the top of your NTPd config file. This stops the NTP service giving up if there is a sudden change in clock drift, which is not uncommon in VMs due to differing loads on the host over time.

  3. Use a local time source for the VMs for better local accuracy, and sync this local source with .pool.ntp.org or similar instead of syncing the VMs directly with the outside world. That way if your external network access goes down the VMs still have a clock source more reliable than there own to sync with (and you are being kinder to the public time servers). You could use the VMWare host machine as this local time source, though I tend to have a machine acting as external network gateway and have it perform this job also.

  4. Make sure that you don't have the VM's local clock listed as a time source, even as a last-resort fall-back.

Related Topic