NTP Configuration on RHEL

-
NTP Configuration:

use the below script to configure your RHEL 7.x server for using public NTP from Google and ntp.org Asia pool.

#/bin/bash

rhel_version=`cat /etc/redhat-release`
rhel='Red Hat Enterprise Linux'
version7='release 7'
index=`awk -v a="$rhel_version" -v b="$rhel" 'BEGIN{print index(a,b)}'`
if [ $index -ne 0 ]; then
    index=`awk -v a="$rhel_version" -v b="$version7" 'BEGIN{print index(a,b)}'`
    if [ $index -ne 0 ]; then
        echo "Disable chronyd deamon."
        systemctl stop chronyd
        systemctl disable chronyd
        echo "Install ntpd deamon."
        yum install ntp -y
        systemctl enable ntpd
        echo "Start ntpd deamon."
        systemctl start ntpd
    else
        echo "Install ntpd deamon."
        yum install ntp -y
        echo "Start ntpd deamon."
        service ntpd start
    fi
else
    echo "The current operating system is not Red Hat Enterprise Linux."
    exit 1
fi

# Write NTP configuration
# Backup ntp.conf
currentTimestamp=`date +%y-%m-%d-%H:%M:%S`
ntp_conf="/etc/ntp.conf"
ntp_conf_backup=$ntp_conf.ntpconfig.$currentTimestamp
if [ -f "$ntp_conf" ]; then
    echo backup $ntp_conf to $ntp_conf_backup
    cp $ntp_conf $ntp_conf_backup
fi

# Write ntp.conf
echo "

    # For more information about this file, see the man pages
    # ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).

    driftfile /var/lib/ntp/drift

    # Permit time synchronization with our time source, but do not
    # permit the source to query or modify the service on this system.
    restrict default kod nomodify notrap nopeer noquery 
    restrict -6 default kod nomodify notrap nopeer noquery 

    # Permit all access over the loopback interface.  This could
    # be tightened as well, but to do so would effect some of
    # the administrative functions.
    restrict 127.0.0.1
    restrict -6 ::1

    # Hosts on local network are less restricted.
    #restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap

    server time.google.com iburst
    server 0.asia.pool.ntp.org iburst
    server 1.asia.pool.ntp.org iburst
    server 2.asia.pool.ntp.org iburst

    # Enable public key cryptography.
    #crypto

    includefile /etc/ntp/crypto/pw

    # Key file containing the keys and key identifiers used when operating
    # with symmetric key cryptography.
    keys /etc/ntp/keys

    # Specify the key identifiers which are trusted.   
    #trustedkey 4 8 42

    # Specify the key identifier to use with the ntpdc utility.  
    #requestkey 8

    # Specify the key identifier to use with the ntpq utility.  
    #controlkey 8

    # Enable writing of statistics records.
    statistics clockstats cryptostats loopstats peerstats sysstats rawstats

" > $ntp_conf

ntpdate time.google.com

ntpdate 0.asia.pool.ntp.org

ntpdate 1.asia.pool.ntp.org

ntpdate 2.asia.pool.ntp.org

echo "Restart ntpd deamon."
if [ $index -ne 0 ]; then
    systemctl restart ntpd
else
    service ntpd restart
fi

chmod +x ntpclient.sh
./ntpconfig_client.sh
 

Comments

Post a Comment

Popular posts from this blog

Access Oracle OCI Object Storage through GUI Client

-
Image
 As we already know that there are several GUI clients available for Amazon AWS S3 Object storage like - S3 Browser (https://s3browser.com/), CloudBerry Explorer (https://www.msp360.com/explorer/windows/amazon-s3.aspx), CyberDuck (https://cyberduck.io/) etc. Using these tools we can easily connect to the Object Storage service, upload & download "objects" i.e files and folders and also do some advance management like Bucket Policies, Replication, Versioning, lifecycle policies etc. Now these tools can also be used with Oracle OCI Object storage, but there are some prerequisites to get the proper credentials. You need to get following information before you can connect to you OCI Object storage - Object Storage Namespace: REST Endpoint: Access Key: Secret Key ID: How to get these details - Login to your OCI Account, head over to - Hamburger Icon on left hand top corner -> Storage -> Under Object Storage & Archive -> Buckets. It will list all the buckets in thi...
Read more

Instance OS Baseline Configuration Runbook

-
Overview & Scope This runbook defines the standard baseline configuration procedure for new OCI compute instances across five supported operating system families. It is intended for use by Cloud SRE and operations personnel during initial instance provisioning. Objectives Each OS configuration procedure achieves the following baseline state: •        Set system timezone to Asia/Kolkata (IST, UTC+05:30) •        Apply all available OS security and feature updates •        Enable and configure the host-based firewall to permit SSH (Linux) or RDP (Windows) ingress exclusively from the VCN CIDR block •        Enable EPEL repository where applicable (Oracle Linux, Rocky Linux, Alma Linux) •        Create a named administrative user account separate from the default OCI-provisioned user (opc / Administrator) •   ...
Read more

Accessing OCI Compute Instances Using VNC Console (Instance Console Connection)

-
Image
  Overview In Oracle Cloud Infrastructure (OCI), administrators occasionally face scenarios where SSH access to a compute instance is unavailable —for example, due to network misconfiguration, firewall issues, or OS-level boot problems. To handle such situations, OCI provides Instance Console Connection , which enables VNC-based graphical console access and serial console access to compute instances. In this post, I demonstrate how to access an OCI Compute instance using the VNC console , explain when to use it, and highlight best practices for secure and effective troubleshooting. ⚠️ This demonstration is performed in a personal OCI tenancy using test instances. No customer environments or confidential information are exposed. Oracle Products Used Oracle Cloud Infrastructure OCI Compute Instance Console Connection OCI IAM Virtual Cloud Network (VCN) What Is Instance Console Connection? Instance Console Connection provides ou...
Read more