Hello Guys,
I have working on a problem where i need to sync the windows machines in isolated network.So I have suggested that we need to have a local NTP server and keep syncing to it periodically. I have wrote a ansible playbook to setup NTP/chrony server but it can be achive manually as well.
For syncing the windows machines as well we can do it locally but i have sestup a playbook which login on windows machine and syncup the time using the timeserver which we have setup.
---
- name: Set up NTP server on RHEL 9 using Chrony
hosts: all
become: yes
tasks:
- name: check if chrony is installed
shell: rpm -qa | grep chrony
register: chrony_installed
ignore_errors: True
check_mode: False
changed_when: False
- name: print
debug:
msg: "chrony is installed"
when: chrony_installed.rc == 0
- name: Install chrony package
yum:
name: chrony
state: present
when: chrony_installed.rc != 0
- name: Configure chrony as an NTP server
copy:
dest: /etc/chrony.conf
content: |
# Use the default CentOS pool servers
pool 2.centos.pool.ntp.org iburst
# Allow NTP client access from the local network
allow 192.168.1.0/24
#Allow NTP client to access from local network hostonly
allow 192.168.56.0/24
# Serve time even if not synchronized to any NTP server
local stratum 10
# Specify log file
logdir /var/log/chrony
# Dump measurements when chronyd exits
dumpdir /var/lib/chrony
# Save drift file
driftfile /var/lib/chrony/drift
notify:
- restart chronyd
- name: Enable and start chronyd service
systemd:
name: chronyd
enabled: yes
state: started
- name: Ensure firewalld is running
ansible.builtin.service:
name: firewalld
state: started
enabled: yes
- name: Open UDP port 123 for NTP (Chrony) on the server
ansible.posix.firewalld:
port: "{{ item }}/udp"
permanent: true
state: enabled
immediate: true
loop:
- 123
- 323
notify:
- Reload firewalld
handlers:
- name: restart chronyd
systemd:
name: chronyd
state: restarted
- name: Reload firewalld
ansible.builtin.service:
name: firewalld
state: reloaded
For syncing the we can go to time and date setting and enter the IP address of the NTP server in the internet time section and click sync now. Alternatively we can also write a playbook if we want to do it in bulk which i will cover in the next article. Cheers and enjoy...!
