| Home | Current Systems | Former STK Products | EOL Systems | Components | General Info | Search | Feedback |
| Oracle System Handbook - ISO 7.0 May 2018 Internal/Partner Edition | ||
|
|
||
 |
||||||||||||||||||||||||||||||||
Solution Type Technical Instruction Sure Solution 1509140.1 : ODA (Oracle Database Appliance): How To Setup the NTP Server Post Deploy
In this Document
Applies to:Oracle Database Appliance Software - Version 2.1.0.3 to 2.10.0.0Oracle Database Appliance - Version All Versions and later Linux OS - Version Oracle Linux 6.1 to Oracle Linux 6.1 [Release OL6U1] Information in this document applies to any platform. GoalThe aim of this bulletin is provide the steps for the NTP (Network Time Protocol) setup (post deploy) on ODA (Oracle Database Appliance) SolutionHow To Setup NTP Server Post Deploy
1. ODA ManagerRun the ODA Configuration Manager loading your settings executing the followings to generate the configuration files: /opt/oracle/oak/bin/oakcli deploy config -conf /opt/oracle/oak/onecmd/onecommand.params
Note: The onecommand.params file is compatible only with the Oracle Appliance Manager Configurator version that was used to generate it. If you updated oak after the initial deployment then you should generate onecommand.params with the corresponding Configurator
2. Custom installFrom ODA Configuration Manager choose custom type: 3. NTP Servers Information screenGo to the "Generic Network" Information screen and complete the fields, then save your new configuration as "/opt/oracle/oak/onecmd/onecommand.params" 4. Run deploy Steps 3Execute the deploy Steps 3 doing (Set up SSH for root) /opt/oracle/oak/onecmd/GridInst.pl -s 3
Note: if you are running on ODA Virtualized Platform you need to use "-o" option (VM en run)
Example: /opt/oracle/oak/onecmd/GridInst.pl -s 3 -o
Note, if your root password is not the default "welcome1"
If the root password is not the default "welcome1", you can not execute the above. You have to change the password to "welcome1" first, then execute step 3
5. Run deploy steps manuallyRun the deploy steps SetupNTP & ResecureMachine. While not all ODA deployment steps are unique to each version, there are several differences between many of the ODA versions. Check on the following MOS article <Note:2027830.1> Example: if you are running on ODA 12.1.2.8.0 and above the SetupNTP step is the 8, then you should run the following command: /opt/oracle/oak/onecmd/GridInst.pl -s 8
/opt/oracle/oak/onecmd/GridInst.pl -s 24
Note: if your root password is not the default "welcome1" and you have changed it due to step 4
the step 24 will revert it back to the customer selected root password. Note: if you are running on ODA Virtualized Platform you need to use "-o" option (VM en run)
/opt/oracle/oak/onecmd/GridInst.pl -s 24 -o
6. VerifyYou can now check if the NTP is working properly (on both nodes) issuing the command: $ date
You can use # ntpdc -c sysinfo
system peer: zartr1-fa0-0-311.za.oracle.com system peer mode: client leap indicator: 00 stratum: 4 precision: -20 root distance: 0.34230 s root dispersion: 0.08382 s reference ID: [10.172.79.1] reference time: d461b02f.b1687589 Thu, Nov 29 2012 11:58:07.693 system flags: auth monitor ntp stats jitter: 0.002228 s stability: 0.000 ppm broadcastdelay: 0.003998 s authdelay: 0.000000 s
# ntpq -nc peers
remote refid st t when poll reach delay offset jitter ============================================================================== *10.172.79.1 144.25.255.140 3 u 33 64 377 0.517 73.403 2.423 How To Setup NTP Server Post Deploy - Manual StepsTo configure NTP Server after the deploy using the manual steps. If the NTP configuration file /etc/ntp.conf you may backup it before to edit, if it does not already exist create a new one. # nano /etc/ntp.conf
server 10.172.79.1 prefer
server timeserver.example.org Next, define the rules that will allow clients to connect to your service (localhost is considered a client too) using the restrict command; you should already have a line like this in your file: restrict default nomodify nopeer noquery
This restricts everyone from modifying anything and prevents everyone from querying the status of your time server: nomodify prevents reconfiguring your ntpd (with ntpq or ntpdc), and noquery prevents dumping status data from your ntpd (also with ntpq or ntpdc).
restrict default kod nomodify notrap nopeer noquery
Following this line, you need to tell ntpd what to allow through into your server; the following line is enough if you are not configuring an NTP server: restrict 127.0.0.1
If you want to force DNS resolution to the IPv6 namespace, write -6 before the IP address or host name (-4 forces IPv4 instead), for example: restrict -6 default kod nomodify notrap nopeer noquery
restrict -6 ::1 # ::1 is the IPv6 equivalent for 127.0.0.1 Lastly, you could "tune" where the drift file will be (which keeps track of your clock's time deviation) and optionally the log file location: driftfile /var/lib/ntp/ntp.drift
logfile /var/log/ntp.log
A very basic configuration file will look like this (all comments have been stripped out for clarity): # cat /etc/ntp.conf
server 10.172.79.1 prefer server timeserver.example.org restrict default kod nomodify notrap nopeer noquery restrict -6 default kod nomodify notrap nopeer noquery restrict 127.0.0.1 restrict -6 ::1 driftfile /var/lib/ntp/ntp.drift logfile /var/log/ntp.log
# service ntpd restart
Make sure that ntpd daemon is started at boot time: # chkconfig ntpd on
References<NOTE:2015972.1> - ODA (Oracle Database Appliance): Leap Second adjustment impact<NOTE:2027830.1> - ODA HA (High Availability) Deployment Step Descriptions -- A List of Deployment Version Specific Steps Used for Each ODA HA Version Using GridInst.pl Attachments This solution has no attachment |
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||