Dotaz: Icinga - kontrola NPT servera

Problem:

July 24, 2019 12:00	

Service Ok[07-24-2019 12:40:26] SERVICE ALERT: Archlinux;Server NTP;OK;HARD;3;NTP OK: Offset 0.004707 secs, jitter=1.801000
Service started flapping[07-24-2019 12:20:26] SERVICE FLAPPING ALERT: Archlinux;Server NTP;STARTED; Service appears to have started flapping (22.8% change >= 20.0% threshold)
Service Critical[07-24-2019 12:20:26] SERVICE ALERT: Archlinux;Server NTP;CRITICAL;HARD;3;NTP CRITICAL: Server not synchronized, Offset unknown, jitter=-1.000000
Service Critical[07-24-2019 12:18:26] SERVICE ALERT: Archlinux;Server NTP;CRITICAL;SOFT;2;NTP CRITICAL: Server not synchronized, Offset unknown, jitter=-1.000000
Service Critical[07-24-2019 12:16:26] SERVICE ALERT: Archlinux;Server NTP;CRITICAL;SOFT;1;NTP CRITICAL: Server not synchronized, Offset unknown, jitter=-1.000000
Service Ok[07-24-2019 12:06:26] SERVICE ALERT: Archlinux;Server NTP;OK;HARD;3;NTP OK: Offset -0.005113 secs, jitter=1.864000

Kontrola ostatnych 9 pocitacov tou istou sluzbou je v poriadku (6x windows a 3x archlinux).

Kontrolovany pocitac Archlinux:

$ uname -a
Linux **** 4.11.9-1-ARCH #1 SMP PREEMPT Wed Jul 5 18:23:08 CEST 2017 x86_64 GNU/Linux

Dohladovy pocitac CentOS:

$ uname -a                                                                            
Linux **** 2.6.32-431.el6.x86_64 #1 SMP Fri Nov 22 03:15:09 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux

Icinga: Version 1.8.4, January 13, 2013 Prikaz na kontrolu: Server NTP

$USER1$/check_ntp_peer $ARG1$ $HOSTADDRESS$ -j -1:100 -k -1:200

$ARG1$ je -H

Verzia check_ntp_peer v1.4.16 (nagios-plugins 1.4.16)

Kontrola ostatnych sluzieb na cielovom pocitaci je v poriadku, Ping nevypadava, rta=2.336000ms.

Najprv sme pouzivali prikaz check_ntp, ktory je ale podla dokumentacie zastaraly https://www.monitoring-plugins.org/doc/man/check_ntp.html Nasledne bol zmeneny na check_ntp_peer, ktory zacal vykazovat chyby v uvode, ktore sa objavuju nepravidlene a nahodne dlho:

July 24, 2019 06:00	

Service Ok[07-24-2019 06:46:10] SERVICE ALERT: Archlinux;Server NTP;OK;SOFT;3;NTP OK: Offset -0.000522 secs, jitter=2.546000
Service Warning[07-24-2019 06:44:10] SERVICE ALERT: Archlinux;Server NTP;WARNING;SOFT;2;NTP WARNING: Offset -0.149749 secs, jitter=164.884000
Service Critical[07-24-2019 06:42:10] SERVICE ALERT: Archlinux;Server NTP;CRITICAL;SOFT;1;NTP CRITICAL: Server not synchronized, Offset unknown, jitter=-1.000000
Service started flapping[07-24-2019 06:22:10] SERVICE FLAPPING ALERT: Archlinux;Server NTP;STARTED; Service appears to have started flapping (23.7% change >= 20.0% threshold)
Service Ok[07-24-2019 06:22:10] SERVICE ALERT: Archlinux;Server NTP;OK;HARD;3;NTP OK: Offset -0.024173 secs, jitter=15.655000
Service Critical[07-24-2019 06:02:10] SERVICE ALERT: Archlinux;Server NTP;CRITICAL;HARD;3;NTP CRITICAL: Server not synchronized, Offset unknown, jitter=-1.000000

Co moze sposobovat taeto spravanie? V niektorych logoch sa objavuje jitter s vysokou hodnotou z coho mozem vydedukovat problem na sieti, ale ine kontroly problemy nevykazuju, iba tato NTP.

Jak je na tom ten NTP server na Archlinuxu?

July 24, 2019 20:00	

Service Ok[07-24-2019 20:42:26] SERVICE ALERT: Archlinux;Server NTP;OK;SOFT;2;NTP OK: Offset -0.000751 secs, jitter=1.817000
Service Warning[07-24-2019 20:40:26] SERVICE ALERT: Archlinux;Server NTP;WARNING;SOFT;1;NTP WARNING: Offset -0.010169 secs, jitter=101.926000

July 24, 2019 15:00	

Service stopped flapping[07-24-2019 15:40:26] SERVICE FLAPPING ALERT: Archlinux;Server NTP;STOPPED; Service appears to have stopped flapping (3.9% change < 5.0% threshold)

Chyba je len na jednom pocitaci a bol tam nastaveny zdroj GPS aj NTP server. Nechal som iba synchronizaciu z GPS a pocet chyb sa zmensil na jednu denne:

July 25, 2019 14:00	

Service Ok[07-25-2019 14:44:26] SERVICE ALERT: Archlinux;Server NTP;OK;SOFT;2;NTP OK: Offset 0.179503 secs, jitter=10.240000
Service Warning[07-25-2019 14:42:26] SERVICE ALERT: Archlinux;Server NTP;WARNING;SOFT;1;NTP WARNING: Offset 0.164459 secs, jitter=171.311000

July 26, 2019 05:00	

Service Ok[07-26-2019 05:08:26] SERVICE ALERT: Archlinux;Server NTP;OK;SOFT;3;NTP OK: Offset 0.017047 secs, jitter=12.912000
Service Critical[07-26-2019 05:06:26] SERVICE ALERT: Archlinux;Server NTP;CRITICAL;SOFT;2;NTP CRITICAL: Server not synchronized, Offset unknown, jitter=-1.000000
Service Critical[07-26-2019 05:04:26] SERVICE ALERT: Archlinux;Server NTP;CRITICAL;SOFT;1;NTP CRITICAL: Server not synchronized, Offset unknown, jitter=-1.000000

Dna 25.7.2019 je ale vysoky jitter - moze to suvisiet s kritickym stavom? Stav siete nemam moznost overit a zakaznik tvrdi, ze je OK. V histroii alarmov pre tento stroj su kriticke a varovne stavy iba pre kontrolu sluzby NTP.

Na tom pocitaci s Archlinux boli v konfiguracii nastavene dva zdroje presneho casu: GPS prijimac a IP NTP servera. Pokusnym vyblokovanim GPS (s povolenym iba jednym NTP serverom) sa pocet chybnych hlaseni na dohlade zredukoval na asi dve tyzdenne. Nasledne bol vyblokovany NTP server a povolene GPS. Od toho momentu bol tyzden bez jedinej chyby a potom uz zakaznik chyby v dohlade nehlasil. Povazujem za vyriesene.