{"id":1825,"date":"2019-12-03T23:36:56","date_gmt":"2019-12-03T23:36:56","guid":{"rendered":"http:\/\/linuxdigest.com\/?p=1825"},"modified":"2020-01-12T16:44:59","modified_gmt":"2020-01-12T16:44:59","slug":"run-ntp-inside-a-container","status":"publish","type":"post","link":"https:\/\/linuxdigest.com\/howto\/run-ntp-inside-a-container\/","title":{"rendered":"Run ntp inside a container"},"content":{"rendered":"\n<p>If you try to run <a href=\"https:\/\/linux.die.net\/man\/8\/ntpd\">ntp<\/a> inside a container, like LXD or Docker, chances are, you are going to run into some errors. Errors like the following.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>ntpd[xxxx]: adj_systime: Operation not permitted\nntpd[xxxx]: start_kern_loop: ntp_loopfilter.c line 1119: ntp_adjtime: Operation not permitted\nntpd[xxxx]: set_freq: ntp_loopfilter.c line 1082: ntp_adjtime: Operation not permitted\nntpd[xxxx]: Cannot set RLIMIT_MEMLOCK: Operation not permitted<\/code><\/pre>\n\n\n\n<p>The reason for these errors is that by default ntp tries to update the local time as well as serve the time to clients. But in the case of an unprivileged container, ntp does not have access to set the local time.<\/p>\n\n\n\n<p>You could solve this by running ntp in a privileged container that has access to change the system clock. But it makes much more sense to have another process running on your host to update the clock there and have the container only serve the time to clients.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Use the local time as the clock source<\/h2>\n\n\n\n<p>Make sure you have an ntp daemon running on your host. If the clock on your host is not in sync, the time your container is serving will also be out of sync.<\/p>\n\n\n\n<p>Next, comment out all lines in your \/etc\/ntp.conf that start with pool or server.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>#pool 0.ubuntu.pool.ntp.org iburst\n#pool 1.ubuntu.pool.ntp.org iburst\n#pool 2.ubuntu.pool.ntp.org iburst\n#pool 3.ubuntu.pool.ntp.org iburst<\/code><\/pre>\n\n\n\n<p>Now instruct ntp to use 127.127.1.0, which is your local clock, as a clock source. You do this by adding this line to your ntp.conf:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>server  127.127.1.0 prefer<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\">Living with errors<\/h2>\n\n\n\n<p>The errors, mentioned above, are mostly harmless. You can get rid of some of them by disabling precision-time kernel support. You do this by adding <em>a disable kernel <\/em>on a line by itself.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>disable kernel<\/code><\/pre>\n\n\n\n<p>There is also an option called <em>disable ntp<\/em>. This instructs ntpd not to update the system clock. But in my case it also made the server report a stratum of 16 to clients. Which will cause many clients to ignore the time the server reports.<\/p>\n\n\n\n<p>I hope this article helps you to run ntp inside a container. If you still run into problems, please add a comment and I will try to update the article.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>If you try to run ntp inside a container, like LXD or Docker, chances are, you&hellip;<\/p>\n","protected":false},"author":1,"featured_media":1838,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[1],"tags":[33,35,34,32,31],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.0 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Run ntp inside a container - Unprivileged time server - Linux Digest<\/title>\n<meta name=\"description\" content=\"If you try to run ntpd inside a container, like LXD or Docker, chances are, you are going to run into some errors.The reason for these errors is that by default ntp tries to update the local time as well as serve the time to clients.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/linuxdigest.com\/howto\/run-ntp-inside-a-container\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Run ntp inside a container - Unprivileged time server - Linux Digest\" \/>\n<meta property=\"og:description\" content=\"If you try to run ntpd inside a container, like LXD or Docker, chances are, you are going to run into some errors.The reason for these errors is that by default ntp tries to update the local time as well as serve the time to clients.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/linuxdigest.com\/howto\/run-ntp-inside-a-container\/\" \/>\n<meta property=\"og:site_name\" content=\"Linux Digest\" \/>\n<meta property=\"article:published_time\" content=\"2019-12-03T23:36:56+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-01-12T16:44:59+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/linuxdigest.com\/wp-content\/uploads\/2019\/12\/Run-NTP-daemon.png\" \/>\n\t<meta property=\"og:image:width\" content=\"500\" \/>\n\t<meta property=\"og:image:height\" content=\"500\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"The Linux Digest Guy\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"The Linux Digest Guy\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/linuxdigest.com\/howto\/run-ntp-inside-a-container\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/linuxdigest.com\/howto\/run-ntp-inside-a-container\/\"},\"author\":{\"name\":\"The Linux Digest Guy\",\"@id\":\"https:\/\/linuxdigest.com\/#\/schema\/person\/29c97230aa94affab929a88c6a10adb2\"},\"headline\":\"Run ntp inside a container\",\"datePublished\":\"2019-12-03T23:36:56+00:00\",\"dateModified\":\"2020-01-12T16:44:59+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/linuxdigest.com\/howto\/run-ntp-inside-a-container\/\"},\"wordCount\":314,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/linuxdigest.com\/#organization\"},\"keywords\":[\"containers\",\"docker\",\"lxd\",\"ntp\",\"server\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/linuxdigest.com\/howto\/run-ntp-inside-a-container\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/linuxdigest.com\/howto\/run-ntp-inside-a-container\/\",\"url\":\"https:\/\/linuxdigest.com\/howto\/run-ntp-inside-a-container\/\",\"name\":\"Run ntp inside a container - Unprivileged time server - Linux Digest\",\"isPartOf\":{\"@id\":\"https:\/\/linuxdigest.com\/#website\"},\"datePublished\":\"2019-12-03T23:36:56+00:00\",\"dateModified\":\"2020-01-12T16:44:59+00:00\",\"description\":\"If you try to run ntpd inside a container, like LXD or Docker, chances are, you are going to run into some errors.The reason for these errors is that by default ntp tries to update the local time as well as serve the time to clients.\",\"breadcrumb\":{\"@id\":\"https:\/\/linuxdigest.com\/howto\/run-ntp-inside-a-container\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/linuxdigest.com\/howto\/run-ntp-inside-a-container\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/linuxdigest.com\/howto\/run-ntp-inside-a-container\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/linuxdigest.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Run ntp inside a container\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/linuxdigest.com\/#website\",\"url\":\"https:\/\/linuxdigest.com\/\",\"name\":\"Linux Digest\",\"description\":\"Linux tutorials for everyone\",\"publisher\":{\"@id\":\"https:\/\/linuxdigest.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/linuxdigest.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/linuxdigest.com\/#organization\",\"name\":\"Linux Digest\",\"url\":\"https:\/\/linuxdigest.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/linuxdigest.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/linuxdigest.com\/wp-content\/uploads\/2019\/11\/logo1.png\",\"contentUrl\":\"https:\/\/linuxdigest.com\/wp-content\/uploads\/2019\/11\/logo1.png\",\"width\":1102,\"height\":170,\"caption\":\"Linux Digest\"},\"image\":{\"@id\":\"https:\/\/linuxdigest.com\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/linuxdigest.com\/#\/schema\/person\/29c97230aa94affab929a88c6a10adb2\",\"name\":\"The Linux Digest Guy\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/linuxdigest.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/ac6bcf745dec6961360ccf2d2711f26c?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/ac6bcf745dec6961360ccf2d2711f26c?s=96&d=mm&r=g\",\"caption\":\"The Linux Digest Guy\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Run ntp inside a container - Unprivileged time server - Linux Digest","description":"If you try to run ntpd inside a container, like LXD or Docker, chances are, you are going to run into some errors.The reason for these errors is that by default ntp tries to update the local time as well as serve the time to clients.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/linuxdigest.com\/howto\/run-ntp-inside-a-container\/","og_locale":"en_US","og_type":"article","og_title":"Run ntp inside a container - Unprivileged time server - Linux Digest","og_description":"If you try to run ntpd inside a container, like LXD or Docker, chances are, you are going to run into some errors.The reason for these errors is that by default ntp tries to update the local time as well as serve the time to clients.","og_url":"https:\/\/linuxdigest.com\/howto\/run-ntp-inside-a-container\/","og_site_name":"Linux Digest","article_published_time":"2019-12-03T23:36:56+00:00","article_modified_time":"2020-01-12T16:44:59+00:00","og_image":[{"width":500,"height":500,"url":"https:\/\/linuxdigest.com\/wp-content\/uploads\/2019\/12\/Run-NTP-daemon.png","type":"image\/png"}],"author":"The Linux Digest Guy","twitter_card":"summary_large_image","twitter_misc":{"Written by":"The Linux Digest Guy","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/linuxdigest.com\/howto\/run-ntp-inside-a-container\/#article","isPartOf":{"@id":"https:\/\/linuxdigest.com\/howto\/run-ntp-inside-a-container\/"},"author":{"name":"The Linux Digest Guy","@id":"https:\/\/linuxdigest.com\/#\/schema\/person\/29c97230aa94affab929a88c6a10adb2"},"headline":"Run ntp inside a container","datePublished":"2019-12-03T23:36:56+00:00","dateModified":"2020-01-12T16:44:59+00:00","mainEntityOfPage":{"@id":"https:\/\/linuxdigest.com\/howto\/run-ntp-inside-a-container\/"},"wordCount":314,"commentCount":0,"publisher":{"@id":"https:\/\/linuxdigest.com\/#organization"},"keywords":["containers","docker","lxd","ntp","server"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/linuxdigest.com\/howto\/run-ntp-inside-a-container\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/linuxdigest.com\/howto\/run-ntp-inside-a-container\/","url":"https:\/\/linuxdigest.com\/howto\/run-ntp-inside-a-container\/","name":"Run ntp inside a container - Unprivileged time server - Linux Digest","isPartOf":{"@id":"https:\/\/linuxdigest.com\/#website"},"datePublished":"2019-12-03T23:36:56+00:00","dateModified":"2020-01-12T16:44:59+00:00","description":"If you try to run ntpd inside a container, like LXD or Docker, chances are, you are going to run into some errors.The reason for these errors is that by default ntp tries to update the local time as well as serve the time to clients.","breadcrumb":{"@id":"https:\/\/linuxdigest.com\/howto\/run-ntp-inside-a-container\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/linuxdigest.com\/howto\/run-ntp-inside-a-container\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/linuxdigest.com\/howto\/run-ntp-inside-a-container\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/linuxdigest.com\/"},{"@type":"ListItem","position":2,"name":"Run ntp inside a container"}]},{"@type":"WebSite","@id":"https:\/\/linuxdigest.com\/#website","url":"https:\/\/linuxdigest.com\/","name":"Linux Digest","description":"Linux tutorials for everyone","publisher":{"@id":"https:\/\/linuxdigest.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/linuxdigest.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/linuxdigest.com\/#organization","name":"Linux Digest","url":"https:\/\/linuxdigest.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/linuxdigest.com\/#\/schema\/logo\/image\/","url":"https:\/\/linuxdigest.com\/wp-content\/uploads\/2019\/11\/logo1.png","contentUrl":"https:\/\/linuxdigest.com\/wp-content\/uploads\/2019\/11\/logo1.png","width":1102,"height":170,"caption":"Linux Digest"},"image":{"@id":"https:\/\/linuxdigest.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/linuxdigest.com\/#\/schema\/person\/29c97230aa94affab929a88c6a10adb2","name":"The Linux Digest Guy","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/linuxdigest.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/ac6bcf745dec6961360ccf2d2711f26c?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/ac6bcf745dec6961360ccf2d2711f26c?s=96&d=mm&r=g","caption":"The Linux Digest Guy"}}]}},"_links":{"self":[{"href":"https:\/\/linuxdigest.com\/wp-json\/wp\/v2\/posts\/1825"}],"collection":[{"href":"https:\/\/linuxdigest.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/linuxdigest.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/linuxdigest.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/linuxdigest.com\/wp-json\/wp\/v2\/comments?post=1825"}],"version-history":[{"count":3,"href":"https:\/\/linuxdigest.com\/wp-json\/wp\/v2\/posts\/1825\/revisions"}],"predecessor-version":[{"id":1863,"href":"https:\/\/linuxdigest.com\/wp-json\/wp\/v2\/posts\/1825\/revisions\/1863"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/linuxdigest.com\/wp-json\/wp\/v2\/media\/1838"}],"wp:attachment":[{"href":"https:\/\/linuxdigest.com\/wp-json\/wp\/v2\/media?parent=1825"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/linuxdigest.com\/wp-json\/wp\/v2\/categories?post=1825"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/linuxdigest.com\/wp-json\/wp\/v2\/tags?post=1825"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}