Hi everyone, I have a setup where the host runs chronyd natively to discipline the system clock. However, we have several applications running in containers, and for various legacy reasons, some of these containers include their own NTP implementations (like ntpd, sntp, or even other chronyd instances). My main concerns are:
1. Will these containerized NTP clients interfere with the host's chronyd ability to maintain a stable clock? 2. Since they share the same kernel, is there a risk of "clock fighting" if a container has enough privileges to call adjtimex or settimeofday? 3. What is the recommended way to handle this? Should we strictly disable time-setting capabilities in all containers? Any insights or best practices would be greatly appreciated. Best regards, Juan. [INDRA]<http://www.indracompany.com/> Juan Valera Requena ATM / CNS indracompany.com<http://www.indracompany.com/> [LinkedIn]<http://www.linkedin.com/company/indra> [Twitter]<https://twitter.com/IndraCompany?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor> [YouTube]<https://www.youtube.com/channel/UCU4hJWWBils_53MEkxMHSjw> [Instagram]<https://www.instagram.com/indracompany/?hl=es> ________________________________ Este correo electrónico y, en su caso, cualquier fichero anexo al mismo, contiene información de carácter confidencial exclusivamente dirigida a su destinatario o destinatarios. Si no es vd. el destinatario indicado, queda notificado que la lectura, utilización, divulgación y/o copia sin autorización está prohibida en virtud de la legislación vigente. En el caso de haber recibido este correo electrónico por error, se ruega notificar inmediatamente esta circunstancia mediante reenvío a la dirección electrónica del remitente. Evite imprimir este mensaje si no es estrictamente necesario. This email and any file attached to it (when applicable) contain(s) confidential information that is exclusively addressed to its recipient(s). If you are not the indicated recipient, you are informed that reading, using, disseminating and/or copying it without authorisation is forbidden in accordance with the legislation in effect. If you have received this email by mistake, please immediately notify the sender of the situation by resending it to their email address. Avoid printing this message if it is not absolutely necessary.
