1976162 – NTP not synchronized on random nodes

Bug 1976162 - NTP not synchronized on random nodes

Summary: NTP not synchronized on random nodes

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	RHCOS
Sub Component:
Version:	4.6
Hardware:	x86_64
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Target Release:	---
Assignee:	RHCOS Bug Triage
QA Contact:	Michael Nguyen
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2021-06-25 11:32 UTC by peter ducai
Modified:	2024-10-01 18:47 UTC (History)
CC List:	6 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2021-08-18 10:52:07 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)
ostree log (83.80 KB, text/plain) 2021-06-25 11:32 UTC, peter ducai	no flags	Details
View All

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Bugzilla	1874340	1	medium	CLOSED	vmware: NodeClockNotSynchronising alert is triggered in openshift cluster after upgrading form 4.4.16 to 4.5.6	2024-03-25 16:24:46 UTC
Red Hat Bugzilla	1949493	1	medium	CLOSED	AVC denied for chronyd socket	2023-10-09 07:04:06 UTC

Description peter ducai 2021-06-25 11:32:49 UTC

Created attachment 1794364 [details]
ostree log

Created attachment 1794364 [details]
ostree log

Created attachment 1794364 [details]
ostree log

CU with 4.6.18 on VMWare got alert from AlertManager that chrony is not sync, random nodes at random time. They didn't change or update anything.

possibly related to 
https://bugzilla.redhat.com/show_bug.cgi?id=1874340
https://bugzilla.redhat.com/show_bug.cgi?id=1949493

but still could be an issue with Dynatrace operator (similar to case #02843340) they run.

As suggested by Timothée Ravier (on Slack channel wg-dynatrace), customer did run 'semodule -DB' to rebuild policies, but that didn't change anything and NTP issues still persist. Audit log shows AVC denials for chrony and timedatex.

All big logs like must-gather are attached in case #02968314

Comment 5 Timothée Ravier 2021-06-25 12:57:40 UTC

Can you confirm that they rebooted the nodes after running `semodule -B` (or `-DB`)?

Comment 6 Micah Abbott 2021-07-12 19:39:58 UTC

Is there any more information about this problem?

It appears we are waiting for confirmation that the `semodule -B` workaround was tried.

Comment 7 Timothée Ravier 2021-08-18 10:52:07 UTC

Closing as this has been opened for a month without feedback. Feel free to re-open if you have new feedback.

Comment 8 Red Hat Bugzilla 2023-09-15 01:10:34 UTC

The needinfo request[s] on this closed bug have been removed as they have been unresolved for 500 days

Note You need to log in before you can comment on or make changes to this bug.