Complete Additional NDR Installation Tasks

After installing the Salt minion service:

Check that the Salt minion log is connected.
Check the network connectivity back to the Salt minion services port 443, 4505, 4506.

Check NTP Time Sync

Navigate Basic Time Commands

The most basic command for determining the time on your server is date. Any user can type this command to print the date and time:

CODE

$ date

CODE

Output
Tue Jul 10 14:48:52 UTC 2018

Your server will usually default to the UTC time zone, as highlighted in the previous output. UTC stands for Coordinated Universal Time, the time at zero degrees longitude. Consistently using UTC reduces confusion when your infrastructure spans multiple time zones.

To change the time zone because of different requirements, use the timedatectl command:

List the available time zones:
CODE
```
$ timedatectl list-timezones
```
A list of time zones print to your screen.
To page down, press the spacebar. To page up, press b.
Once you find the correct time zone, make a note of it.
To exit the list, press q.
Set the time zone with timedatectl set-timezone, making sure to replace the highlighted portion with the time zone you found in the list. Use sudo with timedatectl to make this change:
CODE
```
$ sudo timedatectl set-timezone America/New_York
```
The time zone abbreviation should reflect the newly chosen value.
To verify your changes, run date again:
CODE
```
Output Tue Jul 10 10:50:53 EDT 2018
```
Now that you know how to check the clock and set time zones, check to make sure your time is being synchronized properly.

Control timesyncd with timedatectl

Until recently, most network time synchronization was handled by the Network Time Protocol daemon or ntpd. This service connects to a pool of other NTP servers that provide it with constant and accurate time updates.

Ubuntu’s default install now uses timesyncd instead of ntpd. timesyncd connects to the same time servers and works in roughly the same way. However, timesyncd is more lightweight and more integrated with systemd and the low-level workings of Ubuntu.

To query the status of timesyncd, run timedatectl with no arguments. In this case, you don’t need to use sudo:
CODE
```
$ timedatectl
```
CODE
```
Output

                      Local time: Tue 2018-07-10 10:54:12 EDT
                  Universal time: Tue 2018-07-10 14:54:12 UTC
                        RTC time: Tue 2018-07-10 14:54:12
                       Time zone: America/New_York (EDT, -0400)
       System clock synchronized: yes
systemd-timesyncd.service active: yes
                 RTC in local TZ: no
```
This prints the local time, universal time (which may be the same as local time, if you didn’t switch from the UTC time zone), and some network time status information.
System clock synchronized: yes means that the time has been successfully synced.
systemd-timesyncd.service active: yes means that timesyncd is enabled and running.
If timesyncd is not active, turn it on with timedatectl:
CODE
```
$ sudo timedatectl set-ntp on
```
Run timedatectl again to confirm the network time status.

Switching to ntpd

Although timesyncd is fine for most time synchronizations, some applications that are very sensitive to even the slightest disruptions in time may be better served by ntpd. It uses more sophisticated techniques to constantly and gradually keep the system time on track.

Before installing ntpd, turn off timesyncd:
CODE
```
$ sudo timedatectl set-ntp no
```
Verify that timesyncd is off:
CODE
```
$ timedatectl
```
Look for systemd-timesyncd.service active: no in the output. This means timesyncd has been stopped. We can now install the ntp package with apt:
CODE
```
$ sudo apt update 
$ sudo apt install ntp
```
ntpd will start automatically after install.

To verify that everything is working properly, query ntpd for status information. ntpq is a query tool for ntpd and the -p flag asks for information about the NTP servers (or peers) to which ntpd has connected.

CODE

$ ntpq -p

CODE

Output

     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
 0.ubuntu.pool.n .POOL.          16 p    -   64    0    0.000    0.000   0.000
 1.ubuntu.pool.n .POOL.          16 p    -   64    0    0.000    0.000   0.000
 2.ubuntu.pool.n .POOL.          16 p    -   64    0    0.000    0.000   0.000
 3.ubuntu.pool.n .POOL.          16 p    -   64    0    0.000    0.000   0.000
 ntp.ubuntu.com  .POOL.          16 p    -   64    0    0.000    0.000   0.000
+ec2-52-0-56-137 216.239.35.0     2 u   16   64    1    7.872   -2.137   1.485
+66.220.10.2     129.6.15.30      2 u   12   64    1   65.204    3.740   2.686
+block.steinhoff 209.51.161.238   2 u   11   64    1   33.364    1.710   3.586
+eterna.binary.n 216.229.0.50     3 u   11   64    1   35.330    2.821   2.839
+2604:a880:800:1 209.51.161.238   2 u   14   64    1    0.394    0.386   2.462
+ec2-52-6-160-3. 130.207.244.240  2 u   11   64    1    8.150    2.050   3.053
+mx.danb.email   127.67.113.92    2 u   13   64    1   63.868    1.539   2.240
*hydrogen.consta 129.6.15.28      2 u   12   64    1    2.989    1.755   2.563
+ntp-3.jonlight. 127.67.113.92    2 u   10   64    1   64.561    2.122   3.593
+undef.us        45.33.84.208     3 u   12   64    1   33.508    1.631   3.647
+ntp-3.jonlight. 127.67.113.92    2 u    8   64    1   64.253    2.645   3.174
 2001:67c:1560:8 145.238.203.14   2 u   22   64    1   71.155   -1.059   0.000
+test.diarizer.c 216.239.35.4     2 u   11   64    1   64.378    4.648   3.244
 2001:67c:1560:8 145.238.203.14   2 u   18   64    1   70.744   -0.964   0.000
 alphyn.canonica 132.246.11.231   2 u   17   64    1    7.973   -0.170   0.000
+vps5.ctyme.com  216.218.254.202  2 u   10   64    1   65.874    1.902   2.608

Your output will be slightly different, but should display the default Ubuntu pool servers in addition to a few others. Be aware that it may take a few minutes for ntpd to establish connections.