No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

FusionInsight HD 6.5.0 Administrator Guide 02

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring NTP Security Authentication

Configuring NTP Security Authentication

Scenario

FusionInsight system allows a third-party NTP server to serve as an external clock source when Manager is installed to synchronize the time on the active management node with that on the external clock source. If NTP security authentication is not configured in a cluster, the time synchronization function is normal, but there may be security risks. To avoid the security risks, it is advised to use the external clock source with the enabled authentication function and to configure NTP security authentication.

By default, the active management node serves as an NTP server in the cluster. The time on the other nodes in the cluster is automatically synchronized with that on the active management node. NTP security authentication is configured for time synchronization in a cluster.

Prerequisites

  • Manager has been installed and a third-party NTP server with the enabled authentication function has been appointed. Manager supports a maximum of two third-party NTP servers.
  • You have obtained the NTP authentication key.

Procedure

  1. Use PuTTY to log in to the active management node using the active management IP address as user omm.

    The operation does not need to be performed on the standby management node.

  2. Run the following command to go to the related directory:

    cd ${BIGDATA_HOME}/om-server/om/bin/tools/

  3. Run the following command to configure the NTP authentication key used for accessing the third-party NTP server from a cluster.

    sh authenticateNtp.sh --ntp_server_ip ip_address

    ip_address: indicates the IP address of the third-party NTP server. It does not support multiple IP addresses. That is, if there are multiple NTP servers, you need to run the command for each NTP server for authentication.

    For example, run the following command to access the third-party NTP server with the IP address of 192.168.1.1. The authentication key is 10 M b273290137CH.

    sh authenticateNtp.sh --ntp_server_ip 192.168.1.1

    Enter the NTP authentication key as prompted, and press Enter. The authentication key index value cannot be 1. You are advised to use other values.

    Please input 192.168.1.1 authentication_code:

    If the following information is displayed, the NTP security authentication is configured successfully.

    Success to Authenticate ntp server to 192.168.1.1

Download
Updated: 2019-05-17

Document ID: EDOC1100074522

Views: 7402

Downloads: 12

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next