VMware vSphere 7 Update 2 has introduced a new feature called Precision Time for Windows. It's a completely new protocol that is worth looking at because it offers strict time accuracy and precision for time-sensitive virtualized applications.

In the past, enterprise admins relied on NTP and Microsoft Active Directory (AD), but vendors of time-sensitive applications called for better solutions. Highly time-sensitive environments, such as financial institutions, needed a solution for more precise time-keeping.

Precision Time for Windows overview ^

Microsoft's native time synchronization service for Windows is w32Time with built-in support for NTP. However, it was mostly developed for syncing host clocks in an AD domain to support authentication protocols. W32Time's architecture is plugin-based.

You can register one or more DLL as time providers. One of the providers is NTPClient, which is available by default for time synchronization with NTP servers. If there are multiple providers present, W32Time chooses which one to use by comparing their accuracy and reliability.

The diagram below gives an overview of the architecture of VMware Precision Time.

VMware vSphere 7 Update 2 Windows Precision Time

VMware vSphere 7 Update 2 Windows Precision Time

The Precision Clock device receives time from the hypervisor core, the VMkernel, via a dedicated internal channel. A Precision Clock device is a virtual clock device that provides a virtual machine with access to the system time of the primary ESXi host.

VMware Time Provider details ^

VMware has worked on the problem and introduced VMware Time Provider (vmwTimeProvider), which is a new W32Time plugin bundled within VMware tools for Windows VMs. It is able to provide time from a new virtual device, called the precision clock virtual device, to W32Time.

The virtual device was introduced with vSphere 7.0 Update 2 and allows the VM to access the system time on the ESXi host.

The device bypasses the virtual and guest networking stack and uses a dedicated VM Hypervisor proprietary paravirtual channel, reliable synchronization accuracy.

Note: VMware does not recommend configuring your domain controllers as Precision Time Protocol (PTP) clients, as DCs usually rely on NTP, and it's fine.

Enable PTP in a Windows VM

The process is pretty easy but will need some downtime. You'll have to power down your VM first. Then click Add new device > Precision clock.

Add new virtual hardware called Precision Clock to your VM

Add new virtual hardware called Precision Clock to your VM

The VM's hardware compatibility level must be at least VM Version 17 or higher, so if you have just upgraded from vSphere 6.7 or migrated this VM from elsewhere, you'll need to upgrade the VM's virtual hardware first.

In our case, we're running vSphere 7.0 Update 2 with default VM compatibility, which is VM version 19. The VM has the latest virtual hardware.

VM version 19

VM version 19

When done, you have to configure it so that the VM will use the ESXi host for time sync.

Enable vmwTimeProvider plugin

To activate the vmwTimeProvider plugin, select the VMware Time Provider component in the VMware Tools installer setup during installation/upgrade. This component is deselected by default. So be sure to select this component.

VMware custom setup of VMware tools

VMware custom setup of VMware tools

Next, you have to reboot the VM.

Enable PTP protocol for ESXi host

Yes, you can also enable the PTP protocol for the ESXi host itself. The process is simple. You just select your host, then select Configure > Time configuration. Be sure to disable NTP if enabled. Then click the edit button next to the PTP time configuration.

Enable the PTP protocol at the host level

Enable the PTP protocol at the host level

Then click Enable.

Enable PTP and select NIC

Enable PTP and select NIC

And we need to do one last step. We need to start the service on the host. You must connect to the host console (directly to the host) and start the PTP daemon there.

Go to Manage > Services > ptpd > Start.

Start PTP daemon at the host level

Start PTP daemon at the host level

You should be sure that the policy for the service is set to "start and stop" with the host, as shown in the screenshot below. Otherwise, the service won't start when you reboot your host.

Start and stop with the host

Start and stop with the host

Final words ^

The default NTP time services provide accurate time information to OS clients; however, the accuracy is at about the milliseconds level. If you need anything more precise because you're using a special application, then VMware Precision Time is the way to go.

VMware does a great job allowing you to do the config on a per-VM level, as usually you only need it on some specific VM(s) within your organization, not all of them.

The vmwTimeProvider receives time from the Precision Clock virtual device available in vSphere 7.0 U2 and transmits it to the W32Time side over a closed and fast channel (paravirtualization), bypassing the network stack.

Subscribe to 4sysops newsletter!

The ESXi host is usually synchronized with CMOS RTC time on the host. It is important to still configure an external NTP source for the ESXi host, as the CMOS clock can drift.

+3
avatar
0 Comments

Leave a reply

Please enclose code in pre tags

Your email address will not be published. Required fields are marked *

*

© 4sysops 2006 - 2021

CONTACT US

Please ask IT administration questions in the forums. Any other messages are welcome.

Sending

Log in with your credentials

or    

Forgot your details?

Create Account