gitlab:geo:check NTP check does not work in docker GitLab installation due to default port specification 'ntp'

Summary

The gitlab-rake gitlab:geo:check command runs an NTP check to confirm that the system time is accurate compared to an external NTP service.

The check is performed using the following defaults for host and port, which can be changed by setting the corresponding environment variables:

        @ntp_host = ENV.fetch('NTP_HOST', 'pool.ntp.org')
        @ntp_port = ENV.fetch('NTP_PORT', 'ntp') 

      def ntp_request
        Net::NTP.get(ntp_host, ntp_port, ntp_timeout)
      end

The setting of the default port to ntp requires the OS being able to match ntp to the numeric value 123 using the /etc/services file.

However, for a GitLab Docker deployment, the base image does not have a /etc/services file and this results in the NTP check failing with a misleading error NTP Server pool.ntp.org cannot be reached , when in fact the failure is due to the ntp port not being able to be resolved.

This can lead to confusion and delay when investigating Geo issues while NTP and time sync issues are investigated, with an assumption made that the NTP server cannot be reached.

The default port should be set to 123 to avoid this situation.

Steps to reproduce

1. Deploy GitLab using Docker.
2. Run gitlab-rake gitlab:geo:check
3. Note the NTP warnings.
4. Create a /etc/services file in the docker container with the line ntp 123/udp # Network Time Protocol
5. Rerun the rake command.
6. Note the NTP warnings are resolved.

Example Project

What is the current bug behavior?

NTP check always fails for a Docker installation, using default NTP_PORT.

What is the expected correct behavior?

NTP check should work by default for Docker installations.

Relevant logs and/or screenshots

Output of checks

Results of GitLab environment info

Expand for output related to GitLab environment info

 (For installations with omnibus-gitlab package run and paste the output of: \`sudo gitlab-rake gitlab:env:info\`)  (For installations from source run and paste the output of: \`sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production\`)  

Results of GitLab application Check

Expand for output related to the GitLab application check

(For installations with omnibus-gitlab package run and paste the output of: `sudo gitlab-rake gitlab:check SANITIZE=true`)

(For installations from source run and paste the output of: `sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production SANITIZE=true`)

(we will only investigate if the tests are passing)

Possible fixes

Change this line to use number NTP port number.

Patch release information for backports

If the bug fix needs to be backported in a patch release to a version under the maintenance policy, please follow the steps on the patch release runbook for GitLab engineers.

Refer to the internal "Release Information" dashboard for information about the next patch release, including the targeted versions, expected release date, and current status.

High-severity bug remediation

To remediate high-severity issues requiring an internal release for single-tenant SaaS instances, refer to the internal release process for engineers.