diff --git a/roles/base/files/ntp/ntp.conf b/roles/base/files/ntp/ntp.conf
new file mode 100644
index 0000000000..9cfa2c1a63
--- /dev/null
+++ b/roles/base/files/ntp/ntp.conf
@@ -0,0 +1,24 @@
+## Set up restrictions for services.
+restrict default kod nomodify notrap nopeer noquery
+restrict -6 default kod nomodify notrap nopeer noquery
+restrict 127.0.0.1 
+restrict -6 ::1
+
+# setup a set of servers that we all look at.
+server 66.187.233.4   # [clock.redhat.com]
+server 192.43.244.18  # [time.nist.gov]
+server 128.118.25.5   # [otc1.psu.edu]
+server 204.152.184.72 # [clock.isc.org]
+
+# [localhost]
+# Undisciplined Local Clock. This is a fake driver intended for backup
+# and when no outside source of synchronized time is available. 
+server 127.127.1.0     # local clock
+fudge  127.127.1.0 stratum 10  
+
+# Key file containing the keys and key identifiers used when operating
+# with symmetric key cryptography. 
+keys /etc/ntp/keys
+
+# Watch drift
+driftfile /var/lib/ntp/drift
diff --git a/roles/base/files/ntp/step-tickers b/roles/base/files/ntp/step-tickers
new file mode 100644
index 0000000000..66b740b7e5
--- /dev/null
+++ b/roles/base/files/ntp/step-tickers
@@ -0,0 +1,10 @@
+# [clock.redhat.com]
+66.187.233.4 
+# [time.nist.gov]
+192.43.244.18
+# [otc1.psu.edu]
+128.118.25.5
+# [clock.isc.org]
+204.152.184.72
+# [loopback]
+127.127.1.0
diff --git a/roles/base/tasks/main.yml b/roles/base/tasks/main.yml
index f4188d2db5..e8ef3524df 100644
--- a/roles/base/tasks/main.yml
+++ b/roles/base/tasks/main.yml
@@ -242,6 +242,29 @@
   - postfix
   - base
   - config
+
+- name: install ntp.conf
+  copy: src=ntp/ntp.conf dest=/etc/ntp.conf
+  tags:
+  - ntp
+  - config
+  - base
+
+- name: install ntp step-tickers
+  copy: src=ntp/step-tickers dest=/etc/ntp/step-tickers
+  tags:
+  - ntp
+  - config
+  - base
+
+- name: Start ntpd (if the machine is not virtual)
+  when: ansible_virtualization_role != 'guest'
+  service: name=ntpd state=running enabled=true
+  tags:
+  - ntp
+  - service
+  - base
+
 #
 # This task installs some common scripts to /usr/local/bin
 # scripts are under roles/base/files/common-scripts