Install Chrony NTP Server on CentOS 8 - CentLinux


Sunday, 11 October 2020

Install Chrony NTP Server on CentOS 8

Install Chrony NTP Server on CentOS 8

Chrony is the default NTP client/server software in CentOS/RHEL 8. In this article, you will learn how to install and configure Chrony NTP server on CentOS 8.


Table of Contents:


    What is NTP Server? :

    NTP stands for Network Time Protocol. It is an Internet protocol used to synchronize the clocks of computer systems to some reference time.

    A NTP or Time Server is a computer system that provides the time synchronization service to network devices by means of the NTP protocol.


    What is Chrony? :

    Chrony is the new NTP client/server software in CentOS/RHEL 7 or later. It replaces the legacy NTP software.

    Chrony is a NTP client as well as NTP server. It is very simple to configure and its client component is worked without any custom configurations on most situations. Whereas, the time server configurations are also simple and straight forward.


    Environment Specification:

    We are using a minimal CentOS 8 virtual machine with following specifications.

    • CPU - 3.4 Ghz (2 cores)
    • Memory - 1 GB
    • Storage - 20 GB
    • Operating System - CentOS 8.2
    • Hostname –
    • IP Address - /24


    Installing Chrony Software Package on CentOS 8:

    By using a SSH client, connect with as root user.

    Chrony is a NTP client and NTP server. By default, it works as a NTP client and synchronize the clock of the Linux server with a network time server or network time peers.

    We can enable Chrony NTP service to make it a full fledge network time server.

    First of all, we need to install Chrony software package on our Linux operating system. For this purpose, we are using dnf command.

    [root@ntp-server ~]# dnf install -y chrony Last metadata expiration check: 0:06:25 ago on Sun 11 Oct 2020 10:02:29 PM PKT. Dependencies resolved. ================================================================================ Package Architecture Version Repository Size ================================================================================ Installing: chrony x86_64 3.5-1.el8 BaseOS 271 k Installing weak dependencies: timedatex x86_64 0.5-3.el8 BaseOS 32 k Transaction Summary ================================================================================ Install 2 Packages Total download size: 303 k Installed size: 731 k Downloading Packages: (1/2): timedatex-0.5-3.el8.x86_64.rpm 50 kB/s | 32 kB 00:00 (2/2): chrony-3.5-1.el8.x86_64.rpm 105 kB/s | 271 kB 00:02 -------------------------------------------------------------------------------- Total 47 kB/s | 303 kB 00:06 Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Preparing : 1/1 Installing : timedatex-0.5-3.el8.x86_64 1/2 Running scriptlet: timedatex-0.5-3.el8.x86_64 1/2 Running scriptlet: chrony-3.5-1.el8.x86_64 2/2 Installing : chrony-3.5-1.el8.x86_64 2/2 Running scriptlet: chrony-3.5-1.el8.x86_64 2/2 Verifying : chrony-3.5-1.el8.x86_64 1/2 Verifying : timedatex-0.5-3.el8.x86_64 2/2 Installed: chrony-3.5-1.el8.x86_64 timedatex-0.5-3.el8.x86_64 Complete!

    Enable and start Chrony service.

    [root@ntp-server ~]# systemctl enable --now chronyd.service


    Configure Chrony as NTP Client:

    Our NTP client is started with default configurations and synchronizing our Linux server clock with available network time servers.

    To get a list of available network time servers, we can use following Linux command.

    [root@ntp-server ~]# chronyc sources -v 210 Number of sources = 4 .-- Source mode '^' = server, '=' = peer, '#' = local clock. / .- Source state '*' = current synced, '+' = combined , '-' = not combined, | / '?' = unreachable, 'x' = time may be in error, '~' = time too variable. || .- xxxx [ yyyy ] +/- zzzz || Reachability register (octal) -. | xxxx = adjusted offset, || Log2(Polling interval) --. | | yyyy = measured offset, || \ | | zzzz = estimated error. || | | \ MS Name/IP address Stratum Poll Reach LastRx Last sample =============================================================================== ^* 3 6 17 54 +6607us[ -33ms] +/- 104ms ^- 2 6 17 53 +30ms[ +30ms] +/- 102ms ^? 0 6 0 - +0ns[ +0ns] +/- 0ns ^+ 2 6 17 54 +12ms[ +12ms] +/- 113ms

    Check the Linux server time.

    [root@ntp-server ~]# date Sun Oct 11 22:16:26 PKT 2020


    Configure Chrony as NTP Server:

    To configure Chrony as NTP server, we need to allow our network address in the Chrony configuration file.

    [root@ntp-server ~]# vi /etc/chrony.conf

    Search for the "allow" directives and add following line beneath it.


    Restart Chrony NTP service to apply changes.

    [root@ntp-server ~]# systemctl restart chronyd.service

    Verify that the Chrony service is listening on the default NTP port.

    [root@ntp-server ~]# ss -tulpn | grep 123 udp UNCONN 0 0* users:(("chronyd",pid=10011,fd=9))

    Our Chrony NTP service is running fine. We are only required to allow incoming traffic to this port in Linux firewall, to make it usable by the network clients.

    Firewalld is the default firewall software in CentOS 8. It has a predefined service for NTP service ports. Therefore, to allow incoming traffic, you are only required to enable NTP service in Linux firewall as follows.

    [root@ntp-server ~]# firewall-cmd --permanent --add-service=ntp success [root@ntp-server ~]# firewall-cmd --reload success

    Our Chrony based NTP server has been configured successfully and ready to use.



    In this article, you have learned about installation and configuration of Chrony based NTP server on CentOS 8.

    No comments:

    Post a comment