In this article, you will learn how to install Chrony NTP Server on Rocky Linux 8 or other RPM based distros.
Table of Contents:
- What is Chrony?
- Environment Specification
- Update your Linux Operating System
- Install Chrony NTP Server
- Configure Linux Firewall
- Configure your NTP Client
- Conclusion
What is Chrony?:
Chrony is a versatile implementation of the Network Time Protocol (NTP). It can synchronize the system clock with NTP servers, reference clocks, and manual input using wrist-watch and keyboard. It can also operate as an NTPv4 (RFC 5905) server and peer to provide a time service to other computers in the network.
It is designed to perform well in a wide range of conditions, including intermittent network connections, heavily congested networks, changing temperatures (ordinary computer clocks are sensitive to temperature), and systems that do not run continuously, or run on a virtual machine.
Typical accuracy between two machines synchronized over the Internet is within a few milliseconds; on a LAN, accuracy is typically in tens of microseconds. With hardware time-stamping, or a hardware reference clock, sub-microsecond accuracy may be possible.
Two programs are included in chrony, chronyd is a daemon that can be started at boot time and chronyc is a command-line interface program which can be used to monitor chronyd’s performance and to change various operating parameters whilst it is running. (Source: https://chrony.tuxfamily.org/)
Environment Specification:
We are using a minimal Rocky Linux 8 virtual machine with following specifications.
- CPU - 3.4 Ghz (2 cores)
- Memory - 2 GB
- Storage - 20 GB
- Operating System - Rocky Linux 8.5 (Green Obsidian)
- Hostname – ntp-01.centlinux.com
- IP Address - 192.168.116.128 /24
Update your Linux Operating System:
By using a ssh client, connect with ntp-01.centlinux.com as root user.
Update cache of enabled yum repositories on your Linux server.
# dnf makecache
Rocky Linux 8 - AppStream 873 kB/s | 9.5 MB 00:11
Rocky Linux 8 - BaseOS 965 kB/s | 5.6 MB 00:05
Rocky Linux 8 - Extras 7.2 kB/s | 12 kB 00:01
Last metadata expiration check: 0:00:01 ago on Sat 05 Mar 2022 07:44:32 PM PKT.
Metadata cache created.
It is a best practice to update your Linux operating system before installing a new software.
Execute dnf command to update your Linux server.
# dnf update -y
You may need to reboot your operating system, if the above command updates your Linux Kernel.
After reboot, check the Linux operating system and Kernel versions.
# cat /etc/os-release NAME="Rocky Linux" VERSION="8.5 (Green Obsidian)" ID="rocky" ID_LIKE="rhel centos fedora" VERSION_ID="8.5" PLATFORM_ID="platform:el8" PRETTY_NAME="Rocky Linux 8.5 (Green Obsidian)" ANSI_COLOR="0;32" CPE_NAME="cpe:/o:rocky:rocky:8:GA" HOME_URL="https://rockylinux.org/" BUG_REPORT_URL="https://bugs.rockylinux.org/" ROCKY_SUPPORT_PRODUCT="Rocky Linux" ROCKY_SUPPORT_PRODUCT_VERSION="8" # uname -r 4.18.0-348.12.2.el8_5.x86_64
Install Chrony NTP Server:
Set the required time zone on your Linux Server. You can use timedatectl command for this purpose.
# timedatectl set-timezone America/Chicago
Execute the timedatectl command again without any parameter to check the System Clock status.
# timedatectl
Local time: Sat 2022-03-05 08:53:46 CST
Universal time: Sat 2022-03-05 14:53:46 UTC
RTC time: Sat 2022-03-05 14:53:46
Time zone: America/Chicago (CST, -0600)
System clock synchronized: no
NTP service: n/a
RTC in local TZ: no
You can see that your System clock is not currently synchronized with any NTP service.
By using dnf command to install Chrony NTP server.
# dnf install -y chrony
Last metadata expiration check: 0:18:13 ago on Sat 05 Mar 2022 08:44:32 AM CST.
Dependencies resolved.
================================================================================
Package Architecture Version Repository Size
================================================================================
Installing:
chrony x86_64 4.1-1.el8 baseos 326 k
Installing weak dependencies:
timedatex x86_64 0.5-3.el8 baseos 31 k
Transaction Summary
================================================================================
Install 2 Packages
Total download size: 357 k
Installed size: 710 k
Downloading Packages:
(1/2): timedatex-0.5-3.el8.x86_64.rpm 31 kB/s | 31 kB 00:01
(2/2): chrony-4.1-1.el8.x86_64.rpm 297 kB/s | 326 kB 00:01
--------------------------------------------------------------------------------
Total 146 kB/s | 357 kB 00:02
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : timedatex-0.5-3.el8.x86_64 1/2
Running scriptlet: timedatex-0.5-3.el8.x86_64 1/2
Running scriptlet: chrony-4.1-1.el8.x86_64 2/2
Installing : chrony-4.1-1.el8.x86_64 2/2
Running scriptlet: chrony-4.1-1.el8.x86_64 2/2
Verifying : chrony-4.1-1.el8.x86_64 1/2
Verifying : timedatex-0.5-3.el8.x86_64 2/2
Installed:
chrony-4.1-1.el8.x86_64 timedatex-0.5-3.el8.x86_64
Complete!
Edit Chrony configuration file by using vim text editor.
# vi /etc/chrony.conf
Locate following line therein.
#allow 192.168.0.0/16
And change it as follows. This directive tells the Chrony server to serve NTP request by clients in given network address.
allow 192.168.116.0/24
Enable and start Chrony NTP service.
# systemctl enable --now chronyd.service
Verify the status of Chrony NTP service.
# systemctl status chronyd.service
● chronyd.service - NTP client/server
Loaded: loaded (/usr/lib/systemd/system/chronyd.service; enabled; vendor pre>
Active: active (running) since Sat 2022-03-05 09:03:27 CST; 37s ago
Docs: man:chronyd(8)
man:chrony.conf(5)
Process: 9773 ExecStartPost=/usr/libexec/chrony-helper update-daemon (code=ex>
Process: 9769 ExecStart=/usr/sbin/chronyd $OPTIONS (code=exited, status=0/SUC>
Main PID: 9771 (chronyd)
Tasks: 1 (limit: 5808)
Memory: 940.0K
CGroup: /system.slice/chronyd.service
└─9771 /usr/sbin/chronyd
Mar 05 09:03:27 ntp-01.centlinux.com systemd[1]: Starting NTP client/server...
Mar 05 09:03:27 ntp-01.centlinux.com chronyd[9771]: chronyd version 4.1 startin>
Mar 05 09:03:27 ntp-01.centlinux.com chronyd[9771]: Using right/UTC timezone to>
Mar 05 09:03:27 ntp-01.centlinux.com systemd[1]: Started NTP client/server.
Mar 05 09:03:31 ntp-01.centlinux.com chronyd[9771]: Selected source 203.99.62.2>
Mar 05 09:03:31 ntp-01.centlinux.com chronyd[9771]: System clock TAI offset set>
Again check the System clock status.
# timedatectl
Local time: Sat 2022-03-05 09:05:47 CST
Universal time: Sat 2022-03-05 15:05:47 UTC
RTC time: Sat 2022-03-05 15:05:46
Time zone: America/Chicago (CST, -0600)
System clock synchronized: yes
NTP service: active
RTC in local TZ: no
Now your System clock is synchronized with Global NTP servers.
Execute the chronyc command at Linux Bash prompt to check the Time synchronization status.
# chronyc sources -v
.-- Source mode '^' = server, '=' = peer, '#' = local clock.
/ .- Source state '*' = current best, '+' = combined, '-' = not combined,
| / 'x' = may be in error, '~' = too variable, '?' = unusable.
|| .- xxxx [ yyyy ] +/- zzzz
|| Reachability register (octal) -. | xxxx = adjusted offset,
|| Log2(Polling interval) --. | | yyyy = measured offset,
|| \ | | zzzz = estimated error.
|| | | \
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* mbl-99-62-214.dsl.net.pk 2 6 377 7 +1621us[+1742us] +/- 106ms
Configure Linux Firewall:
Chrony uses default NTP service port 123/udp. Therefore, you have to allow it in Linux firewall.
You can allow either 123/udp port or predefined NTP service in Linux firewall.
# firewall-cmd --permanent --add-service=ntp success # firewall-cmd --reload success
Your Chrony NTP server is configured successfully.
Configure your NTP Client:
Connect with your client machine as root user by using a ssh client.
Set the Time zone on our NTP client.
# timedatectl set-timezone America/Chicago
Check the status of System clock.
# timedatectl
Local time: Sat 2022-03-05 09:40:04 CST
Universal time: Sat 2022-03-05 15:40:04 UTC
RTC time: Sat 2022-03-05 15:40:05
Time zone: America/Chicago (CST, -0600)
System clock synchronized: no
NTP service: n/a
RTC in local TZ: no
Chrony is both NTP server and client software. Therefore, install the same Chrony NTP software on your client machine.
# dnf install -y chrony
Edit Chrony configuration file with the help of vim text editor.
# vi /etc/chrony.conf
Find and comment the line that starts with "pool" directive.
Add following line in this file.
server ntp-01.centlinux.com iburst
Enable and start Chrony NTP service.
# systemctl enable --now chronyd.service
Again check the status of System clock.
# timedatectl
Local time: Sat 2022-03-05 09:45:38 CST
Universal time: Sat 2022-03-05 15:45:38 UTC
RTC time: Sat 2022-03-05 15:45:38
Time zone: America/Chicago (CST, -0600)
System clock synchronized: yes
NTP service: active
RTC in local TZ: no
Your system clock is being synchronized now.
If the time synchronization is not enable on your NTP client, then execute the following command to enable it.
# timedatectl set-ntp true
Check the status of time synchronization.
# chronyc sources -v
.-- Source mode '^' = server, '=' = peer, '#' = local clock.
/ .- Source state '*' = current best, '+' = combined, '-' = not combined,
| / 'x' = may be in error, '~' = too variable, '?' = unusable.
|| .- xxxx [ yyyy ] +/- zzzz
|| Reachability register (octal) -. | xxxx = adjusted offset,
|| Log2(Polling interval) --. | | yyyy = measured offset,
|| \ | | zzzz = estimated error.
|| | | \
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* ntp-01.centlinux.com 3 6 17 36 +6222ns[ -41us] +/- 98ms
Your NTP client is successfully synchronizing with your Time server.
Conclusion:
In this article, you have successfully installed Chrony NTP server on Rocky Linux 8 or other RPM based distros. You have also learned how to configure NTP clients to synchronize system clocks with your Time server.
No comments:
Post a Comment