In this article, you will learn how to install Chrony on Linux 8 or other RPM based distros. #centlinux #linux #ntpserver
Table of Contents
What is Chrony?:
Chrony is a versatile implementation of the Network Time Protocol (NTP). It can synchronize the system clock with NTP servers, reference clocks, and manual input using wrist-watch and keyboard. It can also operate as an NTPv4 (RFC 5905) server and peer to provide a time service to other computers in the network.
It is designed to perform well in a wide range of conditions, including intermittent network connections, heavily congested networks, changing temperatures (ordinary computer clocks are sensitive to temperature), and systems that do not run continuously, or run on a virtual machine.
Typical accuracy between two machines synchronized over the Internet is within a few milliseconds; on a LAN, accuracy is typically in tens of microseconds. With hardware time-stamping, or a hardware reference clock, sub-microsecond accuracy may be possible.
Two programs are included in chrony, chronyd is a daemon that can be started at boot time and chronyc is a command-line interface program which can be used to monitor chronyd’s performance and to change various operating parameters whilst it is running. (Source: https://chrony.tuxfamily.org/)
Video to install Chrony on Linux:
Environment Specification:
We are using a minimal Rocky Linux 8 virtual machine with following specifications.
- CPU – 3.4 Ghz (2 cores)
- Memory – 2 GB
- Storage – 20 GB
- Operating System – Rocky Linux 8.5 (Green Obsidian)
- Hostname – ntp-01.centlinux.com
- IP Address – 192.168.116.128 /24
Update your Linux Operating System:
By using a ssh client, connect with ntp-01.centlinux.com as root user.
Update cache of enabled yum repositories on your Linux server.
# dnf makecache Rocky Linux 8 - AppStream 873 kB/s | 9.5 MB 00:11 Rocky Linux 8 - BaseOS 965 kB/s | 5.6 MB 00:05 Rocky Linux 8 - Extras 7.2 kB/s | 12 kB 00:01 Last metadata expiration check: 0:00:01 ago on Sat 05 Mar 2022 07:44:32 PM PKT. Metadata cache created.
It is a best practice to update your Linux operating system before installing a new software.
Execute dnf command to update your Linux server.
# dnf update -y
You may need to reboot your operating system, if the above command updates your Linux Kernel.
After reboot, check the Linux operating system and Kernel versions.
# cat /etc/os-release NAME="Rocky Linux" VERSION="8.5 (Green Obsidian)" ID="rocky" ID_LIKE="rhel centos fedora" VERSION_ID="8.5" PLATFORM_ID="platform:el8" PRETTY_NAME="Rocky Linux 8.5 (Green Obsidian)" ANSI_COLOR="0;32" CPE_NAME="cpe:/o:rocky:rocky:8:GA" HOME_URL="https://rockylinux.org/" BUG_REPORT_URL="https://bugs.rockylinux.org/" ROCKY_SUPPORT_PRODUCT="Rocky Linux" ROCKY_SUPPORT_PRODUCT_VERSION="8" # uname -r 4.18.0-348.12.2.el8_5.x86_64
Install Chrony on Linux:
Set the required time zone on your Linux Server. You can use timedatectl command for this purpose.
# timedatectl set-timezone America/Chicago
Execute the timedatectl command again without any parameter to check the System Clock status.
# timedatectl Local time: Sat 2022-03-05 08:53:46 CST Universal time: Sat 2022-03-05 14:53:46 UTC RTC time: Sat 2022-03-05 14:53:46 Time zone: America/Chicago (CST, -0600) System clock synchronized: no NTP service: n/a RTC in local TZ: no
You can see that your System clock is not currently synchronized with any NTP service.
By using dnf command to install Chrony on Linux.
# dnf install -y chrony Last metadata expiration check: 0:18:13 ago on Sat 05 Mar 2022 08:44:32 AM CST. Dependencies resolved. ================================================================================ Package Architecture Version Repository Size ================================================================================ Installing: chrony x86_64 4.1-1.el8 baseos 326 k Installing weak dependencies: timedatex x86_64 0.5-3.el8 baseos 31 k Transaction Summary ================================================================================ Install 2 Packages Total download size: 357 k Installed size: 710 k Downloading Packages: (1/2): timedatex-0.5-3.el8.x86_64.rpm 31 kB/s | 31 kB 00:01 (2/2): chrony-4.1-1.el8.x86_64.rpm 297 kB/s | 326 kB 00:01 -------------------------------------------------------------------------------- Total 146 kB/s | 357 kB 00:02 Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Preparing : 1/1 Installing : timedatex-0.5-3.el8.x86_64 1/2 Running scriptlet: timedatex-0.5-3.el8.x86_64 1/2 Running scriptlet: chrony-4.1-1.el8.x86_64 2/2 Installing : chrony-4.1-1.el8.x86_64 2/2 Running scriptlet: chrony-4.1-1.el8.x86_64 2/2 Verifying : chrony-4.1-1.el8.x86_64 1/2 Verifying : timedatex-0.5-3.el8.x86_64 2/2 Installed: chrony-4.1-1.el8.x86_64 timedatex-0.5-3.el8.x86_64 Complete!
Edit Chrony configuration file by using vim text editor.
# vi /etc/chrony.conf
Locate following line therein.
#allow 192.168.0.0/16
And change it as follows. This directive tells the Chrony server to serve NTP request by clients in given network address.
allow 192.168.116.0/24
Enable and start Chrony NTP service.
# systemctl enable --now chronyd.service
Verify the status of Chrony NTP service.
# systemctl status chronyd.service ● chronyd.service - NTP client/server Loaded: loaded (/usr/lib/systemd/system/chronyd.service; enabled; vendor pre> Active: active (running) since Sat 2022-03-05 09:03:27 CST; 37s ago Docs: man:chronyd(8) man:chrony.conf(5) Process: 9773 ExecStartPost=/usr/libexec/chrony-helper update-daemon (code=ex> Process: 9769 ExecStart=/usr/sbin/chronyd $OPTIONS (code=exited, status=0/SUC> Main PID: 9771 (chronyd) Tasks: 1 (limit: 5808) Memory: 940.0K CGroup: /system.slice/chronyd.service └─9771 /usr/sbin/chronyd Mar 05 09:03:27 ntp-01.centlinux.com systemd[1]: Starting NTP client/server... Mar 05 09:03:27 ntp-01.centlinux.com chronyd[9771]: chronyd version 4.1 startin> Mar 05 09:03:27 ntp-01.centlinux.com chronyd[9771]: Using right/UTC timezone to> Mar 05 09:03:27 ntp-01.centlinux.com systemd[1]: Started NTP client/server. Mar 05 09:03:31 ntp-01.centlinux.com chronyd[9771]: Selected source 203.99.62.2> Mar 05 09:03:31 ntp-01.centlinux.com chronyd[9771]: System clock TAI offset set>
Again check the System clock status.
# timedatectl Local time: Sat 2022-03-05 09:05:47 CST Universal time: Sat 2022-03-05 15:05:47 UTC RTC time: Sat 2022-03-05 15:05:46 Time zone: America/Chicago (CST, -0600) System clock synchronized: yes NTP service: active RTC in local TZ: no
Now your System clock is synchronized with Global NTP servers.
Execute the chronyc command at Linux Bash prompt to check the Time synchronization status.
# chronyc sources -v .-- Source mode '^' = server, '=' = peer, '#' = local clock. / .- Source state '*' = current best, '+' = combined, '-' = not combined, | / 'x' = may be in error, '~' = too variable, '?' = unusable. || .- xxxx [ yyyy ] +/- zzzz || Reachability register (octal) -. | xxxx = adjusted offset, || Log2(Polling interval) --. | | yyyy = measured offset, || | | zzzz = estimated error. || | | MS Name/IP address Stratum Poll Reach LastRx Last sample =============================================================================== ^* mbl-99-62-214.dsl.net.pk 2 6 377 7 +1621us[+1742us] +/- 106ms
Configure Linux Firewall:
Chrony uses default NTP service port 123/udp. Therefore, you have to allow it in Linux firewall.
You can allow either 123/udp port or predefined NTP service in Linux firewall.
# firewall-cmd --permanent --add-service=ntp success # firewall-cmd --reload success
Your Chrony NTP server is configured successfully.
Configure your NTP Client:
Connect with your client machine as root user by using a ssh client.
Set the Time zone on our NTP client.
# timedatectl set-timezone America/Chicago
Check the status of System clock.
# timedatectl Local time: Sat 2022-03-05 09:40:04 CST Universal time: Sat 2022-03-05 15:40:04 UTC RTC time: Sat 2022-03-05 15:40:05 Time zone: America/Chicago (CST, -0600) System clock synchronized: no NTP service: n/a RTC in local TZ: no
Chrony is both NTP server and client software. Therefore, install the same Chrony NTP software on your client machine.
# dnf install -y chrony
Edit Chrony configuration file with the help of vim text editor.
# vi /etc/chrony.conf
Find and comment the line that starts with “pool” directive.
Add following line in this file.
server ntp-01.centlinux.com iburst
Enable and start Chrony NTP service.
# systemctl enable --now chronyd.service
Again check the status of System clock.
# timedatectl Local time: Sat 2022-03-05 09:45:38 CST Universal time: Sat 2022-03-05 15:45:38 UTC RTC time: Sat 2022-03-05 15:45:38 Time zone: America/Chicago (CST, -0600) System clock synchronized: yes NTP service: active RTC in local TZ: no
Your system clock is being synchronized now.
If the time synchronization is not enable on your NTP client, then execute the following command to enable it.
# timedatectl set-ntp true
Check the status of time synchronization.
# chronyc sources -v .-- Source mode '^' = server, '=' = peer, '#' = local clock. / .- Source state '*' = current best, '+' = combined, '-' = not combined, | / 'x' = may be in error, '~' = too variable, '?' = unusable. || .- xxxx [ yyyy ] +/- zzzz || Reachability register (octal) -. | xxxx = adjusted offset, || Log2(Polling interval) --. | | yyyy = measured offset, || | | zzzz = estimated error. || | | MS Name/IP address Stratum Poll Reach LastRx Last sample =============================================================================== ^* ntp-01.centlinux.com 3 6 17 36 +6222ns[ -41us] +/- 98ms
Your NTP client is successfully synchronizing with your Time server.
Conclusion:
In this article, you have learned how to install Chrony on Linux 8 or other RPM based distros. You have also learned how to configure NTP clients to synchronize system clocks with your Time server.