Latest

Saturday, 5 March 2022

Install Chrony NTP Server on Rocky Linux 8

Install Chrony NTP Server on Rocky Linux 8

In this article, you will learn how to install Chrony NTP Server on Rocky Linux 8 or other RPM based distros.

 

Table of Contents:

 

What is Chrony?:

Chrony is a versatile implementation of the Network Time Protocol (NTP). It can synchronize the system clock with NTP servers, reference clocks, and manual input using wrist-watch and keyboard. It can also operate as an NTPv4 (RFC 5905) server and peer to provide a time service to other computers in the network.

It is designed to perform well in a wide range of conditions, including intermittent network connections, heavily congested networks, changing temperatures (ordinary computer clocks are sensitive to temperature), and systems that do not run continuously, or run on a virtual machine.

Typical accuracy between two machines synchronized over the Internet is within a few milliseconds; on a LAN, accuracy is typically in tens of microseconds. With hardware time-stamping, or a hardware reference clock, sub-microsecond accuracy may be possible.

Two programs are included in chrony, chronyd is a daemon that can be started at boot time and chronyc is a command-line interface program which can be used to monitor chronyd’s performance and to change various operating parameters whilst it is running. (Source: https://chrony.tuxfamily.org/)

Install Chrony NTP Server on Rocky Linux 8

 

Environment Specification:

We are using a minimal Rocky Linux 8 virtual machine with following specifications.

  • CPU - 3.4 Ghz (2 cores)
  • Memory - 2 GB
  • Storage - 20 GB
  • Operating System - Rocky Linux 8.5 (Green Obsidian)
  • Hostname – ntp-01.centlinux.com
  • IP Address - 192.168.116.128 /24

 

Update your Linux Operating System:

By using a ssh client, connect with ntp-01.centlinux.com as root user.

Update cache of enabled yum repositories on your Linux server.

# dnf makecache
Rocky Linux 8 - AppStream                       873 kB/s | 9.5 MB     00:11
Rocky Linux 8 - BaseOS                          965 kB/s | 5.6 MB     00:05
Rocky Linux 8 - Extras                          7.2 kB/s |  12 kB     00:01
Last metadata expiration check: 0:00:01 ago on Sat 05 Mar 2022 07:44:32 PM PKT.
Metadata cache created.

It is a best practice to update your Linux operating system before installing a new software.

Execute dnf command to update your Linux server.

# dnf update -y

You may need to reboot your operating system, if the above command updates your Linux Kernel.

After reboot, check the Linux operating system and Kernel versions.

# cat /etc/os-release
NAME="Rocky Linux"
VERSION="8.5 (Green Obsidian)"
ID="rocky"
ID_LIKE="rhel centos fedora"
VERSION_ID="8.5"
PLATFORM_ID="platform:el8"
PRETTY_NAME="Rocky Linux 8.5 (Green Obsidian)"
ANSI_COLOR="0;32"
CPE_NAME="cpe:/o:rocky:rocky:8:GA"
HOME_URL="https://rockylinux.org/"
BUG_REPORT_URL="https://bugs.rockylinux.org/"
ROCKY_SUPPORT_PRODUCT="Rocky Linux"
ROCKY_SUPPORT_PRODUCT_VERSION="8"

# uname -r
4.18.0-348.12.2.el8_5.x86_64

 

Install Chrony NTP Server:

Set the required time zone on your Linux Server. You can use timedatectl command for this purpose.

# timedatectl set-timezone America/Chicago

Execute the timedatectl command again without any parameter to check the System Clock status.

# timedatectl
               Local time: Sat 2022-03-05 08:53:46 CST
           Universal time: Sat 2022-03-05 14:53:46 UTC
                 RTC time: Sat 2022-03-05 14:53:46
                Time zone: America/Chicago (CST, -0600)
System clock synchronized: no
              NTP service: n/a
          RTC in local TZ: no

You can see that your System clock is not currently synchronized with any NTP service.

By using dnf command to install Chrony NTP server.

# dnf install -y chrony
Last metadata expiration check: 0:18:13 ago on Sat 05 Mar 2022 08:44:32 AM CST.
Dependencies resolved.
================================================================================
 Package            Architecture    Version               Repository       Size
================================================================================
Installing:
 chrony             x86_64          4.1-1.el8             baseos          326 k
Installing weak dependencies:
 timedatex          x86_64          0.5-3.el8             baseos           31 k

Transaction Summary
================================================================================
Install  2 Packages

Total download size: 357 k
Installed size: 710 k
Downloading Packages:
(1/2): timedatex-0.5-3.el8.x86_64.rpm            31 kB/s |  31 kB     00:01
(2/2): chrony-4.1-1.el8.x86_64.rpm              297 kB/s | 326 kB     00:01
--------------------------------------------------------------------------------
Total                                           146 kB/s | 357 kB     00:02
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                                                        1/1
  Installing       : timedatex-0.5-3.el8.x86_64                             1/2
  Running scriptlet: timedatex-0.5-3.el8.x86_64                             1/2
  Running scriptlet: chrony-4.1-1.el8.x86_64                                2/2
  Installing       : chrony-4.1-1.el8.x86_64                                2/2
  Running scriptlet: chrony-4.1-1.el8.x86_64                                2/2
  Verifying        : chrony-4.1-1.el8.x86_64                                1/2
  Verifying        : timedatex-0.5-3.el8.x86_64                             2/2

Installed:
  chrony-4.1-1.el8.x86_64               timedatex-0.5-3.el8.x86_64

Complete!

Edit Chrony configuration file by using vim text editor.

# vi /etc/chrony.conf

Locate following line therein.

#allow 192.168.0.0/16

And change it as follows. This directive tells the Chrony server to serve NTP request by clients in given network address.

allow 192.168.116.0/24

Enable and start Chrony NTP service.

# systemctl enable --now chronyd.service

Verify the status of Chrony NTP service.

# systemctl status chronyd.service
● chronyd.service - NTP client/server
   Loaded: loaded (/usr/lib/systemd/system/chronyd.service; enabled; vendor pre>
   Active: active (running) since Sat 2022-03-05 09:03:27 CST; 37s ago
     Docs: man:chronyd(8)
           man:chrony.conf(5)
  Process: 9773 ExecStartPost=/usr/libexec/chrony-helper update-daemon (code=ex>
  Process: 9769 ExecStart=/usr/sbin/chronyd $OPTIONS (code=exited, status=0/SUC>
 Main PID: 9771 (chronyd)
    Tasks: 1 (limit: 5808)
   Memory: 940.0K
   CGroup: /system.slice/chronyd.service
           └─9771 /usr/sbin/chronyd

Mar 05 09:03:27 ntp-01.centlinux.com systemd[1]: Starting NTP client/server...
Mar 05 09:03:27 ntp-01.centlinux.com chronyd[9771]: chronyd version 4.1 startin>
Mar 05 09:03:27 ntp-01.centlinux.com chronyd[9771]: Using right/UTC timezone to>
Mar 05 09:03:27 ntp-01.centlinux.com systemd[1]: Started NTP client/server.
Mar 05 09:03:31 ntp-01.centlinux.com chronyd[9771]: Selected source 203.99.62.2>
Mar 05 09:03:31 ntp-01.centlinux.com chronyd[9771]: System clock TAI offset set>

Again check the System clock status.

# timedatectl
               Local time: Sat 2022-03-05 09:05:47 CST
           Universal time: Sat 2022-03-05 15:05:47 UTC
                 RTC time: Sat 2022-03-05 15:05:46
                Time zone: America/Chicago (CST, -0600)
System clock synchronized: yes
              NTP service: active
          RTC in local TZ: no

Now your System clock is synchronized with Global NTP servers.

Execute the chronyc command at Linux Bash prompt to check the Time synchronization status.

# chronyc sources -v

  .-- Source mode  '^' = server, '=' = peer, '#' = local clock.
 / .- Source state '*' = current best, '+' = combined, '-' = not combined,
| /             'x' = may be in error, '~' = too variable, '?' = unusable.
||                                                 .- xxxx [ yyyy ] +/- zzzz
||      Reachability register (octal) -.           |  xxxx = adjusted offset,
||      Log2(Polling interval) --.      |          |  yyyy = measured offset,
||                                \     |          |  zzzz = estimated error.
||                                 |    |           \
MS Name/IP address         Stratum Poll Reach LastRx Last sample
===============================================================================
^* mbl-99-62-214.dsl.net.pk      2   6   377     7  +1621us[+1742us] +/-  106ms

 

Configure Linux Firewall:

Chrony uses default NTP service port 123/udp. Therefore, you have to allow it in Linux firewall.

You can allow either 123/udp port or predefined NTP service in Linux firewall.

# firewall-cmd --permanent --add-service=ntp
success

# firewall-cmd --reload
success

Your Chrony NTP server is configured successfully.

 

Configure your NTP Client:

Connect with your client machine as root user by using a ssh client.

Set the Time zone on our NTP client.

# timedatectl set-timezone America/Chicago

Check the status of System clock.

# timedatectl
               Local time: Sat 2022-03-05 09:40:04 CST
           Universal time: Sat 2022-03-05 15:40:04 UTC
                 RTC time: Sat 2022-03-05 15:40:05
                Time zone: America/Chicago (CST, -0600)
System clock synchronized: no
              NTP service: n/a
          RTC in local TZ: no

Chrony is both NTP server and client software. Therefore, install the same Chrony NTP software on your client machine.

# dnf install -y chrony

Edit Chrony configuration file with the help of vim text editor.

# vi /etc/chrony.conf

Find and comment the line that starts with "pool" directive.

Add following line in this file.

server ntp-01.centlinux.com iburst

Enable and start Chrony NTP service.

# systemctl enable --now chronyd.service

Again check the status of System clock.

# timedatectl
               Local time: Sat 2022-03-05 09:45:38 CST
           Universal time: Sat 2022-03-05 15:45:38 UTC
                 RTC time: Sat 2022-03-05 15:45:38
                Time zone: America/Chicago (CST, -0600)
System clock synchronized: yes
              NTP service: active
          RTC in local TZ: no

Your system clock is being synchronized now.

If the time synchronization is not enable on your NTP client, then execute the following command to enable it.

# timedatectl set-ntp true

Check the status of time synchronization.

# chronyc sources -v

  .-- Source mode  '^' = server, '=' = peer, '#' = local clock.
 / .- Source state '*' = current best, '+' = combined, '-' = not combined,
| /             'x' = may be in error, '~' = too variable, '?' = unusable.
||                                                 .- xxxx [ yyyy ] +/- zzzz
||      Reachability register (octal) -.           |  xxxx = adjusted offset,
||      Log2(Polling interval) --.      |          |  yyyy = measured offset,
||                                \     |          |  zzzz = estimated error.
||                                 |    |           \
MS Name/IP address         Stratum Poll Reach LastRx Last sample
===============================================================================
^* ntp-01.centlinux.com          3   6    17    36  +6222ns[  -41us] +/-   98ms

Your NTP client is successfully synchronizing with your Time server.

 

Conclusion:

In this article, you have successfully installed Chrony NTP server on Rocky Linux 8 or other RPM based distros. You have also learned how to configure NTP clients to synchronize system clocks with your Time server.

If you find this article useful? Consider supporting us by Buy Me A Coffee


No comments:

Post a Comment

© 2022 CentLinux. All Rights Reserved.