More

    How to configure chrony as an NTP client in RHEL/CentOS/Alma/Rocky Linux

    It is quite critical to maintain an accurate time for computer systems. This helps computers to communicate, run system components etc. The ntpd daemon synchronizes the system clock to remote NTP time servers or local reference clocks. NTP is considered deprecated. Chrony uses the NTP protocol. Chronyd daemon is a better choice for most networks than ntpd for keeping computer systems synchronized with the Network Time Protocol. This guide is all about How to configure chrony as an NTP client in RHEL/CentOS/Alma/Rocky Linux.

    Chronyd daemon is a better choice for most networks than ntpd

    Advantages of chrony over NTP

    1. It is faster. Chrony can synchronize to the time server much faster than NTP. This is ideal for PCs that don’t run constantly.
    2. Chrony handles intermittent network connections and bandwidth saturation issues.
    3. Chrony is able to adjust for network delays and latency.
    4. Chrony can work even without a network connection. In this case, the local host or server can be updated manually. This is not the case with ntpd
    5. Chrony can compensate for fluctuating clock frequencies, such as when a host hibernates or enters sleep mode, or when the clock speed varies due to frequency stepping that slows clock speeds when loads are low. This is one of the major advanted over ntpd.
    6. After the initial time sync, chrony never stops the clock. This ensures stable and consistent time intervals for system services and applications.

    Chrony Components

    Chrony has two components:

    1. chronyd which runs in the background and monitors the time and status of the time server specified in the chrony.conf configuration file. It is started at boot time.
    2.  chronyc – a command-line interface program which can be used to monitor chronyd’s performance and make changes if necessary.

    Installing chrony on RHEL/CentOS/Alma/Rocky Linux

    The first step is to update the timezone to match your current one.

    # timedatectl set-timezone Africa/Nairobi

    Use dnf or yum to install chrony on your Linux distribution

    dnf -y install chrony
    Rocky Linux 9 - BaseOS                          3.2 kB/s | 4.1 kB     00:01    
    Rocky Linux 9 - AppStream                       6.2 kB/s | 4.5 kB     00:00    
    Rocky Linux 9 - AppStream                                                                                                                                                             6.9 MB/s | 7.1 MB     00:01    
    Rocky Linux 9 - Extras                                                                                                                                                                4.1 kB/s | 2.9 kB     00:00    
    Dependencies resolved.
    ======================================================================================================================================================================================================================
     Package                                            Architecture                                       Version                                               Repository                                          Size
    ======================================================================================================================================================================================================================
    Installing:
     chrony                                             x86_64                                             4.3-1.el9                                             baseos                                             320 k
    
    ....
    
    Created symlink /etc/systemd/system/multi-user.target.wants/chronyd.service → /usr/lib/systemd/system/chronyd.service.
    
      Verifying        : chrony-4.3-1.el9.x86_64                                                                                                                                                                      1/1 
    
    Installed:
      chrony-4.3-1.el9.x86_64                                                                                                                                                                                             
    
    Complete!
    
    
    
    

    Once the installation is successful, enable and start the chronyd service.

    # systemctl enable --now chronyd

    Check the status of the service after running the above command:

    systemctl status chronyd
    ● chronyd.service - NTP client/server
         Loaded: loaded (/usr/lib/systemd/system/chronyd.service; enabled; preset: enabled)
         Active: active (running) since Tue 2023-07-25 00:49:47 EAT; 1min 54s ago
           Docs: man:chronyd(8)
                 man:chrony.conf(5)
        Process: 91028 ExecStart=/usr/sbin/chronyd $OPTIONS (code=exited, status=0/SUCCESS)
       Main PID: 91030 (chronyd)
          Tasks: 1 (limit: 48777)
         Memory: 1.1M
            CPU: 645ms
         CGroup: /system.slice/chronyd.service
                 └─91030 /usr/sbin/chronyd -F 2
    

    Configure chronyd on RHEL/CentOS/Alma/Rocky Linux

    Using your text editor e.g vim or nano, edit the /etc/chrony.conf to configure the chronyd service. We need to change the ntp servers to our custome NTP servers. If you dont have custom NTP servers for your organization, then you can set the NTP servers that are closes to you. For my case, I have custom NTP servers.

    Since I’m in Nairobi, I can also opt to use the below servers which are closest to me.

     

    server 0.africa.pool.ntp.org iburst
    server 1.africa.pool.ntp.org iburst
    server 2.africa.pool.ntp.org iburst
    server 3.africa.pool.ntp.org iburst

    Lets comment out the first pool line and add a list of NTP our NTP servers.

     

    #pool 2.rocky.pool.ntp.org iburst
    server 172.28.200.250 iburst
    server 172.28.200.251 iburst

    The next step is to set NTP synchronization.

     

    timedatectl set-ntp true

    Restart the  chronyd service:

    systemctl restart chronyd

    To ensure that the ntp port is reacheable, please allow the ntp port on the firewall if the firewall service is up and running.

     

    # firewall-cmd --add-service=ntp --permanent 
    success
    # firewall-cmd --reload
    success
    

     

    Now, lest check whether the NTP servers that we’ve added are working

     

    chronyc sources
    MS Name/IP address         Stratum Poll Reach LastRx Last sample               
    ===============================================================================
    ^* 172.28.200.250                2   6   377    19   -730ns[+1990ns] +/- 2005us
    ^+ 172.28.200.251                2   6   377    19    -14us[  -11us] +/- 3434us
    
    # timedatectl
                   Local time: Tue 2023-07-25 01:25:24 EAT
               Universal time: Mon 2023-07-24 22:25:24 UTC
                     RTC time: Mon 2023-07-24 22:25:24
                    Time zone: Africa/Nairobi (EAT, +0300)
    System clock synchronized: yes
                  NTP service: active
              RTC in local TZ: no

     

    Conclusion

    Congrats! You have now configured chronyd successfully on RHEL/CentOS, Rocky or Alma Linux. The man pages for chronydchronyc, and chrony.conf have a great amount of information that can help you get started.

     

     

     

     

     

     

     

     

     

    Recent Articles

    Related Articles

    Leave A Reply

    Please enter your comment!
    Please enter your name here