How to install Chrony NTP server on CentOS 8

How to install Chrony NTP server on CentOS 8

Chrony is the default Network Time Protocol (NTP) server in the CentOS 8 operating system. It replaces the old Ntpd used in the old Linux operating system. It is used to synchronize the system clock with a remote Internet time server. Setting an accurate time is very important for any application to work properly.

It consists of two components, chronyc and chronyd. Chronyd is a daemon that starts when the system boots. chronyc is a command line interface for monitoring the performance of chronyd.

In this tutorial, I will show you how to install and use Chrony on a CentOS 8 server.

prerequisites

  • Two servers running CentOS8.
  • The root password is configured on the server.

getting Started

Before installing Chrony, you need to set the correct time zone in the server. You can use the following command to set:

timedatectl set-timezone Asia/Kolkata

Now, use the following command to verify your current time zone:

timedatectl

You should get the following output:

               Local time: Sun 2021-05-02 20:00:44 IST
           Universal time: Sun 2021-05-02 14:30:44 UTC
                 RTC time: Sun 2021-05-02 14:30:43
                Time zone: Asia/Kolkata (IST, +0530)
System clock synchronized: yes
              NTP service: active
          RTC in local TZ: no

Install Chrony server

By default, the Chrony package is included in the CentOS 8 default repository. You can use the following command to install:

dnf install chrony -y

After installing Chrony, start the Chrony service and enable it to start when the system reboots:

systemctl start chronydsystemctl enable chronyd

You can also verify the status of Chrony with the following command:

systemctl status chronyd

You should see the following output:

? chronyd.service - NTP client/server
   Loaded: loaded (/usr/lib/systemd/system/chronyd.service; enabled; vendor preset: enabled)
   Active: active (running) since Sun 2021-05-02 20:00:13 IST; 1min 7s ago
     Docs: man:chronyd(8)
           man:chrony.conf(5)
 Main PID: 616 (chronyd)
    Tasks: 1 (limit: 25014)
   Memory: 2.3M
   CGroup: /system.slice/chronyd.service
           ??616 /usr/sbin/chronyd

May 02 20:00:12 centos8 systemd[1]: Starting NTP client/server...
May 02 20:00:12 centos8 chronyd[616]: chronyd version 3.5 starting (+CMDMON +NTP +REFCLOCK +RTC +PRIVDROP +SCFILTER +SIGND +ASYNCDNS +SECHASH >
May 02 20:00:12 centos8 chronyd[616]: Frequency 18.331 +/- 0.061 ppm read from /var/lib/chrony/drift
May 02 20:00:12 centos8 chronyd[616]: Using right/UTC timezone to obtain leap second data
May 02 20:00:13 centos8 systemd[1]: Started NTP client/server.
May 02 20:00:20 centos8 chronyd[616]: Selected source 129.250.35.250
May 02 20:00:20 centos8 chronyd[616]: System clock TAI offset set to 37 seconds
May 02 20:00:20 centos8 chronyd[616]: System clock wrong by 1.153394 seconds, adjustment started
May 02 20:00:21 centos8 chronyd[616]: System clock was stepped by 1.153394 seconds

Configure Chrony server

Chrony’s main configuration file is located in /etc/chrony.conf. You will need to edit it and change the time server closest to you.

nano /etc/chrony.conf

Comment out the default pool and add the list of NTP servers closest to your location.

#pool 2.centos.pool.ntp.org iburst
server 1.in.pool.ntp.org
server 2.in.pool.ntp.org
server 3.in.pool.ntp.org

Save and close the file when you are done, then use the following command to set up NTP synchronization:

timedatectl set-ntp true

Next, restart the Chrony service to apply the changes:

systemctl restart chronyd

You can also allow a specific IP range in the local network to allow access to the NTP server. You can allow it by adding the following line in the /etc/chrony.conf file:

# Allow NTP client access from local network.
allow 192.168.0.0/24

Now, you can use the following command to check whether the NTP server is working properly:

chronyc sources

If everything is ok, you should get the following output:

210 Number of sources = 4
MS Name/IP address         Stratum Poll Reach LastRx Last sample               
===============================================================================
^? ntp7.mum-in.hosts.301-mo>     2   6     1     8    +31ms[  +31ms] +/-  248ms
^? static.15.192.216.95.cli>     2   6     1     8  +2616us[+2616us] +/-   88ms
^? 157.245.102.2                 2   6     1     9  -4088us[-4088us] +/-  139ms
^? ec2-13-126-27-131.ap-sou>     2   6     1     9  +6017us[+6017us] +/-  181ms

Configure firewall

Next, you will need to allow the NTP service to pass through the firewall. You can allow it with the following command:

firewall-cmd --permanent --add-service=ntp --permanent

Next, reload the firewall service to apply the changes:

firewall-cmd --reload

Configure Chrony client

Next, you will need to install the Chrony client on the client computer and configure it to use your Chrony server.

On the client computer, use the following command to set the correct time zone:

timedatectl set-timezone Asia/Kolkata

Next, install the Chrony package using the following command:

dnf install chrony -y

After the installation is complete, edit your Chrony configuration file and point to the NTP server.

nano /etc/chrony.conf

Comment out the default pool and add the following line:

server chrony-server-ip

Save and close the file, and then use the following command to set up NTP synchronization:

timedatectl set-ntp true

Next, start the Chrony service and use the following command to enable it to start when the system reboots:

systemctl start chronydsystemctl enable chronyd

Now, use the following command to verify the time synchronization:

chronyc sources

You should get the following output:

210 Number of sources = 1
MS Name/IP address         Stratum Poll Reach LastRx Last sample
===============================================================================
^? chrony-server-ip              0   6     0   10y     +0ns[   +0ns] +/-    0ns

in conclusion

In the above guide, you learned how to set up a Chrony NTP server on CentOS 8. You also learned how to install the Chrony client and configure it to synchronize time with the Chrony server. If you have any questions, please feel free to ask me.

Sidebar