How to install Chrony NTP server on CentOS 8
How to install Chrony NTP server on CentOS 8
Chrony is the default Network Time Protocol (NTP) server in the CentOS 8 operating system. It replaces the old Ntpd used in the old Linux operating system. It is used to synchronize the system clock with a remote Internet time server. Setting an accurate time is very important for any application to work properly.
It consists of two components, chronyc and chronyd. Chronyd is a daemon that starts when the system boots. chronyc is a command line interface for monitoring the performance of chronyd.
In this tutorial, I will show you how to install and use Chrony on a CentOS 8 server.
prerequisites
- Two servers running CentOS8.
- The root password is configured on the server.
getting Started
Before installing Chrony, you need to set the correct time zone in the server. You can use the following command to set:
timedatectl set-timezone Asia/Kolkata
Now, use the following command to verify your current time zone:
timedatectl
You should get the following output:
Local time: Sun 2021-05-02 20:00:44 IST
Universal time: Sun 2021-05-02 14:30:44 UTC
RTC time: Sun 2021-05-02 14:30:43
Time zone: Asia/Kolkata (IST, +0530)
System clock synchronized: yes
NTP service: active
RTC in local TZ: no
Install Chrony server
By default, the Chrony package is included in the CentOS 8 default repository. You can use the following command to install:
dnf install chrony -y
After installing Chrony, start the Chrony service and enable it to start when the system reboots:
systemctl start chronydsystemctl enable chronyd
You can also verify the status of Chrony with the following command:
systemctl status chronyd
You should see the following output:
? chronyd.service - NTP client/server
Loaded: loaded (/usr/lib/systemd/system/chronyd.service; enabled; vendor preset: enabled)
Active: active (running) since Sun 2021-05-02 20:00:13 IST; 1min 7s ago
Docs: man:chronyd(8)
man:chrony.conf(5)
Main PID: 616 (chronyd)
Tasks: 1 (limit: 25014)
Memory: 2.3M
CGroup: /system.slice/chronyd.service
??616 /usr/sbin/chronyd
May 02 20:00:12 centos8 systemd[1]: Starting NTP client/server...
May 02 20:00:12 centos8 chronyd[616]: chronyd version 3.5 starting (+CMDMON +NTP +REFCLOCK +RTC +PRIVDROP +SCFILTER +SIGND +ASYNCDNS +SECHASH >
May 02 20:00:12 centos8 chronyd[616]: Frequency 18.331 +/- 0.061 ppm read from /var/lib/chrony/drift
May 02 20:00:12 centos8 chronyd[616]: Using right/UTC timezone to obtain leap second data
May 02 20:00:13 centos8 systemd[1]: Started NTP client/server.
May 02 20:00:20 centos8 chronyd[616]: Selected source 129.250.35.250
May 02 20:00:20 centos8 chronyd[616]: System clock TAI offset set to 37 seconds
May 02 20:00:20 centos8 chronyd[616]: System clock wrong by 1.153394 seconds, adjustment started
May 02 20:00:21 centos8 chronyd[616]: System clock was stepped by 1.153394 seconds
Configure Chrony server
Chrony’s main configuration file is located in /etc/chrony.conf. You will need to edit it and change the time server closest to you.
nano /etc/chrony.conf
Comment out the default pool and add the list of NTP servers closest to your location.
#pool 2.centos.pool.ntp.org iburst server 1.in.pool.ntp.org server 2.in.pool.ntp.org server 3.in.pool.ntp.org
Save and close the file when you are done, then use the following command to set up NTP synchronization:
timedatectl set-ntp true
Next, restart the Chrony service to apply the changes:
systemctl restart chronyd
You can also allow a specific IP range in the local network to allow access to the NTP server. You can allow it by adding the following line in the /etc/chrony.conf file:
# Allow NTP client access from local network. allow 192.168.0.0/24
Now, you can use the following command to check whether the NTP server is working properly:
chronyc sources
If everything is ok, you should get the following output:
210 Number of sources = 4 MS Name/IP address Stratum Poll Reach LastRx Last sample =============================================================================== ^? ntp7.mum-in.hosts.301-mo> 2 6 1 8 +31ms[ +31ms] +/- 248ms ^? static.15.192.216.95.cli> 2 6 1 8 +2616us[+2616us] +/- 88ms ^? 157.245.102.2 2 6 1 9 -4088us[-4088us] +/- 139ms ^? ec2-13-126-27-131.ap-sou> 2 6 1 9 +6017us[+6017us] +/- 181ms
Configure firewall
Next, you will need to allow the NTP service to pass through the firewall. You can allow it with the following command:
firewall-cmd --permanent --add-service=ntp --permanent
Next, reload the firewall service to apply the changes:
firewall-cmd --reload
Configure Chrony client
Next, you will need to install the Chrony client on the client computer and configure it to use your Chrony server.
On the client computer, use the following command to set the correct time zone:
timedatectl set-timezone Asia/Kolkata
Next, install the Chrony package using the following command:
dnf install chrony -y
After the installation is complete, edit your Chrony configuration file and point to the NTP server.
nano /etc/chrony.conf
Comment out the default pool and add the following line:
server chrony-server-ip
Save and close the file, and then use the following command to set up NTP synchronization:
timedatectl set-ntp true
Next, start the Chrony service and use the following command to enable it to start when the system reboots:
systemctl start chronydsystemctl enable chronyd
Now, use the following command to verify the time synchronization:
chronyc sources
You should get the following output:
210 Number of sources = 1 MS Name/IP address Stratum Poll Reach LastRx Last sample =============================================================================== ^? chrony-server-ip 0 6 0 10y +0ns[ +0ns] +/- 0ns
in conclusion
In the above guide, you learned how to set up a Chrony NTP server on CentOS 8. You also learned how to install the Chrony client and configure it to synchronize time with the Chrony server. If you have any questions, please feel free to ask me.