Christian WellsIn today’s interconnected world, accurate time synchronization is crucial for various computer networks. To achieve this, Network Time Protocol (NTP) is used, which allows computers to maintain accurate time by synchronizing with reliable time sources. One popular implementation of NTP is Chrony, which is an alternative to other applications and is widely used in various Linux distributions.
In this comprehensive guide, we will learn how to set up Chrony as an NTP server and client on a Rocky Linux server. We will explore the installation process, configuration options, and the necessary steps to ensure accurate time synchronization. Whether you want to build an NTP server for your local environment or synchronize time on your machine or client to an NTP server, this guide will provide you with all the information you need.
Prerequisites
Before we begin, let’s ensure that we have everything we need to set up Chrony on our Rocky Linux server. You will need:
- Two different Rocky Linux servers, one to be used as an NTP server and the other as an NTP client.
- Rocky Linux version 8 or the latest version 9.
- A non-root user with sudo root privileges on both machines.
Now that we have all the prerequisites in place, let’s dive into the installation and configuration process.
Installing Chrony Package
The first step is to install the Chrony package on our Rocky Linux server. Chrony is available in the baseos Rocky Linux repository, so we can easily install it using the following commands:
sudo dnf install chrony
Once the installation is complete, we need to start and enable the Chronyd service to ensure it runs automatically at system boot:
sudo systemctl enable chronyd sudo systemctl start chronyd
To verify the status of the Chronyd service, run the following command:
sudo systemctl status chronyd
If everything is set up correctly, you should see that the Chronyd service is running.
Setting up Chrony as NTP Server
Now that we have installed Chrony, let’s proceed with setting it up as an NTP server on our Rocky Linux server. This will enable us to build a local NTP server that clients within our network can connect to.
To configure Chrony as an NTP server, we need to edit the default Chrony configuration file located at/etc/chrony.conf. Open the file using your preferred text editor:
sudo nano /etc/chrony.conf
In the configuration file, you will find several directives that need to be modified to set up Chrony as an NTP server. Let’s go through each of them:
Configuring NTP Server Sources
The server directive allows us to specify the source of the NTP server we want to use. By default, it uses the NTP server pool from the se.pool.ntp.org domain. However, you can find the NTP server pool nearest to your location atShape.host.
In our example, we will use the following NTP server pool:
server0.shape.host iburst server1.shape.host iburst server2.shape.host iburst server3.shape.host iburst
The iburst option allows Chronyd to make the first update of the clock shortly after the start.
Allowing Clients to Access the NTP Server
To allow clients within our network to access the NTP server, we need to uncomment the allow directive and specify the subnet of the IP addresses that are allowed to access the server. In our case, all clients within the network 192.168.5.0/24 will be allowed to access the NTP server:
allow 192.168.5.0/24
Additional Configuration Options
There are several additional options/directives that you may want to consider based on your requirements:
makestep: This option allows the system clock to be stepped in the first three updates if its offset is larger than 1 second.hwtimestamp: Enabling this option enables hardware timestamping on all interfaces that support it.keyfile: Specifies the file containing keys for NTP authentication.leapsectz: Retrieves the TAI-UTC offset and leap seconds from the system tz database.
Feel free to modify these options according to your needs.
Restarting Chronyd and Verifying NTP Server Sources
Once you have made the necessary changes to the configuration file, save it and exit the editor. Next, restart the Chronyd service to apply the new configurations:
sudo systemctl restart chronyd
To verify the sources of the NTP server pool currently used, run the following command:
chronyc sources
You should see a list of the current NTP server sources used by your server.
Firewall Configuration
To ensure that client machines can connect to your NTP server, you need to open the NTP service port in your firewall. Run the following commands to add the NTP service to the firewall and reload the firewall:
sudo firewall-cmd --add-service=ntp --permanent sudo firewall-cmd --reload
If you want to specify specific network subnets that are allowed to access the NTP server, you can use the following command:
sudo firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source address='192.168.5.0/24' service='ntp' accept"
Remember to reload the firewall after adding the rich rule.
Congratulations! You have now successfully set up Chrony as an NTP server on your Rocky Linux server. Clients within your network can now connect to this server to synchronize their time.
Setting up Chrony as NTP Client
In addition to setting up Chrony as an NTP server, you may also need to synchronize time on your machine or client to an NTP server. Let’s explore how to configure Chrony as an NTP client on a Rocky Linux system.
Before we begin, ensure that the Chrony package is installed on your client machine. You can install it using the following command:
sudo dnf install chrony -y
Once the installation is complete, open the configuration file /etc/chrony.conf:
sudo nano /etc/chrony.conf
In the configuration file, locate the server directive and change the NTP server source to the IP address of your NTP server. For example:
server 192.168.5.100 iburst prefer
The iburst option allows Chronyd to make the first update of the clock shortly after the start, while the prefer option prioritizes the NTP server source.
Save the file and restart the Chrony service to apply the new configurations:
sudo systemctl restart chronyd
To verify the current status of NTP on your client machine, run the following command:
chronyc tracking
You should see that your machine is connected and synchronized to the NTP server. You can also use the chronyc ntpdata command to view detailed NTP data.
Conclusion
In conclusion, accurate time synchronization is essential for computer networks, and Chrony provides a reliable implementation of NTP for Linux systems. By following the steps outlined in this guide, you have successfully set up Chrony as an NTP server and client on your Rocky Linux server. Whether you need to build an NTP server for your local environment or synchronize time on your machine to an NTP server, Chrony offers the necessary tools and configurations.
Remember to regularly monitor and maintain your NTP server to ensure accurate time synchronization throughout your network. With Chrony, you can rely on efficient and reliable timekeeping for your systems.
For more information on cloud hosting solutions and Cloud VPS services, visit Shape.host. Shape.host provides scalable and secure hosting solutions tailored to your business needs.
