In this Article, you will learn how to synchronize and configure time in Linux with chrony and “timedatectl” tool.
The correctness of time in an Operating system is very important, especially if it is a log system/server that has to do with tracking of various logs and activities at a particular time, correct timing, in this case, is essential.
More so, systems that are used in Financial or government sectors cannot afford not to have the correct time set. Hence the time of these particular sets of systems and their likes must be correct and well synchronized at all times.
A virtualization Engineer who configures clustering and High availability services can tell how important all the systems that will be clustered must have the same time and must be synchronized at all times to avoid malfunction of a clustered environment.
In most operating systems, Linux inclusive, correct timing can be done with the use of NTP (Network Time Protocol) services.
Network time protocol (NTP) is a protocol that is used to automatically synchronize time over a network.
NTP is server/client based, whereby NTP servers are sitting somewhere as a pool of servers in different zones and regions and NTP client will be configured on a Linux system to synchronize time from an NTP server.
There are a few numbers of NTP server pool, a Linux OS by default knows how to use the one closer to the region that is selected during the installation of the operating system.
Some clustered environment prefers to have an internal central NTP server configured so that other systems in the environment will synchronize time from it.
In old distributions of RHEL servers and some other distributions, the ntpd daemon with the “ntpdate” tool is the client that is used to synchronize the time of a Linux system over a network from the NTP server, but in newer versions of RHEL and some other distributions, “ntpdate” tool /ntpd daemon has been deprecated and the new NTP client responsible for NTP time synchronization from the NTP server is chrony.
The chronyd daemon must be up and running on the system before there can be synchronization.
There have been a lot of controversial discussions as regards why ntp was joined with chrony in RHEL 7 and finally deprecated in RHEL 8. Some agreed ntp is better than chrony in many ways while some disagreed.
Well, you may drop your perspective with regard to this in the comment section. It is not a doubt that there are differences between the two even if their configuration files are almost similar,You may want to click the link below to check their differences.
Moving forward, since chrony is the new NTP client, we are going to go through the step by step process of how to use “chrony” to synchronize time, and use the “timedatectl” utility to configure time in the “ACTION TIME” section below.
Before we roll down to the “ACTION TIME” section, let’s understand the chrony configuration file.
The chrony configuration file can be found in the path “/etc/chrony.conf” on a RHEL 7/8 server and some other distributions. It can be seen after chrony is installed.
[root@HQDEV1 ~]# cat /etc/chrony.conf # Use public servers from the pool.ntp.org project. # Please consider joining the pool (http://www.pool.ntp.org/join.html). pool 2.rhel.pool.ntp.org iburst # Record the rate at which the system clock gains/losses time. driftfile /var/lib/chrony/drift # Allow the system clock to be stepped in the first three updates # if its offset is larger than 1 second. makestep 1.0 3 # Enable kernel synchronization of the real-time clock (RTC). rtcsync # Enable hardware timestamping on all interfaces that support it. #hwtimestamp * # Increase the minimum number of selectable sources required to adjust # the system clock. #minsources 2 # Allow NTP client access from local network. #allow 192.168.0.0/16 # Serve time even if not synchronized to a time source. #local stratum 10 # Specify file containing keys for NTP authentication. keyfile /etc/chrony.keys # Get TAI-UTC offset and leap seconds from the system tz database. leapsectz right/UTC # Specify directory for log files. logdir /var/log/chrony # Select which information is logged. #log measurements statistics tracking
- Number 1 is the NTP server (“pool 2.rhel.pool.ntp.org iburst”), i.e, the server the NTP client will synchronize from.
- Number 2 means that the kernel synchronization of the real-time clock is enabled. To disable it, comment the parameter “rtcsync”.
- Number 3 means that NTP clients will not be synchronized from the local network. If you want chrony to work without a network connection, you can uncomment the parameter, and the system can be manually synchronized. This is also a way of configuring the system to be an NTP server and other systems can synchronize provided their configuration files are set to synchronize from this subnet.
After synchronization of time from NTP server has been done, you may want to use the command below to set the system hardware clock
[root@HQDEV1 ~]# hwclock --systohc
For more usage of the of the hwclock utility, refer to the hwclock manual page.
- Number 4 means the security key for NTP authentication will be in the (/etc/chrony.keys) location by default.
- Number 5 means NTP service log files will be in the (/var/log/chrony) location by default.
Please note, time configuration in Linux can be and not be simple, so if you don’t know what you are doing, don’t tamper with the chrony configuration file. Just leave it as it is.
Installation of chrony comes with the “chronyc” tool as well. The chronyc tool is the CLI for chrony and can be used to interact and make changes to chrony. we will use this tool in the “ACTION TIME” section.
To verify the current time and timezone apart from using the date command, use the “timedatectl” utility
[root@HQDEV1 ~]# timedatectl Local time: Sun 2020-10-25 23:04:38 CDT Universal time: Mon 2020-10-26 04:04:38 UTC RTC time: Mon 2020-10-26 04:04:38 Time zone: America/Chicago (CDT, -0500) System clock synchronized: no NTP service: inactive RTC in local TZ: no
If chrony is not installed on your distribution, use the command below to install chrony.
By default, chrony is installed on RHEL/CentOS 7 & 8 systems
[root@HQDEV1 ~]# yum install chrony Updating Subscription Management repositories. Last metadata expiration check: 0:38:45 ago on Wed 06 May 2020 03:37:10 PM WAT. Package chrony-3.5-1.el8.x86_64 is already installed.
[root@HQDEV1 ~]# systemctl status chronyd ● chronyd.service - NTP client/server Loaded: loaded (/usr/lib/systemd/system/chronyd.service; enabled; vendor preset: enabled) Active: active (running) since Fri 2020-05-01 22:34:53 WAT; 4 days ago Docs: man:chronyd(8) man:chrony.conf(5)
[root@HQDEV1 ~]# systemctl start chronyd
[root@HQDEV1 ~]# systemctl enable chronyd
[root@RHEL ~]# timedatectl status Local time: Fri 2020-05-01 22:32:26 WAT Universal time: Fri 2020-05-01 21:32:26 UTC RTC time: Fri 2020-05-01 21:32:32 Time zone: Africa/Lagos (WAT, +0100) System clock synchronized: no NTP service: inactive RTC in local TZ: no [root@RHEL ~]# timedatectl list-timezones
[root@RHEL ~]# timedatectl set-ntp yes
[root@RHEL ~]# systemctl status chronyd.service ● chronyd.service - NTP client/server Loaded: loaded (/usr/lib/systemd/system/chronyd.service; enabled; vendor preset: enabled) Active: active (running) since Fri 2020-05-01 22:34:53 WAT; 24s ago Docs: man:chronyd(8) man:chrony.conf(5) Process: 4607 ExecStartPost=/usr/libexec/chrony-helper update-daemon (code=exited, status=0/SUCCESS) Process: 4579 ExecStart=/usr/sbin/chronyd $OPTIONS (code=exited, status=0/SUCCESS) Main PID: 4583 (chronyd) Tasks: 1 (limit: 11337) Memory: 1.5M CGroup: /system.slice/chronyd.service └─4583 /usr/sbin/chronyd May 01 22:34:53 RHEL systemd: Starting NTP client/server... May 01 22:34:53 RHEL chronyd: chronyd version 3.5 starting (+CMDMON +NTP +REFCLOCK +RTC +PRIVDROP +SC> May 01 22:34:53 RHEL chronyd: Using right/UTC timezone to obtain leap second data May 01 22:34:53 RHEL systemd: Started NTP client/server. May 01 22:34:58 RHEL chronyd: Selected source 220.127.116.11 May 01 22:34:58 RHEL chronyd: System clock TAI offset set to 37 seconds May 01 22:34:58 RHEL chronyd: System clock wrong by 4.158287 seconds, adjustment started May 01 22:35:02 RHEL chronyd: System clock was stepped by 4.158287 seconds May 01 22:35:04 RHEL chronyd: Selected source 18.104.22.168 lines 1-22/22 (END)
[root@RHEL ~]# timedatectl status Local time: Fri 2020-05-01 22:41:53 WAT Universal time: Fri 2020-05-01 21:41:53 UTC RTC time: Fri 2020-05-01 21:41:54 Time zone: Africa/Lagos (WAT, +0100) System clock synchronized: yes NTP service: active RTC in local TZ: no [root@RHEL ~]#
NB: you can use the pipe and grep command or forward slash (/) to filter.
[root@HQDEV1 ~]# timedatectl list-timezones Africa/Abidjan Africa/Accra Africa/Addis_Ababa Africa/Algiers Africa/Asmara Africa/Bamako Africa/Bangui Africa/Banjul Africa/Bissau Africa/Blantyre Africa/Brazzaville Africa/Bujumbura Africa/Cairo Africa/Casablanca Africa/Ceuta Africa/Conakry Africa/Dakar Africa/Dar_es_Salaam Africa/Djibouti Africa/Douala Africa/El_Aaiun Africa/Freetown Africa/Gaborone lines 1-23
NB: the “tzselect” tool (time zone select) can also be used
# timedatectl set-timezone <time-zone>
For example, to set the time zone to Africa, Cairo, use the command,
[root@HQDEV1 ~]# timedatectl set-timezone Africa/Cairo
[root@HQDEV1 ~]# timedatectl status Local time: Wed 2020-05-06 18:42:53 EET Universal time: Wed 2020-05-06 16:42:53 UTC RTC time: Wed 2020-05-06 16:42:53 Time zone: Africa/Cairo (EET, +0200) System clock synchronized: yes NTP service: active RTC in local TZ: no [root@HQDEV1 ~]#
Now you can see the Local time(EET), the time in UTC, and RTC.
To manually synchronize time, use the command
# chronyd -q 'NTP-server-name'
As explained in “UNDERSTANDING THE SUBJECT MATTER, in my case, my NTP server is ” pool 2.rhel.pool.ntp.org iburst” , therefore, I will use the command,
[root@HQDEV1 ~]# chronyd -q "pool 2.rhel.pool.ntp.org iburst"
To verify if there is synchronization with chronyc tool, use the command,
[root@HQDEV1 ~]# chronyc tracking Reference ID : A29FC87B (22.214.171.124) Stratum : 4 Ref time (UTC) : Wed May 06 22:56:49 2020 System time : 0.000000033 seconds slow of NTP time Last offset : +0.001427624 seconds RMS offset : 0.053770002 seconds Frequency : 36.761 ppm slow Residual freq : +0.016 ppm Skew : 0.874 ppm Root delay : 0.132708192 seconds Root dispersion : 0.018269135 seconds Update interval : 1042.5 seconds Leap status : Normal [root@HQDEV1 ~]#
To verify the current time source, use the command,
[root@HQDEV1 ~]# chronyc sources 210 Number of sources = 4 MS Name/IP address Stratum Poll Reach LastRx Last sample =============================================================================== ^* time.cloudflare.com 3 6 177 3 +2657us[+8335us] +/- 62ms ^? time.cloudflare.com 0 6 0 - +0ns[ +0ns] +/- 0ns ^? ntp6.flashdance.cx 2 10 1 66 -9170us[-3493us] +/- 107ms ^? ntp.nyy.ca 1 10 1 262 -13ms[ -13ms] +/- 152ms
For more detailed source listing, use the command,
[root@HQDEV1 ~]# chronyc sources -v 210 Number of sources = 4 .-- Source mode '^' = server, '=' = peer, '#' = local clock. / .- Source state '*' = current synced, '+' = combined , '-' = not combined, | / '?' = unreachable, 'x' = time may be in error, '~' = time too variable. || .- xxxx [ yyyy ] +/- zzzz || Reachability register (octal) -. | xxxx = adjusted offset, || Log2(Polling interval) --. | | yyyy = measured offset, || \ | | zzzz = estimated error. || | | \ MS Name/IP address Stratum Poll Reach LastRx Last sample =============================================================================== ^* time.cloudflare.com 3 6 377 1 -7510us[-9051us] +/- 76ms ^? time.cloudflare.com 0 6 0 - +0ns[ +0ns] +/- 0ns ^? ntp6.flashdance.cx 2 10 1 128 -7629us[-3493us] +/- 107ms ^? ntp.nyy.ca 1 10 1 324 -11ms[ -13ms] +/- 152ms [root@HQDEV1 ~]#
We have seen, above, how we can set time and also synchronize the time with an NTP sever, now let’s configure time manually with the timedatectl utility without synchronizing with an NTP server.
1. If chronyd service is running, deactivate the ntp service, or just stop the chronyd service.
N:B: We don’t care if the chronyd service is running or not. What matters is that the ntp service is set to no/deactivated. The value no or false can be used.
To set ntp service to no/deactivate it while chronyd is running, use the command,
[root@HQDEV1 ~]# timedatectl set-ntp false
In RHEL 8, chronyd will stop running with this settings.
2. Set the time to your desired time
[root@HQDEV1 ~]# timedatectl set-time 10:23:22
[root@HQDEV1 ~]# timedatectl Local time: Sun 2020-10-25 10:23:23 CDT Universal time: Sun 2020-10-25 15:23:23 UTC RTC time: Sun 2020-10-25 15:23:23 Time zone: America/Chicago (CDT, -0500) System clock synchronized: no NTP service: inactive RTC in local TZ: no
Your feedback is welcomed. If you love others, you will share with others