In this Article, you will learn how to synchronize and configure time in Linux with chrony and “timedatectl” tool.
Contents
UNDERSTANDING THE SUBJECT MATTER
The correctness of time in an Operating system is very important, especially if it is a log system/server that has to do with tracking of various logs and activities at a particular time, correct timing, in this case, is essential.
More so, systems that are used in Financial or government sectors cannot afford not to have the correct time set. Hence the time of these particular sets of systems and their likes must be correct and well synchronized at all times.
A virtualization Engineer who configures clustering and High availability services can tell how important all the systems that will be clustered must have the same time and must be synchronized at all times to avoid malfunction of a clustered environment.
In most operating systems, Linux inclusive, correct timing can be done with the use of NTP (Network Time Protocol) services.
Network time protocol (NTP) is a protocol that is used to automatically synchronize time over a network.
NTP is server/client based, whereby NTP servers are sitting somewhere as a pool of servers in different zones and regions and NTP client will be configured on a Linux system to synchronize time from an NTP server.
There are a few numbers of NTP server pool, a Linux OS by default knows how to use the one closer to the region that is selected during the installation of the operating system.
Some clustered environment prefers to have an internal central NTP server configured so that other systems in the environment will synchronize time from it.
In old distributions of RHEL servers and some other distributions, the ntpd daemon with the “ntpdate” tool is the client that is used to synchronize the time of a Linux system over a network from the NTP server, but in newer versions of RHEL and some other distributions, “ntpdate” tool /ntpd daemon has been deprecated and the new NTP client responsible for NTP time synchronization from the NTP server is chrony.
The chronyd daemon must be up and running on the system before there can be synchronization.
There have been a lot of controversial discussions as regards why ntp was joined with chrony in RHEL 7 and finally deprecated in RHEL 8. Some agreed ntp is better than chrony in many ways while some disagreed.
Well, you may drop your perspective with regard to this in the comment section. It is not a doubt that there are differences between the two even if their configuration files are almost similar,You may want to click the link below to check their differences.
Moving forward, since chrony is the new NTP client, we are going to go through the step by step process of how to use “chrony” to synchronize time, and use the “timedatectl” utility to configure time in the “ACTION TIME” section below.
Before we roll down to the “ACTION TIME” section, let’s understand the chrony configuration file.
The chrony configuration file can be found in the path “/etc/chrony.conf” on a RHEL 7/8 server and some other distributions. It can be seen after chrony is installed.
[root@HQDEV1 ~]# cat /etc/chrony.conf
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
pool 2.rhel.pool.ntp.org iburst
# Record the rate at which the system clock gains/losses time.
driftfile /var/lib/chrony/drift
# Allow the system clock to be stepped in the first three updates
# if its offset is larger than 1 second.
makestep 1.0 3
# Enable kernel synchronization of the real-time clock (RTC).
rtcsync
# Enable hardware timestamping on all interfaces that support it.
#hwtimestamp *
# Increase the minimum number of selectable sources required to adjust
# the system clock.
#minsources 2
# Allow NTP client access from local network.
#allow 192.168.0.0/16
# Serve time even if not synchronized to a time source.
#local stratum 10
# Specify file containing keys for NTP authentication.
keyfile /etc/chrony.keys
# Get TAI-UTC offset and leap seconds from the system tz database.
leapsectz right/UTC
# Specify directory for log files.
logdir /var/log/chrony
# Select which information is logged.
#log measurements statistics tracking
- Number 1 is the NTP server (“pool 2.rhel.pool.ntp.org iburst”), i.e, the server the NTP client will synchronize from.
- Number 2 means that the kernel synchronization of the real-time clock is enabled. To disable it, comment the parameter “rtcsync”.
- Number 3 means that NTP clients will not be synchronized from the local network. If you want chrony to work without a network connection, you can uncomment the parameter, and the system can be manually synchronized. This is also a way of configuring the system to be an NTP server and other systems can synchronize provided their configuration files are set to synchronize from this subnet.
After synchronization of time from NTP server has been done, you may want to use the command below to set the system hardware clock
[root@HQDEV1 ~]# hwclock --systohcFor more usage of the of the hwclock utility, refer to the hwclock manual page.
- Number 4 means the security key for NTP authentication will be in the (/etc/chrony.keys) location by default.
- Number 5 means NTP service log files will be in the (/var/log/chrony) location by default.
Please note, time configuration in Linux can be and not be simple, so if you don’t know what you are doing, don’t tamper with the chrony configuration file. Just leave it as it is.
Installation of chrony comes with the “chronyc” tool as well. The chronyc tool is the CLI for chrony and can be used to interact and make changes to chrony. we will use this tool in the “ACTION TIME” section.
To verify the current time and timezone apart from using the date command, use the “timedatectl” utility
[root@HQDEV1 ~]# timedatectl
Local time: Sun 2020-10-25 23:04:38 CDT
Universal time: Mon 2020-10-26 04:04:38 UTC
RTC time: Mon 2020-10-26 04:04:38
Time zone: America/Chicago (CDT, -0500)
System clock synchronized: no
NTP service: inactive
RTC in local TZ: no
ACTION TIME
How To Configure/Synchronize Time With Chrony On RHEL 7/8 System
1. Install chrony
If chrony is not installed on your distribution, use the command below to install chrony.
By default, chrony is installed on RHEL/CentOS 7 & 8 systems
[root@HQDEV1 ~]# yum install chrony
Updating Subscription Management repositories.
Last metadata expiration check: 0:38:45 ago on Wed 06 May 2020 03:37:10 PM WAT.
Package chrony-3.5-1.el8.x86_64 is already installed.
2. Verify if the service is running.
[root@HQDEV1 ~]# systemctl status chronyd
● chronyd.service - NTP client/server
Loaded: loaded (/usr/lib/systemd/system/chronyd.service; enabled; vendor preset: enabled)
Active: active (running) since Fri 2020-05-01 22:34:53 WAT; 4 days ago
Docs: man:chronyd(8)
man:chrony.conf(5)
3. Start the service if it is not running and enable the service.
[root@HQDEV1 ~]# systemctl start chronyd[root@HQDEV1 ~]# systemctl enable chronyd4. Verify the current time and NTP status using “timedatectl” utility.
[root@RHEL ~]# timedatectl status
Local time: Fri 2020-05-01 22:32:26 WAT
Universal time: Fri 2020-05-01 21:32:26 UTC
RTC time: Fri 2020-05-01 21:32:32
Time zone: Africa/Lagos (WAT, +0100)
System clock synchronized: no
NTP service: inactive
RTC in local TZ: no
[root@RHEL ~]# timedatectl list-timezones
5. Activate the NTP service with “timedatectl” utility
[root@RHEL ~]# timedatectl set-ntp yes6. Verify if the NTP service has started by checking the status of chronyd service
[root@RHEL ~]# systemctl status chronyd.service
● chronyd.service - NTP client/server
Loaded: loaded (/usr/lib/systemd/system/chronyd.service; enabled; vendor preset: enabled)
Active: active (running) since Fri 2020-05-01 22:34:53 WAT; 24s ago
Docs: man:chronyd(8)
man:chrony.conf(5)
Process: 4607 ExecStartPost=/usr/libexec/chrony-helper update-daemon (code=exited, status=0/SUCCESS)
Process: 4579 ExecStart=/usr/sbin/chronyd $OPTIONS (code=exited, status=0/SUCCESS)
Main PID: 4583 (chronyd)
Tasks: 1 (limit: 11337)
Memory: 1.5M
CGroup: /system.slice/chronyd.service
└─4583 /usr/sbin/chronyd
May 01 22:34:53 RHEL systemd[1]: Starting NTP client/server...
May 01 22:34:53 RHEL chronyd[4583]: chronyd version 3.5 starting (+CMDMON +NTP +REFCLOCK +RTC +PRIVDROP +SC>
May 01 22:34:53 RHEL chronyd[4583]: Using right/UTC timezone to obtain leap second data
May 01 22:34:53 RHEL systemd[1]: Started NTP client/server.
May 01 22:34:58 RHEL chronyd[4583]: Selected source 162.159.200.1
May 01 22:34:58 RHEL chronyd[4583]: System clock TAI offset set to 37 seconds
May 01 22:34:58 RHEL chronyd[4583]: System clock wrong by 4.158287 seconds, adjustment started
May 01 22:35:02 RHEL chronyd[4583]: System clock was stepped by 4.158287 seconds
May 01 22:35:04 RHEL chronyd[4583]: Selected source 162.159.200.123
lines 1-22/22 (END)
7. Verify the current time and NTP status again using “timedatectl” utility.
[root@RHEL ~]# timedatectl status
Local time: Fri 2020-05-01 22:41:53 WAT
Universal time: Fri 2020-05-01 21:41:53 UTC
RTC time: Fri 2020-05-01 21:41:54
Time zone: Africa/Lagos (WAT, +0100)
System clock synchronized: yes
NTP service: active
RTC in local TZ: no
[root@RHEL ~]#
8. Get the current time zones
NB: you can use the pipe and grep command or forward slash (/) to filter.
[root@HQDEV1 ~]# timedatectl list-timezones
Africa/Abidjan
Africa/Accra
Africa/Addis_Ababa
Africa/Algiers
Africa/Asmara
Africa/Bamako
Africa/Bangui
Africa/Banjul
Africa/Bissau
Africa/Blantyre
Africa/Brazzaville
Africa/Bujumbura
Africa/Cairo
Africa/Casablanca
Africa/Ceuta
Africa/Conakry
Africa/Dakar
Africa/Dar_es_Salaam
Africa/Djibouti
Africa/Douala
Africa/El_Aaiun
Africa/Freetown
Africa/Gaborone
lines 1-23
9. Set the time to your desired time zone using the command
NB: the “tzselect” tool (time zone select) can also be used
# timedatectl set-timezone <time-zone>For example, to set the time zone to Africa, Cairo, use the command,
[root@HQDEV1 ~]# timedatectl set-timezone Africa/Cairo10. Verify the current time.
[root@HQDEV1 ~]# timedatectl status
Local time: Wed 2020-05-06 18:42:53 EET
Universal time: Wed 2020-05-06 16:42:53 UTC
RTC time: Wed 2020-05-06 16:42:53
Time zone: Africa/Cairo (EET, +0200)
System clock synchronized: yes
NTP service: active
RTC in local TZ: no
[root@HQDEV1 ~]#
Now you can see the Local time(EET), the time in UTC, and RTC.
How To Manually Synchronize Time With NTP Server In Linux Using Chrony
To manually synchronize time, use the command
# chronyd -q 'NTP-server-name'As explained in “UNDERSTANDING THE SUBJECT MATTER, in my case, my NTP server is ” pool 2.rhel.pool.ntp.org iburst” , therefore, I will use the command,
[root@HQDEV1 ~]# chronyd -q "pool 2.rhel.pool.ntp.org iburst"How To Verify If There Is synchronization With chronyc
To verify if there is synchronization with chronyc tool, use the command,
[root@HQDEV1 ~]# chronyc tracking
Reference ID : A29FC87B (162.159.200.123)
Stratum : 4
Ref time (UTC) : Wed May 06 22:56:49 2020
System time : 0.000000033 seconds slow of NTP time
Last offset : +0.001427624 seconds
RMS offset : 0.053770002 seconds
Frequency : 36.761 ppm slow
Residual freq : +0.016 ppm
Skew : 0.874 ppm
Root delay : 0.132708192 seconds
Root dispersion : 0.018269135 seconds
Update interval : 1042.5 seconds
Leap status : Normal
[root@HQDEV1 ~]#
How To Verify Chrony Sources With The chronyc tool
To verify the current time source, use the command,
[root@HQDEV1 ~]# chronyc sources
210 Number of sources = 4
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* time.cloudflare.com 3 6 177 3 +2657us[+8335us] +/- 62ms
^? time.cloudflare.com 0 6 0 - +0ns[ +0ns] +/- 0ns
^? ntp6.flashdance.cx 2 10 1 66 -9170us[-3493us] +/- 107ms
^? ntp.nyy.ca 1 10 1 262 -13ms[ -13ms] +/- 152ms
For more detailed source listing, use the command,
[root@HQDEV1 ~]# chronyc sources -v
210 Number of sources = 4
.-- Source mode '^' = server, '=' = peer, '#' = local clock.
/ .- Source state '*' = current synced, '+' = combined , '-' = not combined,
| / '?' = unreachable, 'x' = time may be in error, '~' = time too variable.
|| .- xxxx [ yyyy ] +/- zzzz
|| Reachability register (octal) -. | xxxx = adjusted offset,
|| Log2(Polling interval) --. | | yyyy = measured offset,
|| \ | | zzzz = estimated error.
|| | | \
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* time.cloudflare.com 3 6 377 1 -7510us[-9051us] +/- 76ms
^? time.cloudflare.com 0 6 0 - +0ns[ +0ns] +/- 0ns
^? ntp6.flashdance.cx 2 10 1 128 -7629us[-3493us] +/- 107ms
^? ntp.nyy.ca 1 10 1 324 -11ms[ -13ms] +/- 152ms
[root@HQDEV1 ~]#
How To Manually Set Time Without Synchronizing With an NTP Server In Linux
We have seen, above, how we can set time and also synchronize the time with an NTP sever, now let’s configure time manually with the timedatectl utility without synchronizing with an NTP server.
1. If chronyd service is running, deactivate the ntp service, or just stop the chronyd service.
N:B: We don’t care if the chronyd service is running or not. What matters is that the ntp service is set to no/deactivated. The value no or false can be used.
To set ntp service to no/deactivate it while chronyd is running, use the command,
[root@HQDEV1 ~]# timedatectl set-ntp falseIn RHEL 8, chronyd will stop running with this settings.
2. Set the time to your desired time
[root@HQDEV1 ~]# timedatectl set-time 10:23:22
3. Verify.
[root@HQDEV1 ~]# timedatectl
Local time: Sun 2020-10-25 10:23:23 CDT
Universal time: Sun 2020-10-25 15:23:23 UTC
RTC time: Sun 2020-10-25 15:23:23
Time zone: America/Chicago (CDT, -0500)
System clock synchronized: no
NTP service: inactive
RTC in local TZ: no
Your feedback is welcomed. If you love others, you will share with others
Leave a Reply