Click on each book below to review & buy on Amazon.
As an Amazon Associate, I earn from qualifying purchases.
RHCSA - Deploy, Configure, & Maintain Systems: Configure Time Service Clients
A time service client interacts with a time service or server to obtain accurate and synchronized time information. Time service clients maintain consistent timekeeping across distributed systems, networks, and devices, enabling synchronization for tasks such as logging, authentication, event coordination, and data integrity. By querying a time service, the client ensures that the local system's clock remains aligned with a reliable global time reference, often using protocols like Network Time Protocol (NTP) or Precision Time Protocol (PTP).
Chrony
Chrony is the time service client used on Red Hat systems and is responsible for providing accurate and synchronized timekeeping by constantly adjusting the system clock using data from reliable time sources, ensuring precise timestamping, event scheduling, and coordinated operations within distributed computing environments.
The systemd service for Chrony is chronyd
(chrony daemon) and it should be installed and enabled by default:
Managing the chronyd
service:
Check the status of the service:
systemctl status chronyd
The status shows the service as active (running)
and enabled
to start on boot. It also shows the last few entries of the chronyd
log, in this case showing the IP address of the servers in the NTP pool that are being used:
● chronyd.service - NTP client/server
Loaded: loaded (/usr/lib/systemd/system/chronyd.service; enabled; preset: enabled)
Active: active (running) since Sat 2023-08-12 07:02:50 BST; 46min ago
Docs: man:chronyd(8)
man:chrony.conf(5)
Process: 776 ExecStart=/usr/sbin/chronyd $OPTIONS (code=exited, status=0/SUCCESS)
Main PID: 819 (chronyd)
Tasks: 1 (limit: 48714)
Memory: 3.8M
CPU: 134ms
CGroup: /system.slice/chronyd.service
└─819 /usr/sbin/chronyd -F 2
Aug 12 07:03:00 rhcsa-install.home.arpa chronyd[819]: System clock was stepped by 1.125803 seconds
Aug 12 07:03:00 rhcsa-install.home.arpa chronyd[819]: System clock TAI offset set to 37 seconds
Aug 12 07:05:09 rhcsa-install.home.arpa chronyd[819]: Selected source 83.151.207.133 (2.rhel.pool.ntp.org)
Aug 12 07:08:27 rhcsa-install.home.arpa chronyd[819]: Selected source 85.199.214.100 (2.rhel.pool.ntp.org)
Aug 12 07:11:39 rhcsa-install.home.arpa chronyd[819]: Selected source 85.199.214.101 (2.rhel.pool.ntp.org)
Aug 12 07:11:41 rhcsa-install.home.arpa chronyd[819]: Source 85.199.214.100 replaced with 185.83.169.27 (2.rhel.pool.ntp.org)
Aug 12 07:20:17 rhcsa-install.home.arpa chronyd[819]: Selected source 185.83.169.27 (2.rhel.pool.ntp.org)
Aug 12 07:20:17 rhcsa-install.home.arpa chronyd[819]: Selected source 85.199.214.101 (2.rhel.pool.ntp.org)
Aug 12 07:39:39 rhcsa-install.home.arpa chronyd[819]: Selected source 185.83.169.27 (2.rhel.pool.ntp.org)
Aug 12 07:40:44 rhcsa-install.home.arpa chronyd[819]: Selected source 85.199.214.101 (2.rhel.pool.ntp.org)
If the service is not showing as running and/or enabled, then start and enable the service by running:
sudo systemctl enable --now chronyd
The chronyc
command can be useful for determining information on time synchronization. the sub-command tracking
displays parameters about the system’s clock performance, whilst the sub-command sources
displays information about the current time sources that chronyd is accessing.
View current clock performance and time sources information:
Display clock performance information:
chronyc tracking
Your output will look similar to the following. In my case you can see that the System time
is slow compared to the NTP time source which by this small amount is very common. If you run the command multiple times you can see the Last offset
changing as the System time
becomes more or less in sync:
Reference ID : 55C7D665 (85.199.214.101)
Stratum : 2
Ref time (UTC) : Sat Aug 12 07:12:01 2023
System time : 0.000113668 seconds slow of NTP time
Last offset : +0.000055032 seconds
RMS offset : 0.014545349 seconds
Frequency : 25.413 ppm fast
Residual freq : +0.013 ppm
Skew : 1.067 ppm
Root delay : 0.018038873 seconds
Root dispersion : 0.000277391 seconds
Update interval : 129.2 seconds
Leap status : Normal
Display the current time sources:
chronyc sources
In the example output you can see the hostnames and IPs of the time sources that are synchronized with.
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^+ earth.peaceable.it 2 7 377 37 +2330us[+2330us] +/- 12ms
^- 83-151-207-133.customer.> 2 7 377 41 -3811us[-3811us] +/- 17ms
^* 85.199.214.101 1 7 327 42 +157us[ +67us] +/- 8968us
^- ams.aput.net 2 7 377 38 -3367us[-3367us] +/- 30ms
To configure the Chrony time service client you use configuration file /etc/chrony.conf
, and one of the most common configuration changes to make is updating the default pool of NTP servers to internal NTP servers.
In the following exercise you will update the time source in this file from the default Red Hat pool 2.rhel.pool.ntp.org
to the Windows pool time.windows.com
, observing how the output of chronyc sources
from the previous exercise has now changed.
Update Chrony time source to use the time.windows.com
pool:
Open /etc/chrony.conf
in an editor of your choice:
sudo vim /etc/chrony.conf
Update the pool line so it reads:
pool time.windows.com iburst
Save and quit the configuration file.
Restart the chronyd
service for changes to take affect:
sudo systemctl restart chronyd
Confirm the time source in use has changed:
chronyc sources
You should now see different entires compared to the previous exercise confirming the new time server(s) are in use:
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* 51.145.123.29 3 6 37 3 +231us[ -202us] +/- 42ms
Support DTV Linux
Click on each book below to review & buy on Amazon. As an Amazon Associate, I earn from qualifying purchases.
NordVPN ®: Elevate your online privacy and security. Grab our Special Offer to safeguard your data on public Wi-Fi and secure your devices. I may earn a commission on purchases made through this link.