How to install Chrony Server on CentOS 8

Share on Social Media

Chrony is the default NTP client / server software in Linux. In this article, you will learn how to install chrony on CentOS 8. #centlinux #linux #ntp

What is NTP?

Network Time Protocol (NTP) is a networking protocol used to synchronize the clocks of computers and devices over a network. It ensures that the time across all systems in a network is accurate and consistent. Here are some key points about NTP:

Overall, NTP plays a fundamental role in ensuring that the time is synchronized across all devices in a network, which is essential for reliable and secure operations.

What is NTP Server?

An NTP server is a networked device that uses the Network Time Protocol (NTP) to provide precise time information to other devices within a network. It acts as a reference point for the accurate time and enables clients to synchronize their clocks. Here are the key aspects of an NTP server:

  1. Function: The primary function of an NTP server is to distribute accurate time to clients (other devices) on the network. Clients query the NTP server for the current time, which they then use to adjust their own clocks.
  2. Time Sources: NTP servers typically obtain accurate time from higher-level time sources:
  • Stratum 0 Devices: These include highly accurate timekeeping devices like GPS receivers or atomic clocks.
  • Stratum 1 Servers: These are directly synchronized with Stratum 0 devices.
  • Stratum 2 and Below: These servers get their time from Stratum 1 servers, creating a hierarchical structure.
  1. Synchronization Process: The synchronization process involves the client requesting time data from the NTP server, receiving the time, and then adjusting its clock accordingly. This helps ensure that all devices on the network have consistent time.
  2. Deployment: NTP servers can be deployed in various ways:
  • Public NTP Servers: These are accessible over the internet and provide time to any requesting client.
  • Private NTP Servers: These are deployed within a private network to serve internal devices, often for security and reliability reasons.
  1. Accuracy and Reliability: NTP servers are designed to provide highly accurate time, often within milliseconds of the true time. They also include mechanisms to maintain reliability, such as adjusting for network delays and correcting for clock drift.
  2. Security Considerations: Secure NTP servers implement measures to protect against malicious attacks and ensure the integrity of time data. This includes using authenticated NTP (NTPsec) and firewall rules to control access.
  3. Applications: NTP servers are crucial in various applications, including:
  • Telecommunications: Ensuring synchronized time for seamless communication.
  • Financial Services: Accurate time-stamping for transactions.
  • Data Centers: Coordinating server operations and logging.
  • Industrial Systems: Maintaining synchronized operations across devices.

Overall, an NTP server is essential for maintaining consistent and accurate time across devices in a network, ensuring synchronized operations, and supporting time-sensitive applications.

Recommended Online Training: Learn Bash Shell in Linux for Beginners

745772 0021

Chrony vs NTP

Chrony and NTP (Network Time Protocol) are both tools used for time synchronization in computer networks, but they have some differences in terms of features, performance, and use cases. Here’s a comparison:

NTP (Network Time Protocol)

Established Protocol:

  • History: NTP has been around for decades and is one of the oldest networking protocols still in use.
  • Standardization: It is a well-established standard for time synchronization.

Software Implementations:

  • ntpd: The traditional NTP daemon used for synchronizing time on Unix-like systems.
  • ntpsec: A more secure and modern implementation of ntpd, focusing on security enhancements.

Features:

  • Accuracy: NTP can achieve accuracy in the range of milliseconds.
  • Hierarchical Structure: Uses stratum levels to denote the distance from the reference clock.
  • Security: Supports authentication to ensure secure time synchronization.

Use Cases:

  • Long-Running Servers: Often used in environments where systems run continuously and need stable time synchronization.
  • Complex Networks: Suitable for large and complex network infrastructures.

Chrony

Modern Alternative:

  • Development: Chrony is a newer implementation designed to work well in a variety of conditions, including transient and intermittent network connections.
  • Flexibility: Developed to address some limitations of traditional ntpd.

Performance:

  • Accuracy: Chrony can achieve similar or better accuracy compared to ntpd, often within milliseconds or better.
  • Speed: It synchronizes the system clock faster, making it more suitable for systems that are not always online.
  • Adaptability: Performs well in virtualized environments and on laptops that frequently switch networks.

Features:

  • Robustness: Better handling of intermittent network connections and large time offsets.
  • Power Efficiency: More efficient, which can be beneficial for battery-powered devices.
  • Dynamic Adjustments: Adjusts the system clock more dynamically, which helps in environments with variable network delays.

Use Cases:

  • Mobile Devices: Ideal for laptops, mobile devices, and other systems that do not have a constant network connection.
  • Virtual Machines: Performs well in virtual environments where timekeeping can be challenging.
  • Embedded Systems: Suitable for systems with limited resources.

Summary

  • NTP (ntpd): Best for traditional, long-running servers in stable network environments. It is a well-established and widely used protocol with a strong focus on accuracy and security.
  • Chrony: Ideal for environments with intermittent connectivity, such as laptops and virtual machines. It is designed for faster synchronization, robustness, and efficiency.

Both tools can achieve highly accurate time synchronization, but Chrony offers advantages in modern and dynamic environments where conditions are less predictable. Choosing between the two depends on your specific use case and network conditions.

Read Also: Setup Chrony NTP Server on Rocky Linux 8

Environment Specification

We are using a minimal CentOS 8 virtual machine with following specifications.

  • CPU – 3.4 Ghz (2 cores)
  • Memory – 1 GB
  • Storage – 20 GB
  • Operating System – CentOS 8.2
  • Hostname – ntp-server.centlinux.com
  • IP Address – 192.168.116.206 /24

Install Chrony Server on CentOS 8

By using a SSH client, connect with ntp-server.centlinux.com as root user.

By default, Chrony works as a NTP client and synchronize the clock of your Linux server with network time servers or network time peers.

You can enable Chrony NTP service to make it a full fledge network time server / peer.

First of all, you need to install Chrony software package on your Linux operating system.

Execute dnf command to install chrony software package..

# dnf install -y chrony

Enable and start chronyd service.

# systemctl enable --now chronyd.service

Configure Chrony as NTP Client

The NTP client is started with default configurations and synchronizing your Linux server clock with available network time servers / peers.

To get a list of available network time servers / peers, we can execute following Linux command.

# chronyc sources -v
210 Number of sources = 4

  .-- Source mode  '^' = server, '=' = peer, '#' = local clock.
 / .- Source state '*' = current synced, '+' = combined , '-' = not combined,
| /   '?' = unreachable, 'x' = time may be in error, '~' = time too variable.
||                                                 .- xxxx [ yyyy ] +/- zzzz
||      Reachability register (octal) -.           |  xxxx = adjusted offset,
||      Log2(Polling interval) --.      |          |  yyyy = measured offset,
||                                     |          |  zzzz = estimated error.
||                                 |    |           
MS Name/IP address         Stratum Poll Reach LastRx Last sample
===============================================================================
^* time.cloudflare.com           3   6    17    54  +6607us[  -33ms] +/-  104ms
^- 119.159.246.253               2   6    17    53    +30ms[  +30ms] +/-  102ms
^? time.cloudflare.com           0   6     0     -     +0ns[   +0ns] +/-    0ns
^+ cdns-khi-02.ptcl.net.pk       2   6    17    54    +12ms[  +12ms] +/-  113ms

Check the CentOS / Red Hat Linux server time.

# date
Sun Oct 11 22:16:26 PKT 2020

Configure Chrony as NTP Server

To configure your NTP server, you will need to allow your network address in Chrony configuration file.

# vi /etc/chrony.conf

Search for the “allow” directives and add following line beneath it.

allow 192.168.116.0/24

Restart chronyd NTP service to apply changes.

# systemctl restart chronyd.service

Verify that the chronyd service is listening on the default NTP port.

# ss -tulpn | grep 123
udp     UNCONN   0        0                0.0.0.0:123           0.0.0.0:*       users:(("chronyd",pid=10011,fd=9))

The Chrony NTP service is running fine. To make it usable by the network clients, you are only required to allow incoming traffic to this port through Linux firewall.

Firewalld is the default firewall software in CentOS 8. It has a predefined service for NTP service ports. Therefore, to allow incoming traffic, you are only required to enable NTP service in Linux firewall as follows.

# firewall-cmd --permanent --add-service=ntp
success
# firewall-cmd --reload
success

Your Chrony based NTP server has been configured successfully and ready to use.

If you are new to Linux and facing difficulty in working at Linux Bash prompt. We recommend that, you should read The Linux Command Line, 2nd Edition: A Complete Introduction by William Shotts.

Final Thoughts

Installing a Chrony server on CentOS 8 is an excellent choice for ensuring precise and reliable time synchronization across your network. Chrony offers several advantages, including fast synchronization, robustness in dynamic environments, and efficient resource usage, making it suitable for both traditional servers and modern, mobile, or virtualized systems.

If you need detailed instructions or personalized assistance with installing and configuring a Chrony server on CentOS 8, I offer professional services to guide you through the process. Check out my Fiverr gig for expert help:

Fiverr Gig: Linux Server Configuration

Achieve accurate time synchronization with ease by leveraging my expertise!

Leave a Comment