{"id":6728,"date":"2017-05-08T16:57:03","date_gmt":"2017-05-08T08:57:03","guid":{"rendered":"http:\/\/rmohan.com\/?p=6728"},"modified":"2017-05-08T16:57:03","modified_gmt":"2017-05-08T08:57:03","slug":"centos-rhel-7-configuring-ntp-using-chrony","status":"publish","type":"post","link":"https:\/\/mohan.sg\/?p=6728","title":{"rendered":"CentOS \/ RHEL 7 : Configuring NTP using chrony"},"content":{"rendered":"<p>\u2013 Chrony provides another implementation of NTP.<br \/>\n\u2013 Chrony is designed for systems that are often powered down or disconnected from the network.<br \/>\n\u2013 The main configuration file is \/etc\/chrony.conf.<br \/>\n\u2013 Parameters are similar to those in the \/etc\/ntp.conf file.<br \/>\n\u2013 chronyd is the daemon that runs in user space.<br \/>\n\u2013 chronyc is a command-line program that provides a command prompt and a number of commands. Examples:<br \/>\ntracking: Displays system time information<br \/>\nsources: Displays information about current sources.<\/p>\n<p>Installing Chrony<\/p>\n<p>Install the chrony package by using the following command:<\/p>\n<p># yum install chrony<br \/>\nUse the following commands to start chronyd and to ensure chronyd starts at boot time:<\/p>\n<p># systemctl start chronyd<br \/>\n# systemctl enable chronyd<br \/>\nConfiguring Chrony<\/p>\n<p>A sample configuration would look like below :<\/p>\n<p># cat \/etc\/chrony.conf<br \/>\nserver a.b.c offline<br \/>\nserver d.e.f offline<br \/>\nserver g.h.i offline<br \/>\nkeyfile \/etc\/chrony.keys generatecommandkey<br \/>\ndriftfile \/var\/lib\/chrony\/drift makestep 10 3<br \/>\nThe parameters are described as follows:<br \/>\nserver: Identifies the NTP servers you want to use. The offline keyword indicates that the servers are not contacted until chronyd receives notification that the link to the Internet is present.<br \/>\nkeyfile: File containing administrator password. Password allows chronyc to log in to chronyd and notify chronyd of the presence of the link to the Internet.<br \/>\ngeneratecommandkey: Generates a random password automatically on the first chronyd start.<br \/>\ndriftfile: Location and name of file containing drift data.<br \/>\nmakestep: Step (start anew) system clock if a large correction is needed. The parameters 10 and 3 would step the system clock if the adjustment is larger than 10 seconds, but only in the first three clock updates.<\/p>\n<p>Although, all these parameters are not required. For this post purpose I am using only below two lines in the configuration file.<\/p>\n<p># cat \/etc\/chrony.conf<br \/>\nserver 192.0.2.1<br \/>\nallow 192.0.2\/24<br \/>\nStarting chrony<\/p>\n<p>Use the systemctl command to start the chrony daemon, chronyd.<\/p>\n<p># systemctl start chronyd<br \/>\nVerify<\/p>\n<p>To check if chrony is synchronized, use the tracking, sources, and sourcestats commands. Run the chronyc tracking command to check chrony tracking. Alternatively you could run chronyc to display a chronyc> prompt, and then run the tracking command from the chronyc> prompt.<\/p>\n<p># chronyc tracking<br \/>\nReference ID : 192.0.2.1 (192.0.2.1)<br \/>\nStratum : 12<br \/>\nRef time (UTC) : Fri Aug 05 19:06:51 2016<br \/>\nSystem time     : 0.000823375 seconds fast of NTP time<br \/>\nLast offset     : 0.001989304 seconds<br \/>\nRMS offset      : 0.060942811 seconds<br \/>\nFrequency       : 1728.043 ppm slow<br \/>\nResidual freq   : 1.100 ppm<br \/>\nSkew            : 94.293 ppm<br \/>\nRoot delay\t    : 0.000207 seconds<br \/>\nRoot dispersion : 0.016767 seconds<br \/>\nUpdate interval : 65.1 seconds<br \/>\nLeap status     : Normal<br \/>\nSome of the important fields are :<br \/>\nReference ID: This is the reference ID and name (or IP address) if available, of the server to which the computer is currently synchronized.<br \/>\nStratum: The stratum indicates how many hops away from a computer with an attached reference clock you are.<br \/>\nRef time: This is the time (UT C) at which the last measurement from the reference source was processed.<\/p>\n<p>Run the chronyc sources command to display information about the current time sources that chronyd is accessing.<\/p>\n<p># chronyc sources<br \/>\n210 Number of sources = 1<br \/>\nMS Name\/IP address    Stratum    Poll   Reach   LastRx   Last sample<br \/>\n=============================================================================<br \/>\n^* 192.0.2.1           11        6      377      63      +1827us[+6783us]&#8230;<br \/>\nSome of the fields are described:<br \/>\nM: The mode of the source. ^ means a server, = means a peer, and # indicates<br \/>\na locally connected reference clock.<br \/>\nS: The state of the sources. \u201c*\u201d indicates the source to which chronyd is currently synchronized. \u201c+\u201d indicates acceptable sources that are combined with the selected source. \u201c-\u201d indicates acceptable sources that are excluded by the combining algorithm. \u201c?\u201d indicates sources to which connectivity has been lost or whose packets do not pass all tests. \u201cx\u201d indicates a clock that chronyd thinks is a false ticker, that is, its time is inconsistent with a majority of other sources. \u201c~\u201d indicates a source whose time appears to have too much variability. The \u201c?\u201d condition is also shown at start-up, until at least three samples have been gathered from it.<br \/>\nName\/IP address: This shows the name or the IP address of the source, or reference ID for reference clocks.<\/p>\n<p>Run the chronyc sourcestats command. This command displays information about the drift rate and offset estimation<br \/>\nprocess for each of the sources currently being examined by chronyd.<\/p>\n<p># chronyc sourcestats<br \/>\n210 Number of sources = 1<br \/>\nName\/IP Address   NP   NR   Span   Frequency   Freq Skew   Offset    Std   Dev<br \/>\n==================================================================================<br \/>\n192.0.2.1         5    4    259    -747.564   1623.869    -2873us          30ms<br \/>\nStop chrony<\/p>\n<p>Use the systemctl command to stop the chrony daemon, chronyd.<\/p>\n<p># systemctl stop chronyd<br \/>\nRun the chronyc tracking command and notice chronyc cannot talk to the chronyd daemon.<\/p>\n<p># chronyc tracking<br \/>\n506 Cannot talk to daemon<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u2013 Chrony provides another implementation of NTP. \u2013 Chrony is designed for systems that are often powered down or disconnected from the network. \u2013 The main configuration file is \/etc\/chrony.conf. \u2013 Parameters are similar to those in the \/etc\/ntp.conf file. \u2013 chronyd is the daemon that runs in user space. \u2013 chronyc is a command-line [&#8230;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[73],"tags":[],"_links":{"self":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/6728"}],"collection":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=6728"}],"version-history":[{"count":1,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/6728\/revisions"}],"predecessor-version":[{"id":6729,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/6728\/revisions\/6729"}],"wp:attachment":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=6728"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=6728"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=6728"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}