How to Sync Server Time in Centos & Almalinux

Precise time synchronization is crucial for servers because it guarantees that logs, services, and apps run concurrently.

Notable Linux distributions such as CentOS and AlmaLinux provide tools for maintaining precise system time. Accurate timekeeping is essential to the smooth operation of any server.

Random time settings in multi-server environments can lead to issues with logging, database entries, and overall system performance.  

Both CentOS and AlmaLinux, widely used Linux distributions, include built-in tools to effectively manage time synchronization. 

In this blog, we'll explain how to use Chrony, an NTP client that was included in those releases, to synchronize the time on your server.  

Understanding the Importance of Time Synchronization 

The process of time synchronization ensures that all servers on a network retain the same time for applications that require precise timekeeping. 

For example, having precise and synchronized time across all machines is crucial in distributed databases, file systems, and systems where logging is needed for troubleshooting.

Non-synchronized time may cause inconsistencies in log files, which would complicate the detection and fixing of issues. To further prevent replay attacks, exact time stamps are widely employed in security protocols.

Installing Chrony: The Default Time Synchronization Tool 

In CentOS and AlmaLinux, Chrony is the recommended Network Time Protocol (NTP) implementation. It is quick and lightweight, making it perfect for situations where the system is constantly online or frequently offline. To begin, you need to install Chrony, which is typically not installed by default on minimal installations. Use the yum package manager as follows:

  • bash
  • Copy code

  • sudo yum install chrony

    Chrony and any dependencies it might need are downloaded and installed with this command. Installing Chrony is the first step in ensuring that the time on your server is in sync with NTP servers.  

    Configuring Chrony for Time Synchronization

    After installation, Chrony must be configured to connect to appropriate NTP servers. The primary configuration file for Chrony is located at /etc/chrony.conf. Update this file to choose which NTP servers your server should synchronize with. Open the file with a text editor:

  • bash
  • Copy code

  • sudo nano /etc/chrony.conf

    Within this file, you will find the default NTP servers listed. These are typically community-run servers from the NTP pool project. You can add or change these lines to point to more suitable servers, such as those provided by your organization or geographical region:

  • bash
  • Copy code

  • server 0.centos.pool.ntp.org burst
  • server 1.centos.pool.ntp.org burst
  • server 2.centos.pool.ntp.org burst

  • The burst option is recommended as it speeds up the initial synchronization when the NTP server is reachable. After making your changes, save the file and exit the editor.

    Securing Chrony Configuration

    Security is essential when configuring time synchronization, especially in environments where network security is a concern. Chrony allows you to restrict which networks or systems can interact with your NTP server. To implement these restrictions, add the following lines to your chrony. conf file:

  • bash
  • Copy code

  • Allow 192.168.1.0/24

    This line allows your server to be used as an NTP source by systems that are part of the 192.168.1.0/24 subnet. You can also disable network access entirely by omitting the allow directive, making your server a client only.

    Starting and Enabling the Chrony Service

    The service must be launched and configured to launch automatically upon system boot for Chrony to operate as intended. This guarantees that time synchronization never stops and doesn't need to be manually adjusted with every reboot. Execute the following commands:

  • bash
  • Copy code
  • sudo systemctl enable chronyd

  • sudo systemctl start chronyd

    The enable command configures Chrony to start automatically when the system boots, while the start command initiates the Chrony service immediately. Together, these commands help maintain consistent time synchronization.

    Monitoring and Verifying Time Synchronization

    It's crucial to confirm that Chrony is operating properly and that your server time is synchronized once it has started. Chrony provides several tools for monitoring its performance. The most commonly used command is:

  • bash
  • Copy code

  • chronic tracking

    The current system time, the NTP server in use, and the approximate time synchronization error are among the details that this command outputs. If you want more specific information, use:

  • bash
  • Copy code

  • chronic sources -v

    This command gives a verbose listing of all NTP sources Chrony is using, along with their status, polling intervals, and more. Reviewing this information helps ensure that your time synchronization setup is functioning as expected.

    Troubleshooting Common Time Synchronization Issues

    If time synchronization appears to be malfunctioning, you should first verify the Chrony service's status: 

  • bash
  • Copy code

  • sudo systemctl status chronyd

    This command shows whether Chrony is active and running. If there are issues, the output will provide clues, such as configuration errors or problems reaching the NTP servers. You can also review the system logs for more detailed information:

  • bash
  • Copy code

  • sudo journalctl -u chronyd

    Logs can help diagnose issues like network connectivity problems, incorrect server configurations, or firewall settings that might be blocking NTP traffic. Addressing these issues will restore proper time synchronization.

    Read More: What Is a Ransomware Attack? Protection and Removal

    Conclusion

    Time synchronization using Chrony on CentOS and AlmaLinux is a robust and reliable way to ensure that your server’s clock is accurate. Proper timekeeping is essential for many server tasks, from logging to security, and by following the detailed steps above, you can ensure your server remains in sync with global time standards. Regularly monitoring and maintaining your time synchronization settings will help prevent time-related issues and keep your server operating smoothly.

    Colocation FAQs

    About Server Colocation UK

    Our servers are located in our own data center which is located in Derby, United Kingdom.
    The data center is fully owned and managed by Data center plus, giving us the flexibility to work with our customers requirements and provide unrivaled levels of support.

    Our data center is located next to Mansfield Road, Derby, UK. We are very accessible.
    Our address is: Suite 18, Parker House, Mansfield Road, Derby, DE21 4SZ

    Tour of our data center facilities is reserved for customers who are looking for colocation services with Data center plus.
    If you would like to visit the data center, we must receive at least 24 hours notice.
    You will also require to bring a form of ID in the form of a passport or driving license. We cannot allow anyone into the data center failing these requirements.

    If you would like to place an order please contact us directly.
    You can contact our sales team directly on 0808 169 7866 or emailing info@servercolocation.uk.
    If you are an existing customer, log in to the site and simply check out after selecting your new service and proceed to payment options. The details of your new service will be added to your account portal.
    If you are placing an order that is an upgrade to your existing one, get in touch with your account manager or raise a support ticket at info@servercolocation.uk.

    Support

    If you are experiencing issues with your server, we recommend that the first you do is to raise a support ticket with our support team.
    This can be done by sending an email to info@servercolocation.uk.
    Alternatively, if the matter is time sensitive, feel free to give us a call on 0808 169 7866 and select the option for Support.
    We have a 30 minute SLA response time to any ticket raised.

    Remote hands cover requests made within office hours.
    Our Remote Hands service covers assistance with the following items:
    – Server reboots
    – CDROM connect/disconnect
    – Cable checks and moving network cables.
    – Checking/relaying diagnostics information back to the customer.
    If you require services outside of the above (for example, installation of software), we can provide this as part of our Additional Services, which is chargeable. Please contact your account manager or our helpdesk for further information.

    Support for hardware failure is 24/7/365 on our Managed Servers.
    Most failed hardware components can be replaced within 1 hour (during office hours and subject to parts being in stock.
    Office Hours: 08:30 – 18:00

    Emergency support work