My shopping cart
Your cart is currently empty.
Continue ShoppingPrecise time synchronization is crucial for servers because it guarantees that logs, services, and apps run concurrently.
Notable Linux distributions such as CentOS and AlmaLinux provide tools for maintaining precise system time. Accurate timekeeping is essential to the smooth operation of any server.
Random time settings in multi-server environments can lead to issues with logging, database entries, and overall system performance.
Both CentOS and AlmaLinux, widely used Linux distributions, include built-in tools to effectively manage time synchronization.
In this blog, we'll explain how to use Chrony, an NTP client that was included in those releases, to synchronize the time on your server.
The process of time synchronization ensures that all servers on a network retain the same time for applications that require precise timekeeping.
For example, having precise and synchronized time across all machines is crucial in distributed databases, file systems, and systems where logging is needed for troubleshooting.
Non-synchronized time may cause inconsistencies in log files, which would complicate the detection and fixing of issues. To further prevent replay attacks, exact time stamps are widely employed in security protocols.
In CentOS and AlmaLinux, Chrony is the recommended Network Time Protocol (NTP) implementation. It is quick and lightweight, making it perfect for situations where the system is constantly online or frequently offline. To begin, you need to install Chrony, which is typically not installed by default on minimal installations. Use the yum package manager as follows:
Chrony and any dependencies it might need are downloaded and installed with this command. Installing Chrony is the first step in ensuring that the time on your server is in sync with NTP servers.
After installation, Chrony must be configured to connect to appropriate NTP servers. The primary configuration file for Chrony is located at /etc/chrony.conf. Update this file to choose which NTP servers your server should synchronize with. Open the file with a text editor:
Within this file, you will find the default NTP servers listed. These are typically community-run servers from the NTP pool project. You can add or change these lines to point to more suitable servers, such as those provided by your organization or geographical region:
The burst option is recommended as it speeds up the initial synchronization when the NTP server is reachable. After making your changes, save the file and exit the editor.
Security is essential when configuring time synchronization, especially in environments where network security is a concern. Chrony allows you to restrict which networks or systems can interact with your NTP server. To implement these restrictions, add the following lines to your chrony. conf file:
This line allows your server to be used as an NTP source by systems that are part of the 192.168.1.0/24 subnet. You can also disable network access entirely by omitting the allow directive, making your server a client only.
The service must be launched and configured to launch automatically upon system boot for Chrony to operate as intended. This guarantees that time synchronization never stops and doesn't need to be manually adjusted with every reboot. Execute the following commands:
The enable command configures Chrony to start automatically when the system boots, while the start command initiates the Chrony service immediately. Together, these commands help maintain consistent time synchronization.
It's crucial to confirm that Chrony is operating properly and that your server time is synchronized once it has started. Chrony provides several tools for monitoring its performance. The most commonly used command is:
The current system time, the NTP server in use, and the approximate time synchronization error are among the details that this command outputs. If you want more specific information, use:
This command gives a verbose listing of all NTP sources Chrony is using, along with their status, polling intervals, and more. Reviewing this information helps ensure that your time synchronization setup is functioning as expected.
If time synchronization appears to be malfunctioning, you should first verify the Chrony service's status:
This command shows whether Chrony is active and running. If there are issues, the output will provide clues, such as configuration errors or problems reaching the NTP servers. You can also review the system logs for more detailed information:
Logs can help diagnose issues like network connectivity problems, incorrect server configurations, or firewall settings that might be blocking NTP traffic. Addressing these issues will restore proper time synchronization.
Time synchronization using Chrony on CentOS and AlmaLinux is a robust and reliable way to ensure that your server’s clock is accurate. Proper timekeeping is essential for many server tasks, from logging to security, and by following the detailed steps above, you can ensure your server remains in sync with global time standards. Regularly monitoring and maintaining your time synchronization settings will help prevent time-related issues and keep your server operating smoothly.