Presentation
NTP (Network Time Protocol) is a protocol to keep servers time synchronized: one or several master servers provide time to client servers that can themselves provide time to other client servers (notion of stratus).
This tutorial deals with client side configuration, even though server configuration is not entirely different.
Two main packages are used in RHEL 7 to set up the client side:
- ntp: this is the classic package, already existing in RHEL 6, RHEL 5, etc.
- chrony: this is a new solution better suited for portable PC or servers with network connection problems (time synchronization is quicker). chrony is the default package in RHEL 7.
Prerequisites
Before anything else, you need to assign the correct time zone.
To get the current configuration, type:
123456789101112131415 # timedatectlLocal time: Sat 2015-11-07 08:17:33 ESTUniversal time: Sat 2015-11-07 13:17:33 UTCRTC time: Sat 2015-11-07 13:17:33Timezone: <strong>America/New_York (EST, -0500)</strong>NTP enabled: yesNTP synchronized: yesRTC in local TZ: noDST active: noLast DST change: DST ended atSun 2015-11-01 01:59:59 EDTSun 2015-11-01 01:00:00 ESTNext DST change: DST begins (the clock jumps one hour forward) atSun 2016-03-13 01:59:59 ESTSun 2016-03-13 03:00:00 EDTTo get the list of all the available time zones, type:
12345678910111213141516 # timedatectl list-timezonesAfrica/AbidjanAfrica/AccraAfrica/Addis_Ababa...America/La_PazAmerica/LimaAmerica/Los_Angeles...Asia/SeoulAsia/ShanghaiAsia/Singapore...Pacific/TongatapuPacific/WakePacific/WallisFinally, to set a specific time zone (here America/Los_Angeles), type:
1 # timedatectl set-timezone America/Los_AngelesThen, to check your new configuration, type:
123456789101112131415 # timedatectlLocal time: Sat 2015-11-07 05:32:43 PSTUniversal time: Sat 2015-11-07 13:32:43 UTCRTC time: Sat 2015-11-07 13:32:43Timezone: America/Los_Angeles (PST, -0800)NTP enabled: yesNTP synchronized: yesRTC in local TZ: noDST active: noLast DST change: DST ended atSun 2015-11-01 01:59:59 PDTSun 2015-11-01 01:00:00 PSTNext DST change: DST begins (the clock jumps one hour forward) atSun 2016-03-13 01:59:59 PSTSun 2016-03-13 03:00:00 PDTThe NTP Package
Install the NTP package:
1 # yum install -y ntpActivate the NTP service at boot:
1 # systemctl enable ntpdStart the NTP service:
1 # systemctl start ntpdThe NTP configuration is in the /etc/ntp.conf file:
123456789101112131415161718192021222324252627 # For more information about this file, see the man pages# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).driftfile /var/lib/ntp/drift# Permit time synchronization with our time source, but do not# permit the source to query or modify the service on this system.restrict default nomodify notrap nopeer noquery# Permit all access over the loopback interface. This could# be tightened as well, but to do so would effect some of# the administrative functions.restrict 127.0.0.1restrict ::1# Use public servers from the pool.ntp.org project.# Please consider joining the pool (http://www.pool.ntp.org/join.html).server 0.centos.pool.ntp.org iburstserver 1.centos.pool.ntp.org iburstserver 2.centos.pool.ntp.org iburstserver 3.centos.pool.ntp.org iburstincludefile /etc/ntp/crypto/pw# Key file containing the keys and key identifiers used when operating# with symmetric key cryptography.keys /etc/ntp/keysNote: For basic configuration purpose, only the server directives could need a change to point at a different set of master time servers than the defaults specified.
To get some information about the time synchronization process, type:
1234567 # ntpq -premote refid st t when poll reach delay offset jitter==============================================================================*y.ns.gin.ntt.ne 192.93.2.20 2 u 47 64 377 27.136 6.958 11.322+ns1.univ-montp3 192.93.2.20 2 u 45 64 377 34.836 -0.009 11.463+merlin.ensma.ne 193.204.114.232 2 u 48 64 377 34.586 4.443 11.370+obsidian.ad-not 131.188.3.220 2 u 50 64 377 22.548 4.256 12.077Alternatively, to get a basic report, type:
1234 # ntpstatsynchronised to NTP server (129.250.35.251) at stratum 3time correct to within 60 mspolling server every 64 sTo quickly synchronize a server, type:
1234 # systemctl stop ntpd# ntpdate pool.ntp.org5 Jul 10:36:58 ntpdate[2190]: adjust time server 95.81.173.74 offset -0.005354 sec# systemctl start ntpdThe Chrony Package
Alternatively, you can install the new Chrony service that is quicker to synchronize clocks in mobile and virtual systems.
Install the Chrony service:
1 # yum install -y chronyActivate the Chrony service at boot:
1 # systemctl enable chronydStart the Chrony service:
1 # systemctl start chronydThe Chrony configuration is in the /etc/chrony.conf file:
123456789101112131415161718192021222324252627282930313233343536373839 # Use public servers from the pool.ntp.org project.# Please consider joining the pool (http://www.pool.ntp.org/join.html).server 0.centos.pool.ntp.org iburstserver 1.centos.pool.ntp.org iburstserver 2.centos.pool.ntp.org iburstserver 3.centos.pool.ntp.org iburst# Ignore stratum in source selection.stratumweight 0# Record the rate at which the system clock gains/losses time.driftfile /var/lib/chrony/drift# Enable kernel RTC synchronization.rtcsync# In first three updates step the system clock instead of slew# if the adjustment is larger than 10 seconds.makestep 10 3# Listen for commands only on localhost.bindcmdaddress 127.0.0.1bindcmdaddress ::1keyfile /etc/chrony.keys# Specify the key used as password for chronyc.commandkey 1# Generate command key if missing.generatecommandkey# Disable logging of client accesses.noclientlog# Send a message to syslog if a clock adjustment is larger than 0.5 seconds.logchange 0.5logdir /var/log/chronyNote: For basic configuration purpose, only the server directives could need a change to point at a different set of master time servers than the defaults specified.
To get information about the main time reference, type:
1234567891011121314 # chronyc trackingReference ID : 94.23.44.157 (merzhin.deuza.net)Stratum : 3Ref time (UTC) : Thu Jul 3 22:26:27 2014System time : 0.000265665 seconds fast of NTP timeLast offset : 0.000599796 secondsRMS offset : 3619.895751953 secondsFrequency : 0.070 ppm slowResidual freq : 0.012 ppmSkew : 0.164 ppmRoot delay : 0.030609 secondsRoot dispersion : 0.005556 secondsUpdate interval : 1026.9 secondsLeap status : NormalTo get equivalent information to the ntpq command, type:
1234567891011121314151617181920212223242526272829303132333435 # chronyc sources -v210 Number of sources = 4.-- Source mode '^' = server, '=' = peer, '#' = local clock./ .- Source state '*' = current synced, '+' = combined , '-' = not combined,| / '?' = unreachable, 'x' = time may be in error, '~' = time too variable.|| .- xxxx [ yyyy ] +/- zzzz|| / xxxx = adjusted offset,|| Log2(Polling interval) -. | yyyy = measured offset,|| \ | zzzz = estimated error.|| | |MS Name/IP address Stratum Poll Reach LastRx Last sample===============================================================================^+ merlin.ensma.fr 2 6 77 61 +295us[+1028us] +/- 69ms^* lafkor.de 2 6 77 61 -1371us[ -638us] +/- 65ms^+ kimsuflol.iroqwa.org 3 6 77 61 -240us[ -240us] +/- 92ms^+ merzhin.deuza.net 2 6 77 61 +52us[ +52us] +/- 48ms# chronyc sourcestats -v210 Number of sources = 4.- Number of sample points in measurement set./ .- Number of residual runs with same sign.| / .- Length of measurement set (time).| | / .- Est. clock freq error (ppm).| | | / .- Est. error in freq.| | | | / .- Est. offset.| | | | | | On the -.| | | | | | samples. \| | | | | | |Name/IP Address NP NR Span Frequency Freq Skew Offset Std Dev==============================================================================merlin.ensma.fr 7 5 200 0.106 6.541 +381us 176uslafkor.de 7 4 199 0.143 10.145 -916us 290uskimsuflol.iroqwa.org 7 7 200 -0.298 6.717 +69us 184usmerzhin.deuza.net 7 5 200 0.585 11.293 +675us 314usTo quickly synchronize a server, type:
12 # ntpdate pool.ntp.org5 Jul 10:31:06 ntpdate[2135]: step time server 193.55.167.1 offset 121873.493146 secNote: You don’t need to stop the Chrony service to synchronize the server.
Additional Resources
You can read these Red Hat articles about leap seconds management, how to resolve leap second issues or the differences between NTP and PTP.
The xmodulo website provides a tutorial on How to set up NTP server in CentOS.
Documentation about NTP is available at the NTP Documentation Archive website.Beyond the exam objectives, virtualization can trigger problems (see this thread) and it is useful to know How to avoid VM clock drift.
You can also be interested in converting a Raspberry PI into a stratum 1 NTP server.