Chrony - Httqm's Docs

Description

All details are available at Chrony's homepage, or on Wikipedia.
Just remember that :
- Chrony comes in 2 parts :
  - chronyd : the NTP daemon itself
  - chronyc : a command-line interface for chronyd
- Chrony is one of the implementations that can replace ntpd and ntpdate
```
https://packages.debian.org/stretch/ntpdate
If the full NTP daemon from the package "ntp" is installed, then ntpdate is not necessary.

https://packages.debian.org/buster/ntpdate
ntpdate is deprecated. Please use sntp instead for manual or scripted NTP queries/syncs.

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514318
please remove ntpdate, which is deprecated
```
- I picked Chrony because I needed a NTP solution working both for RHEL 7+ and Debian 9+
- Chrony does not exactly set the system clock (i.e. doing the current date/time is value, like ntpdate does). Instead it speeds / slows the system clock gradually so that it stays close to the right time.
  However, it may step the clock (i.e. jump forward / backward in time) :
  - at boot
  - or if explicitly allowed to do so
  (details)
Details :
- Configuring NTP using the Chrony suite
- Choosing between Chrony and ntpd on RHEL 7

Install

It's pretty straightforward :

apt install chrony
yum install chrony

Configuration (source) :

Depending on the Linux distribution, the configuration file has a different path :

Debian : /etc/chrony/chrony.conf
RHEL : /etc/chrony.conf

When deploying a NTP client, you just have to set the server directive and make sure allow is commented or absent.

Directive	Usage
allow 12.34.56.78	list the subnet / hosts from which NTP clients are allowed to access the computer as an NTP server
logdir path/to/log/directory	explicit, but useless without log
log `metric_1` `metric_2` `metric_3`	list of metrics to log in logdir/logfile
server timeServer [options]	list the servers to use as time sources can (should!) be used multiple times the iburst option helps making the first update of the clock sooner

Check installation (inspired by) :

Get the service status

systemctl status chronyd

● chronyd.service - NTP client/server
   Loaded: loaded (/usr/lib/systemd/system/chronyd.service; enabled; vendor preset: enabled)
   Active: active (running) since Tue 2021-04-13 15:11:07 CEST; 1h ago
	 Docs: man:chronyd(8)
		   man:chrony.conf(5)
 Main PID: 12282 (chronyd)

The service must be :

active
since not too long ago (read below)

if chrony is installed by Ansible and defined as service must be started :

if it was ALREADY installed + started for ages (because part of a default install)
Ansible will leave it as-is, and won't load its new configuration

This step will output :

● chronyd.service - NTP client/server
   Loaded: loaded (/usr/lib/systemd/system/chronyd.service; enabled; vendor preset: enabled)
   Active: active (running) since Fri 2021-03-26 08:57:07 CET; 2 weeks 4 days ago
	 Docs: man:chronyd(8)
		   man:chrony.conf(5)
 Main PID: 6087 (chronyd)

... meaning the latest changes made to chrony.conf by Ansible have not been loaded yet.

Check chronyd has time sources

chronyc sources -v

210 Number of sources = 2								ok if it matches the number of server entries in chrony.conf

  .-- Source mode  '^' = server, '=' = peer, '#' = local clock.
 / .- Source state '*' = current synced, '+' = combined , '-' = not combined,
| /   '?' = unreachable, 'x' = time may be in error, '~' = time too variable.
||                                                 .- xxxx [ yyyy ] +/- zzzz
||      Reachability register (octal) -.           |  xxxx = adjusted offset,
||      Log2(Polling interval) --.      |          |  yyyy = measured offset,
||                                \     |          |  zzzz = estimated error.
||                                 |    |           \
MS Name/IP address         Stratum Poll Reach LastRx Last sample
===============================================================================
^* ntp1.example.com           5   6   377    47    +24ms[  +24ms] +/-  136ms		ok if one source has ^*
^+ ntp2.example.com           4   9   377    91    -27ms[  -26ms] +/-  214ms

Get the current NTP time

chronyc tracking

Reference ID    : 0A1B1981 (ntp1.example.com)		should refer to the same source as in the previous step
Stratum         : 6
Ref time (UTC)  : Wed Apr 14 07:05:17 2021			if you are not back to Epoch, it means it's working 
System time     : 0.002320022 seconds fast of NTP time		below are various metrics about the local clock and drift from the real time
Last offset     : +0.000871681 seconds
RMS offset      : 0.002877922 seconds
Frequency       : 24.251 ppm slow
Residual freq   : +0.247 ppm
Skew            : 6.148 ppm
Root delay      : 0.063965246 seconds
Root dispersion : 0.105693020 seconds
Update interval : 64.7 seconds
Leap status     : Normal