Loading...

VONDS ©

Lab 77: Network Time Protocol (NTP) with chrony

Lab Index

Stabilize a system with incorrect time by installing and using chrony-based NTP tooling on a RHEL system. Validate upstream time sources, force a one-time clock step adjustment, then ensure the time service is enabled and running at boot.

time chrony services

Scenario

Your server’s system time is incorrect, and it is causing operational issues such as failed TLS handshakes, log timestamps that do not align across hosts, and unreliable scheduling behavior. You need to synchronize time using the RHEL-standard chrony tooling and confirm the service stays healthy across reboots.

Operator context

Correct time is a dependency for authentication, logging, monitoring correlation, and certificate validation. Treat time sync as a baseline system health requirement before deeper service-level troubleshooting.

Objective

  • Install chrony using the system package manager.
  • Inspect configured time sources and sync state.
  • Force an immediate step correction when appropriate.
  • Enable and start chronyd so it persists across reboots.

What You’ll Practice

  • Installing system packages on RHEL with dnf.
  • Inspecting NTP sources and sync status with chronyc sources -v.
  • Applying an immediate time step correction with chronyc makestep.
  • Managing service lifecycle with systemctl enable --now.

Walkthrough

Step 1 : Install chrony (NTP client/server).
Command 
sudo dnf install -y chrony

RHEL uses chrony for NTP by default. Installing the package provides the chronyd daemon and the chronyc control utility. 

Dependencies resolved.
Install  1 Package
Installing       :  chrony-4.4-1.el9.x86_64
Step 2 : Query current time sources.
Command 
chronyc sources -v

This shows configured sources and whether the host is currently synchronized. Look for the leading symbol ^* indicating the active selected source and confirm that sources are reachable. 

MS Name/IP address         Stratum Poll Reach LastRx Last sample
^* time.cloudflare.com          3   6   377    32   -0.000123   0.000345
^+ 0.rhel.pool.ntp.org          2   6   377    58   -0.000456   0.000789
Step 3 : Force an immediate step adjustment.
Safety note

Stepping time can disrupt time-sensitive workloads. Use makestep when you need to correct a significantly wrong clock quickly (for example after a VM snapshot restore), and prefer gradual slewing during normal steady-state operations.

Command 
sudo chronyc makestep

This requests an immediate correction rather than waiting for small gradual adjustments to converge. 

200 OK
makestep: adjusted offset by 0.000456 seconds
Step 4 : Enable and start the chrony service at boot.
Command 
sudo systemctl enable --now chronyd

enable ensures the service starts on boot. --now starts it immediately so you can verify state right away. 

Created symlink /etc/systemd/system/multi-user.target.wants/chronyd.service → /usr/lib/systemd/system/chronyd.service.
Job for chronyd.service started successfully.
Step 5 : Confirm sync status after startup.
Command 
chronyc tracking
chronyc sources -v

tracking provides a summary of sync state and offset behavior. Re-checking sources confirms reachability and the currently selected upstream server. 

# Example signals that time sync is healthy:
# Leap status     : Normal
# System time     : ... seconds fast/slow of NTP time
# ^* indicates current selected source

Reference

  • dnf install chrony : Installs the chrony daemon (chronyd) and client tooling (chronyc).
  • chronyc sources -v : Lists configured NTP sources, reachability, and the selected source marker (^*).
  • chronyc makestep : Forces an immediate step correction of system time.
  • systemctl enable --now chronyd : Enables chrony to start on boot and starts it immediately.
  • chronyc tracking : Displays synchronization status and time offset metrics.