| Table of Contents |
|---|
Overview
Chrony is a versatile implementation of the Network Time Protocol (NTP). It can synchronise the system clock with NTP servers, reference clocks (e.g. GPS receiver), and manual input using wristwatch and keyboard. It can also operate as an NTPv4 (RFC 5905) server and peer to provide a time service to other computers in the network.
Install Chrony
| Code Block |
|---|
sudo apt update sudo apt install chrony |
Configure Chrony
The config file is:
| Code Block |
|---|
/etc/chrony/chrony.conf |
...
| Code Block |
|---|
log measurements statistics tracking logdir /var/log/chrony |
Restart Chrony
After editing /etc/chrony/chrony.conf:
...
| Code Block |
|---|
sudo systemctl enable chrony |
Interact with Chrony
Chrony has a command-line tool:
...
| Code Block |
|---|
chronyc tracking |
Example: See Synchronization Status
| Code Block |
|---|
chronyc tracking Reference ID : 8.8.8.8 (time.google.com) Stratum : 2 Ref time (UTC) : Tue Apr 29 20:10:12 2025 System time : 0.000045678 seconds fast of NTP time Last offset : +0.000034567 seconds RMS offset : 0.000045678 seconds Frequency : 1.234 ppm fast |
Force Immediate Sync (Useful for Fresh Setups)
| Code Block |
|---|
sudo chronyc makestep |
This forces the system clock to immediately jump to the correct time instead of slewing it gradually (normally, NTP likes to gradually adjust).
...
Firewall Requirements
If you
...
are firewalling, make sure UDP 123 is allowed
Chrony (and NTP in general) uses UDP port 123.
...
| Code Block |
|---|
sudo firewall-cmd --add-service=ntp --permanent sudo firewall-cmd --reload |
...
Troubleshooting:
Check if chrony is running:
...
If time isn't syncing, sources will show why.
Ansible
Configuring chrony using ansible:
| Code Block |
|---|
- name: Ensure chrony is installed
apt:
name: chrony
state: present
update_cache: yes
- name: Configure chrony to use time.aws.com
copy:
dest: /etc/chrony/chrony.conf
content: |
server time.aws.com iburst
makestep 1.0 3
log measurements statistics tracking
logdir /var/log/chrony
owner: root
group: root
mode: '0644'
- name: Set system timezone to UTC
command: timedatectl set-timezone UTC
changed_when: true
- name: Restart chrony
systemd:
name: chrony
state: restarted
enabled: yes
- name: Force chrony to step the clock
command: chronyc -a makestep
register: chrony_makestep
changed_when: >
"Can't synchronise" not in chrony_makestep.stdout
- name: Show contents of chrony.conf using cat
command: cat /etc/chrony/chrony.conf
register: chrony_config_output
changed_when: false
- name: Display config line by line
debug:
var: chrony_config_output.stdout_lines
- name: Get chrony sync status
command: chronyc tracking
register: chrony_status
changed_when: false
- name: Display chrony sync status
debug:
var: chrony_status.stdout_lines
|
References
| Reference | URL |
|---|---|
| Chrony Project | https://chrony-project.org |
...