Using chrony on Ubuntu 18.04

Using chrony on Ubuntu 18.04 will show how to setup chrony for clients and servers within your LAN. Chrony replaces NTP which in now depreciated. Using chrony on Ubuntu 18.04 will show how to setup chrony for clients and servers within your LAN.

Chrony is an implementation of the Network Time Protocol (NTP). It is used to keep the system clocks of PCs synchronized with the clock of NTP servers. It can also be used to setup your own NTP server to provide time for your LAN. Chrony replaces ntp and ntpdate which are now deprecated.

Installing the software

As usual start with a fully up to date system. Installing the software is just one package, chrony. The utilities are all part of the package.

sudo apt-get update
sudo apt-get dist-upgrade
sudo apt-get install chrony

Which NTP Pool To Use

If you only have the one PC then you should to do nothing more you are all set up. Take a look at the testing section below. This default setup will sync your time to the Ubuntu pool. I told you setting up NTP on Ubuntu 18.04 was quick. 🙂

If you have more than one machine and want your time to sync more accurately, by a few milliseconds 🙂 you will want to use a pool of time servers closer to where you are. I live in the UK so I will be looking at the settings in https://www.ntppool.org/en/use.html there you will find the names to use for the UK. There are lists of pool servers from all over the world just find where you are in the world and take a look.

Setup the server pool

Edit the chrony configuration file.

sudo nano /etc/chrony/chrony.conf

Look for the pool lines similar to these and either remove or comment them out.

pool ntp.ubuntu.com        iburst maxsources 4
pool 0.ubuntu.pool.ntp.org iburst maxsources 1
pool 1.ubuntu.pool.ntp.org iburst maxsources 1
pool 2.ubuntu.pool.ntp.org iburst maxsources 2

Replace the server lines above with the pool servers of your choice, I will be using the UK pool. Take a look at the support pages regarding Upstream time quality. The configuration will take two serfver from the list of each of the four pools, giving your chrony service up to 8 time servers to sync to. After chrony has been running for a few minutes it will only be talking to 2 or three so the network traffic is minimal.

pool 0.uk.pool.ntp.org iburst maxsources 2
pool 1.uk.pool.ntp.org iburst maxsources 2
pool 2.uk.pool.ntp.org iburst maxsources 2
pool 3.uk.pool.ntp.org iburst maxsources 2

Having changed the config file we need to restart the chrony service.

sudo systemctl restart chrony.service

Take a look at the testing section below. To see your time server pickup and sync itself to the time everyone else is using 🙂

That is all that is involved in setting up and using chrony on Ubuntu 18.04, unless you want to sync all of your LAN machines to one server so they are all in time with each other.

Local Servers

To setup our own local chrony server get be performed with only a few changes to those above. That is do not remove the pool machines we updated to the more local ones. We then add lines to allow local networks or single IPs to connect and sync their time to ours.

sudo nano /etc/chrony/chrony.conf

Leave these lines in place in case your own time server goes down or you turn it off for some reason.

pool 0.uk.pool.ntp.org iburst maxsources 2
pool 1.uk.pool.ntp.org iburst maxsources 2
pool 2.uk.pool.ntp.org iburst maxsources 2
pool 3.uk.pool.ntp.org iburst maxsources 2

To allow CIDRs or simgle IP use the examples below:

allow 192.168.0.0/16
allow 192.168.1.123

Remember if you changed the config file restart the servce

sudo systemctl restart chrony.service

If you want to set up a machine dedicated to service time to your LAN take a look at A minimal Ubuntu server running 18.04.. You will need to use real hardware for the production server as virtual machines tend to sync their time from the underlying host.

Local clients

Setting up local clients for chrony is also reasonably simple. We can again use the same updated config we used at the start of this post. We need to add some server lines that point to our local chrony server. lets say our local servers are called ntp01.dragon.lab and ntp02.dragon.lab.

sudo nano /etc/chrony/chrony.conf

Leave these lines in place in case your own time server goes down or you turn it off for some reason.

server ntp01.dragon.lab prefer iburst
server ntp02.dragon.lab prefer iburst

This line tells the chrony server to prefer using the server at ntp01.dragon.lab and ntp02.dragon.la. The iburst sends requests quicker when the client machine first starts up so it can get established quicker.

Having changed the config file we need to restart the chrony service.

sudo systemctl restart chrony.service

Testing chrony

After the chrony server has been running for a few minutes it will get synced up and will be keeping your chrony server or PC in time with the rest of the world. Run the command below, note it uses watch so it will rerun the command on a regular basis. The default is every 2 seconds. You can change the frequency of that up by using the -n NN switch. Were NN is the number of seconds or even a fraction of a second 0.1.

watch chronyc sources

You should see some output similar to this

Every 0.1s: chronyc sources                              ntp01: Sun Sep 16 11:15:20 2018
 
210 Number of sources = 8
MS Name/IP address         Stratum Poll Reach LastRx Last sample
===============================================================================
^+ 195.195.221.100               1  10   377   283   +523us[ +523us] +/-   13ms
^* 85.199.214.98                 1  10   377   736   -685us[ -704us] +/-   10ms
^+ ntp2.owennelson.co.uk         2  10   377   807   -456us[ -474us] +/-   16ms
^- lyla.preshweb.co.uk           3  10   377    42   -638us[ -638us] +/-   57ms
^- duke.m.faelix.net             3  10   377   815  -2465us[-2484us] +/-  149ms
^- ntp.sinodun.org.uk            3  10   377   915  -3190us[-3208us] +/-  103ms
^- ntp.thirdlight.com            3  10   377    84  -1333us[-1333us] +/-   60ms
^- ntp3.wirehive.net             2  10   377   433   -799us[ -799us] +/-   40ms

Also try this command with the -v option it helps explain the
Take a look at https://chrony.tuxfamily.org/doc/3.3/chronyc.html#_time_sources for more details of the output.

You are looking for one server line to start with ^* and one or more lines to start with ^+. If you can see thse line themn all is weel .

Additional sub commands

try these commands out they all provide useful info.

chronyc activity
sudo chronyc clients
sudo chronyc ntpdata ntp.sinodun.org.uk
chronyc sourcestats [-v]
chronyc tracking

Stopping and starting the chrony server.

To start, stop, restart the chrony server use the usual commands

sudo systemctl start chrony.service
sudo systemctl stop chrony.service
sudo systemctl restart chrony.service

There is not that much to setting up chrony on Ubuntu 18.04 as you have found out. Job well done.

Trouble Shooting

Try these possible solutions if after rebooting you find that chrony does not start. As systemd in not really production ready due to the number of bugs in it. One of which is it lets services silently stop or not even start without so much as a message to say so. So in this case looking in the log is of no use. Very much the same as looking in the logs on an M$ server is usually useless.

Remove ntp and ntpdate

If you did have NTP and/or ntpdate installed remove them.

sudo apt-get remove ntp ntpdate

Conflicting systmd services

Systemd will not deem it worth mentioning in the logs that there was a conflict, After all it is so difficult to write to Linux logs (For the systemd developers that was sarcasm!)

If you look in the unit file for chrony, /lib/systemd/system/chrony.service, it lists two services that will conflict with it,

Conflicts=systemd-timesyncd.service openntpd.service

Make sure both of them are stopped and disabled. You will probably want to mask then as well.

sudo systemctl stop systemd-timesyncd.service
sudo systemctl disable systemd-timesyncd.service
 
sudo systemctl stop openntpd.service
sudo systemctl disable openntpd.service

You might get away with these two lines but that relies on systemctl give you an error message or warning if there was a problem. This will stop the service after it is disabled.

sudo systemctl disable systemd-timesyncd.service --now
sudo systemctl disable openntpd.service --now

A disabled service can still be started by other processes. Oh good grief! You can also permanently disable it with mask

sudo systemctl mask systemd-timesyncd.service
sudo systemctl mask openntpd.service

Use systemd when using one command just isn’t enough.

Leave a Reply

Your email address will not be published. Required fields are marked *