Configuring NTP Using Chrony

Overview

Chrony is used to maintain synchronization automatically with an NTP (Network time protocol) server.

  • If you are running RHEL/Rocky Linux, you need to install and enable chrony.

  • If you are running TufinOS, chrony is installed by default. Continue with Configure the Chrony Service.

Chrony does not synchronize the time zone. To configure the time zone manually, see The TOS Aurora Time Zone.

Installing and Enabling Chrony

If you are running TufinOS, chrony is installed by default, continue with Configure the Chrony Service.

If you are running RHEL/Rocky Linux, chrony must be installed and enabled first as follows:

  1. Log in to the CLI as user tufin-admin.

  2. Log in as root user:

    [<ADMIN> ~]$ sudo su -
    sudo su

    Or

    [<ADMIN> ~]$ sudo -i
    sudo -i
  3. Install chrony:

    [<ADMIN> ~]# yum install chrony
    yum install chrony
  4. Enable the service:

    [<ADMIN> ~]# systemctl enable chronyd.service
    systemctl enable chronyd.service

Configure the Chrony Service

  1. Log in to the CLI as user tufin-admin.

  2. Log in as root user:

    [<ADMIN> ~]$ sudo su -
    sudo su

    Or

    [<ADMIN> ~]$ sudo -i
    sudo -i
  3. Stop chrony synchronization:

    [<ADMIN> ~]# systemctl stop chronyd.service 
    systemctl stop chronyd.service
  4. In the chrony configuration file /etc/chrony.conf, replace the default servers with the NTP server. The default servers that need to be replaced are:

    • Rocky Linux: pool 2.rocky.pool.ntp.org iburst

  5. Restart the chronyd service:

    [<ADMIN> ~]# systemctl restart chronyd.service
    systemctl restart chronyd.service
  6. Check time synchronization:

    [<ADMIN> ~]# chronyc sources -v
    chronyc sources -v
    [<ADMIN> ~]# chronyc sourcestats -v
    chronyc sourcestats -v
    [<ADMIN> ~]# chronyc tracking
    chronyc tracking