Softpanorama

May the source be with you, but remember the KISS principle ;-)
Home Switchboard Unix Administration Red Hat TCP/IP Networks Neoliberalism Toxic Managers
(slightly skeptical) Educational society promoting "Back to basics" movement against IT overcomplexity and  bastardization of classic Unix

Configuring Time Services in RHEL 7

News Notes on RHCSA Certification for RHEL 7  Recommended links Lecture notes for RHSCA certification for RHEL 7 Configuring Time Services in RHEL 7  Adding /replacing kernel modules RHCSA: Managing Software Packages with yum and rpm RHCSA: Networking Fundamentals RHCSA: Scheduling tasks using at and cron
RHCSA: Understanding RHEL 7 KVM-based virtualization Red Hat Linux Essentials Recovery of root password in rhel7 Sysadmin Horror Stories Understanding and using essential tools Access a shell prompt and issue commands with correct syntax Finding Help Managing files in RHEL Working with hard and soft links
Working with archives and compressed files Using the Midnight Commander as file manager Text files processing Using redirection and pipes Use grep and extended regular expressions to analyze text files Finding files and directories; mass operations on files Connecting to the server via ssh, using multiple consoles and screen command Introduction to Unix permissions model Managing users and groups
RHCSA: Managing local users and groups RHCSA: Introduction to Unix permissions model Introduction to Process Management Configuring network in RHEL7 Installation and configuration of KVM in RHEL7 Tips Unix History with some Emphasis on Scripting Humor Etc

Introduction

RHEL 7 changes default provide of NTP to chrony, which create the need to learn this new daemon. The idea behind chrony is that most sever do not need full fledged NTP daemon as they are consumer of those servers and never the providers.

Most client-server applications depends on synchronization of time and will not work property without correctly configured ntp daemon.

Unsynchronized NTP server is a source of very difficult to troubleshoot errors, so the correctness of NTP configuration should be changed first in any such troubleshooting. So it is very important that this daemon is configured correctly and NTP works as expected. That main difficulties happen if you are behind firewall or proxy.

as RHEL7 introduced a new chrony daemon the configuration file for this new daemon is now in /etc/chrony.conf Parameters are similar to those in the /etc/ntp.conf file. In this file you can specify your corporate servers. There is a new command line utility timedatectl  to contol the daemon.

# chronyc tracking
Reference ID : 192.0.2.1 (192.0.2.1) 
Stratum : 12
Ref time (UTC) : Fri Aug 05 19:06:51 2016
System time     : 0.000823375 seconds fast of NTP time
Last offset     : 0.001989304 seconds
RMS offset      : 0.060942811 seconds
Frequency       : 1728.043 ppm slow
Residual freq   : 1.100 ppm
Skew            : 94.293 ppm
Root delay	    : 0.000207 seconds 
Root dispersion : 0.016767 seconds
Update interval : 65.1 seconds
Leap status     : Normal

Some of the important fields are :

To check youor NTP servers run

# chronyc sources
210 Number of sources = 1
MS Name/IP address    Stratum    Poll   Reach   LastRx   Last sample 
=============================================================================
^* 192.0.2.1           11        6      377      63      +1827us[+6783us]...

To start/shutdown and restart it you use systemctl

systemctl start chronyd

TIP:

While on RHEL 7, chrony is the default solution to manage network time. NTP can still be installed via RPM. If you have services that need ntpd, you are free to use it, but you should realize that in that case you cannot use the timedatectl command.

Server hardware clock

Each server contains a hardware clock. Typically, it is an integrated circuit on the system board that is completely independent of the current state of the operating system and keeps running even when the computer is shut down. From the hardware clock, the system gets its initial time setting during the boot.

The time on the hardware clock on Linux servers is usually set to universal time coordinated (UTC). UTC is a time that is the same everywhere on the planet, and based on UTC, the current local time is calculated. To do this we need to provide offset called the time zone.

System time is a time maintained by the operating system. Once the system has booted, the system clock became independent of the hardware clock. The system also can synchronize hardware c lock with the external source of precise time -- the time server. Time server can be external or internal. For large corporation it is typically internal.

System time is a time that is maintained by the operating system and it is kept in UTC. Applications running on the server are converting system time into local time. Local time is the actual time in the current time zone. Moreover there are twice a year changes (to and from winter time), which are called daylight savings time (DST) which moves the local time one hour and creates a lot of difficulties.

Using NTP for synchronizing time for all managed server

Network Time Protocol (NTP). NTP is a method of maintaining system time that is provided through NTP servers on the Internet. It is an easy solution to provide an accurate time to servers, because most servers are connected to the Internet anyway.

NTP was developed by David Mills and others at the University of Delaware as a means for solving the problem of time synchronization between different servers connected to the Internet. Detailed information about NTP, version of the protocol and corresponding RFCs can be found at www.ntp.org

NTP runs on UDP port 123. The NTP servers advertise every 64 seconds, by means of a multicast address (224.0.1.1), that they are NTP servers. Any NTP client that is not configured with the unicast address of an NTP server multicasts . The NTP client sends request packets to all the NTP servers that it knows using their unicast addresses. Included in the request packet is the client’s local time. The NTP server replies by inserting UTC time into the return packet. The client compares its original request time with its own time when it receives the response from the server. This allows the client to determine how long the packet was in transit on the network.

Despite trivial semantic NTP is a rather complex protocol. Servers are organized into hierarchical levels called stratum that act in a hierarchy.

Several additional terms are used when describing NTP-related topics:

NTP client software is essentially nothing more then an intelligent corrector of the latency errors due to transmission via IP. All modern OSes provide daemons for NTP protocol but the devil in in details. RHEL 6 used different daemon then RHEL 7.

Setting up a server to use NTP time on RHEL 7 means that you need to put into the file /etc/chrony.conf the list of NTP servers that should be used.

You can switch on NTP and provided initial set of NTP servers in Anaconda during the installation and this is preferable way to doing this task. If you made a mistake or the situation changed you need manually switch on NTP, by using timedatectl set-ntp 1 and correct the set proper NTP servers. This is especially important if the server is behind firewall or proxy, because in this case default server do not work -- they are not assessable.

New utilities and daemon for managing time on RHEL7

RHEL 7 introduced a new set of command for managing NTP. Old books describing RHEL6 techniques of managing NTP for the most part are no longer valid

On a Linux system, time is calculated as an offset of epoch time. Epoch time is the number of seconds since January 1, 1970, in UTC. In some logs (such as /var/log/audit/audit.log), you’ll find time stamps in epoch time and not in human time. To convert such an epoch time stamp to human time, you can use the --date option, followed by the epoch string that is starting with an @:

date --date '@1420987251'

The use of epoch time is also creating a potential timing problem on Linux. On a 32-bit system, the number of seconds that can be counted in the field that is reserved for time notation is finished in 2037. But at this point hardware that uses 32 bit presentation will long be obsolete so this is not a problem.

Using date command for checking and converting system time

Date command is a lone survivor from older version on Linux and UNIX. While most sysadmin know about the date command existence, they often do not suspect what additional capabilities it has.

Like most Linux commands it can do more than a typical sysadmin expects. For example, you can also use it to show the current time in different formats. Some useful examples of date are listed here:

 date              # Shows the current system time
 date +%d-%m-%y    # Shows the current system day of month, month, and year
 date -s 16:03     # Sets the current time to 3 minutes past 4 p.m.
 

Setting hardware clock time via hwclock command

The date command enables you to set and show the current system time. Using the date command will not change the hardware time that is used on your system.

To synchronize hardware clock with system clock , you can use the hwclock command. The hwclock command has many options. Among most useful:

 hwclock -c         # shows the difference between hardware time and system time. The output refreshed every 10 seconds
 hwclock --systohc  # synchronizes current system time to the hardware clock.
 hwclock --hctosys  # synchronizes current hardware time to the system clock.
[root@server1 ~]# hwclock -c
hw-time      system-time         freq-offset-ppm   tick
1428584002   1428584002.011018
1428584012   1428584012.033019              2200     22
1428584022   1428584022.054953              2197     22
1428584032   1428584032.083572              2418     24
1428584042   1428584042.111683              2517     25

Using timedatectl to check if you system is configured correctly

This is new command introduced in RHEL 7. It enables you to manage many aspects of time is When used without any arguments, timedatectl shows detailed information about the current time and date. It also displays the time zone your system is in, in addition to information about the use of NTP network time and information about the use of DST.

Click here to view code image

[root@localhost ~]# timedatectl
      Local time: Sun 2015-01-11 10:02:41 EST
  Universal time: Sun 2015-01-11 15:02:41 UTC
        RTC time: Sun 2015-01-11 15:02:51
        Timezone: America/New_York (EST, -0500)
     NTP enabled: n/a
NTP synchronized: no
 RTC in local TZ: no
      DST active: no
 Last DST change: DST ended at
                  Sun 2014-11-02 01:59:59 EDT
                  Sun 2014-11-02 01:00:00 EST
 Next DST change: DST begins (the clock jumps one hour forward) at
                  Sun 2015-03-08 01:59:59 EST
                  Sun 2015-03-08 03:00:00 EDT

The timedatectl command works with commands to perform time operations.

The timedatectl command was developed as a generic solution to manage time on RHEL 7. It has some functions that are offered through other commands, but the purpose of the command is that eventually it will replace other commands used for managing time and date settings.

When timedatectl is used to switch on NTP time, it talks to the chronyd process.

Cheatsheet for configuring NTP in RHEL7

  1. Open a root shell and type date.
  2. Now type hwclock and see whether both commands are showing more or less the same time.
  3. Type hwclock -c. Notice that this shows differences between system time and hardware time in much more detail. Use Ctrl+C to interrupt.
  4. You have just seen that the current time displayed by hwclock -c is in epoch time.
  5. Use date -d ‘@12345678’ (in which you replace 12345678 with the epoch time hwclock -c has just shown) to translate the current epoch time to human-readable time.
  6. Type timedatectl status to show current time settings.
  7. Use timedatectl list-timezones to show a list of all time zone definitions.
  8. Use timedatectl set-timezone Europe/Amsterdam to set the current time zone to Amsterdam.
  9. Type timedatectl show and notice the differences with the previous output.
  10. Type timedatectl set-ntp 1 to switch on NTP use. You might see the error “failed to issue method call.” If you get this message, type yum -y install chrony and try again.
  11. Open the configuration file /etc/chrony.conf and look up the server lines. These are used to specify the servers that should be used for NTP time synchronization.
  12. Type systemctl status chronyd and verify that the chrony service is started and enabled. If this is not the case, use systemctl start chronyd; systemctl enable chronyd to make sure that it is operational.
  13. Type systemctl status -l chronyd and read the status information.

Checking Cronyd Status via systemctl

Click here to view code image

[root@localhost system]# systemctl status -l chronyd
chronyd.service - NTP client/server
   Loaded: loaded (/usr/lib/systemd/system/chronyd.service; enabled)
   Active: active (running) since Sun 2015-01-11 10:20:15 EST; 2min 14s
ago
  Process: 13938 ExecStartPost=/usr/libexec/chrony-helper add-dhclient-
servers (code=exited, status=0/SUCCESS)
  Process: 13935 ExecStart=/usr/sbin/chronyd -u chrony $OPTIONS
(code=exited, status=0/SUCCESS)
 Main PID: 13937 (chronyd)
   CGroup: /system.slice/chronyd.service
           13937 /usr/sbin/chronyd -u chrony

Jan 11 10:20:15 localhost.localdomain chronyd[13937]: chronyd version
1.29.1 starting
Jan 11 10:20:15 localhost.localdomain chronyd[13937]: Linux kernel
major=3 minor=10 patch=0
Jan 11 10:20:15 localhost.localdomain chronyd[13937]: hz=100 shift_hz=7
freq_scale=1.00000000 nominal_tick=10000 slew_delta_tick=833 max_tick_
bias=1000 shift_pll=2
Jan 11 10:20:15 localhost.localdomain chronyd[13937]: Generated key 1
Jan 11 10:20:15 localhost.localdomain systemd[1]: Started NTP client/
server.
Jan 11 10:20:20 localhost.localdomain chronyd[13937]: Selected source
178.21.23.127
Jan 11 10:20:20 localhost.localdomain chronyd[13937]: System clock
wrong by 11.256802 seconds, adjustment started
Jan 11 10:20:31 localhost.localdomain chronyd[13937]: System clock was
stepped by 11.257 seconds
    Jan 11 10:20:33 localhost.localdomain chronyd[13937]: Selected
    source 87.195.109.207

Setting proper time zone

Between Linux servers, time is normally communicated in UTC. This allows servers across different time zones to all use the same time settings, which makes managing time in large organizations a lot easier. To make it easier for end users, though, the local time must also be set. To do this, the appropriate time zone needs to be selected.

On Red Hat Enterprise Linux 7, you have four approaches to setting the correct local time zone:

Use the system-config-date utility as discussed in the next section of this chapter.

Go to the directory /usr/share/zoneinfo. In this directory, you’ll find different subdirectories containing files for each of the time zones that has been defined. To set the local time zone on a server, you can create a symbolic link with the name /etc/localtime to the time zone file that is involved. If you want to set local time to Los Angeles time, for instance, use ln -sf /usr/share/zoneinfo/America/Los_Angeles /etc/localtime.

Use the tzselect utility. This tool starts the interface , from which the appropriate region and locale can be selected.

Use timedatectl to set the time zone information.

Using Graphical Tools to Manage Time

If your server is configured with a graphical interface, you can use the graphical tool to manage time. To do so, follow these steps:

  1. On the graphical display, click the current time that is shown in the upper-right corner.
  2. On the screen that opens, click Date & Time Settings.
  3. A new screen opens. To get access to the options that allow you to change time, click Unlock.
  4. From the screen you see now, you can switch network time on and off and change the current time zone setting as well as the current time.

Alternatively, you can start the graphical utility to manage time by using the system-config-date command. The interface of this utility is similar to what you see in Anaconda during the initial installation of Red Hat.

[root@server1 ~]# tzselect
Please identify a location so that time zone rules can be set
correctly.
Please select a continent or ocean.
 1) Africa
... ... ... 
11) none - I want to specify the time zone using the Posix TZ
format.
#? 2
Please select a country.
 1) Anguilla                 28) Haiti
 ... ... ... 

Recommended Links

Google matched content

Softpanorama Recommended

Top articles

Sites



Etc

Society

Groupthink : Two Party System as Polyarchy : Corruption of Regulators : Bureaucracies : Understanding Micromanagers and Control Freaks : Toxic Managers :   Harvard Mafia : Diplomatic Communication : Surviving a Bad Performance Review : Insufficient Retirement Funds as Immanent Problem of Neoliberal Regime : PseudoScience : Who Rules America : Neoliberalism  : The Iron Law of Oligarchy : Libertarian Philosophy

Quotes

War and Peace : Skeptical Finance : John Kenneth Galbraith :Talleyrand : Oscar Wilde : Otto Von Bismarck : Keynes : George Carlin : Skeptics : Propaganda  : SE quotes : Language Design and Programming Quotes : Random IT-related quotesSomerset Maugham : Marcus Aurelius : Kurt Vonnegut : Eric Hoffer : Winston Churchill : Napoleon Bonaparte : Ambrose BierceBernard Shaw : Mark Twain Quotes

Bulletin:

Vol 25, No.12 (December, 2013) Rational Fools vs. Efficient Crooks The efficient markets hypothesis : Political Skeptic Bulletin, 2013 : Unemployment Bulletin, 2010 :  Vol 23, No.10 (October, 2011) An observation about corporate security departments : Slightly Skeptical Euromaydan Chronicles, June 2014 : Greenspan legacy bulletin, 2008 : Vol 25, No.10 (October, 2013) Cryptolocker Trojan (Win32/Crilock.A) : Vol 25, No.08 (August, 2013) Cloud providers as intelligence collection hubs : Financial Humor Bulletin, 2010 : Inequality Bulletin, 2009 : Financial Humor Bulletin, 2008 : Copyleft Problems Bulletin, 2004 : Financial Humor Bulletin, 2011 : Energy Bulletin, 2010 : Malware Protection Bulletin, 2010 : Vol 26, No.1 (January, 2013) Object-Oriented Cult : Political Skeptic Bulletin, 2011 : Vol 23, No.11 (November, 2011) Softpanorama classification of sysadmin horror stories : Vol 25, No.05 (May, 2013) Corporate bullshit as a communication method  : Vol 25, No.06 (June, 2013) A Note on the Relationship of Brooks Law and Conway Law

History:

Fifty glorious years (1950-2000): the triumph of the US computer engineering : Donald Knuth : TAoCP and its Influence of Computer Science : Richard Stallman : Linus Torvalds  : Larry Wall  : John K. Ousterhout : CTSS : Multix OS Unix History : Unix shell history : VI editor : History of pipes concept : Solaris : MS DOSProgramming Languages History : PL/1 : Simula 67 : C : History of GCC developmentScripting Languages : Perl history   : OS History : Mail : DNS : SSH : CPU Instruction Sets : SPARC systems 1987-2006 : Norton Commander : Norton Utilities : Norton Ghost : Frontpage history : Malware Defense History : GNU Screen : OSS early history

Classic books:

The Peter Principle : Parkinson Law : 1984 : The Mythical Man-MonthHow to Solve It by George Polya : The Art of Computer Programming : The Elements of Programming Style : The Unix Hater’s Handbook : The Jargon file : The True Believer : Programming Pearls : The Good Soldier Svejk : The Power Elite

Most popular humor pages:

Manifest of the Softpanorama IT Slacker Society : Ten Commandments of the IT Slackers Society : Computer Humor Collection : BSD Logo Story : The Cuckoo's Egg : IT Slang : C++ Humor : ARE YOU A BBS ADDICT? : The Perl Purity Test : Object oriented programmers of all nations : Financial Humor : Financial Humor Bulletin, 2008 : Financial Humor Bulletin, 2010 : The Most Comprehensive Collection of Editor-related Humor : Programming Language Humor : Goldman Sachs related humor : Greenspan humor : C Humor : Scripting Humor : Real Programmers Humor : Web Humor : GPL-related Humor : OFM Humor : Politically Incorrect Humor : IDS Humor : "Linux Sucks" Humor : Russian Musical Humor : Best Russian Programmer Humor : Microsoft plans to buy Catholic Church : Richard Stallman Related Humor : Admin Humor : Perl-related Humor : Linus Torvalds Related humor : PseudoScience Related Humor : Networking Humor : Shell Humor : Financial Humor Bulletin, 2011 : Financial Humor Bulletin, 2012 : Financial Humor Bulletin, 2013 : Java Humor : Software Engineering Humor : Sun Solaris Related Humor : Education Humor : IBM Humor : Assembler-related Humor : VIM Humor : Computer Viruses Humor : Bright tomorrow is rescheduled to a day after tomorrow : Classic Computer Humor

The Last but not Least Technology is dominated by two types of people: those who understand what they do not manage and those who manage what they do not understand ~Archibald Putt. Ph.D


Copyright © 1996-2020 by Softpanorama Society. www.softpanorama.org was initially created as a service to the (now defunct) UN Sustainable Development Networking Programme (SDNP) without any remuneration. This document is an industrial compilation designed and created exclusively for educational use and is distributed under the Softpanorama Content License. Original materials copyright belong to respective owners. Quotes are made for educational purposes only in compliance with the fair use doctrine.

FAIR USE NOTICE This site contains copyrighted material the use of which has not always been specifically authorized by the copyright owner. We are making such material available to advance understanding of computer science, IT technology, economic, scientific, and social issues. We believe this constitutes a 'fair use' of any such copyrighted material as provided by section 107 of the US Copyright Law according to which such material can be distributed without profit exclusively for research and educational purposes.

This is a Spartan WHYFF (We Help You For Free) site written by people for whom English is not a native language. Grammar and spelling errors should be expected. The site contain some broken links as it develops like a living tree...

You can use PayPal to to buy a cup of coffee for authors of this site

Disclaimer:

The statements, views and opinions presented on this web page are those of the author (or referenced source) and are not endorsed by, nor do they necessarily reflect, the opinions of the Softpanorama society. We do not warrant the correctness of the information provided or its fitness for any purpose. The site uses AdSense so you need to be aware of Google privacy policy. You you do not want to be tracked by Google please disable Javascript for this site. This site is perfectly usable without Javascript.

Last modified: December 13, 2020