Install and Configure Chrony NTP server on Amazon Linux 2

  • Blog
  • Install and Configure Chrony NTP server on Amazon Linux 2

A server will use the Network Time Protocol (NTP) to synchronize its time with internet standard reference clocks via a hierarchy of NTP servers. The two common NTP daemon server implementations are ntpd and chronyd. Chrony is known to be much faster in time synchronization in comparison to the traditional NTP. Chrony can also handle intermittent network connections and bandwidth saturation.

The Chrony RPM package is available from the standard Amazon Linux 2 repositories. You can quickly install the package by running the following commands:

sudo yum -y install chronyd

There is a daemon for Chrony called chronyd, which runs in the background to monitor system time and status of the time server specified in the chrony.conf file.

Configure Chrony NTP Server on Amazon Linux 2

The server configuration file is /etc/chrony.conf. Edit this file to set NTP Servers where time synchronization reference will happen.

sudo vim /etc/chrony.conf

Set the NTP servers to synchronize. Please replace the values here with your own timezone NTP servers.

pool 0.africa.pool.ntp.org iburst
pool 1.africa.pool.ntp.org iburst
pool 2.africa.pool.ntp.org iburst

Use public servers from the pool.ntp.org project. You can get all zonal Pool Servers.

Once the file is updated with servers to reference for time updates, restart chronyd service.

sudo systemctl restart chronyd
sudo systemctl enable chronyd

Check service status:

$ systemctl status chronyd
● chronyd.service - NTP client/server
   Loaded: loaded (/usr/lib/systemd/system/chronyd.service; enabled; vendor preset: enabled)
   Active: active (running) since Mon 2025-02-03 05:17:16 UTC; 23s ago
     Docs: man:chronyd(8)
           man:chrony.conf(5)
 Main PID: 29890 (chronyd)
   CGroup: /system.slice/chronyd.service
           └─29890 /usr/sbin/chronyd

Feb 03 05:17:16 ip-172-31-39-10.eu-west-1.compute.internal systemd[1]: Starting NTP client/server...
Feb 03 05:17:16 ip-172-31-39-10.eu-west-1.compute.internal chronyd[29890]: chronyd version 3.2 starting (+CMDMON +NTP +REFCLOCK +RTC +PRIVDROP +SCFILTER ...DEBUG)
Feb 03 05:17:16 ip-172-31-39-10.eu-west-1.compute.internal chronyd[29890]: Frequency 13.093 +/- 0.052 ppm read from /var/lib/chrony/drift
Feb 03 05:17:16 ip-172-31-39-10.eu-west-1.compute.internal systemd[1]: Started NTP client/server.
Feb 03 05:17:25 ip-172-31-39-10.eu-west-1.compute.internal chronyd[29890]: Selected source 156.38.0.155

If you have a running firewalld service and the server will serve as NTP Server to other clients, you may have to allow in the firewall.

sudo firewall-cmd --add-service=ntp --permanent
sudo firewall-cmd --reload

If you prefer allowing from specific subnet.

sudo firewall-cmd --remove-service=ntp --permanent
sudo firewall-cmd --add-rich-rule 'rule family="ipv4" service name="ssh" source address="172.31.0.0/16" accept' --permanent
sudo firewall-cmd --reload

Where 172.31.0.0/16 is the source address where NTP protocol is allowed for incoming traffic.

$ firewall-cmd --list-rich-rules
rule family="ipv4" source address="172.31.0.0/16" service name="ssh" accept

Verify Chrony is working by pulling correct time.

$ sudo chronyc sources
210 Number of sources = 12
MS Name/IP address         Stratum Poll Reach LastRx Last sample
===============================================================================
^+ ntp1.inx.net.za               2   6   377    64  +1643us[+1379us] +/-  119ms
^+ mail.saasta.ac.za             2   6   377    64  +3552us[+3288us] +/-  112ms
^+ cpt-ntp.mweb.co.za            2   6   377    65   +665us[ +401us] +/-  195ms
^+ 156.38.0.219                  2   6   375     1  +1074us[+1074us] +/-  126ms
^+ ntp.cd.net.za                 2   6   377    64   +827us[ +827us] +/-  134ms
^+ ntp1.za.hypr.digital          2   6   377     1  +2071us[+2071us] +/-  129ms
^+ ntp3.inx.net.za               2   6   377     4  +3273us[+3273us] +/-  121ms
^+ ntp.dts.mg                    2   6   377    64   +706us[ +706us] +/-  148ms
^- repository.habari.co.tz       2   6   377    66    +24ms[  +24ms] +/-  277ms
^- ns2.botsnet.bw                2   6   377     1  +7376us[+7557us] +/-  267ms
^* 196.200.160.123               2   6   377     1  -3843us[-3661us] +/-   96ms
^+ apollo.slash.tech             2   6   377    68  -2247us[-2321us] +/-   94ms

Chrony Client Configurations

On your client machines install chrony package:

sudo yum -y install chrony

Modify configuration file and add your NTP Server.

$ sudo vim /etc/chrony.conf
pool 172.31.20.11 iburst

Set your machine timezone:

sudo timedatectl set-timezone Africa/Nairobi

Start and enable Chronyd Service.

sudo systemctl enable --now chronyd

Test with the command below.

sudo chronyc sources

Check your system date to confirm if it is correct:

$ date
Mon Feb 03 08:34:54 EAT 2025

More articles on Amazon Linux:

Your IT Journey Starts Here!

Ready to level up your IT skills? Our new eLearning platform is coming soon to help you master the latest technologies.

  • Learn at your own pace
  • Access expert-led premium content
  • Gain in-demand IT certification tips and practice questions
  • Master essential skills: Linux, Scripting and Automation, Kubernetes, Cloud, IaC, GitOps, DevOps, Cybersecurity, and more.

Be the first to know when we launch! Join our waitlist now.

Join Waiting List
Twitter Facebook Linkedin Whatsapp Reddit

Join our Linux and open source community. Subscribe to our newsletter for tips, tricks, and collaboration opportunities!

Recent Post

Categories

Leave a Comment

Your email address will not be published. Required fields are marked *

Related Post

Install Android Studio on Rocky Linux 9|AlmaLinux 9|Oracle Linux 9

Android Studio, which is based on IntelliJ IDEA, is the official Integrated Development Environment for developing Android apps. On top […]

  • NO COMMENTS
  • February 21, 2025
Install Webmin on AlmaLinux 9 or Oracle Linux 9

In this guide, we will walk through how to install Webmin on AlmaLinux 9 or Oracle Linux 9. Webmin is […]

  • NO COMMENTS
  • February 21, 2025
Protect GRUB with password on Rocky Linux 9|AlmaLinux 9

Grub, an acronym of Grand Unified Bootloader is the most preferred boot loader on Linux systems although there are others […]

  • NO COMMENTS
  • February 21, 2025

You can connect with CloudSpinx using the following channels

Hosting Services  
Consultancy Services
Development Services
Networking Services
  • Structured Cabling
  • Firewall solutions
  • Smart Home Solutions
  • Internet filtering
  • Surveillance
  • Communication
Storage & Backup
  • NAS / SAN Storage
  • Software-defined storage (SDS)
  • OS / Apps Backups
  • CCTV Backups
  • Data Recovery
Office Services
Business Applications
  • ERP
  • CRM
  • POS
  • Project Management
  • Communication
  • Communication & Collaboration
  • Accounting & Finance
  • Asset Management
  • E-commerce Platforms
  • Business intelligence
Latest Articles
Newsletter
Follow Us
X-twitter Linkedin Facebook-f Github
Contact US
© Copyright 2025 CloudSpinx Limited
Download CloudSpinx Profile!

Cancellation Policy

Refund Policy

TOS

Let's Connect

Unleash the full potential of your business with CloudSpinx. Our expert solutions specialists are standing by to answer your questions and tailor a plan that perfectly aligns with your unique needs.
You will get a response from our solutions specialist within 12 hours
We understand emergencies can be stressful. For immediate assistance, chat with us now

Contact CloudSpinx today!

Download CloudSpinx Profile

Discover the full spectrum of our expertise and services by downloading our detailed Company Profile. Simply enter your first name, last name, and email address.