RHCSA Rapid Track
Course update
An updated version of this course is available that uses a newer version of Red Hat Enterprise Linux in the lab environment. Therefore, the RHEL 9.0 version of the lab environment will retire on December 31, 2024. Please complete any work in this lab environment before it is removed on December 31, 2024. For the most up-to-date version of this course, we recommend moving to the RHEL 9.3 version.
Maintain accurate time synchronization with Network Time Protocol (NTP) and configure the time zone to ensure correct time stamps for events recorded by the system journal and logs.
System time synchronization is critical for log file analysis across multiple systems. Also, some services might require time synchronization to work correctly. Machines use the Network Time Protocol to provide and obtain correct time information over the internet. A machine might get accurate time information from public NTP services, such as the NTP Pool Project. Another option is to sync with a high-quality hardware clock to serve accurate time to local clients.
The timedatectl command shows an overview of the current time-related system settings, including the current time, time zone, and NTP synchronization settings of the system.
[user@host ~]$ timedatectl
Local time: Wed 2022-03-16 05:53:05 EDT
Universal time: Wed 2022-03-16 09:53:05 UTC
RTC time: Wed 2022-03-16 09:53:05
Time zone: America/New_York (EDT, -0400)
System clock synchronized: yes
NTP service: active
RTC in local TZ: noYou can list a database of time zones with the timedatectl command list-timezones option:
[user@host ~]$ timedatectl list-timezones
Africa/Abidjan
Africa/Accra
Africa/Addis_Ababa
Africa/Algiers
Africa/Asmara
Africa/Bamako
...output omitted...The Internet Assigned Numbers Authority (IANA) provides a public time zone database, and the timedatectl command bases the time zone names on that database.
IANA names time zones based on the continent or ocean, and then typically (not always) the largest city within the time zone region.
For example, most of the US Mountain time zone is America/Denver.
Some localities inside the time zone have different daylight saving time rules.
For example, in the US, much of the state of Arizona (US Mountain time) does not change to daylight saving time, and is in the America/Phoenix time zone.
Use the tzselect command to identify the correct time zone name.
This command interactively prompts the user with questions about the system's location, and outputs the name of the correct time zone.
It does not change the system's time zone setting.
The root user can change the system setting to update the current time zone with the timedatectl command set-timezone option.
For example, the following timedatectl command updates the current time zone to America/Phoenix.
[root@host ~]#timedatectl set-timezone America/Phoenix[root@host ~]#timedatectlLocal time: Wed 2022-03-16 03:05:55 MST Universal time: Wed 2022-03-16 10:05:55 UTC RTC time: Wed 2022-03-16 10:05:55 Time zone: America/Phoenix (MST, -0700) System clock synchronized: yes NTP service: active RTC in local TZ: no
Note
You can set a server's time zone to Coordinated Universal Time (UTC).
The tzselect command does not include the name of the UTC time zone.
Use the timedatectl set-timezone UTC command to set the system's current time zone to UTC.
Use the timedatectl command set-time option to change the system's current time.
You might specify the time in the "YYYY-MM-DD hh:mm:ss" format, where you can omit either the date or the time.
For example, the following timedatectl command changes the time to 09:00:00.
[root@host ~]#timedatectl set-time 9:00:00[root@host ~]#timedatectlLocal time: Fri 2019-04-05 09:00:27 MST Universal time: Fri 2019-04-05 16:00:27 UTC RTC time: Fri 2019-04-05 16:00:27 Time zone: America/Phoenix (MST, -0700) System clock synchronized: yes NTP service: active RTC in local TZ: no
Note
The previous example might fail with the "Failed to set time: Automatic time synchronization is enabled" error message. In that case, first disable the automatic time synchronization before manually setting the date or time, as explained after this note.
The timedatectl command set-ntp option enables or disables NTP synchronization for automatic time adjustment.
The option requires either a true or a false argument to turn it on or off.
For example, the following timedatectl command turns off NTP synchronization.
[root@host ~]# timedatectl set-ntp falseNote
In Red Hat Enterprise Linux 9, the timedatectl set-ntp command adjusts whether the chronyd NTP service is enabled.
Other Linux distributions might use this setting to adjust a different NTP or a Simple Network Time Protocol (SNTP) service.
Enabling or disabling NTP with other utilities in Red Hat Enterprise Linux, such as in the graphical GNOME Settings application, also updates this setting.
The chronyd service tracks the usually inaccurate local Real-Time Clock (RTC) by synchronizing it to the configured NTP servers.
If no network connectivity is available, then the chronyd service calculates the RTC clock drift, and records it in the file that the driftfile value specifies in the /etc/chrony.conf configuration file.
By default, the chronyd service uses servers from the NTP Pool Project to synchronize time and requires no additional configuration.
You might need to change the NTP servers for a machine that runs on an isolated network.
The stratum of the NTP time source determines its quality.
The stratum determines the number of hops that the machine is away from a high-performance reference clock.
The reference clock is a stratum 0 time source.
An NTP server that is directly attached to the reference clock is a stratum 1 time source.
A machine that synchronizes time from the NTP server is a stratum 2 time source.
The server and the peer are the two categories of time sources that you can declare in the /etc/chrony.conf configuration file.
The server is one stratum above the local NTP server, and the peer is at the same stratum level.
You can define multiple servers and peers in the chronyd configuration file, one per line.
The first argument of the server line is the IP address or DNS name of the NTP server.
Following the server IP address or name, you can list a series of options for the server.
Red Hat recommends using the iburst option, because then the chronyd service takes four measurements in a short time period for a more accurate initial clock synchronization after the service starts.
For more information about the chronyd configuration file options, use the man 5 chrony.conf command.
As an example, with the following server classroom.example.com iburst line in the /etc/chrony.conf configuration file, the chronyd service uses the classroom.example.com server as the NTP time source.
# Use public servers from the pool.ntp.org project. ...output omitted... server classroom.example.com iburst ...output omitted...
Restart the service after pointing the chronyd service to the classroom.example.com local time source.
[root@host ~]# systemctl restart chronydThe chronyc command acts as a client to the chronyd service.
After setting up NTP synchronization, verify that the local system is seamlessly using the NTP server to synchronize the system clock, by using the chronyc sources command.
For more verbose output with additional explanations about the output, use the chronyc sources -v command.
[root@host ~]# chronyc sources -v
.-- Source mode '^' = server, '=' = peer, '#' = local clock.
/ .- Source state '*' = current best, '+' = combined, '-' = not combined,
| / 'x' = may be in error, '~' = too variable, '?' = unusable.
|| .- xxxx [ yyyy ] +/- zzzz
|| Reachability register (octal) -. | xxxx = adjusted offset,
|| Log2(Polling interval) --. | | yyyy = measured offset,
|| \ | | zzzz = estimated error.
|| | | \
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* 172.25.254.254 3 6 17 26 +2957ns[+2244ns] +/- 25msThe asterisk character (*) in the S (Source state) field indicates that the chronyd service uses the classroom.example.com server as a time source and is the NTP server that the machine is currently synchronized to.
References
timedatectl(1), tzselect(8), chronyd(8), chrony.conf(5), and chronyc(1) man pages