Install the NTP package:
# yum install -y ntpd
Then, several configuration options are possible:
1) Your new time server isn’t connected to any outside source of synchronized time.
Edit the /etc/ntp.conf file and comment out the following lines:
#server 0.centos.pool.ntp.org #server 1.centos.pool.ntp.org #server 2.centos.pool.ntp.org
In the same file, enable the two following lines:
#server 127.127.1.0 #fudge 127.127.1.0 stratum 10
2) Your new time server will be connected to another time server of your choice.
Edit the /etc/ntp.conf file and comment out the following lines:
#server 0.centos.pool.ntp.org #server 1.centos.pool.ntp.org #server 2.centos.pool.ntp.org
In the same file, add the following line with the name (or IP address) of your time server:
server timeserver
3) Your new time server will rely on default time servers.
In this case, you have nothing to do.
Add a rule to the firewall to allow NTP clients to connect
# iptables -I INPUT -m state --state NEW -m udp -p udp --dport 123 -j ACCEPT
Save the firewall configuration:
# service iptables save
Activate the NTP service at boot:
# chkconfig ntpd on
Start the NTP service:
# service ntpd start
Check that the NTP service is working properly:
# ntpq -p
Hi, do I need to understand the iptables rules? Is iptables considered part of rhcsa?
Normally you shouldn’t need to consider iptables for the RHCSA exam any more.
However, it is still a good idea to know a little bit about it.
Hello CertDepot,
I have a couple of questions regarding this:
1) Can the TimeServer itself run chronyd (which is default RHEL7 service) and client have the ntpd running (do we need to disable chronyd on client to accomplish this)?
2) Now for the client configuration can we use “server timeserver prefer” directive in /etc/ntp.conf instead of commenting the default time server pools.
Also your tutorial shows the use of iptables which is replaced by firewalld, could you please help us clarify if we can just use firewall-cmd instead to add the ntp service….
Thanks in advance!
1) You should bother with the TimeServer configuration. It doesn’t matter. Same for the client configuration: ntpd or chronyd is fine. But you can’t have both running at the same time.
2) I would stick with the standard way to proceed (define a new pool of time servers).
You can perfectly use the firewall-cmd command. This tutorial is slightly old (written for RHEL 6 and hasn’t been updated for RHEL 7 that favors Firewalld over Iptables).