Server Time Synchronization with Chrony in Exadata System Software release 19.1.0

Server Time Synchronization Uses Chrony

Starting with Oracle Exadata System Software release 19.1.0, Exadata database servers and storage severs running Oracle Linux 7 no longer use ntpd. Instead, chrony is used to synchronize the system clock on the servers with NTP servers. chrony can usually synchronize the system clock faster and with better time accuracy compared to ntpd.

When you upgrade from Oracle Linux 6 to Oracle Linux 7, the NTP server settings are migrated to chrony. All Oracle Grid Infrastructure and Oracle Database releases certified with Oracle Linux 7 also support chrony.

Minimum requirements:

Oracle Exadata System Software release 19.1.0

chrony vs ntp

Things chrony can do better than ntp:

chrony can perform usefully in an environment where access to the time reference is intermittent. ntp needs regular polling of the reference to work well.

chrony can usually synchronise the clock faster and with better time accuracy.

chrony quickly adapts to sudden changes in the rate of the clock (e.g. due to changes in the temperature of the crystal oscillator). ntp may need a long time to settle down again.

chrony can perform well even when the network is congested for longer periods of time.

chrony in the default configuration never steps the time to not upset other running programs. ntp can be configured to never step the time too, but in that case it has to use a different means of adjusting the clock (daemon loop instead of kernel discipline), which may have a negative effect on accuracy of the clock.

chrony can adjust the rate of the clock in a larger range, which allows it to operate even on machines with broken or unstable clock (e.g. in some virtual machines).

chrony is smaller, it uses less memory and it wakes up the CPU only when necessary, which is better for power saving.

Things chrony can do that ntp can’t:

chrony supports the Network Time Security (NTS) authentication mechanism.

chrony supports hardware timestamping on Linux, which allows an extremely stable and accurate synchronisation in local network.

Chrony provides support for isolated networks whether the only method of time correction is manual entry (e.g. by the administrator looking at a clock). chrony can look at the errors corrected at different updates to work out the rate at which the computer gains or loses time, and use this estimate to trim the computer clock subsequently.

Chrony provides support to work out the gain or loss rate of the real-time clock, i.e. the clock that maintains the time when the computer is turned off. It can use this data when the system boots to set the system time from a corrected version of the real-time clock. These real-time clock facilities are only available on Linux, so far.

Things ntp can do that chrony can’t:

• ntp supports all operating modes from RFC 5905, including broadcast, multicast, and manycast server/client. However, the broadcast and multicast modes are inherently less accurate and less secure (even with authentication) than the ordinary server/client mode, and should generally be avoided.
• ntp supports the Autokey protocol (RFC 5906) to authenticate servers with public-key cryptography. Note that the protocol has been shown to be insecure and has been obsoleted by NTS (RFC 8915).
• ntp has been ported to more operating systems.
• ntp includes a large number of drivers for various hardware reference clocks. chrony requires other programs (e.g. gpsd or ntp-refclock) to provide reference time via the SHM or SOCK interface.

Chronyc is a very useful command line utility, lets see how we can invoke it

root@192.9.201.159's password:

Last login: Wed Feb 24 22:56:01 2021

[root@rhel7 ~]# chronyc

chrony version 1.29.1

Copyright (C) 1997-2003, 2007, 2009-2013 Richard P. Curnow and others

chrony comes with ABSOLUTELY NO WARRANTY.  This is free software, and

you are welcome to redistribute it under certain conditions.  See the

GNU General Public License version 2 for details.

chronyc> exit

[root@rhel7 ~]# chronyc sources

210 Number of sources = 0

MS Name/IP address         Stratum Poll Reach LastRx Last sample

===============================================================================

Also with systemctl you can manage the chronyd service

[root@rhel7 ~]# systemctl restart chronyd

[root@rhel7 ~]# systemctl status chronyd

chronyd.service - NTP client/server

   Loaded: loaded (/usr/lib/systemd/system/chronyd.service; enabled)

   Active: active (running) since Wed 2021-02-24 23:20:15 IST; 7s ago

  Process: 3793 ExecStartPost=/usr/libexec/chrony-helper add-dhclient-servers (code=exited, status=0/SUCCESS)

  Process: 3790 ExecStart=/usr/sbin/chronyd -u chrony $OPTIONS (code=exited, status=0/SUCCESS)

 Main PID: 3792 (chronyd)

   CGroup: /system.slice/chronyd.service

           └─3792 /usr/sbin/chronyd -u chrony

Feb 24 23:20:15 rhel7.example.com systemd[1]: Starting NTP client/server...

Feb 24 23:20:15 rhel7.example.com chronyd[3792]: chronyd version 1.29.1 starting

Feb 24 23:20:15 rhel7.example.com chronyd[3792]: Linux kernel major=3 minor=10 patch=0

Feb 24 23:20:15 rhel7.example.com chronyd[3792]: hz=100 shift_hz=7 freq_scale=1.00000000 nominal_tick=10000 slew_delta_tick=833 max_tick_bias=1000 shift_pll=2

Feb 24 23:20:15 rhel7.example.com systemd[1]: Started NTP client/server.

After my client computers have synchronized with the NTP server, I like to set the system hardware clock from the system (OS) time by using the following command:

/sbin/hwclock --systohc

For more details refer to https://chrony.tuxfamily.org/comparison.html