Time synchronization

[Update: October 10, 2018]

Overview

For all hosts (servers on the SAKURA Cloud; other services such as SAKURA VPS, dedicated servers, etc.; hosts in private networks in customer organizations or the services of other companies) under the administration of the customer, it is important to ensure that internal clocks are uniform, and that the standard time is maintained correctly. This is also strongly recommended for ensuring security functions such as authentication structure, log files, and session management in digital transactions. The guideline standards ISO/IEC 27001 for information security management measures related to cloud services acquired by our company also state that the time for managed systems must be synchronized with a single reference time source.

Currently, NTP is generally used as a method for synchronizing the external accurate time information source and the host internal clock via the Internet.

This page explains items such as the NTP server provided by SAKURA Internet and example settings for the NTP server at the customer host.

NTP server provided by SAKURA internet

SAKURA internet provides the following NTP servers to all customers free of charge.

ntp1.sakura.ad.jp

These servers can be used by all hosts and customers, regardless of whether or not they are within our company network, whether our company’s services are currenty being used, and other such conditions.

Procedures for setting the NTP to the server

This section explains settings methods using CentOS7. CentOS7 is widely used as a server OS.

See also

When using a public archive to create a server, depending on the public archive, there are some cases in which settings are already configured so that periodic time synchronization is automatically performed for ntp1.sakura.ad.jp as the NTP server. For details, please refer to the Public archive release notes.

For CentOS7, chrony is used as the standard NTP client (program for communicating with the NTP server and synchronizing the internal clock with the time information supplied from the NTP server). The following is an explanation of installation and setting procedures using chrony.

Note

Each physical host server managed by our company performs time synchronization from the ntp1.sakura.ad.jp and supplies time information to the customer virtual server. This maintains stable accuracy even during long-term OS startup. Therefore, we strongly recommend time synchronization at the customer virtual server.

chrony installation

For CentOS7, chrony is automatically installed when the standard installation package is selected. If chrony is not installed (for example, the command cannot be found even when entering ``$ type chronyd``in the shell), install the package by using the yum command.

$ sudo yum install chrony

chrony settings

The chrony settings file is located in /etc/chrony.conf. Settings for operation as the NTP client are used even when starting chrony without changing the default settings immediately after installation. However, when considering delays due to physical distance and congestion of the network, we recommend setting to an NTP server as close as possible to the host.

Here, in order to refer to the NTP server supplied by our company, we temporarily comment out all of the server specifiers that have already been set and then immediately add the following line.

server ntp1.sakura.ad.jp iburst

In order to reflect the changes to settings, restart the chrony that is currenly operating.

$ sudo systemctl start chronyd

You can use the $ chronyc sources command to check the chrony operation. As shown in the following example, as the reference destination NTP server, you can check that the server name specified in chrony.conf is displayed.

$ chronyc sources
210 Number of sources = 1
MS Name/IP address         Stratum Poll Reach LastRx Last sample
===============================================================================
^* ntp1.sakura.ad.jp             2   6    37     7  -1018ns[-1501us] +/- 1539us

If there are no problems, configure settings so that chrony starts automatically even after restarting the server.

$ sudo systemctl enable chronyd