dockurr/chrony

Sponsored OSS

By dockurr

Updated 12 days ago

🕒 chronyd NTP server in a Docker container.

Image
Networking
Internet of things
Monitoring & observability
24

500K+

dockurr/chrony repository overview

chronyd

Build Version Size Package Pulls

Docker container of chrony, a versatile implementation of the Network Time Protocol (NTP).

Features ✨

  • Provides a lightweight NTP server
  • Synchronizes time with upstream NTP servers
  • Allows network clients to sync their clocks
  • Supports configurable upstream time sources
  • Allows custom chrony.conf configuration
  • Lightweight Alpine-based image

Usage 🐳

Docker Compose:
services:
  ntp:
    image: dockurr/chrony
    container_name: ntp
    environment:
      NTP_SERVERS: "pool.ntp.org"
    ports:
      - 123:123/udp
    restart: always
Docker CLI:
docker run -it --rm --name chrony -p 123:123/udp docker.io/dockurr/chrony

Configuration ⚙️

By default, this container uses the NTP pool's time servers.

If you'd like to use different NTP servers, you can add the NTP_SERVERS environment variable.

Below are some examples of how to configure common NTP Servers.

# (default) NTP pool
NTP_SERVERS="0.pool.ntp.org,1.pool.ntp.org,2.pool.ntp.org,3.pool.ntp.org"

# Cloudflare
NTP_SERVERS="time.cloudflare.com"

# Google
NTP_SERVERS="time1.google.com,time2.google.com,time3.google.com,time4.google.com"

# Alibaba
NTP_SERVERS="ntp1.aliyun.com,ntp2.aliyun.com,ntp3.aliyun.com,ntp4.aliyun.com"

By default the container adds only the ratelimit and rtcsync options to the chrony.conf configuration file, you can override those by specifying your own options via the NTP_DIRECTIVES variable, for example:

...
environment:
  NTP_DIRECTIVES: "ratelimit,rtcsync,clientloglimit 100000000"
  ...

Setting your timezone ⏲️

By default the UTC timezone is used, however if you'd like to adjust your NTP server to be running in your local timezone, all you need to do is provide a TZ environment variable following the standard TZ data format:

  ...
  environment:
    TZ: "America/Vancouver"
    ...

Enable Network Time Security 🛡️

If all the NTP_SERVERS you have configured support NTS (Network Time Security) you can pass the ENABLE_NTS=true option to the container to enable it:

  ...
  environment:
    ENABLE_NTS: "true"
    NTP_SERVERS: "time.cloudflare.com"
    ...

If any of the NTP_SERVERS you have configured does not support NTS, you will see a message like the following during startup:

NTS-KE session with 164.67.62.194:4460 (tick.ucla.edu) timed out

Enable control of system clock 🖥️

This option enables the control of the system clock.

By default, chronyd will not try to make any adjustments of the clock. It will assume the clock is free running and still track its offset and frequency relative to the estimated true time. This allows chronyd to run without the capability to adjust or set the system clock in order to operate as an NTP server.

Enabling the control requires granting SYS_TIME capability and a container run-time allowing that access:

  ...
  cap_add:
    - SYS_TIME
  environment:
    ENABLE_SYSCLK: "true"
    ...

Logging 📒

By default, this project logs informational messages to stdout, which can be helpful when running the ntp service. If you'd like to change the level of log verbosity, pass the LOG_LEVEL environment variable to the container, specifying the level (#) when you first start it. This option matches the chrony -L option, which support the following levels can to specified: 0 (informational), 1 (warning), 2 (non-fatal error), and 3 (fatal error).

Feel free to check out the project documentation for more information at:

Acknowledgements 🙏

Special thanks to cturra and simonrupf for creating the original project.

Stars 🌟

Stargazers

Tag summary

Content type

Image

Digest

sha256:9ee7c0c9b

Size

12.1 MB

Last updated

12 days ago

docker pull dockurr/chrony

This week's pulls

Pulls:

12,681

Last week