All Products
Search
Document Center

Elastic Compute Service:Synchronize ECS instance clocks with Alibaba Cloud NTP servers

Last Updated:May 15, 2026

Configure chrony, ntpd, or W32time on ECS instances to prevent scheduled task errors and log timestamp drift.

How it works

image
  • Network Time Protocol (NTP): Synchronizes clocks between a client and a server to within milliseconds by calculating network latency.

  • Alibaba Cloud NTP server: Alibaba Cloud provides NTP servers with VPC endpoints, enabling ECS instances to synchronize time with minimal network latency.

  • chrony/ntpd/W32time: NTP-based services that sync an instance's system clock with an NTP server. On Linux/Unix, chrony outperforms ntpd. Windows uses the built-in W32time service.

Verify clock accuracy

Quick guide

Linux (chrony)

Alibaba Cloud public images use chrony by default. Some older images use ntpd. Run ps -C chronyd,ntpd -o comm= to check which process is running. If the output is ntpd, the instance uses ntpd by default. See Linux (ntpd).

Run the following command and check the System time field. In this example, 0.000027851 seconds fast of NTP time means the system clock is 0.000027851 seconds ahead of NTP time. If the offset exceeds your application's tolerance, adjust your time configuration.

To check across multiple instances, use Cloud Assistant batch check.
sudo chronyc tracking
Reference ID    : 64643D58 (100.100.61.88)
Stratum         : 2
Ref time (UTC)  : Tue Oct 28 05:53:58 2025
System time     : 0.000027851 seconds fast of NTP time
Last offset     : +0.000044533 seconds
RMS offset      : 0.000036478 seconds
Frequency       : 41.053 ppm slow
Residual freq   : +0.000 ppm
Skew            : 0.007 ppm
Root delay      : 0.000408892 seconds
Root dispersion : 0.011003596 seconds
Update interval : 1028.9 seconds
Leap status     : Normal

Linux (ntpd)

Run the following command and check the offset field. In this example, 1009.26 means the system clock differs from NTP time by 1009.26 milliseconds. If the offset exceeds your application's tolerance, adjust your time configuration.

To check across multiple instances, use Cloud Assistant batch check.
sudo ntpq -p
remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
 LOCAL(0)        .LOCL.          10 l  107   64    2    0.000    0.000   0.000
+47.96.XXX.XXX   100.100.61.91    2 u   37   64    3   31.241  1009.95   1.313
 11.116.XXX.XX   .INIT.          16 u    -   16    0    0.000    0.000   0.000
-100.100.3.1     10.137.55.181    2 u   52   64    7   25.344  1010.26   0.566
-100.100.3.2     10.137.55.181    2 u   18   64    7   26.873  1008.80   2.143
-100.100.3.3     10.137.55.181    2 u   66   64   12   29.656  1010.16   0.902
-203.107.6.88    10.137.55.181    2 u   65   64    7   33.689  1005.74   0.697
 11.196.XXX.XXX  .INIT.          16 u    -   16    0    0.000    0.000   0.000
 11.196.XXX.XX   .INIT.          16 u    -   16    0    0.000    0.000   0.000
 10.143.0.44     .INIT.          16 u    -   16    0    0.000    0.000   0.000
 10.143.0.45     .INIT.          16 u    -   16    0    0.000    0.000   0.000
 10.143.0.46     .INIT.          16 u    -   16    0    0.000    0.000   0.000
+100.100.5.1     203.107.X.XX     2 u   59   64    7   53.214  1009.42   0.519
*100.100.5.2     203.107.X.XX     2 u   58   64    7   49.062  1009.26   0.984
-100.100.5.3     203.107.X.XX     2 u   57   64    7   56.670  1011.81   3.331

Windows

Press Win + R, type cmd, and press Enter. Run w32tm /query /status and check the Root Dispersion field. In this example, 7.7612440s means the system clock differs from NTP time by 7.7612440 seconds. If the offset exceeds your application's tolerance, adjust your time configuration.

To check across multiple instances, use Cloud Assistant batch check.
Leap Indicator: 0(no warning)
Stratum: 3 (secondary reference - syncd via (S)NTP)
Precision: -23 (119.209ns per tick)
Root Delay: 0.0259591s
Root Dispersion: 7.7612440s
Reference ID: 0x64640302 (source IP:  100.100.3.2)
Last Successful Sync Time: 2025/10/28 15:05:02
Source: ntp11.cloud.aliyuncs.com,0x9
Poll Interval: 6 (64s)

Configure clock synchronization

Linux (chrony)

Alibaba Cloud public images run chrony by default. Some older images run ntpd. Run ps -C chronyd,ntpd -o comm= to check which process is running. If the output is ntpd, the instance uses ntpd by default. See Linux (ntpd).

Important

A Linux system can run only one time synchronization daemon. Use either chronyd or ntpd. Before starting one, stop and disable the other.

To configure time synchronization across multiple instances, use Cloud Assistant batch execution.

1. Check and configure NTP server addresses

  1. Edit the chrony configuration file:

    Alibaba Cloud Linux/CentOS/RHEL

    sudo vim /etc/chrony.conf

    Ubuntu/Debian

    sudo vim /etc/chrony/chrony.conf
  2. Configure Alibaba Cloud NTP servers.

    Comment out all #-prefixed `server` lines, then add the following:

    Important

    Configure multiple NTP sources for fault tolerance and accuracy. The system selects the best source automatically.

    # Configuration information, including NTP server addresses, minimum polling interval, and maximum polling interval.
    server ntp.cloud.aliyuncs.com minpoll 4 maxpoll 10 iburst
    server ntp10.cloud.aliyuncs.com minpoll 4 maxpoll 10 iburst
    server ntp11.cloud.aliyuncs.com minpoll 4 maxpoll 10 iburst
    server ntp12.cloud.aliyuncs.com minpoll 4 maxpoll 10 iburst
    server ntp7.cloud.aliyuncs.com minpoll 4 maxpoll 10 iburst
    server ntp8.cloud.aliyuncs.com minpoll 4 maxpoll 10 iburst
    server ntp9.cloud.aliyuncs.com minpoll 4 maxpoll 10 iburst
  3. Save and exit. Restart chrony:

    sudo systemctl restart chronyd.service

2. Verify clock synchronization

The service gradually adjusts the time after restart. Run sudo chronyc tracking to verify synchronization.

sudo chronyc tracking

The System time field shows the offset between your system clock and NTP time. For example, 0.000036150 seconds fast of NTP time indicates the system clock is ahead.

If the time offset is large (several minutes or hours) and your workload can tolerate an abrupt time jump, consider manually synchronizing time.
Reference ID    : 64643D58 (100.100.61.88)
Stratum         : 2
Ref time (UTC)  : Sat Sep 20 07:55:33 2025
System time     : 0.000036150 seconds fast of NTP time
Last offset     : +0.000031322 seconds
RMS offset      : 0.000044841 seconds
Frequency       : 43.592 ppm slow
Residual freq   : +0.000 ppm
Skew            : 0.005 ppm
Root delay      : 0.000228760 seconds
Root dispersion : 0.010518964 seconds
Update interval : 1029.1 seconds
Leap status     : Normal

Linux (ntpd)

Some older Alibaba Cloud public images (such as CentOS 6) use ntpd by default. Because the NTP project is no longer maintained, upgrade to Chrony for better performance and security.

Important

A Linux system can run only one time synchronization daemon. Use either chronyd or ntpd. Before starting one, stop and disable the other.

To configure time synchronization across multiple instances, use Cloud Assistant batch execution.

1. Check and configure NTP server addresses

  1. Edit the NTP configuration file:

    sudo vim /etc/ntp.conf
  2. Configure Alibaba Cloud NTP servers.

    Comment out all #-prefixed `server` lines, then add the following:

    Important

    Configure multiple NTP sources for fault tolerance and accuracy. The system selects the best source automatically.

    # Configuration information, including NTP server addresses, minimum polling interval, and maximum polling interval.
    server ntp10.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10
    server ntp11.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10
    server ntp12.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10
    server ntp7.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10
    server ntp8.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10
    server ntp9.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10
  1. Save and exit. Restart ntpd:

    Alibaba Cloud Linux/CentOS/RHEL

    sudo service ntpd restart

    Ubuntu/Debian

    service ntp restart

2. Verify time synchronization

The service gradually adjusts the time after restart. Run sudo ntpq -p to verify synchronization. The offset field shows the difference between local and server time. Key parameters:

  • offset: The difference between system time and server time, in milliseconds. The closer the offset value is to 0, the more accurate.

  • jitter: The variation in time delay. Smaller values indicate higher precision.

If the time offset is large (several minutes or hours) and your workload can tolerate an abrupt time jump, consider manually synchronizing time.
sudo ntpq -p
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
 LOCAL(0)        .LOCL.          10 l   17   64    1    0.000    0.000   0.000
+100.100.3.1     10.137.55.181    2 u    8   16    1   30.426  -307.76   0.153
*100.100.3.2     10.137.55.181    2 u    5   16    1   26.845  -309.25   0.221
+100.100.3.3     10.137.55.181    2 u    4   16    1   28.819  -309.37   0.187
-100.100.5.1     203.107.X.XX     2 u    3   16    1   50.478  -310.70   0.164
-100.100.5.2     203.107.X.XX     2 u    2   16    1   47.235  -311.89   0.246
 100.100.5.3     203.107.X.XX     2 u    1   16    1   53.661  -310.50   0.119

Windows

Graphical user interface

Important

The Windows GUI supports only a single NTP server. If that server becomes unavailable, time synchronization fails.

For high availability in production environments, skip the GUI and use the command prompt to configure multiple NTP servers.

  1. In the notification area of the taskbar, click the date and time, then click Date and time settings.

    image

  2. Click Related settings > Add clocks for different time zones.

  3. Click Date and Time > Internet Time > Change settings.

  4. In the Internet Time Settings dialog box, select Synchronize with an Internet time server, enter ntp.cloud.aliyuncs.com, click Update Now, then click OK.

  5. A success message confirms synchronization. If synchronization fails, check whether a firewall or security software blocks UDP port 123.

    image

Command-line interface (CLI)

Unlike the GUI, CLI supports multiple time sources for automatic failover.

To configure time synchronization across multiple instances, use Cloud Assistant batch execution.

1. Configure NTP servers

Replace the default Windows NTP server (time.windows.com) with Alibaba Cloud NTP servers. The following example uses Windows Server 2022.

  1. Press Win + R, type cmd, and press Enter.

  2. Set the NTP servers. For example, use ntp.cloud.aliyuncs.com ntp7.cloud.aliyuncs.com ntp8.cloud.aliyuncs.com ntp11.cloud.aliyuncs.com:

     w32tm /config /manualpeerlist:"ntp.cloud.aliyuncs.com ntp7.cloud.aliyuncs.com ntp8.cloud.aliyuncs.com ntp11.cloud.aliyuncs.com" /syncfromflags:manual /reliable:YES /update
  3. Restart the time service:

     net stop w32time
     net start w32time
  4. Synchronize time:

    w32tm /resync

2. Verify time synchronization

Run w32tm /query /status. If the Source field shows Local CMOS Clock instead of your NTP server address, synchronization failed.

 w32tm /query /status
Leap Indicator: 0(no warning)
Stratum: 3 (secondary reference - syncd via (S)NTP)
Precision: -23 (119.209ns per tick)
Root Delay: 0.0020371s
Root Dispersion: 0.0191713s
Reference ID: 0x64640302 (source IP:  100.100.3.2)
Last Successful Sync Time: 2025/10/28 14:37:42
Source: ntp11.cloud.aliyuncs.com
Poll Interval: 10 (1024s)

FAQ

Do I need to install or configure chronyd or ntpd inside containers (Docker/Kubernetes)?

No.

Never run chronyd or ntpd inside containers. Containers share the host's time and do not need independent configuration. Running a time synchronization service inside a container causes clock resource contention with the host, compromising workload stability.

How do I force manual system clock synchronization?

Avoid manual synchronization due to the risk of abrupt time jumps. However, if the system clock deviates significantly (several minutes or hours) and your workload can tolerate a time jump, perform a manual sync.

Linux (chrony)

  1. Stop chrony:

    sudo systemctl stop chronyd.service
  2. Manually synchronize time:

    Important

    Before manual sync, confirm that you have configured multiple Alibaba Cloud NTP servers.

    sudo chronyd -q
  3. Start chrony:

    sudo systemctl start chronyd.service

Linux (ntpd)

Alibaba Cloud Linux/CentOS/RHEL

  1. Stop ntpd:

    sudo service ntpd stop
  2. Manually synchronize time:

    Important

    The NTP project is no longer maintained. Using ntpdate risks abrupt time jumps. Specify three or more time sources to mitigate risk. See Alibaba Cloud NTP server domains.

    Important

    ntpdate as a periodic script is not a valid replacement for an NTP daemon. NTP daemons use sophisticated algorithms to maximize accuracy while minimizing resource usage.

    sudo ntpdate ntp.cloud.aliyuncs.com ntp7.cloud.aliyuncs.com ntp10.cloud.aliyuncs.com ntp11.cloud.aliyuncs.com ntp12.cloud.aliyuncs.com
  3. Start ntpd:

    sudo service ntpd start

Ubuntu/Debian

  1. Stop ntpd:

    sudo service ntp stop
  2. Manually synchronize time:

    Important

    The NTP project is no longer maintained. Using ntpdate risks abrupt time jumps. Specify three or more time sources to mitigate risk. See Alibaba Cloud NTP server domains.

    sudo ntpdate ntp.cloud.aliyuncs.com ntp7.cloud.aliyuncs.com ntp10.cloud.aliyuncs.com ntp11.cloud.aliyuncs.com ntp12.cloud.aliyuncs.com
  3. Start ntpd:

    sudo service ntp start

What are the Alibaba Cloud NTP server domain names?

Alibaba Cloud NTP server addresses by network type (IPv4 only):

  • Alibaba Cloud ECS instances: Use VPC domains for lower latency.

  • Non-Alibaba Cloud instances: Use Internet domains.

VPC internal network

Public network

ntp.cloud.aliyuncs.com

ntp7.cloud.aliyuncs.com

ntp8.cloud.aliyuncs.com

ntp9.cloud.aliyuncs.com

ntp10.cloud.aliyuncs.com

ntp11.cloud.aliyuncs.com

ntp12.cloud.aliyuncs.com

ntp.aliyun.com

ntp1.aliyun.com

ntp2.aliyun.com

ntp3.aliyun.com

ntp4.aliyun.com

ntp5.aliyun.com

ntp6.aliyun.com

ntp7.aliyun.com

Is the Alibaba Cloud NTP service free?

Free of charge. Alibaba Cloud public images include a default NTP configuration. ECS instances created from these images use Chrony or NTP to synchronize time automatically.

How do I upgrade from ntpd to chrony?

Some older Alibaba Cloud ECS images, such as CentOS 6, use `ntpd`. Because the NTP project is no longer maintained, upgrade to `chrony` if your workload does not depend on NTP.

  1. Uninstall ntp:

    Alibaba Cloud Linux/CentOS/RHEL
    sudo yum remove ntp
    Ubuntu/Debian
    sudo apt remove ntp
  2. Install Chrony:

    If the download fails, see How to resolve yum failures when installing chrony on CentOS 6 (EOL)?
    Alibaba Cloud Linux/CentOS/RHEL
    sudo yum install chrony
    Ubuntu/Debian
    sudo apt update
    
    sudo apt install chrony
  3. Configure Chrony:

    Edit the configuration file:

    Alibaba Cloud Linux/CentOS/RHEL

    sudo vim /etc/chrony.conf

    Ubuntu/Debian

    sudo vim /etc/chrony/chrony.conf

    Add NTP servers to the file. Example chrony.conf:

    # NTP server settings
    server ntp.cloud.aliyuncs.com minpoll 4 maxpoll 10 iburst
    # Specify the location of the drift file
    driftfile /var/lib/chrony/drift
    # Allow chronyd to be queried from localhost
    allow 127.0.0.1

    Parameters:

    Parameter

    Description

    server ntp.cloud.aliyuncs.com

    The NTP server domain. chrony connects to this server for time synchronization.

    minpoll 4

    Minimum polling interval as a power of 2 in seconds. minpoll 4 = 2⁴ = 16 seconds. chrony sends at least one sync request every 16 seconds.

    maxpoll 10

    Maximum polling interval as a power of 2 in seconds. maxpoll 10 = 2¹⁰ = 1024 seconds.

    iburst

    Speeds up initial synchronization. When chrony starts, it sends a burst of requests (typically 8) to quickly obtain accurate time.

  4. Start chrony:

    1. Start Chrony and enable it on boot:

      # Start the chrony service
      sudo service chronyd start
      
      # Set chrony to start automatically when the system boots
      sudo chkconfig chronyd on
    2. Check chrony status. Use chronyc to verify chrony synchronization:

      # Check the service status
      sudo service chronyd status
    3. Verify time synchronization:

      sudo chronyc tracking

How to resolve yum failures when installing chrony on CentOS 6 (EOL)?

  1. Clean old repo configurations:

    sudo mkdir -p /etc/yum.repos.d/backup && sudo mv /etc/yum.repos.d/*.repo /etc/yum.repos.d/backup/
  2. Create a new CentOS-Vault.repo file pointing to the official archive:

    sudo tee /etc/yum.repos.d/CentOS-Vault.repo <<'EOF'
    [C6.10-base]
    name=CentOS-6.10 - Base
    baseurl=http://vault.centos.org/6.10/os/$basearch/
    gpgcheck=1
    gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
    enabled=1
    [C6.10-updates]
    name=CentOS-6.10 - Updates
    baseurl=http://vault.centos.org/6.10/updates/$basearch/
    gpgcheck=1
    gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
    enabled=1
    [C6.10-extras]
    name=CentOS-6.10 - Extras
    baseurl=http://vault.centos.org/6.10/extras/$basearch/
    gpgcheck=1
    gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
    enabled=1
    EOF
  3. Clean and rebuild the cache:

    sudo yum clean all && sudo yum makecache
  4. Install chrony:

    sudo yum install chrony

References