Linux(Centos7.4和RHEL7.4)环境下基于chrony的NTP服务器的构建
2018-01-12 20:15
471 查看
一、操作环境
操作系统:CentOS Linux release 7.4.1708 (Core) 最小化安装版chrony版本:chrony-3.1-2.x86_64
二、配置过程
由于在CentOS7.4系统中以默认安装chrony,因此无需再执行安装过程。其他未安装chrony的操作系统要执行安装chrony也是极其简单的,以CentOS7以下没有自带chrony的操作系统版本为例,执行yum -y install chrony一键即可完成chrony的安装。1、检查服务状态。
[root@Geeklp-Chrony ~]# systemctl status chronyd ● chronyd.service - NTP client/server Loaded: loaded (/usr/lib/systemd/system/chronyd.service; enabled; vendor preset: enabled) Active: active (running) since 五 2018-01-12 10:20:17 CST; 1h 26min ago
从以上信息中我们可以看到,chrony服务已经启动,默认开机启动,厂商预置状态为开机启动。
2、配置防火墙
[root@Geeklp-Chrony ~]# firewall-cmd --permanent --add-service=ntp success [root@Geeklp-Chrony ~]# firewall-cmd --reload success
3、测试。
本次测试使用的客户端IP为:10.1.1.23,客户端同样安装的是chrony软件。
(1)将客户端chronyd的配置文件中以下几行注释了,并在后面新增一行:
#server 0.centos.pool.ntp.org iburst #server 1.centos.pool.ntp.org iburst #server 2.centos.pool.ntp.org iburst #server 3.centos.pool.ntp.org iburst server 10.1.1.21 iburst
(2)将客户时间修改为错误时间。
[root@JDK-Tomcat ~]# date -s 18:23:12
(3)重启客户端chrony。
[root@JDK-Tomcat ~]# systemctl restart chronyd
(4)查看客户端时间同步情况。
[root@JDK-Tomcat ~]# date 2018年 01月 12日 星期五 19:39:37 CST
结果与服务器时间一致,配置成功。测试完毕。
4、chrony也支持ntpdate,我们现在来卸载客户端上的chrony,然后使用ntpdate尝试同步。
[root@JDK-Tomcat ~]# yum -y remove chronyd [root@JDK-Tomcat ~]# yum -y install ntpdate [root@JDK-Tomcat ~]# ntpdate 10.1.1.21 12 Jan 19:41:49 ntpdate[3407]: step time server 10.1.1.21 offset 4702.851108 sec
以上效果也是很明显的。我们也可以使用定时任务来同步时间,关于定时任务设置,此处不再赘述。
三、高级设置
chrony是ntp协议的另外一种实现,关于chrony与ntp的对比我们可以参考文末参考资料。一般情况下,建议使用chrony代替ntp。1、关于chronyc。chronyc支持命令行模式与交互式模式。我们来看一下帮助文档。
System clock: tracking Display system time information makestep Correct clock by stepping immediately makestep <threshold> <updates> Configure automatic clock stepping maxupdateskew <skew> Modify maximum valid skew to update frequency waitsync [<max-tries> [<max-correction> [<max-skew> [<interval>]]]] Wait until synchronised in specified limits Time sources: sources [-v] Display information about current sources sourcestats [-v] Display statistics about collected measurements reselect Force reselecting synchronisation source reselectdist <dist> Modify reselection distance NTP sources: activity Check how many NTP sources are online/offline ntpdata [<address>] Display information about last valid measurement add server <address> [options] Add new NTP server add peer <address> [options] Add new NTP peer delete <address> Remove server or peer burst <n-good>/<n-max> [<mask>/<address>] Start rapid set of measurements maxdelay <address> <delay> Modify maximum valid sample delay maxdelayratio <address> <ratio> Modify maximum valid delay/minimum ratio maxdelaydevratio <address> <ratio> Modify maximum valid delay/deviation ratio minpoll <address> <poll> Modify minimum polling interval maxpoll <address> <poll> Modify maximum polling interval minstratum <address> <stratum> Modify minimum stratum offline [<mask>/<address>] Set sources in subnet to offline status online [<mask>/<address>] Set sources in subnet to online status polltarget <address> <target> Modify poll target refresh Refresh IP addresses Manual time input: manual off|on|reset Disable/enable/reset settime command manual list Show previous settime entries manual delete <index> Delete previous settime entry settime <time> Set daemon time (e.g. Sep 25, 2015 16:30:05 or 16:30:05) NTP access: accheck <address> Check whether address is allowed clients Report on clients that have accessed the server serverstats Display statistics of the server allow [<subnet>] Allow access to subnet as a default allow all [<subnet>] Allow access to subnet and all children deny [<subnet>] Deny access to subnet as a default deny all [<subnet>] Deny access to subnet and all children local [options] Serve time even when not synchronised local off Don't serve time when not synchronised smoothtime reset|activate Reset/activate time smoothing smoothing Display current time smoothing state Monitoring access: cmdaccheck <address> Check whether address is allowed cmdallow [<subnet>] Allow access to subnet as a default cmdallow all [<subnet>] Allow access to subnet and all children cmddeny [<subnet>] Deny access to subnet as a default cmddeny all [<subnet>] Deny access to subnet and all children Real-time clock: rtcdata Print current RTC performance parameters trimrtc Correct RTC relative to system clock writertc Save RTC performance parameters to file Other daemon commands: cyclelogs Close and re-open log files dump Dump all measurements to save files rekey Re-read keys from key file Client commands: dns -n|+n Disable/enable resolving IP addresses to hostnames dns -4|-6|-46 Resolve hostnames only to IPv4/IPv6/both addresses timeout <milliseconds> Set initial response timeout retries <retries> Set maximum number of retries keygen [<id> [<type> [<bits>]]] Generate key for key file exit|quit Leave the program help Generate this help
以上命令在交互模式中支持自动补全哦,十分方便。让我们来实践一下吧。
(1)查看时间同步源。在命令行中输入chronyc进入交互模式。
怎么样?是不是比ntpq中显示的要直观得多。图中展示了一些命令补全的效果。
(2)查看时间同步状态。
2、关于chrony。
[root@Geeklp-Chrony ~]# man chrony.conf
(3)关于chronyd。
[root@Geeklp-Chrony ~]# man chronyd
(4)最重要的chronyc。
[root@Geeklp-Chrony ~]# man chronyc
参考资料:
https://chrony.tuxfamily.org/doc/3.1/chrony.conf.htmlhttps://chrony.tuxfamily.org/doc/3.2/chronyd.html
https://chrony.tuxfamily.org/doc/3.2/chronyc.html
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/system_administrators_guide/sect-using_chrony
相关文章推荐
- Linux(Centos7.4及RHEL7.4)环境下NTP服务器的构建
- 浅谈Linux(Centos7.4)环境下NTP服务器的构建
- Ubuntu及RHEL linux环境下多端口捆绑实战验证(基于模式4和1)
- 基于CentOS中PXE网络环境构建实例
- 如何在CentOS/RHEL中安装基于Web的监控系统 linux-dash
- 基于Linux CentOS的Python科学计算环境搭建
- 【转】如何在CentOS/RHEL中安装基于Web的监控系统 linux-das
- 基于Cobbler+Kickstart构建网络安装环境(Linux 大规模部署安装)
- Centos7.4 安装java开发环境(lnmt)Linux + Nginx+ MySQL+ Tomcat
- 嵌入式Linux开发环境构建(基于Ubuntu12.04 LTS)
- Linux搭建java web服务器环境(jdk7+tomcat7+mysql5.5 基于CentOS 6.5)
- 基于Linux(RHELV7Update4)下的IBM私有云ICP-CE(IBM Cloud Private)环境安装部署测试
- 怎么在Linux环境下安装eclipse和JDK(基于Centos 6)
- 【转】基于 Docker/Qemu 快速构建 Linux 内核实验环境
- [授权发表]基于 Docker 快速构建 Linux 0.11 实验环境
- Linux——虚拟化环境搭建教程,基于Centos 6 版本(下)
- Linux——虚拟化环境搭建教程,基于Centos 6 版本(上)
- 如何在CentOS/RHEL中安装基于Web的监控系统 linux-dash
- 基于阿里云centOS服务器,LAMP环境搭建(linux+apache+mysql+php)
- linux 安装LAMP环境(centos7.4)