ntp 프로토콜 동기화 시간,chronycsources-v 동기화 시간 사용하기

10657 단어 IT직장90후
우리는 서버를 찾아서 시간과 인터넷을 동기화하고 다른 호스트와 이 서버를 동기화하며 대역폭을 충분히 활용할 수 있고 효율도 높다.ntp 서버는 클라이언트이자 서버이기 때문에 기본적으로 ntp는 사용되지 않습니다. 우리는 먼저 클라이언트 or 서버가 되어야 한다는 것을 알아야 합니다. 예를 들어 현재 우리의 시간은 잘못된 것입니다. 원격 서버와 동기화하려면 172.20.0.1로 원격 호스트를 해야 합니다. 이것은 서버입니다.
1、[root@Centos6 ~]# yum install ntp
Loaded plugins: fastestmirror, refresh-packagekit, securitySetting up Install ProcessLoading mirror speeds from cached hostfileResolving Dependencies--> Running transaction check---> Package ntp.x86_64 0:4.2.6p5-12.el6.centos.2 will be updated---> Package ntp.x86_64 0:4.2.6p5-15.el6.centos will be an update--> Processing Dependency: ntpdate = 4.2.6p5-15.el6.centos for package: ntp-4.2.6p5-15.el6.centos.x86_64--> Running transaction check---> Package ntpdate.x86_64 0:4.2.6p5-12.el6.centos.2 will be updated---> Package ntpdate.x86_64 0:4.2.6p5-15.el6.centos will be an update--> Finished Dependency Resolution
Dependencies Resolved

=====================================================================Package Arch Version Repository Size


Updating:ntp x86_64 4.2.6p5-15.el6.centos updates 600 kUpdating for dependencies:ntpdate x86_64 4.2.6p5-15.el6.centos updates 79 k

Transaction Summary


Upgrade 2 Package(s)

Total download size: 679 kIs this ok [y/N]: yDownloading Packages:(1/2): ntp-4.2.6p5-15.el6.centos.x86_64.rpm | 600 kB 00:00 (2/2): ntpdate-4.2.6p5-15.el6.centos.x86_64.r | 79 kB 00:00


Total 2.3 MB/s | 679 kB 00:00 Running rpm_check_debugRunning Transaction TestTransaction Test SucceededRunning TransactionUpdating : ntpdate-4.2.6p5-15.el6.centos.x86_64 1/4 Updating : ntp-4.2.6p5-15.el6.centos.x86_64 2/4 Cleanup : ntp-4.2.6p5-12.el6.centos.2.x86_64 3/4 Cleanup : ntpdate-4.2.6p5-12.el6.centos.2.x86_64 4/4 Verifying : ntpdate-4.2.6p5-15.el6.centos.x86_64 1/4 Verifying : ntp-4.2.6p5-15.el6.centos.x86_64 2/4 Verifying : ntpdate-4.2.6p5-12.el6.centos.2.x86_64 3/4 Verifying : ntp-4.2.6p5-12.el6.centos.2.x86_64 4/4
Updated:ntp.x86_64 0:4.2.6p5-15.el6.centos
Dependency Updated:ntpdate.x86_64 0:4.2.6p5-15.el6.centos
Complete!
2、[root@centos7 ~]# rpm -ql ntp
/etc/dhcp/dhclient.d/etc/dhcp/dhclient.d/ntp.sh/etc/ntp.conf/etc/ntp/crypto/etc/ntp/crypto/pw/etc/sysconfig/ntpd/usr/bin/ntpstat/usr/lib/systemd/ntp-units.d/60-ntpd.list/usr/lib/systemd/system/ntpd.service/usr/sbin/ntp-keygen/usr/sbin/ntpd/usr/sbin/ntpdc/usr/sbin/ntpq/usr/sbin/ntptime/usr/sbin/tickadj/usr/share/doc/ntp-4.2.6p5/usr/share/doc/ntp-4.2.6p5/COPYRIGHT/usr/share/doc/ntp-4.2.6p5/ChangeLog/usr/share/doc/ntp-4.2.6p5/NEWS/usr/share/man/man5/ntp.conf.5.gz/usr/share/man/man5/ntp_acc.5.gz/usr/share/man/man5/ntp_auth.5.gz/usr/share/man/man5/ntp_clock.5.gz/usr/share/man/man5/ntp_decode.5.gz/usr/share/man/man5/ntp_misc.5.gz/usr/share/man/man5/ntp_mon.5.gz/usr/share/man/man8/ntp-keygen.8.gz/usr/share/man/man8/ntpd.8.gz/usr/share/man/man8/ntpdc.8.gz/usr/share/man/man8/ntpq.8.gz/usr/share/man/man8/ntpstat.8.gz/usr/share/man/man8/ntptime.8.gz/usr/share/man/man8/tickadj.8.gz/var/lib/ntp/var/lib/ntp/drift/var/log/ntpstats
3、[root@Centos6 ~]# vim/etc/ntp.conf
# For more information about this file, see the man pages
# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
driftfile /var/lib/ntp/drift
# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
restrict default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery

# Permit all access over the loopback interface.  This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1
restrict -6 ::1
# Hosts on local network are less restricted.
#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
server 172.20.0.1 iburst:
server 0.centos.pool.ntp.org iburst
server 1.centos.pool.ntp.org iburst
server 2.centos.pool.ntp.org iburst
server 3.centos.pool.ntp.org iburst
"/etc/ntp.conf" 54L, 1804C      

서버 172.20.0.1 iburst를 추가합니다.
4. 시작 스크립트
[root@Centos6 ~]# service ntpd statusntpd is stopped[root@Centos6 ~]# service ntpd startStarting ntpd: [ OK ][root@Centos6~]#dateMon Jan 29 17:24:06 CST 2018 스크립트가 시작되면 순간 동기화 시간
5. 우리는 일부러 시간을 잘못 알고 스크립트를 시작합니다
[root@Centos6 ~]# date -s "-1 year"Mon Jan 29 17:23:25 CST 2018[root@Centos6 ~]# dateMon Jan 29 17:23:28 CST 2018[root@Centos6 ~]# service ntpd restartShutting down ntpd: [ OK ]Starting ntpd: [ OK ][root@Centos6~] # dateMon Jan 29 17:24:06 CST 2018은 점진적인 동기화 프로세스이므로 즉시 동기화하지는 않지만 호스트 시간과 동기화하려면 다음과 같이 명령합니다.
[root@Centos6 ~]# ntpq -p
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
 172.20.0.1      5.103.139.163    2 u   37   64    1    1.979  -15.289   0.000
+ntp7.flashdance 194.58.202.20    2 u   33   64    1  490.878  -13.246  19.820
*85.199.214.101  .GPS.            1 u   30   64    1  309.518   39.975   1.333
 ntp.wdc1.us.lea .STEP.          16 u    -   64    0    0.000    0.000   0.000
 jp.linode.oxoox .STEP.          16 u    -   64    0    0.000    0.000   0.000

ntpdate 명령으로 호스트와 즉시 동기화해야 합니다
[root@Centos6~]#ntpdate 172.20.0.129 1월 17:25:33 ntpdate[29759]: the NTP socket is in use, exiting는 오류를 보고합니다. 서비스 ntpd restart ntp 서비스를 열었기 때문에 먼저 서비스를 멈추고 즉시 동기화하고 마지막으로 서비스를 시작해야 합니다.
[root@Centos6 ~]# service ntpd stop
Shutting down ntpd:                                        [  OK  ]
[root@Centos6 ~]# ntpdate 172.20.0.1
29 Jan 17:26:00 ntpdate[29779]: adjust time server 172.20.0.1 offset -0.015599 sec
[root@Centos6 ~]# service ntpd start
Starting ntpd:                                             [  OK  ]
[root@Centos6 ~]# date
Tue Jan 29 17:26:28 CST 2019

먼저 시간 일치를 확보하고 ntp 프로토콜을 갑시다!

ntp 프로토콜은udp 프로토콜의 123 포트를 사용합니다. 앞으로 방화벽을 설정할 때 123 포트를 열어야 합니다.


chrony를 사용하여 시간 동기화를 실현합니다. 우선,chrony는 클라이언트가 될 수도 있고 서버가 될 수도 있습니다.
1. chrony 클라이언트 설정
[root@centos7 ~]# vim/etc/chrony.conf
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
sercer 172.20.0.1
#server 0.centos.pool.ntp.org iburst
#server 1.centos.pool.ntp.org iburst
#server 2.centos.pool.ntp.org iburst
#server 3.centos.pool.ntp.org iburst                                 

# Record the rate at which the system clock gains/losses time.
driftfile /var/lib/chrony/drift
# Allow the system clock to be stepped in the first three updates
# if its offset is larger than 1 second.
makestep 1.0 3
# Enable kernel synchronization of the real-time clock (RTC).
rtcsync
# Enable hardware timestamping on all interfaces that support it.
#hwtimestamp *
# Increase the minimum number of selectable sources required to adjust
# the system clock.
#minsources 2
# Allow NTP client access from local network.

우리는 sercer 172.20.0.1을 추가하여 다른 서버를 모두 주석하면 설정을 완성할 수 있습니다.
2. chrony 상태를 열면 다음과 같이 닫힙니다.
[root@centos7 ~]# systemctl status chronyd.service● chronyd.service - NTP client/serverLoaded: loaded (/usr/lib/systemd/system/chronyd.service; disabled; vendor preset: enabled)Active: inactive (dead)Docs: man:chronyd(8)man:chrony.conf(5)
chronyc 전문 클라이언트 도구 열기
[root@centos7 ~]# chronycchrony version 3.2Copyright (C) 1997-2003, 2007, 2009-2017 Richard P. Curnow and otherschrony comes with ABSOLUTELY NO WARRANTY. This is free software, andyou are welcome to redistribute it under certain conditions. See theGNU General Public License version 2 for details.
chronyc> helpSystem clock: tracking Display system time informationmakestep Correct clock by stepping immediatelymakestep Configure automatic clock steppingmaxupdateskew Modify maximum valid skew to update frequencywaitsync [ [ [ []]]]Wait until synchronised in specified limitsTime sources: sources [-v] Display information about current sourcessourcestats [-v]Display statistics about collected measurementsreselect Force reselecting synchronisation sourcereselectdistvroot@Centos6 ~]# chronyc sources -vchronyc> sources -v210 Number of sources = 1

.-- Source mode '^' = server, '=' = peer, '#' = local clock./ .- Source state '*' = current synced, '+' = combined , '-' = not combined,| / '?' = unreachable, 'x' = time may be in error, '~' = time too variable.|| .- xxxx [ yyyy ] +/- zzzz|| Reachability register (octal) -. | xxxx = adjusted offset,|| Log2(Polling interval) --. | | yyyy = measured offset,|| \ | | zzzz = estimated error.|| | | \MS Name/IP address Stratum Poll Reach LastRx Last sample


^* gateway 2 6 177 23 +160us[ +271us] +/- 252mschronyc>
#####  vim /etc/chrony.conf 
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.s

server ntp.aliyun.com iburst
server ntp1.aliyun.com iburst
#server 0.centos.pool.ntp.org iburst
#server 1.centos.pool.ntp.org iburst
#server 2.centos.pool.ntp.org iburst
#server 3.centos.pool.ntp.org iburst

# Record the rate at which the system clock gains/losses time.
driftfile /var/lib/chrony/drift

# Allow the system clock to be stepped in the first three updates
# if its offset is larger than 1 second.
makestep 1.0 3

서버 ntp를 추가했습니다.aliyun.com iburst server ntp1.aliyun.com iburst 두 가지, 인터넷과 동기화된 조작으로 시간을 잘못 잡고 서비스를 다시 시작합니다. [root@centos7 ~]# date -s "2 year"Fri Jan 29 18:55:06 CST 2021[root@centos7 ~]# systemctl restart chronyd[root@centos7 ~]# date Tue Jan 29 18:56:49 CST 2021[root@centos7 ~]# chronyc sources -v210 Number of sources = 2

.-- Source mode '^' = server, '=' = peer, '#' = local clock./ .- Source state '*' = current synced, '+' = combined , '-' = not combined,| / '?' = unreachable, 'x' = time may be in error, '~' = time too variable.|| .- xxxx [ yyyy ] +/- zzzz|| Reachability register (octal) -. | xxxx = adjusted offset,|| Log2(Polling interval) --. | | yyyy = measured offset,|| \ | | zzzz = estimated error.|| | | \MS Name/IP address Stratum Poll Reach LastRx Last sample


^* 203.107.6.88 2 6 77 1 -1324us[-3791us] +/- 19ms^+ 120.25.115.20 2 6 77 0 +1182us[+1182us] +/- 22ms[root@centos7~]#dateTue Jan 29 18:58:51 CST 2019 이 시간에 동기화가 완료되면 2년 차이도 곧 동기화됩니다. 속도가 보입니다.

좋은 웹페이지 즐겨찾기