系列专题:Linux运维入门教程
1 需求
三个节点node0, node1 node2;
节点node0作为时间服务器,node1与node2实现与节点node0的时间同步
2 方案
在各个节点安装软件包
yum install ntp ntpdate -y
2.1 Node0配置时间服务器
节点node0修改文件/etc/ntp.conf,内容如下:
# Formore information about this file, see the man pages
#ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
driftfile /var/lib/ntp/drift
# Permittime synchronization with our time source, but do not
# permitthe source to query or modify the service on this system.
#restrictdefault nomodify notrap nopeer noquery
restrict default nomodify notrap nopeer
# Permitall access over the loopback interface. This could
# betightened as well, but to do so would effect some of
# theadministrative functions.
restrict 127.0.0.1
restrict ::1
# Hostson local network are less restricted.
#restrict192.168.1.0 mask 255.255.255.0 nomodify notrap
# Usepublic servers from the pool.ntp.org project.
# Pleaseconsider joining the pool (http://www.pool.ntp.org/join.html).
#server0.centos.pool.ntp.org iburst
#server1.centos.pool.ntp.org iburst
#server2.centos.pool.ntp.org iburst
#server3.centos.pool.ntp.org iburst
#broadcast192.168.1.255 autokey # broadcastserver
#broadcastclient #broadcast client
#broadcast224.0.1.1 autokey # multicastserver
#multicastclient224.0.1.1 # multicast client
#manycastserver239.255.254.254 # manycast server
#manycastclient239.255.254.254 autokey # manycast client
# Enablepublic key cryptography.
#crypto
includefile /etc/ntp/crypto/pw
# Keyfile containing the keys and key identifiers used when operating
# withsymmetric key cryptography.
keys /etc/ntp/keys
#Specify the key identifiers which are trusted.
#trustedkey 4 8 42
#Specify the key identifier to use with the ntpdc utility.
#requestkey8
#Specify the key identifier to use with the ntpq utility.
#controlkey8
# Enablewriting of statistics records.
#statisticsclockstats cryptostats loopstats peerstats
#Disable the monitoring facility to prevent amplification attacks using ntpdc
#monlist command when default restrict does not include the noquery flag. See
#CVE-2013-5211 for more details.
# Note:Monitoring will not be disabled with the limited restriction flag.
disable monitor
fudge 127.127.1.0 stratum 8
server 127.127.1.0
启动服务:
[root@node0cluster]# systemctl start ntpd
[root@node0cluster]# systemctl enable ntpd
Createdsymlink from /etc/systemd/system/multi-user.target.wants/ntpd.service to /usr/lib/systemd/system/ntpd.service.
[root@node0cluster]#
2.2 客户端配置时间同步方案crond
cron有两个配置文件,一个是一个全局配置文件(/etc/crontab),是针对系统任务的;一组是crontab命令生成的配置文件(/var/spool/cron下的文件),是针对某个用户的.定时任务配置到任意一个中都可以。
[root@node1 ceph]# echo "*/30 * * * * /usr/sbin/ntpdate 192.168.192.90">/var/spool/cron/root
[root@node1 ceph]# cat /var/spool/cron/root
*/30 * * * * /usr/sbin/ntpdate 192.168.192.90
[root@node1 ceph]# systemctl restart crond.service