在配置时钟同步服务器时第一次同步时间时,使用ntpdate命令;后续通过ntpd服务与服务器同步时间。
一、搭建NTP服务器
1、查看服务器、客户端操作系统版本
[root@web ~]# cat /etc/redhat-release
CentOS Linux release 7.5.1804 (Core)
2、查看服务器是否安装ntp,系统默认安装ntpdate;
[root@web ~]# rpm -qa | grep ntp
fontpackages-filesystem-1.44-8.el7.noarch
ntpdate-4.2.6p5-28.el7.centos.x86_64
python-ntplib-0.3.2-1.el7.noarch
3、安装ntp ntpdate,其中ntpdate默认安装,可以只安装ntp;
yum install ntp ntpdate -y
离线安装:rpm -ivh *.rpm --force --nodeps
文件清单:
ntp-4.2.6p5-28.el7.centos.x86_64.rpm
ntpdate-4.2.6p5-28.el7.centos.x86_64.rpm
openssl-1.0.2k-16.el7_6.1.x86_64.rpm
openssl-libs-1.0.2k-16.el7_6.1.x86_64.rpm
4、查看是否已安装完成,与第2步对比
[root@web ~]# rpm -qa | grep ntp
fontpackages-filesystem-1.44-8.el7.noarch
ntpdate-4.2.6p5-28.el7.centos.x86_64
ntp-4.2.6p5-28.el7.centos.x86_64
python-ntplib-0.3.2-1.el7.noarch
5、查看ntp服务器状态,两条命令效果一样
[root@web ~]# systemctl status ntpd
● ntpd.service - Network Time Service
Loaded: loaded (/usr/lib/systemd/system/ntpd.service; disabled; vendor preset: disabled)
Active: inactive (dead)
或
[root@web ~]# service ntpd status
Redirecting to /bin/systemctl status ntpd.service
● ntpd.service - Network Time Service
Loaded: loaded (/usr/lib/systemd/system/ntpd.service; disabled; vendor preset: disabled)
Active: inactive (dead)
6、修改配置文件,使该NTP服务器在不联网的情况下,使用本服务器的时间作为同步时间
vim /etc/ntp.conf
把如下四行代码注释掉
server 0.centos.pool.ntp.org iburst
server 1.centos.pool.ntp.org iburst
server 2.centos.pool.ntp.org iburst
server 3.centos.pool.ntp.org iburst
在下面再添加一行
server 127.127.1.0 iburst
- 启动ntp服务
修改时区(改为中国标准时区)ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
systemctl start ntpd
或
service ntpd start
8、再次查看服务器状态
[root@web ~]# systemctl status ntpd
● ntpd.service - Network Time Service
Loaded: loaded (/usr/lib/systemd/system/ntpd.service; enabled; vendor preset: disabled)
Active: active (running) since Tue 2018-08-21 14:29:12 CST; 8s ago
Process: 6588 ExecStart=/usr/sbin/ntpd -u ntp:ntp $OPTIONS (code=exited, status=0/SUCCESS)
Main PID: 6589 (ntpd)
Tasks: 1
CGroup: /system.slice/ntpd.service
└─6589 /usr/sbin/ntpd -u ntp:ntp -g
Aug 21 14:29:12 web ntpd[6589]: Listen normally on 2 lo 127.0.0.1 UDP 123
Aug 21 14:29:12 web ntpd[6589]: Listen normally on 3 eno1 192.168.0.163 UDP 123
Aug 21 14:29:12 web ntpd[6589]: Listen normally on 4 virbr0 192.168.122.1 UDP 123
Aug 21 14:29:12 web ntpd[6589]: Listen normally on 5 lo ::1 UDP 123
Aug 21 14:29:12 web ntpd[6589]: Listen normally on 6 eno1 fe80::6e92:bfff:fe6f:daea UDP 123
Aug 21 14:29:12 web ntpd[6589]: Listening on routing socket on fd #23 for interface updates
Aug 21 14:29:12 web ntpd[6589]: 0.0.0.0 c016 06 restart
Aug 21 14:29:12 web ntpd[6589]: 0.0.0.0 c012 02 freq_set kernel 0.000 PPM
Aug 21 14:29:12 web ntpd[6589]: 0.0.0.0 c011 01 freq_not_set
Aug 21 14:29:13 web ntpd[6589]: 0.0.0.0 c514 04 freq_mode
或
[root@web ~]# service ntpd status
Redirecting to /bin/systemctl status ntpd.service
● ntpd.service - Network Time Service
Loaded: loaded (/usr/lib/systemd/system/ntpd.service; enabled; vendor preset: disabled)
Active: active (running) since Tue 2018-08-21 14:29:12 CST; 56s ago
Process: 6588 ExecStart=/usr/sbin/ntpd -u ntp:ntp $OPTIONS (code=exited, status=0/SUCCESS)
Main PID: 6589 (ntpd)
Tasks: 1
CGroup: /system.slice/ntpd.service
└─6589 /usr/sbin/ntpd -u ntp:ntp -g
Aug 21 14:29:12 web ntpd[6589]: Listen normally on 2 lo 127.0.0.1 UDP 123
Aug 21 14:29:12 web ntpd[6589]: Listen normally on 3 eno1 192.168.0.163 UDP 123
Aug 21 14:29:12 web ntpd[6589]: Listen normally on 4 virbr0 192.168.122.1 UDP 123
Aug 21 14:29:12 web ntpd[6589]: Listen normally on 5 lo ::1 UDP 123
Aug 21 14:29:12 web ntpd[6589]: Listen normally on 6 eno1 fe80::6e92:bfff:fe6f:daea UDP 123
Aug 21 14:29:12 web ntpd[6589]: Listening on routing socket on fd #23 for interface updates
Aug 21 14:29:12 web ntpd[6589]: 0.0.0.0 c016 06 restart
Aug 21 14:29:12 web ntpd[6589]: 0.0.0.0 c012 02 freq_set kernel 0.000 PPM
Aug 21 14:29:12 web ntpd[6589]: 0.0.0.0 c011 01 freq_not_set
Aug 21 14:29:13 web ntpd[6589]: 0.0.0.0 c514 04 freq_mode
9、查看是否同步
[root@web ~]# ntpq -p
remote refid st t when poll reach delay offset jitter
==============================================================================
*LOCAL(0) .LOCL. 5 l 20 64 7 0.000 0.000 0.000
10、设置开机启动
[root@web ~]# systemctl enable ntpd
Created symlink from /etc/systemd/system/multi-user.target.wants/ntpd.service to
/usr/lib/systemd/system/ntpdservice.
11、设置防火墙,打开udp123端口
[root@web ~]# firewall-cmd --permanent --add-port=123/udp
success
[root@web ~]# firewall-cmd --reload
Success
12、查看防火墙已打开端口
iptables -L -n
二、客户端配置
前5步与服务器一致
6、修改配置文件,将刚刚搭建好的NTP服务器作为客户端上游时间服务器
vim /etc/ntp.conf
#注释掉其他上游时间服务器
#server 0.centos.pool.ntp.org iburst
#server 1.centos.pool.ntp.org iburst
#server 2.centos.pool.ntp.org iburst
#server 3.centos.pool.ntp.org iburst
#配置上游时间服务器为本地的ntpd Server服务器
server 192.168.0.163
#配置允许上游时间服务器主动修改本机的时间
restrict 192.168.0.163 nomodify notrap noquery
7、与本地ntpd Server同步一下
ntpdate -u 192.168.0.163
8、启动ntp服务
systemctl start ntpd
或
service ntpd start
9、设置开机启动
[root@db3 ~]# systemctl enable ntpd
Created symlink from /etc/systemd/system/multi-user.target.wants/ntpd.service to /usr/lib/systemd/system/ntpd.service.
10、查看状态
[root@db3 ~]# ntpq -p
remote refid st t when poll reach delay offset jitter
==============================================================================
*192.168.0.163 LOCAL(0) 11 u 21 64 377 0.068 -0.824 0.367
616
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
