NTP时间同步解决方案

2019独角兽企业重金招聘Python工程师标准>>>

1.   引言

1.1.  目的

解决多个服务器时间不同步的问题。

1.2.  目标范围

 

1.3.  读者对象

1) 开发工程师 2）运维工程师

1.4.  参考文献

 

2.   解决方案

本次NTP服务器地址为：172.16.5.250。

2.1.  把Windows(2003)下配置NTP时间服务器

2.1.1.   服务端设置

因为默认情况下，WINDOWS SERVER 2003 是作为NTP客户端工作的 ，所以必须通过修改注册表，以使系统作为NTP服务器运行。注意，工作之前请先备份注册表文件。

 

1、通过开始菜单，输入regedit命令后打开注册表设定画面，此时请一定备份注册表文件。

 

2、修改以下选项的键值

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\

NtpServer内的「Enabled」设定为1，打开NTP服务器功能

 

3、修改以下键值

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Config\

AnnounceFlags设定为5,该设定强制主机将它自身宣布为可靠的时间源，从而使用内置的互补金属氧化物半导体(CMOS) 时钟。

 

4、在dos命令行执行以下命令，确保以上修改起作用

net stop w32time

net start w32time

 

推荐计划；如果该服务器和internet连接，那么为了避免服务器和internet上的ntp同步，最好追加以下配置：

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\

NtpClient的「enable」设定为0 以防止作为客户端自动同步外界的时间服务

2.1.2.   客户端设置

1、指定主时间服务器。在DOS方式输入“net time /setsntp:ntp.sjtu.edu.cn”，这里我们指定ntp.sjtu.edu.cn是主时间服务器，也可以是其它地址(210.72.145.44)。

 

2、自由设定时间同步间隔：

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\

NtpClient的「SpecialPollInterval」默认设定为604800（或86400）

 

PS:

对话框中的“基数栏”选择到“十进制”上,显示的数字正是自动对时的间隔(以秒为单位)，比如默认的604800就是由7(天)×24(时)×60(分)×60(秒)计算来的如果您想让WINODWS以多长时间自动对时，只要按这个公式算出具体的秒数。

 

2.2.  把Linux下配置NTP时间服务器

2.1.3.   服务端设置

修改/etc/ntp.conf文件（加红部分）

# For more information about this file, see the man pages # ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).   driftfile /var/lib/ntp/drift   # Permit time synchronization with our time source, but do not # permit the source to query or modify the service on this system. restrict default kod nomodify notrap nopeer noquery restrict -6 default kod nomodify notrap nopeer noquery   # Permit all access over the loopback interface.  This could # be tightened as well, but to do so would effect some of # the administrative functions. restrict 127.127.1.0 restrict 127.0.0.1 restrict -6 ::1   restrict 172.16.7.0 mask 255.255.255.0 nomodify notrap   # Hosts on local network are less restricted. #restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap   # Use public servers from the pool.ntp.org project. # Please consider joining the pool (http://www.pool.ntp.org/join.html). #server 0.centos.pool.ntp.org #server 1.centos.pool.ntp.org #server 2.centos.pool.ntp.org   #broadcast 192.168.1.255 autokey         # broadcast server #broadcastclient                         # broadcast client #broadcast 224.0.1.1 autokey             # multicast server #multicastclient 224.0.1.1               # multicast client #manycastserver 239.255.254.254                    # manycast server #manycastclient 239.255.254.254 autokey # manycast client   # Undisciplined Local Clock. This is a fake driver intended for backup # and when no outside source of synchronized time is available. server    127.127.1.0         # local clock fudge     127.127.1.0 stratum 10           # Enable public key cryptography. #crypto   includefile /etc/ntp/crypto/pw   # Key file containing the keys and key identifiers used when operating # with symmetric key cryptography. keys /etc/ntp/keys   # Specify the key identifiers which are trusted. #trustedkey 4 8 42   # Specify the key identifier to use with the ntpdc utility. #requestkey 8   # Specify the key identifier to use with the ntpq utility. #controlkey 8   # Enable writing of statistics records. #statistics clockstats cryptostats loopstats peerstats

输入命令# service ntpd start

2.1.4.   客户端设置

1、手动执行同步

Ntpdate 172.16.5.250

2、定时NTP方式同步

# vi /etc/ntp.conf

修改红色部分

# For more information about this file, see the man pages # ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).   driftfile /var/lib/ntp/drift   # Permit time synchronization with our time source, but do not # permit the source to query or modify the service on this system. restrict default kod nomodify notrap nopeer noquery restrict -6 default kod nomodify notrap nopeer noquery   # Permit all access over the loopback interface.  This could # be tightened as well, but to do so would effect some of # the administrative functions. restrict 127.0.0.1 restrict -6 ::1   # Hosts on local network are less restricted. restrict 172.16.5.0 mask 255.255.255.0 nomodify notrap  #172.16.5.0为NTP服务器网段   # Use public servers from the pool.ntp.org project. # Please consider joining the pool (http://www.pool.ntp.org/join.html). server 172.16.5.250 prefer #NTP Server IP   #broadcast 192.168.1.255 autokey        # broadcast server #broadcastclient                        # broadcast client #broadcast 224.0.1.1 autokey            # multicast server #multicastclient 224.0.1.1              # multicast client #manycastserver 239.255.254.254         # manycast server #manycastclient 239.255.254.254 autokey # manycast client   # Undisciplined Local Clock. This is a fake driver intended for backup # and when no outside source of synchronized time is available. #server 127.127.1.0     # local clock #fudge  127.127.1.0 stratum 10   # Enable public key cryptography. #crypto   includefile /etc/ntp/crypto/pw   # Key file containing the keys and key identifiers used when operating # with symmetric key cryptography. keys /etc/ntp/keys   # Specify the key identifiers which are trusted. #trustedkey 4 8 42

加入到自动启动列表

# chkconfig --level 2345 ntpd on

# service ntpd start

# ntpstat    #查看运行状态

3、定时器任务同步

每天的23:00执行

vi /etc/crontab

0 23 * * * /usr/sbin/ntpdate 172.16.5.250> /dev/null 2>&1

编辑完保存一下，然后重启crond即可

/etc/init.d/crond restart

转载于:https://my.oschina.net/ahanflw/blog/286210