Linux 时间同步服务 详解
1、时间同步服务介绍
NTP 和 Chrony 都是时间同步服务,但 NTP 因程序缺陷,在同步时间时会有时间空白,使用 Chrony 服务时,能精巧实现时间同步。
一般会设置 Chrony 为时间同步服务器,客户端可使用 Chrony 和 NTP 进行时间同步。
2、Chrony
2.1 介绍
chrony is a versatile implementation of the Network Time Protocol (NTP). It can synchronize the system clock with NTP servers, reference clocks (e.g. GPS receiver), and manual input using wristwatch and keyboard. It can also operate as an NTPv4 (RFC 5905) server and peer to provide a time service to other computers in the network.
[root@Tang-Neo ~]# yum info chrony
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.huaweicloud.com
* extras: mirror.jdcloud.com
* updates: mirror.jdcloud.com
Installed Packages
Name : chrony
Arch : x86_64
Version : 3.4
Release : 1.el7
Size : 491 k
Repo : installed
From repo : base
Summary : An NTP client/server
URL : https://chrony.tuxfamily.org
License : GPLv2
Description : A client/server for the Network Time Protocol, this program keeps your
: computer's clock accurate. It was specially designed to support
: systems with intermittent internet connections, but it also works well
: in permanently connected environments. It can use also hardware reference
: clocks, system real-time clock or manual input as time references.
[root@Tang-Neo ~]# rpm -ql chrony
/etc/NetworkManager/dispatcher.d/20-chrony
/etc/chrony.conf
... ...
/var/log/chrony
2.2 程序环境
- 配置文件:/etc/chrony.conf
- 主程序文件:chronyd
- 工具程序:chronyc
- unit file: chronyd.service
2.3 配置文件(/etc/chrony.conf)
关键参数含义:
server # 指明时间服务器地址
allow NETADD/NETMASK
allow all # 允许所有客户端主机
deny NETADDR/NETMASK
deny all # 拒绝所有客户端
bindcmdaddress # 命令管理接口监听的地址,一般为了安全,只设置为环回地址
local stratum 10 # 即使自己未能通过网络时间服务器同步到时间,也允许将本地时间作为标准时间授时给其它客户端
2.4 程序安装及启动
[root@neo ~]# yum install chrony -y # 程序安装
[root@neo ~]# systemctl stop chronyd.service # 停止程序
[root@neo ~]# systemctl start chronyd.service # 启动程序
[root@neo ~]# systemctl restart chronyd.service # 重启程序
[root@neo ~]# systemctl status chronyd.service # 状态查看
● chronyd.service - NTP client/server
Loaded: loaded (/usr/lib/systemd/system/chronyd.service; enabled; vendor preset: enabled)
Active: active (running) since Sun 2019-09-22 09:32:07 EDT; 11s ago
Docs: man:chronyd(8)
man:chrony.conf(5)
Process: 13140 ExecStartPost=/usr/libexec/chrony-helper update-daemon (code=exited, status=0/SUCCESS)
Process: 13137 ExecStart=/usr/sbin/chronyd $OPTIONS (code=exited, status=0/SUCCESS)
Main PID: 13139 (chronyd)
CGroup: /system.slice/chronyd.service
└─13139 /usr/sbin/chronyd
Sep 22 09:32:07 neo systemd[1]: Starting NTP client/server...
Sep 22 09:32:07 neo chronyd[13139]: chronyd version 3.4 starting (+CMDMON +NTP +REFCLOCK +...UG)
Sep 22 09:32:07 neo chronyd[13139]: Frequency -48.864 +/- 0.832 ppm read from /var/lib/chr...ift
Sep 22 09:32:07 neo systemd[1]: Started NTP client/server.
Sep 22 09:32:11 neo chronyd[13139]: Selected source 192.168.1.9
Hint: Some lines were ellipsized, use -l to show in full.
2.4 Chrony 交互式命令查看
[root@Tang-Neo ~]# chronyc # 进入交互模式
chrony version 3.4
Copyright (C) 1997-2003, 2007, 2009-2018 Richard P. Curnow and others
chrony comes with ABSOLUTELY NO WARRANTY. This is free software, and
you are welcome to redistribute it under certain conditions. See the
GNU General Public License version 2 for details.
chronyc> help # 查看命令帮助
chronyc> sources # 查看时间同步服务器
210 Number of sources = 4
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^+ undefined.hostname.local> 2 7 77 50 +31ms[ +31ms] +/- 146ms
^* sv1.ggsrv.de 2 7 237 117 -11ms[ -11ms] +/- 98ms
^+ ntp7.flashdance.cx 2 7 327 119 -6561us[-6588us] +/- 125ms
^+ ns.rail.eu.org 2 7 365 53