Linux运维23：时间同步配置

YoungerChina

已于 2022-10-06 21:12:45 修改

阅读量1.8k

点赞数

分类专栏： Linux运维入门教程文章标签：时间同步

于 2017-06-23 21:31:18 首次发布

本文链接：https://blog.csdn.net/younger_china/article/details/73656331

版权

Linux运维入门教程专栏收录该内容

29 篇文章 57 订阅

订阅专栏

系列专题：Linux运维入门教程

1 需求

三个节点node0, node1 node2；

节点node0作为时间服务器，node1与node2实现与节点node0的时间同步

2 方案

在各个节点安装软件包

yum install ntp ntpdate -y

2.1 Node0配置时间服务器

节点node0修改文件/etc/ntp.conf,内容如下：

# Formore information about this file, see the man pages
#ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
 
driftfile /var/lib/ntp/drift
 
# Permittime synchronization with our time source, but do not
# permitthe source to query or modify the service on this system.
#restrictdefault nomodify notrap nopeer noquery
restrict default nomodify notrap nopeer
 
# Permitall access over the loopback interface. This could
# betightened as well, but to do so would effect some of
# theadministrative functions.
restrict 127.0.0.1
restrict ::1
 
# Hostson local network are less restricted.
#restrict192.168.1.0 mask 255.255.255.0 nomodify notrap
 
# Usepublic servers from the pool.ntp.org project.
# Pleaseconsider joining the pool (http://www.pool.ntp.org/join.html).
#server0.centos.pool.ntp.org iburst
#server1.centos.pool.ntp.org iburst
#server2.centos.pool.ntp.org iburst
#server3.centos.pool.ntp.org iburst
 
#broadcast192.168.1.255 autokey    # broadcastserver
#broadcastclient            #broadcast client
#broadcast224.0.1.1 autokey        # multicastserver
#multicastclient224.0.1.1      # multicast client
#manycastserver239.255.254.254     # manycast server
#manycastclient239.255.254.254 autokey # manycast client
 
# Enablepublic key cryptography.
#crypto
 
includefile /etc/ntp/crypto/pw
 
# Keyfile containing the keys and key identifiers used when operating
# withsymmetric key cryptography.
keys /etc/ntp/keys
 
#Specify the key identifiers which are trusted.
#trustedkey 4 8 42
 
#Specify the key identifier to use with the ntpdc utility.
#requestkey8
 
#Specify the key identifier to use with the ntpq utility.
#controlkey8
 
# Enablewriting of statistics records.
#statisticsclockstats cryptostats loopstats peerstats
 
#Disable the monitoring facility to prevent amplification attacks using ntpdc
#monlist command when default restrict does not include the noquery flag. See
#CVE-2013-5211 for more details.
# Note:Monitoring will not be disabled with the limited restriction flag.
disable monitor
 
fudge 127.127.1.0 stratum 8
server 127.127.1.0

启动服务：

[root@node0cluster]# systemctl start ntpd
[root@node0cluster]# systemctl enable ntpd
Createdsymlink from /etc/systemd/system/multi-user.target.wants/ntpd.service to /usr/lib/systemd/system/ntpd.service.
[root@node0cluster]#

2.2 客户端配置时间同步方案crond

cron有两个配置文件，一个是一个全局配置文件（/etc/crontab），是针对系统任务的；一组是crontab命令生成的配置文件（/var/spool/cron下的文件），是针对某个用户的.定时任务配置到任意一个中都可以。

[root@node1 ceph]# echo  "*/30 * * * * /usr/sbin/ntpdate 192.168.192.90">/var/spool/cron/root
[root@node1 ceph]# cat /var/spool/cron/root
*/30 * * * * /usr/sbin/ntpdate 192.168.192.90
[root@node1 ceph]# systemctl restart crond.service