因我是centos6 centos7同理,仅仅启动关闭服务命令不一样而已。
规划:
172.29.251.159 时间同步服务端,局域网内以此服务器为时间源
其他同网段机器作为客户端,向172.29.251.159发起同步请求
镜像源头:https://www.cnblogs.com/haizhisha/p/12698140.html
在所有机器上安装ntp
yum -y install ntp所有机器上设置开机启动
chkconfig ntpd on所有机器上开启服务
service ntpd start172.29.251.159 上配置
删除/etc/ntp.conf所有内容
echo > /etc/ntp.conf增加文本
vi /etc/ntp.conf修改成以下内容
# For more information about this file, see the man pages
# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
#记录system clock的误差值开机时不会丢失
driftfile /var/lib/ntp/drift
# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
#默认拒绝所有来源的任何访问
restrict default nomodify notrap nopeer noquery
# Permit all access over the loopback interface. This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
#允许本机地址一切操作
restrict 127.0.0.1
restrict ::1
# Hosts on local network are less restricted.
#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap#restrict 对ntp做权限控制 ignore:忽略所有类型的NTP连接请求 nomodify:限制客户端不能使用命令ntpc和ntpq来修改服务器端的时间#noquery:不提供NTP网络校时服务 notrap:不接受远程登录请求 notrust:不接受没有经过认证的客户端的请求
#允许局域网172.29.251网段内所有client连接到这台服务器同步时间.但是拒绝让他们修改服务器上的时间和远程登录
restrict 172.29.251 mask 255.255.255.0 nomodify notrap
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
#server 0.centos.pool.ntp.org iburst
#server 1.centos.pool.ntp.org iburst
#server 2.centos.pool.ntp.org iburst
#server 3.centos.pool.ntp.org iburst
#指定ntp服务器的地址
#将当前主机作为时间服务器
server 127.127.1.0
#时间服务器层级0-15 0表示顶级 10通常用于给局域网主机提供时间服务
fudge 127.127.1.0 stratum 10
#broadcast 192.168.1.255 autokey # broadcast server
#broadcastclient # broadcast client
#broadcast 224.0.1.1 autokey # multicast server
#multicastclient 224.0.1.1 # multicast client
#manycastserver 239.255.254.254 # manycast server
#manycastclient 239.255.254.254 autokey # manycast client
# Enable public key cryptography.
#crypto
includefile /etc/ntp/crypto/pw
# Key file containing the keys and key identifiers used when operating
# with symmetric key cryptography.
keys /etc/ntp/keys
# Specify the key identifiers which are trusted.
#trustedkey 4 8 42
# Specify the key identifier to use with the ntpdc utility.
#requestkey 8
# Specify the key identifier to use with the ntpq utility.
#controlkey 8
# Enable writing of statistics records.
#statistics clockstats cryptostats loopstats peerstats
# Disable the monitoring facility to prevent amplification attacks using ntpdc
# monlist command when default restrict does not include the noquery flag. See
# CVE-2013-5211 for more details.
# Note: Monitoring will not be disabled with the limited restriction flag.
disable monitor重启server端
service ntpd restart查看状态
[root@master ~]# ntpstat
synchronised to local net (127.127.1.0) at stratum 11
time correct to within 7948 ms
polling server every 64 s
[root@master ~]# 设置 client端
删除/etc/ntp.conf所有内容
echo > /etc/ntp.conf
vi /etc/ntp.conf# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
#server 0.centos.pool.ntp.org iburst
#server 1.centos.pool.ntp.org iburst
#server 2.centos.pool.ntp.org iburst
#server 3.centos.pool.ntp.org iburst#client端仅仅加入server端IP
server 时间服务ip
#比如:我的
#server 172.29.251.159重启client端
service ntpd restart检查网络中的NTP服务器
[root@node1 ~]# ntpq -p
remote refid st t when poll reach delay offset jitter
==============================================================================
*master LOCAL(0) 11 u 43 64 37 0.223 -134.33 92.058
[root@node1 ~]#
以crontab任务计划同步时间(需安装ntpdate,每天24点更新同步时间):
# crontab -e
0 0 * * * /usr/sbin/sntp -P no -r 172.29.251.159;hwclock -w*表示目前使用的NTP Server,这里选择的本机;
st:即stratum阶层,值越小表示ntp serve的精准度越高;
when:单位秒,几秒前曾做过时间同步更新的操作;
poll表示,每隔多少毫秒与ntp server同步一次;
reach:已经向上层NTP服务器要求更新的次数;
delay:网络传输过程钟延迟的时间;
offset:时间补偿的结果;
jitter:Linux系统时间与BIOS硬件时间的差异时间
遇到的问题:
[Errno 14] PYCURL ERROR 22 阿里yum源安装,centos 6已停止维护
参考文献;
https://www.cnblogs.com/hdfserror01/p/13769883.html
扫一扫
1043
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
