Linux下NTP服务器配置

时间:2023-02-06 13:59:15

(Linux下NTP服务器配置)

一、环境配置

1.NTP服务器

NTP服务器版本:Red Hat Enterprise Linux release 8.0 (Ootpa)
NTP服务器IP:192.168.8.11/24
NTP服务器hostname:node1

2.业务服务器

NTP服务器版本:Red Hat Enterprise Linux release 8.0 (Ootpa)
NTP服务器IP:192.168.8.12/24
NTP服务器hostname:node2

二、NTP服务器配置

1.查看chrony服务状态

[root@node1 ~]# systemctl status chronyd
● chronyd.service - NTP client/server
   Loaded: loaded (/usr/lib/systemd/system/chronyd.service; disabled; vendor preset: enabled)
   Active: inactive (dead)
     Docs: man:chronyd(8)
           man:chrony.conf(5)
[root@node1 ~]# 

2.启动chrony服务

[root@node1 ~]# systemctl enable --now chronyd
Created symlink /etc/systemd/system/multi-user.target.wants/chronyd.service → /usr/lib/systemd/system/chronyd.service.

3.关闭防火墙和selinux

[root@node1 ~]# systemctl status firewalld.service 
● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
   Active: inactive (dead)
     Docs: man:firewalld(1)
[root@node1 ~]# sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
[root@node1 ~]# setenforce 0
setenforce: SELinux is disabled
[root@node1 ~]# getenforce 
Disabled
[root@node1 ~]# 

4.配置NTP服务文件

[root@node1 ~]# vim /etc/chrony.conf 
[root@node1 ~]# cat /etc/chrony.conf |grep -Ei '(allow|local)'
# Allow the system clock to be stepped in the first three updates
# Allow NTP client access from local network.
#allow 192.168.0.0/16
allow 192.168.8.0/24
local stratum 10
[root@node1 ~]# 

5.重启服务

[root@node1 ~]# systemctl restart chronyd
[root@node1 ~]# 

三、业务服务器配置

1.开启chrony服务

[root@node2 ~]# systemctl enable --now chronyd
Created symlink /etc/systemd/system/multi-user.target.wants/chronyd.service → /usr/lib/systemd/system/chronyd.service.
[root@node2 ~]# 

2.配置chrony服务文件

[root@node2 ~]# vim /etc/chrony.conf 
[root@node2 ~]# cat /etc/chrony.conf |grep pool
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
pool 192.168.8.11 iburst
[root@node2 ~]# 

3.重启服务

[root@node2 ~]# systemctl restart chronyd
[root@node2 ~]# 

四、测试业务服务器时间状态

1.查看时间同步状态

[root@node2 ~]# chronyc sources
210 Number of sources = 1
MS Name/IP address         Stratum Poll Reach LastRx Last sample               
===============================================================================
^? 192.168.8.12                  0   7     0     -     +0ns[   +0ns] +/-    0ns
[root@node2 ~]# 

2.立即时间同步

[root@node2 ~]# chronyc sources
210 Number of sources = 1
MS Name/IP address         Stratum Poll Reach LastRx Last sample               
===============================================================================
^* 192.168.8.11                 10   6    17     2   +249ns[ +141us] +/-  100us
[root@node2 ~]# chronyc sources -v
210 Number of sources = 1

  .-- Source mode  '^' = server, '=' = peer, '#' = local clock.
 / .- Source state '*' = current synced, '+' = combined , '-' = not combined,
| /   '?' = unreachable, 'x' = time may be in error, '~' = time too variable.
||                                                 .- xxxx [ yyyy ] +/- zzzz
||      Reachability register (octal) -.           |  xxxx = adjusted offset,
||      Log2(Polling interval) --.      |          |  yyyy = measured offset,
||                                \     |          |  zzzz = estimated error.
||                                 |    |           \
MS Name/IP address         Stratum Poll Reach LastRx Last sample               
===============================================================================
^* 192.168.8.11                 10   6    17     8   +249ns[ +141us] +/- 1103us
[root@node2 ~]#