(Linux下NTP服务器配置)
一、环境配置
1.NTP服务器
NTP服务器版本:Red Hat Enterprise Linux release 8.0 (Ootpa)
NTP服务器IP:192.168.8.11/24
NTP服务器hostname:node1
2.业务服务器
NTP服务器版本:Red Hat Enterprise Linux release 8.0 (Ootpa)
NTP服务器IP:192.168.8.12/24
NTP服务器hostname:node2
二、NTP服务器配置
1.查看chrony服务状态
[root@node1 ~]# systemctl status chronyd
● chronyd.service - NTP client/server
Loaded: loaded (/usr/lib/systemd/system/chronyd.service; disabled; vendor preset: enabled)
Active: inactive (dead)
Docs: man:chronyd(8)
man:chrony.conf(5)
[root@node1 ~]#
2.启动chrony服务
[root@node1 ~]# systemctl enable --now chronyd
Created symlink /etc/systemd/system/multi-user.target.wants/chronyd.service → /usr/lib/systemd/system/chronyd.service.
3.关闭防火墙和selinux
[root@node1 ~]# systemctl status firewalld.service
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
Active: inactive (dead)
Docs: man:firewalld(1)
[root@node1 ~]# sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
[root@node1 ~]# setenforce 0
setenforce: SELinux is disabled
[root@node1 ~]# getenforce
Disabled
[root@node1 ~]#
4.配置NTP服务文件
[root@node1 ~]# vim /etc/chrony.conf
[root@node1 ~]# cat /etc/chrony.conf |grep -Ei '(allow|local)'
# Allow the system clock to be stepped in the first three updates
# Allow NTP client access from local network.
#allow 192.168.0.0/16
allow 192.168.8.0/24
local stratum 10
[root@node1 ~]#
5.重启服务
[root@node1 ~]# systemctl restart chronyd
[root@node1 ~]#
三、业务服务器配置
1.开启chrony服务
[root@node2 ~]# systemctl enable --now chronyd
Created symlink /etc/systemd/system/multi-user.target.wants/chronyd.service → /usr/lib/systemd/system/chronyd.service.
[root@node2 ~]#
2.配置chrony服务文件
[root@node2 ~]# vim /etc/chrony.conf
[root@node2 ~]# cat /etc/chrony.conf |grep pool
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
pool 192.168.8.11 iburst
[root@node2 ~]#
3.重启服务
[root@node2 ~]# systemctl restart chronyd
[root@node2 ~]#
四、测试业务服务器时间状态
1.查看时间同步状态
[root@node2 ~]# chronyc sources
210 Number of sources = 1
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^? 192.168.8.12 0 7 0 - +0ns[ +0ns] +/- 0ns
[root@node2 ~]#
2.立即时间同步
[root@node2 ~]# chronyc sources
210 Number of sources = 1
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* 192.168.8.11 10 6 17 2 +249ns[ +141us] +/- 100us
[root@node2 ~]# chronyc sources -v
210 Number of sources = 1
.-- Source mode '^' = server, '=' = peer, '#' = local clock.
/ .- Source state '*' = current synced, '+' = combined , '-' = not combined,
| / '?' = unreachable, 'x' = time may be in error, '~' = time too variable.
|| .- xxxx [ yyyy ] +/- zzzz
|| Reachability register (octal) -. | xxxx = adjusted offset,
|| Log2(Polling interval) --. | | yyyy = measured offset,
|| \ | | zzzz = estimated error.
|| | | \
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* 192.168.8.11 10 6 17 8 +249ns[ +141us] +/- 1103us
[root@node2 ~]#