Linux用户对于时间同步,基本上是使用ntpdate和ntpd这两个工具实现的,但是这两个工具已经很古老了,在某些情况下,例如,你的服务器经常开关机,或者很少,偶尔才能连接外部网络,最典型的比如在隔绝的内网中,没有相应时间同步的硬件,ntpd支持就不是很好了。
chrony是redhat开发的,它是网络时间协议的 (NTP) 的另一种实现。centos7/rhel7默认的时间同步工具,在centos6.8之后,老的centos和rhel6系列也添加上了这个工具。Chrony可以同时做为ntp服务的客户端和服务端。默认安装完后有两个程序chronyd和chronyc 。chronyd是一个在系统后台运行的守护进程,chronyc是用来监控chronyd性能和配置其参数程序。
服务端的配置如下:
server 0.centos.pool.ntp.org iburst server 1.centos.pool.ntp.org iburst server 2.centos.pool.ntp.org iburst server 3.centos.pool.ntp.org iburst stratumweight 0 driftfile /var/lib/chrony/drift rtcsync makestep 10 3 allow 192.168/16 smoothtime 400 0.01 bindcmdaddress 127.0.0.1 bindcmdaddress ::1 local stratum 8 manual keyfile /etc/chrony.keys initstepslew 10 client1 client3 client6 commandkey 1 generatecommandkey noclientlog logchange 0.5 logdir /var/log/chrony
192.168是允许连接到服务器的子网的网段。
防火墙开通端口
firewall-cmd --permanent --add-service=ntp firewall-cmd --reload
客户端设置如下:
server pdc.adagene.cn iburst stratumweight 0 driftfile /var/lib/chrony/drift rtcsync makestep 10 3 allow 192.168.49.196 bindcmdaddress 127.0.0.1 bindcmdaddress ::1 local stratum 10 initstepslew 20 pdc.adagene.cn keyfile /etc/chrony.keys commandkey 24 generatecommandkey noclientlog logchange 0.5 logdir /var/log/chrony log measurements statistics tracking
需要注意的是,我们这里的pdc.adagene.cn是有内网解析的刚才master的的主机名。allow后面的ip地址为master主机的ip地址。
启用chronyd服务即可同步:
systemctl start chronyd.service
或者没有启动服务,手动同步(类似ntpdate命令):
chronyd -q 'server pdc.adagene.cn iburst'
附几条客户端查询常用的命令:
查看源服务器状态chronyc sourcestats
[root@template ~]# chronyc sourcestats 210 Number of sources = 1 Name/IP Address NP NR Span Frequency Freq Skew Offset Std Dev ============================================================================== 192.168.49.196 4 3 6 +3.856 284.293 +214us 29us
查看详细同步状态chronyc sources -v
[root@template ~]# chronyc sources -v 210 Number of sources = 1 .-- Source mode '^' = server, '=' = peer, '#' = local clock. / .- Source state '*' = current synced, '+' = combined , '-' = not combined, | / '?' = unreachable, 'x' = time may be in error, '~' = time too variable. || .- xxxx [ yyyy ] +/- zzzz || Reachability register (octal) -. | xxxx = adjusted offset, || Log2(Polling interval) --. | | yyyy = measured offset, || \ | | zzzz = estimated error. || | | \ MS Name/IP address Stratum Poll Reach LastRx Last sample =============================================================================== ^* 192.168.49.196 3 6 17 35 +7984ns[ +25us] +/- 23ms
追踪同步情况chronyc tracking
[root@template ~]# chronyc tracking Reference ID : 192.168.49.196 (192.168.49.196) Stratum : 4 Ref time (UTC) : Mon Aug 22 06:58:59 2016 System time : 0.000012924 seconds fast of NTP time Last offset : +0.000033437 seconds RMS offset : 0.000071534 seconds Frequency : 34.016 ppm slow Residual freq : +0.049 ppm Skew : 1.057 ppm Root delay : 0.039409 seconds Root dispersion : 0.002063 seconds Update interval : 64.2 seconds Leap status : Normal
内网搭建chrony时间同步服务器步骤