【Linux使用】Centos 7设置时区与时钟(chrony / ntp /systemd)

阅读量：2043 次

发布时间：2019-04-28

本文共 14004 字，大约阅读时间需要 46 分钟。

文章目录

实录系统信息

[tony@tony-controller ~]$ cat /etc/redhat-releaseCentOS Linux release 7.6.1810 (Core)[tony@tony-controller ~]$ uname -aLinux tony-controller 3.10.0-957.10.1.el7.x86_64 #1 SMP Mon Mar 18 15:06:45 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux

在Windows 10上启用NTP授时服务

由于在实验室网络中，只能通过代理服务器访问外网，Linux机器的NTP客户端无法直接访问外网的NTP服务器。不知道如何配置NTP才能使用代理服务器访问外网。

实验室内部有一台可以访问外网的Windows 10机器，该机器时钟定期刷新，时间准确，故在Windows10上启用NTP授时服务。其他的Linux机器均配置为从这台Windows 10 NTP服务器上获取准确时间。

启用Windows 10 NTP服务

以Administrator身份运行cmd命令。

在命令行窗口中运行以下3条命令

# 在注册表中，将NtpServer选项启用 (设置为1)C:\WINDOWS\system32>reg add HKLM\system\CurrentControlSet\Services\W32Time\TimeProviders\NtpServer /v Enabled /t REG_DWORD /d 0x1 /fThe operation completed successfully.# 更新配置C:\WINDOWS\system32>w32tm /config /updateThe command completed successfully.# 查询配置更新完成，参看最后NtpServer (Local)一段C:\WINDOWS\system32>w32tm /query /configuration[Configuration]EventLogFlags: 2 (Local)...UpdateInterval: 30000 (Local)[TimeProviders]NtpClient (Local)...NtpServer: xxx.xxx.com (Local)NtpServer (Local)DllName: C:\WINDOWS\system32\w32time.dll (Local)Enabled: 1 (Local)InputProvider: 0 (Local)AllowNonstandardModeCombinations: 1 (Local)

验证NTP服务已经运行

# 在Windows下，以Administrator身份运行netstat -ab命令，# 可以看到Windows当前正在侦听NTP的123端口，NTP服务正在运行。C:\WINDOWS\system32>netstat -abActive Connections  Proto  Local Address          Foreign Address        State  UDP    0.0.0.0:123            *:*                      W32Time

注：如果客户端无法访问NTP服务，通常需要检查Windows的防火墙或者客户端的防火墙。

时区设置

查看时区

第一种方法

[tony@tony-controller ~]$ ls -l /etc/localtimelrwxrwxrwx. 1 root root 38 Apr 10 01:06 /etc/localtime.origin -> ../usr/share/zoneinfo/America/New_York

第二种方法 (timedatectl命令)

# timedatectl命令在systemd包里[tony@tony-controller ~]$ timedatectl      Local time: Wed 2019-04-10 21:07:13 CST  Universal time: Wed 2019-04-10 13:07:13 UTC        RTC time: Wed 2019-04-10 13:07:13       Time zone: Asia/Shanghai (CST, +0800)     NTP enabled: yesNTP synchronized: no RTC in local TZ: no      DST active: n/a

列举可用的时区

直接查找目录

# 中国常用的时区[tony@tony-controller ~]$ ls /usr/share/zoneinfo/Asia/Shanghai/usr/share/zoneinfo/Asia/Shanghai# 在Africa, America, ... Asia, ...等目录下还有更多的时区[tony@tony-controller ~]$ ls -F /usr/share/zoneinfo/Africa/      Cuba     GMT-0        Kwajalein    Portugal    UniversalAmerica/     EET      GMT+0        leapseconds  posix/      US/Antarctica/  Egypt    Greenwich    Libya        posixrules  UTCArctic/      Eire     Hongkong     MET          PRC         WETAsia/        EST      HST          Mexico/      PST8PDT     W-SUAtlantic/    EST5EDT  Iceland      MST          right/      zone1970.tabAustralia/   Etc/     Indian/      MST7MDT      ROC         zone.tabBrazil/      Europe/  Iran         Navajo       ROK         ZuluCanada/      GB       iso3166.tab  NZ           SingaporeCET          GB-Eire  Israel       NZ-CHAT      TurkeyChile/       GMT      Jamaica      Pacific/     tzdata.ziCST6CDT      GMT0     Japan        Poland       UCT

第二种方法（timedatectl命令）

# timedatectl也可以列出所有可用的时区[tony@tony-controller ~]$ timedatectl list-timezones | grep AsiaAsia/Aden...Asia/Ho_Chi_MinhAsia/Hong_Kong...Asia/ShanghaiAsia/Singapore...Asia/Yerevan

设置时区

第一种方法

# 创建到Asia/Shanghai的链接，将时区设置为Shanghai。[tony@tony-controller ~]$ sudo ln -s /usr/share/zoneinfo/Asia/Shanghai /etc/localtime# 检查时区已经修改[tony@tony-controller ~]$ ls -l /etc/localtimelrwxrwxrwx. 1 root root 33 Apr 10 20:55 /etc/localtime -> /usr/share/zoneinfo/Asia/Shanghai# 时区已经修改，但是时间尚未同步，依然不是正确的中国时间。[tony@tony-controller ~]$ timedatectl      Local time: Wed 2019-04-10 21:00:58 CST  Universal time: Wed 2019-04-10 13:00:58 UTC        RTC time: Wed 2019-04-10 13:00:58       Time zone: Asia/Shanghai (CST, +0800)     NTP enabled: yesNTP synchronized: no RTC in local TZ: no      DST active: n/a

设置chrony时间同步机制

chrony简介

从CentOS 7开始，chrony包代替了原先的ntp包，成为CentOS网络时间同步协议的默认服务。chrony同时是NTP协议的客户端与服务器端，既可以从NTP服务器获取时间，也可以为其他客户端授时。chrony特别被设计为支持不能实时访问因特网的系统，可以提供更加精确与快速的时钟服务。

注：关于chrony与ntp的比较，可以。

chrony的配置文件是/etc/chrony.conf，主要的可执行文件包括/usr/bin/chronyc （客户端）与/usr/sbin/chronyd （服务器守护进程）。

设置chrony配置文件

在/etc/chrony.conf文件中添加新的一个server行，同时注释掉其他的默认的server行。

server windows10.localhost iburst# server 0.centos.pool.ntp.org iburst# server 1.centos.pool.ntp.org iburst# server 2.centos.pool.ntp.org iburst# server 3.centos.pool.ntp.org iburst

重启chrony服务

# 重启服务[tony@tony-dev ~]$ sudo systemctl restart chronyd.service# 查看服务状态[tony@tony-dev ~]$ sudo systemctl status chronyd.service● chronyd.service - NTP client/server   Loaded: loaded (/usr/lib/systemd/system/chronyd.service; enabled; vendor preset: enabled)   Active: active (running) since Thu 2019-04-11 14:33:33 CST; 12s ago     Docs: man:chronyd(8)           man:chrony.conf(5)  Process: 7149 ExecStartPost=/usr/libexec/chrony-helper update-daemon (code=exited, status=0/SUCCESS)  Process: 7135 ExecStart=/usr/sbin/chronyd $OPTIONS (code=exited, status=0/SUCCESS) Main PID: 7146 (chronyd)    Tasks: 1   CGroup: /system.slice/chronyd.service           └─7146 /usr/sbin/chronydApr 11 14:33:33 tony-dev systemd[1]: Starting NTP client/server...Apr 11 14:33:33 tony-dev chronyd[7146]: chronyd version 3.2 starting (+CMDMO...)Apr 11 14:33:33 tony-dev chronyd[7146]: Frequency 0.000 +/- 1000000.000 ppm ...tApr 11 14:33:33 tony-dev systemd[1]: Started NTP client/server.Apr 11 14:33:37 tony-dev chronyd[7146]: Selected source 10.238.130.174Hint: Some lines were ellipsized, use -l to show in full.

检查chrony的同步统计

以下命令行输出的详细解释可以

[tony@tony-dev ~]$ chronyc tracking

Reference ID : 0AEE82AE (Windows10.localhost)
Stratum : 7
Ref time (UTC) : Thu Apr 11 06:36:52 2019
System time : 0.000113410 seconds slow of NTP time
Last offset : -0.000429817 seconds
RMS offset : 0.000825199 seconds
Frequency : 7.342 ppm fast
Residual freq : -0.219 ppm
Skew : 11.138 ppm
Root delay : 0.200305298 seconds
Root dispersion : 0.373195589 seconds
Update interval : 64.5 seconds
Leap status : Normal

[tony@tony-dev ~]$ chronyc sources

210 Number of sources = 1
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* Windows10.localhost> 6 6 377 5 +196us[ +391us] +/- 368ms

[tony@tony-dev ~]$ chronyc sourcestats

210 Number of sources = 1
Name/IP Address NP NR Span Frequency Freq Skew Offset Std Dev
==============================================================================
Windows10.localhost> 8 6 264 +0.070 6.364 +1991ns 268us

实录chrony设置

# 按照前节修改配置文件[tony@tony-compute1 ~]$ sudo vim /etc/chrony.conf

server windows10.localhost iburst# server 0.centos.pool.ntp.org iburst# server 1.centos.pool.ntp.org iburst# server 2.centos.pool.ntp.org iburst# server 3.centos.pool.ntp.org iburst

# 没有重启chrony服务，所以时间尚未同步[tony@tony-compute1 ~]$ dateWed Apr 10 13:06:03 EDT 2019# 重启chrony服务[tony@tony-compute1 ~]$ sudo systemctl restart chronyd.service# 已经从NTP服务器获取了新时间；oops，时区设置错误[tony@tony-compute1 ~]$ dateThu Apr 11 02:48:06 EDT 2019# 设置正确的时区[tony@tony-compute1 ~]$ sudo timedatectl set-timezone Asia/Shanghai# 时间显示正确，CST表示：中国标准时间[tony@tony-compute1 ~]$ dateThu Apr 11 14:49:03 CST 2019

设置NTP访问

NTP包在Cent OS7中已经过时了，配置方式放在这里备考。

安装ntp包

[tony@tony-controller ~]$ sudo yum install -y ntp

启用并启动ntpd服务

# 检查ntpd服务，发现未启动[tony@tony-controller ~]$ systemctl status ntpd● ntpd.service - Network Time Service   Loaded: loaded (/usr/lib/systemd/system/ntpd.service; disabled; vendor preset: disabled)   Active: inactive (dead)   # 启用ntpd服务[tony@tony-controller ~]$ sudo systemctl enable ntpdCreated symlink from /etc/systemd/system/multi-user.target.wants/ntpd.service to /usr/lib/systemd/system/ntpd.service.# 启动ntpd服务[tony@tony-controller ~]$ sudo systemctl start ntpd# 检查ntpd服务，已经启动[tony@tony-controller ~]$ sudo systemctl status ntpd● ntpd.service - Network Time Service   Loaded: loaded (/usr/lib/systemd/system/ntpd.service; enabled; vendor preset: disabled)   Active: active (running) since Wed 2019-04-10 21:27:00 CST; 4s ago  Process: 10480 ExecStart=/usr/sbin/ntpd -u ntp:ntp $OPTIONS (code=exited, status=0/SUCCESS) Main PID: 10481 (ntpd)   CGroup: /system.slice/ntpd.service           └─10481 /usr/sbin/ntpd -u ntp:ntp -gApr 10 21:27:00 tony-controller ntpd[10481]: Listen normally on 4 enp0s8 10....3Apr 10 21:27:00 tony-controller ntpd[10481]: Listen normally on 5 enp0s9 10....3Apr 10 21:27:00 tony-controller ntpd[10481]: Listen normally on 6 lo ::1 UDP 123Apr 10 21:27:00 tony-controller ntpd[10481]: Listen normally on 7 enp0s9 fe8...3Apr 10 21:27:00 tony-controller ntpd[10481]: Listen normally on 8 enp0s3 fe8...3Apr 10 21:27:00 tony-controller ntpd[10481]: Listen normally on 9 enp0s8 fe8...3Apr 10 21:27:00 tony-controller ntpd[10481]: Listening on routing socket on ...sApr 10 21:27:00 tony-controller ntpd[10481]: 0.0.0.0 c016 06 restartApr 10 21:27:00 tony-controller ntpd[10481]: 0.0.0.0 c012 02 freq_set kernel...MApr 10 21:27:00 tony-controller ntpd[10481]: 0.0.0.0 c011 01 freq_not_setHint: Some lines were ellipsized, use -l to show in full.

检查ntp相关的信息

[tony@tony-controller ~]$ sudo ntpstatunsynchronised  time server re-starting   polling server every 8 s[tony@tony-controller ~]$ sudo ntpq -p     remote           refid      st t when poll reach   delay   offset  jitter============================================================================== stratum2-1.ntp. .INIT.          16 u    -   64    0    0.000    0.000   0.000 ntp1.ams1.nl.le .INIT.          16 u    -   64    0    0.000    0.000   0.000 ntp-fi01.rserve .INIT.          16 u    -   64    0    0.000    0.000   0.000 pacific.latt.ne .INIT.          16 u    -   64    0    0.000    0.000   0.000

ntp配置文件

[tony@tony-controller ~]$ cat /etc/ntp.conf | grep -v -E '^$|^#'driftfile /var/lib/ntp/driftrestrict default nomodify notrap nopeer noqueryrestrict 127.0.0.1restrict ::1server 0.centos.pool.ntp.org iburstserver 1.centos.pool.ntp.org iburstserver 2.centos.pool.ntp.org iburstserver 3.centos.pool.ntp.org iburstincludefile /etc/ntp/crypto/pwkeys /etc/ntp/keysdisable monitor

参考文档

Chrony包的详细参考

[tony@tony-dev ~]$ sudo yum info chrony

Installed Packages
Name : chrony
Arch : x86_64
Version : 3.2
Release : 2.el7
Size : 476 k
Repo : installed
From repo : base
Summary : An NTP client/server
URL :
License : GPLv2
Description : A client/server for the Network Time Protocol, this program keeps
: your computer’s clock accurate. It was specially designed to
: support systems with intermittent internet connections, but it
: also works well in permanently connected environments. It can use
: also hardware reference clocks, system real-time clock or manual
: input as time references.

[tony@tony-dev ~]$ rpm -ql chrony

/etc/NetworkManager/dispatcher.d/20-chrony
/etc/chrony.conf
/etc/chrony.keys
/etc/dhcp/dhclient.d/chrony.sh
/etc/logrotate.d/chrony
/etc/sysconfig/chronyd
/usr/bin/chronyc
/usr/lib/systemd/ntp-units.d/50-chronyd.list
/usr/lib/systemd/system/chrony-dnssrv@.service
/usr/lib/systemd/system/chrony-dnssrv@.timer
/usr/lib/systemd/system/chrony-wait.service
/usr/lib/systemd/system/chronyd.service
/usr/libexec/chrony-helper
/usr/sbin/chronyd
/usr/share/doc/chrony-3.2
/usr/share/doc/chrony-3.2/COPYING
/usr/share/doc/chrony-3.2/FAQ
/usr/share/doc/chrony-3.2/NEWS
/usr/share/doc/chrony-3.2/README
/usr/share/man/man1/chronyc.1.gz
/usr/share/man/man5/chrony.conf.5.gz
/usr/share/man/man8/chronyd.8.gz
/var/lib/chrony
/var/lib/chrony/drift
/var/lib/chrony/rtc
/var/log/chrony

ntp包的详细参考

[tony@tony-controller ~]$ yum info ntp

Loaded plugins: fastestmirror
Determining fastest mirrors
Installed Packages
Name : ntp
Arch : x86_64
Version : 4.2.6p5
Release : 28.el7.centos
Size : 1.4 M
Repo : installed
From repo : base
Summary : The NTP daemon and utilities
URL :
License : (MIT and BSD and BSD with advertising) and GPLv2
Description : The Network Time Protocol (NTP) is used to synchronize a
: computer’s time with another reference time source. This package
: includes ntpd (a daemon which continuously adjusts system time)
: and utilities used to query and configure the ntpd daemon.
:
: Perl scripts ntp-wait and ntptrace are in the ntp-perl package,
: ntpdate is in the ntpdate package and sntp is in the sntp package.
: The documentation is in the ntp-doc package.

[tony@tony-controller ~]$ rpm -ql ntp

/etc/dhcp/dhclient.d
/etc/dhcp/dhclient.d/ntp.sh
/etc/ntp.conf
/etc/ntp/crypto
/etc/ntp/crypto/pw
/etc/sysconfig/ntpd
/usr/bin/ntpstat
/usr/lib/systemd/ntp-units.d/60-ntpd.list
/usr/lib/systemd/system/ntpd.service
/usr/sbin/ntp-keygen
/usr/sbin/ntpd
/usr/sbin/ntpdc
/usr/sbin/ntpq
/usr/sbin/ntptime
/usr/sbin/tickadj
/usr/share/doc/ntp-4.2.6p5
/usr/share/doc/ntp-4.2.6p5/COPYRIGHT
/usr/share/doc/ntp-4.2.6p5/ChangeLog
/usr/share/doc/ntp-4.2.6p5/NEWS
/usr/share/man/man5/ntp.conf.5.gz
/usr/share/man/man5/ntp_acc.5.gz
/usr/share/man/man5/ntp_auth.5.gz
/usr/share/man/man5/ntp_clock.5.gz
/usr/share/man/man5/ntp_decode.5.gz
/usr/share/man/man5/ntp_misc.5.gz
/usr/share/man/man5/ntp_mon.5.gz
/usr/share/man/man8/ntp-keygen.8.gz
/usr/share/man/man8/ntpd.8.gz
/usr/share/man/man8/ntpdc.8.gz
/usr/share/man/man8/ntpq.8.gz
/usr/share/man/man8/ntpstat.8.gz
/usr/share/man/man8/ntptime.8.gz
/usr/share/man/man8/tickadj.8.gz
/var/lib/ntp
/var/lib/ntp/drift
/var/log/ntpstats

systemd参考

[tony@tony-controller ~]$ yum info systemd

Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Installed Packages
Name : systemd
Arch : x86_64
Version : 219
Release : 62.el7_6.5
Size : 23 M
Repo : installed
From repo : updates
Summary : A System and Service Manager
URL :
License : LGPLv2+ and MIT and GPLv2+
Description : systemd is a system and service manager for Linux, compatible with
: SysV and LSB init scripts. systemd provides aggressive
: parallelization capabilities, uses socket and D-Bus activation for
: starting services, offers on-demand starting of daemons, keeps
: track of processes using Linux cgroups, supports snapshotting and
: restoring of the system state, maintains mount and automount
: points and implements an elaborate transactional dependency-based
: service control logic. It can work as a drop-in replacement for
: sysvinit.