本文共 14004 字,大约阅读时间需要 46 分钟。
[tony@tony-controller ~]$ cat /etc/redhat-releaseCentOS Linux release 7.6.1810 (Core)[tony@tony-controller ~]$ uname -aLinux tony-controller 3.10.0-957.10.1.el7.x86_64 #1 SMP Mon Mar 18 15:06:45 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
由于在实验室网络中,只能通过代理服务器访问外网,Linux机器的NTP客户端无法直接访问外网的NTP服务器。不知道如何配置NTP才能使用代理服务器访问外网。
实验室内部有一台可以访问外网的Windows 10机器,该机器时钟定期刷新,时间准确,故在Windows10上启用NTP授时服务。其他的Linux机器均配置为从这台Windows 10 NTP服务器上获取准确时间。
# 在注册表中,将NtpServer选项启用 (设置为1)C:\WINDOWS\system32>reg add HKLM\system\CurrentControlSet\Services\W32Time\TimeProviders\NtpServer /v Enabled /t REG_DWORD /d 0x1 /fThe operation completed successfully.# 更新配置C:\WINDOWS\system32>w32tm /config /updateThe command completed successfully.# 查询配置更新完成,参看最后NtpServer (Local)一段C:\WINDOWS\system32>w32tm /query /configuration[Configuration]EventLogFlags: 2 (Local)...UpdateInterval: 30000 (Local)[TimeProviders]NtpClient (Local)...NtpServer: xxx.xxx.com (Local)NtpServer (Local)DllName: C:\WINDOWS\system32\w32time.dll (Local)Enabled: 1 (Local)InputProvider: 0 (Local)AllowNonstandardModeCombinations: 1 (Local)
# 在Windows下,以Administrator身份运行netstat -ab命令,# 可以看到Windows当前正在侦听NTP的123端口,NTP服务正在运行。C:\WINDOWS\system32>netstat -abActive Connections Proto Local Address Foreign Address State UDP 0.0.0.0:123 *:* W32Time
注:如果客户端无法访问NTP服务,通常需要检查Windows的防火墙或者客户端的防火墙。
[tony@tony-controller ~]$ ls -l /etc/localtimelrwxrwxrwx. 1 root root 38 Apr 10 01:06 /etc/localtime.origin -> ../usr/share/zoneinfo/America/New_York
# timedatectl命令在systemd包里[tony@tony-controller ~]$ timedatectl Local time: Wed 2019-04-10 21:07:13 CST Universal time: Wed 2019-04-10 13:07:13 UTC RTC time: Wed 2019-04-10 13:07:13 Time zone: Asia/Shanghai (CST, +0800) NTP enabled: yesNTP synchronized: no RTC in local TZ: no DST active: n/a
# 中国常用的时区[tony@tony-controller ~]$ ls /usr/share/zoneinfo/Asia/Shanghai/usr/share/zoneinfo/Asia/Shanghai# 在Africa, America, ... Asia, ...等目录下还有更多的时区[tony@tony-controller ~]$ ls -F /usr/share/zoneinfo/Africa/ Cuba GMT-0 Kwajalein Portugal UniversalAmerica/ EET GMT+0 leapseconds posix/ US/Antarctica/ Egypt Greenwich Libya posixrules UTCArctic/ Eire Hongkong MET PRC WETAsia/ EST HST Mexico/ PST8PDT W-SUAtlantic/ EST5EDT Iceland MST right/ zone1970.tabAustralia/ Etc/ Indian/ MST7MDT ROC zone.tabBrazil/ Europe/ Iran Navajo ROK ZuluCanada/ GB iso3166.tab NZ SingaporeCET GB-Eire Israel NZ-CHAT TurkeyChile/ GMT Jamaica Pacific/ tzdata.ziCST6CDT GMT0 Japan Poland UCT
# timedatectl也可以列出所有可用的时区[tony@tony-controller ~]$ timedatectl list-timezones | grep AsiaAsia/Aden...Asia/Ho_Chi_MinhAsia/Hong_Kong...Asia/ShanghaiAsia/Singapore...Asia/Yerevan
# 创建到Asia/Shanghai的链接,将时区设置为Shanghai。[tony@tony-controller ~]$ sudo ln -s /usr/share/zoneinfo/Asia/Shanghai /etc/localtime# 检查时区已经修改[tony@tony-controller ~]$ ls -l /etc/localtimelrwxrwxrwx. 1 root root 33 Apr 10 20:55 /etc/localtime -> /usr/share/zoneinfo/Asia/Shanghai# 时区已经修改,但是时间尚未同步,依然不是正确的中国时间。[tony@tony-controller ~]$ timedatectl Local time: Wed 2019-04-10 21:00:58 CST Universal time: Wed 2019-04-10 13:00:58 UTC RTC time: Wed 2019-04-10 13:00:58 Time zone: Asia/Shanghai (CST, +0800) NTP enabled: yesNTP synchronized: no RTC in local TZ: no DST active: n/a
从CentOS 7开始,chrony包代替了原先的ntp包,成为CentOS网络时间同步协议的默认服务。chrony同时是NTP协议的客户端与服务器端,既可以从NTP服务器获取时间,也可以为其他客户端授时。chrony特别被设计为支持不能实时访问因特网的系统,可以提供更加精确与快速的时钟服务。
注:关于chrony与ntp的比较,可以。
chrony的配置文件是/etc/chrony.conf,主要的可执行文件包括/usr/bin/chronyc (客户端)与/usr/sbin/chronyd (服务器守护进程)。
在/etc/chrony.conf文件中添加新的一个server行,同时注释掉其他的默认的server行。
server windows10.localhost iburst# server 0.centos.pool.ntp.org iburst# server 1.centos.pool.ntp.org iburst# server 2.centos.pool.ntp.org iburst# server 3.centos.pool.ntp.org iburst
# 重启服务[tony@tony-dev ~]$ sudo systemctl restart chronyd.service# 查看服务状态[tony@tony-dev ~]$ sudo systemctl status chronyd.service● chronyd.service - NTP client/server Loaded: loaded (/usr/lib/systemd/system/chronyd.service; enabled; vendor preset: enabled) Active: active (running) since Thu 2019-04-11 14:33:33 CST; 12s ago Docs: man:chronyd(8) man:chrony.conf(5) Process: 7149 ExecStartPost=/usr/libexec/chrony-helper update-daemon (code=exited, status=0/SUCCESS) Process: 7135 ExecStart=/usr/sbin/chronyd $OPTIONS (code=exited, status=0/SUCCESS) Main PID: 7146 (chronyd) Tasks: 1 CGroup: /system.slice/chronyd.service └─7146 /usr/sbin/chronydApr 11 14:33:33 tony-dev systemd[1]: Starting NTP client/server...Apr 11 14:33:33 tony-dev chronyd[7146]: chronyd version 3.2 starting (+CMDMO...)Apr 11 14:33:33 tony-dev chronyd[7146]: Frequency 0.000 +/- 1000000.000 ppm ...tApr 11 14:33:33 tony-dev systemd[1]: Started NTP client/server.Apr 11 14:33:37 tony-dev chronyd[7146]: Selected source 10.238.130.174Hint: Some lines were ellipsized, use -l to show in full.
以下命令行输出的详细解释可以
[tony@tony-dev ~]$ chronyc tracking
Reference ID : 0AEE82AE (Windows10.localhost)
Stratum : 7 Ref time (UTC) : Thu Apr 11 06:36:52 2019 System time : 0.000113410 seconds slow of NTP time Last offset : -0.000429817 seconds RMS offset : 0.000825199 seconds Frequency : 7.342 ppm fast Residual freq : -0.219 ppm Skew : 11.138 ppm Root delay : 0.200305298 seconds Root dispersion : 0.373195589 seconds Update interval : 64.5 seconds Leap status : Normal
[tony@tony-dev ~]$ chronyc sources
210 Number of sources = 1
MS Name/IP address Stratum Poll Reach LastRx Last sample =============================================================================== ^* Windows10.localhost> 6 6 377 5 +196us[ +391us] +/- 368ms
[tony@tony-dev ~]$ chronyc sourcestats
210 Number of sources = 1
Name/IP Address NP NR Span Frequency Freq Skew Offset Std Dev ============================================================================== Windows10.localhost> 8 6 264 +0.070 6.364 +1991ns 268us
# 按照前节修改配置文件[tony@tony-compute1 ~]$ sudo vim /etc/chrony.conf
server windows10.localhost iburst# server 0.centos.pool.ntp.org iburst# server 1.centos.pool.ntp.org iburst# server 2.centos.pool.ntp.org iburst# server 3.centos.pool.ntp.org iburst
# 没有重启chrony服务,所以时间尚未同步[tony@tony-compute1 ~]$ dateWed Apr 10 13:06:03 EDT 2019# 重启chrony服务[tony@tony-compute1 ~]$ sudo systemctl restart chronyd.service# 已经从NTP服务器获取了新时间;oops,时区设置错误[tony@tony-compute1 ~]$ dateThu Apr 11 02:48:06 EDT 2019# 设置正确的时区[tony@tony-compute1 ~]$ sudo timedatectl set-timezone Asia/Shanghai# 时间显示正确,CST表示:中国标准时间[tony@tony-compute1 ~]$ dateThu Apr 11 14:49:03 CST 2019
NTP包在Cent OS7中已经过时了,配置方式放在这里备考。
[tony@tony-controller ~]$ sudo yum install -y ntp
# 检查ntpd服务,发现未启动[tony@tony-controller ~]$ systemctl status ntpd● ntpd.service - Network Time Service Loaded: loaded (/usr/lib/systemd/system/ntpd.service; disabled; vendor preset: disabled) Active: inactive (dead) # 启用ntpd服务[tony@tony-controller ~]$ sudo systemctl enable ntpdCreated symlink from /etc/systemd/system/multi-user.target.wants/ntpd.service to /usr/lib/systemd/system/ntpd.service.# 启动ntpd服务[tony@tony-controller ~]$ sudo systemctl start ntpd# 检查ntpd服务,已经启动[tony@tony-controller ~]$ sudo systemctl status ntpd● ntpd.service - Network Time Service Loaded: loaded (/usr/lib/systemd/system/ntpd.service; enabled; vendor preset: disabled) Active: active (running) since Wed 2019-04-10 21:27:00 CST; 4s ago Process: 10480 ExecStart=/usr/sbin/ntpd -u ntp:ntp $OPTIONS (code=exited, status=0/SUCCESS) Main PID: 10481 (ntpd) CGroup: /system.slice/ntpd.service └─10481 /usr/sbin/ntpd -u ntp:ntp -gApr 10 21:27:00 tony-controller ntpd[10481]: Listen normally on 4 enp0s8 10....3Apr 10 21:27:00 tony-controller ntpd[10481]: Listen normally on 5 enp0s9 10....3Apr 10 21:27:00 tony-controller ntpd[10481]: Listen normally on 6 lo ::1 UDP 123Apr 10 21:27:00 tony-controller ntpd[10481]: Listen normally on 7 enp0s9 fe8...3Apr 10 21:27:00 tony-controller ntpd[10481]: Listen normally on 8 enp0s3 fe8...3Apr 10 21:27:00 tony-controller ntpd[10481]: Listen normally on 9 enp0s8 fe8...3Apr 10 21:27:00 tony-controller ntpd[10481]: Listening on routing socket on ...sApr 10 21:27:00 tony-controller ntpd[10481]: 0.0.0.0 c016 06 restartApr 10 21:27:00 tony-controller ntpd[10481]: 0.0.0.0 c012 02 freq_set kernel...MApr 10 21:27:00 tony-controller ntpd[10481]: 0.0.0.0 c011 01 freq_not_setHint: Some lines were ellipsized, use -l to show in full.
[tony@tony-controller ~]$ sudo ntpstatunsynchronised time server re-starting polling server every 8 s[tony@tony-controller ~]$ sudo ntpq -p remote refid st t when poll reach delay offset jitter============================================================================== stratum2-1.ntp. .INIT. 16 u - 64 0 0.000 0.000 0.000 ntp1.ams1.nl.le .INIT. 16 u - 64 0 0.000 0.000 0.000 ntp-fi01.rserve .INIT. 16 u - 64 0 0.000 0.000 0.000 pacific.latt.ne .INIT. 16 u - 64 0 0.000 0.000 0.000
[tony@tony-controller ~]$ cat /etc/ntp.conf | grep -v -E '^$|^#'driftfile /var/lib/ntp/driftrestrict default nomodify notrap nopeer noqueryrestrict 127.0.0.1restrict ::1server 0.centos.pool.ntp.org iburstserver 1.centos.pool.ntp.org iburstserver 2.centos.pool.ntp.org iburstserver 3.centos.pool.ntp.org iburstincludefile /etc/ntp/crypto/pwkeys /etc/ntp/keysdisable monitor
[tony@tony-dev ~]$ sudo yum info chrony
Installed Packages
Name : chrony Arch : x86_64 Version : 3.2 Release : 2.el7 Size : 476 k Repo : installed From repo : base Summary : An NTP client/server URL : License : GPLv2 Description : A client/server for the Network Time Protocol, this program keeps : your computer’s clock accurate. It was specially designed to : support systems with intermittent internet connections, but it : also works well in permanently connected environments. It can use : also hardware reference clocks, system real-time clock or manual : input as time references.
[tony@tony-dev ~]$ rpm -ql chrony
/etc/NetworkManager/dispatcher.d/20-chrony
/etc/chrony.conf /etc/chrony.keys /etc/dhcp/dhclient.d/chrony.sh /etc/logrotate.d/chrony /etc/sysconfig/chronyd /usr/bin/chronyc /usr/lib/systemd/ntp-units.d/50-chronyd.list /usr/lib/systemd/system/chrony-dnssrv@.service /usr/lib/systemd/system/chrony-dnssrv@.timer /usr/lib/systemd/system/chrony-wait.service /usr/lib/systemd/system/chronyd.service /usr/libexec/chrony-helper /usr/sbin/chronyd /usr/share/doc/chrony-3.2 /usr/share/doc/chrony-3.2/COPYING /usr/share/doc/chrony-3.2/FAQ /usr/share/doc/chrony-3.2/NEWS /usr/share/doc/chrony-3.2/README /usr/share/man/man1/chronyc.1.gz /usr/share/man/man5/chrony.conf.5.gz /usr/share/man/man8/chronyd.8.gz /var/lib/chrony /var/lib/chrony/drift /var/lib/chrony/rtc /var/log/chrony
[tony@tony-controller ~]$ yum info ntp
Loaded plugins: fastestmirror
Determining fastest mirrors Installed Packages Name : ntp Arch : x86_64 Version : 4.2.6p5 Release : 28.el7.centos Size : 1.4 M Repo : installed From repo : base Summary : The NTP daemon and utilities URL : License : (MIT and BSD and BSD with advertising) and GPLv2 Description : The Network Time Protocol (NTP) is used to synchronize a : computer’s time with another reference time source. This package : includes ntpd (a daemon which continuously adjusts system time) : and utilities used to query and configure the ntpd daemon. : : Perl scripts ntp-wait and ntptrace are in the ntp-perl package, : ntpdate is in the ntpdate package and sntp is in the sntp package. : The documentation is in the ntp-doc package.
[tony@tony-controller ~]$ rpm -ql ntp
/etc/dhcp/dhclient.d
/etc/dhcp/dhclient.d/ntp.sh /etc/ntp.conf /etc/ntp/crypto /etc/ntp/crypto/pw /etc/sysconfig/ntpd /usr/bin/ntpstat /usr/lib/systemd/ntp-units.d/60-ntpd.list /usr/lib/systemd/system/ntpd.service /usr/sbin/ntp-keygen /usr/sbin/ntpd /usr/sbin/ntpdc /usr/sbin/ntpq /usr/sbin/ntptime /usr/sbin/tickadj /usr/share/doc/ntp-4.2.6p5 /usr/share/doc/ntp-4.2.6p5/COPYRIGHT /usr/share/doc/ntp-4.2.6p5/ChangeLog /usr/share/doc/ntp-4.2.6p5/NEWS /usr/share/man/man5/ntp.conf.5.gz /usr/share/man/man5/ntp_acc.5.gz /usr/share/man/man5/ntp_auth.5.gz /usr/share/man/man5/ntp_clock.5.gz /usr/share/man/man5/ntp_decode.5.gz /usr/share/man/man5/ntp_misc.5.gz /usr/share/man/man5/ntp_mon.5.gz /usr/share/man/man8/ntp-keygen.8.gz /usr/share/man/man8/ntpd.8.gz /usr/share/man/man8/ntpdc.8.gz /usr/share/man/man8/ntpq.8.gz /usr/share/man/man8/ntpstat.8.gz /usr/share/man/man8/ntptime.8.gz /usr/share/man/man8/tickadj.8.gz /var/lib/ntp /var/lib/ntp/drift /var/log/ntpstats
[tony@tony-controller ~]$ yum info systemd
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile Installed Packages Name : systemd Arch : x86_64 Version : 219 Release : 62.el7_6.5 Size : 23 M Repo : installed From repo : updates Summary : A System and Service Manager URL : License : LGPLv2+ and MIT and GPLv2+ Description : systemd is a system and service manager for Linux, compatible with : SysV and LSB init scripts. systemd provides aggressive : parallelization capabilities, uses socket and D-Bus activation for : starting services, offers on-demand starting of daemons, keeps : track of processes using Linux cgroups, supports snapshotting and : restoring of the system state, maintains mount and automount : points and implements an elaborate transactional dependency-based : service control logic. It can work as a drop-in replacement for : sysvinit.
转载地址:http://ytpof.baihongyu.com/