Linux NTP服务器配置
jks212454 人气:0一、环境配置
1.NTP服务器
NTP服务器版本:Red Hat Enterprise Linux release 8.0 (Ootpa) NTP服务器IP:192.168.8.11/24 NTP服务器hostname:node1
2.业务服务器
NTP服务器版本:Red Hat Enterprise Linux release 8.0 (Ootpa) NTP服务器IP:192.168.8.12/24 NTP服务器hostname:node2
二、NTP服务器配置
1.查看chrony服务状态
[root@node1 ~]# systemctl status chronyd ● chronyd.service - NTP client/server Loaded: loaded (/usr/lib/systemd/system/chronyd.service; disabled; vendor preset: enabled) Active: inactive (dead) Docs: man:chronyd(8) man:chrony.conf(5) [root@node1 ~]#
2.启动chrony服务
[root@node1 ~]# systemctl enable --now chronyd Created symlink /etc/systemd/system/multi-user.target.wants/chronyd.service → /usr/lib/systemd/system/chronyd.service.
3.关闭防火墙和selinux
[root@node1 ~]# systemctl status firewalld.service ● firewalld.service - firewalld - dynamic firewall daemon Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled) Active: inactive (dead) Docs: man:firewalld(1) [root@node1 ~]# sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config [root@node1 ~]# setenforce 0 setenforce: SELinux is disabled [root@node1 ~]# getenforce Disabled [root@node1 ~]#
4.配置NTP服务文件
[root@node1 ~]# vim /etc/chrony.conf [root@node1 ~]# cat /etc/chrony.conf |grep -Ei '(allow|local)' # Allow the system clock to be stepped in the first three updates # Allow NTP client access from local network. #allow 192.168.0.0/16 allow 192.168.8.0/24 local stratum 10 [root@node1 ~]#
5.重启服务
[root@node1 ~]# systemctl restart chronyd [root@node1 ~]#
三、业务服务器配置
1.开启chrony服务
[root@node2 ~]# systemctl enable --now chronyd Created symlink /etc/systemd/system/multi-user.target.wants/chronyd.service → /usr/lib/systemd/system/chronyd.service. [root@node2 ~]#
2.配置chrony服务文件
[root@node2 ~]# vim /etc/chrony.conf [root@node2 ~]# cat /etc/chrony.conf |grep pool # Use public servers from the pool.ntp.org project. # Please consider joining the pool (http://www.pool.ntp.org/join.html). pool 192.168.8.11 iburst [root@node2 ~]#
3.重启服务
[root@node2 ~]# systemctl restart chronyd [root@node2 ~]#
四、测试业务服务器时间状态
1.查看时间同步状态
[root@node2 ~]# chronyc sources 210 Number of sources = 1 MS Name/IP address Stratum Poll Reach LastRx Last sample =============================================================================== ^? 192.168.8.12 0 7 0 - +0ns[ +0ns] +/- 0ns [root@node2 ~]#
2.立即时间同步
[root@node2 ~]# chronyc sources 210 Number of sources = 1 MS Name/IP address Stratum Poll Reach LastRx Last sample =============================================================================== ^* 192.168.8.11 10 6 17 2 +249ns[ +141us] +/- 100us [root@node2 ~]# chronyc sources -v 210 Number of sources = 1 .-- Source mode '^' = server, '=' = peer, '#' = local clock. / .- Source state '*' = current synced, '+' = combined , '-' = not combined, | / '?' = unreachable, 'x' = time may be in error, '~' = time too variable. || .- xxxx [ yyyy ] +/- zzzz || Reachability register (octal) -. | xxxx = adjusted offset, || Log2(Polling interval) --. | | yyyy = measured offset, || \ | | zzzz = estimated error. || | | \ MS Name/IP address Stratum Poll Reach LastRx Last sample =============================================================================== ^* 192.168.8.11 10 6 17 8 +249ns[ +141us] +/- 1103us [root@node2 ~]#
加载全部内容