zoukankan      html  css  js  c++  java
  • NTP服务搭建

    NTP是网络时间协议(Network Time Protocol),它是用来同步网络中各个计算机的时间的协议。它的用途是把计算机的时钟同步到世界协调时UTC,其精度在局域网内可达0.1ms,在互联网上绝大多数的地方其精度可以达到1-50ms。


    1.搭建本地NTP服务器
    yum -y update
    yum -y install ntp
    # 调整好yum源,并安装ntp服务
    
    2.查询并测试本地服务器是否能和Intent上的NTP服务器通信
    time1.aliyun.com
    time2.aliyun.com
    time3.aliyun.com
    time4.aliyun.com
    time5.aliyun.com
    time6.aliyun.com
    time7.aliyun.com
    # 以上为国内aliyun的时间服务器列表
    
    ntpdate -q time1.aliyun.com
    # 使用ntpdate检查本机是否可以和aliyun的时间服务器通信
       
    server 203.107.6.88, stratum 2, offset 0.046559, delay 0.06445
    14 Sep 16:08:23 ntpdate[2286]: adjust time server 203.107.6.88 offset 0.046559 sec
    # 若显示结果和上图相同则代表可以通信
    
    3.修改NTP服务器的配置文件
    vim /etc/ntp.conf    # 修改配置文件
    
    # For more information about this file, see the man pages
    # ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
    
    driftfile /var/lib/ntp/drift
    
    # Permit time synchronization with our time source, but do not
    # permit the source to query or modify the service on this system.
    restrict default kod nomodify notrap nopeer noquery
    restrict -6 default kod nomodify notrap nopeer noquery
    
    # Permit all access over the loopback interface.  This could
    # be tightened as well, but to do so would effect some of
    # the administrative functions.
    restrict 127.0.0.1 
    restrict -6 ::1
    
    # 新增内容
    # 允许以下指定网段的服务器来校时,但不允许客户端来修改,登录ntp服务器 
    restrict 192.168.100.0 mask 255.255.255.0 nomodify notrap
    restrict 192.168.200.0 mask 255.255.255.0 nomodify notrap
    # 结束
    
    # Hosts on local network are less restricted.
    #restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
    
    # Use public servers from the pool.ntp.org project.
    # Please consider joining the pool (http://www.pool.ntp.org/join.html).
    # server 0.centos.pool.ntp.org iburst
    # server 1.centos.pool.ntp.org iburst
    # server 2.centos.pool.ntp.org iburst
    # server 3.centos.pool.ntp.org iburst
    # 将以上四个默认的时间服务器地址注释掉,并手动添加国内aliyun的时间服务器地址
    server time1.aliyun.com
    server time2.aliyun.com
    server time3.aliyun.com
    server time4.aliyun.com
    server time5.aliyun.com
    server time6.aliyun.com
    server time7.aliyun.com
    
    # broadcast 192.168.1.255 autokey	# broadcast server
    # broadcastclient			# broadcast client
    # broadcast 224.0.1.1 autokey		# multicast server
    # multicastclient 224.0.1.1		# multicast client
    # manycastserver 239.255.254.254		# manycast server
    # manycastclient 239.255.254.254 autokey # manycast client
    
    # Enable public key cryptography.
    #crypto
    
    includefile /etc/ntp/crypto/pw
    
    # Key file containing the keys and key identifiers used when operating
    # with symmetric key cryptography. 
    keys /etc/ntp/keys
    
    # Specify the key identifiers which are trusted.
    #trustedkey 4 8 42
    
    # Specify the key identifier to use with the ntpdc utility.
    #requestkey 8
    
    # Specify the key identifier to use with the ntpq utility.
    #controlkey 8
    
    # Enable writing of statistics records.
    #statistics clockstats cryptostats loopstats peerstats
    
    
    4.设置硬件时钟频率和时间服务器保持一致
    vim /etc/sysconfig/ntpd    # 添加以下参数
    SYNC_HWCLOCK=yes
    
    重启服务器,并设置开机自启
    CentOS 6.X
    service ntpd start    # 启动NTP服务
    chkconfig ntpd on     # 设置ntp服务开机自启
    
    CentOS 7.X
    systemctl start ntpd    # 启动ntp服务
    systemctl enable ntpd   # 设置ntp服务开机自启
    
    5.服务器端验证是否和上层aliyun服务器连接
    # 等待10-15分钟后执行ntpstat查看同步状态
    [root@localhost ~]# ntpstat 
    synchronised to NTP server (203.107.6.88) at stratum 3 
       time correct to within 31 ms
       polling server every 64 s
    # 以上描述为成功
    
    执行ntpq -p 查看与aliyun时间服务器的连接状态
    [root@localhost ~]# ntpq -p
         remote           refid      st t when poll reach   delay   offset  jitter
    ==============================================================================
    *203.107.6.88    10.165.84.13     2 u    2   64  377   34.263    0.545   2.465
    # *表示目前正在使用的上层NTP,+表示已连线,可提供时间更新的候补服务器
    
    6.设置客户端配置文件,使其从搭建好的NTP服务器端进行时间同步

    客户端先安装ntp服务,然后修改/etc/ntp.conf配置文件

    # 设置允许ntpserver主动修改客户端时间
    restrict 192.168.100.35 nomodify notrap noquery
    
    # 将自带服务器列表项注释掉,添加自己搭建的时间服务器
    server 192.168.100.35
    
    # 设置服务产生的日志位置
    logfile /var/log/ntp.log
    
    # 使用ntpq -p 和 ntpstat 命令验证客户端是否和本地NTP时间服务器连接并同步成功
    
    
  • 相关阅读:
    JQuery判断CheckBox是否选中
    Ghost下的gho镜像分区工具
    JQuery提示$(...).on is not a function解决方法
    Jetty错误: badMessage: java.lang.IllegalStateException: too much data after closed for HttpChannelOverHttp@472adad9{r=2,c=false,a=IDLE,uri=}
    Linux下使用Shell过滤重复文本(转)
    JQuery给动态HTML绑定事件
    Chrome插件在页面上直接绑定JavaScript事件提示Refused to execute inline event handler because it violates the following Co
    解决——》java.lang.IllegalArgumentException: Body parameter 0 was null
    qhclass
    java类uuid源码分析
  • 原文地址:https://www.cnblogs.com/linuxlc/p/12082854.html
Copyright © 2011-2022 走看看