ntp时间同步
LiuSw Lv6

ntp时间同步

1.安装ntp服务

yum安装ntp服务

1
yum install -y ntp

2.设置自启动

1
2
3
4
chkconfig ntpd on
chkconfig --list ntpd
# 或者
systemctl enable ntpd

3.配置内网NTP-Server192.168.11.155

vim /etc/ntp.conf

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
# For more information about this file, see the man pages
# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).

driftfile /var/lib/ntp/drift

# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
restrict default nomodify notrap nopeer noquery

# Permit all access over the loopback interface. This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1
restrict ::1

# Hosts on local network are less restricted.
#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap

# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
#server 0.centos.pool.ntp.org iburst
#server 1.centos.pool.ntp.org iburst
#server 2.centos.pool.ntp.org iburst
#server 3.centos.pool.ntp.org iburst

#broadcast 192.168.1.255 autokey # broadcast server
#broadcastclient # broadcast client
#broadcast 224.0.1.1 autokey # multicast server
#multicastclient 224.0.1.1 # multicast client
#manycastserver 239.255.254.254 # manycast server
#manycastclient 239.255.254.254 autokey # manycast client

# Enable public key cryptography.
#crypto

includefile /etc/ntp/crypto/pw

# Key file containing the keys and key identifiers used when operating
# with symmetric key cryptography.
keys /etc/ntp/keys

# Specify the key identifiers which are trusted.
#trustedkey 4 8 42

# Specify the key identifier to use with the ntpdc utility.
#requestkey 8

# Specify the key identifier to use with the ntpq utility.
#controlkey 8

# Enable writing of statistics records.
#statistics clockstats cryptostats loopstats peerstats

# Disable the monitoring facility to prevent amplification attacks using ntpdc
# monlist command when default restrict does not include the noquery flag. See
# CVE-2013-5211 for more details.
# Note: Monitoring will not be disabled with the limited restriction flag.
disable monitor

restrict 192.168.11.155 nomodify notrap noquery


# 配置允许上游时间服务器主动修改本机的时间,你自己ntp server的ip
server 192.168.11.155
fudge 192.168.11.155 stratum 5

# 不允许来自公网上ipv4和ipv6客户端的访问
restrict -4 default kod notrap nomodify nopeer noquery
restrict -6 default kod notrap nomodify nopeer noquery

# 外部时间服务器不可用时,以本地时间作为时间服务
server 127.127.1.0 # local clock
fudge 127.127.1.0 stratum 10 #(3-10)

配置文件修改完成,保存退出,重新启动服务

1
systemctl restart ntpd

查看服务连接和监听

1
netstat -tlunp | grep ntp

无netstat命令 使用 yum install -y net-tools安装

4.配置内网NTP-Clients

vim /etc/ntp.conf

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
# Hosts on local network are less restricted.

#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap

restrict 192.168.204.111 nomodify notrap noquery

# Use public servers from the pool.ntp.org project.

# Please consider joining the pool (http://www.pool.ntp.org/join.html).

# 配置时间服务器为本地的时间服务器
server 192.168.11.155

# Undisciplined Local Clock. This is a fake driver intended for backup

# and when no outside source of synchronized time is available.

# 外部时间服务器不可用时,以本地时间作为时间服务
server 127.127.1.0 # local clock
fudge 127.127.1.0 stratum 10 #(3-10)

修改以上内容即可

重新启动ntpd服务

1
systemctl restart ntpd

5.ntpdate手动同步下时间

1
2
3
ntpdate -u 192.168.11.155
[root@hadoop1 hadoop_data]# ntpdate -u 192.168.11.155
# 22 Jan 14:42:13 ntpdate[12880]: step time server 192.168.11.155 offset -0.544326 sec
 评论