chrony服務配置
阿新 • • 發佈:2021-06-15
1、chrony服務
chrony 是網路時間協議 (NTP) 的通用實現。它可以將系統時鐘與 NTP 伺服器、參考時鐘(例如 GPS 接收器)以及使用手錶和鍵盤的手動輸入同步。它還可以作為 NTPv4 (RFC 5905) 伺服器和對等點執行,為網路中的其他計算機提供時間服務。
它旨在在廣泛的條件下執行良好,包括間歇性網路連線、嚴重擁塞的網路、不斷變化的溫度(普通計算機時鐘對溫度很敏感)以及不能連續執行或在虛擬機器上執行的系統。
通過 Internet 同步的兩臺機器之間的典型精度在幾毫秒內;在 LAN 上,精度通常為幾十微秒。使用硬體時間戳或硬體參考時鐘,亞微秒精度可能是可能的。
chrony 中包含兩個程式,chronyd 是一個可以在引導時啟動的守護程序,chronyc 是一個命令列介面程式,可用於監視 chronyd 的效能並在其執行時更改各種操作引數。
centos7+ 支援chrony時間同步配置,ntp在centos8上已經不再支援了
chrony相比ntp時間同步配置更簡單高效,它是一個開源的軟體能保持系統始終與伺服器時間同步。
2、OS測試環境介紹
Server端:RedHat8.2- 172.20.10.6
Client端:CentOS8.3- 172.20.10.7
本次測試為最小化系統安裝,配置本地yum源後安裝chrony服務(服務端客戶端均安裝該服務,如下)
[root@centos8-3 ~]# yum install -y chrony Last metadata expiration check: 0:00:05 ago on Tue 15 Jun 2021 08:02:45 PM CST. Dependencies resolved. ================================================================================================================================================================= Package Architecture Version Repository Size ================================================================================================================================================================= Installing: chrony x86_64 3.5-1.el8 centos8-OS 271 k Installing weak dependencies: timedatex x86_64 0.5-3.el8 centos8-OS 32 k Transaction Summary ================================================================================================================================================================= Install 2 Packages Total size: 303 k Installed size: 731 k Downloading Packages: Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Preparing : 1/1 Installing : timedatex-0.5-3.el8.x86_64 1/2 Running scriptlet: timedatex-0.5-3.el8.x86_64 1/2 Running scriptlet: chrony-3.5-1.el8.x86_64 2/2 Installing : chrony-3.5-1.el8.x86_64 2/2 Running scriptlet: chrony-3.5-1.el8.x86_64 2/2 Verifying : chrony-3.5-1.el8.x86_64 1/2 Verifying : timedatex-0.5-3.el8.x86_64 2/2 Installed: chrony-3.5-1.el8.x86_64 timedatex-0.5-3.el8.x86_64 Complete!
3、server與client端配置
(1)server端配置以及解釋說明
[root@RedHat8-2 ~]# cat /etc/chrony.conf # Use public servers from the pool.ntp.org project. # Please consider joining the pool (http://www.pool.ntp.org/join.html). #pool 2.rhel.pool.ntp.org iburst --註釋這行,外網時間伺服器的網址 server 172.20.10.6 iburst --新增這行,表示與本機同步時間(視情況自行更改) # Record the rate at which the system clock gains/losses time. driftfile /var/lib/chrony/drift # Allow the system clock to be stepped in the first three updates # if its offset is larger than 1 second. makestep 1.0 3 # Enable kernel synchronization of the real-time clock (RTC). rtcsync # Enable hardware timestamping on all interfaces that support it. #hwtimestamp * # Increase the minimum number of selectable sources required to adjust # the system clock. #minsources 2 # Allow NTP client access from local network. allow 172.20.10.0/28 -->>允許哪些伺服器或客戶端到這臺時間伺服器來同步時間。必須配置 # Serve time even if not synchronized to a time source. local stratum 10 -->>該行註釋取消掉不然NTP synchronized: 為no 取消掉後變為 NTP synchronized:yes # Specify file containing keys for NTP authentication. keyfile /etc/chrony.keys # Get TAI-UTC offset and leap seconds from the system tz database. leapsectz right/UTC # Specify directory for log files. logdir /var/log/chrony # Select which information is logged. #log measurements statistics tracking
啟動chrony服務並進行檢查
啟動chronyd
[root@RedHat8-2 ~]# systemctl start chronyd
加入開機自啟
[root@RedHat8-2 ~]# systemctl enable chronyd
檢查
[root@RedHat8-2 ~]# netstat -antulp|grep chronyd
udp 0 0 0.0.0.0:123 0.0.0.0:* 7745/chronyd
udp 0 0 127.0.0.1:323 0.0.0.0:* 7745/chronyd
udp6 0 0 ::1:323 :::* 7745/chronyd
[root@RedHat8-2 ~]# ss -antulp|grep chronyd
udp UNCONN 0 0 0.0.0.0:123 0.0.0.0:* users:(("chronyd",pid=7745,fd=9))
udp UNCONN 0 0 127.0.0.1:323 0.0.0.0:* users:(("chronyd",pid=7745,fd=7))
udp UNCONN 0 0 [::1]:323 [::]:* users:(("chronyd",pid=7745,fd=8))
(2)client端配置
[root@centos8-3 ~]# cat /etc/chrony.conf
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
#pool 2.centos.pool.ntp.org iburst
server 172.20.10.6 iburst -->>新增該行,表示到這臺伺服器去同步時間
啟動chronyd並加入開機自啟
[root@centos8-3 ~]# systemctl start chronyd
[root@centos8-3 ~]# systemctl enable chronyd4、檢視狀態
[root@centos8-3 ~]# timedatectl
Local time: Tue 2021-06-15 16:45:10 CST
Universal time: Tue 2021-06-15 08:45:10 UTC
RTC time: Tue 2021-06-15 16:45:10
Time zone: Asia/Shanghai (CST, +0800)
System clock synchronized: yes --表示已同步完成
NTP service: active
RTC in local TZ: no
5、檢視時間源資訊
服務端
[root@RedHat8-2 ~]# chronyc sources -v
210 Number of sources = 1
.-- Source mode '^' = server, '=' = peer, '#' = local clock.
/ .- Source state '*' = current synced, '+' = combined , '-' = not combined,
| / '?' = unreachable, 'x' = time may be in error, '~' = time too variable.
|| .- xxxx [ yyyy ] +/- zzzz
|| Reachability register (octal) -. | xxxx = adjusted offset,
|| Log2(Polling interval) --. | | yyyy = measured offset,
|| \ | | zzzz = estimated error.
|| | | \
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^? RedHat8-2.localdomain 0 7 377 - +0ns[ +0ns] +/- 0ns客戶端
[root@centos8-3 ~]# chronyc sources -v
210 Number of sources = 1
.-- Source mode '^' = server, '=' = peer, '#' = local clock.
/ .- Source state '*' = current synced, '+' = combined , '-' = not combined,
| / '?' = unreachable, 'x' = time may be in error, '~' = time too variable.
|| .- xxxx [ yyyy ] +/- zzzz
|| Reachability register (octal) -. | xxxx = adjusted offset,
|| Log2(Polling interval) --. | | yyyy = measured offset,
|| \ | | zzzz = estimated error.
|| | | \
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* 172.20.10.6 11 6 177 50 +2087ns[ -33us] +/- 227ms
6、測試
測試說明,對服務端進行手動更改時間,檢視客戶端是否同步
(1)檢視客戶端與服務端當前時間
服務端
[root@RedHat8-2 ~]# date
Tue Jun 15 16:43:22 CST 2021
客戶端
[root@centos8-3 ~]# date
Tue Jun 15 16:43:22 CST 2021
(2)手動更改服務端時間
[root@RedHat8-2 ~]# date
Tue Jun 15 17:14:03 CST 2021
[root@RedHat8-2 ~]# date -s "2021-6-15 18:00:00"
Tue Jun 15 18:00:00 CST 2021
(3)等待客戶端自動同步(測試同步時間較為緩慢)
[root@centos8-3 ~]# chronyc sources -v
210 Number of sources = 1
.-- Source mode '^' = server, '=' = peer, '#' = local clock.
/ .- Source state '*' = current synced, '+' = combined , '-' = not combined,
| / '?' = unreachable, 'x' = time may be in error, '~' = time too variable.
|| .- xxxx [ yyyy ] +/- zzzz
|| Reachability register (octal) -. | xxxx = adjusted offset,
|| Log2(Polling interval) --. | | yyyy = measured offset,
|| \ | | zzzz = estimated error.
|| | | \
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^~ 172.20.10.6 11 6 37 11 -2716s[ -2716s] +/- 265ms
[root@centos8-3 ~]# date
Tue Jun 15 17:16:44 CST 2021
[root@centos8-3 ~]# timedatectl
Local time: Tue 2021-06-15 17:16:53 CST
Universal time: Tue 2021-06-15 09:16:53 UTC
RTC time: Tue 2021-06-15 09:17:19
Time zone: Asia/Shanghai (CST, +0800)
System clock synchronized: yes
NTP service: active
RTC in local TZ: no
[root@centos8-3 ~]# date
Tue Jun 15 18:06:49 CST 2021在測試中發現個問題 同步時間較為緩慢不過成功的進行了同步,後續我會繼續進行測試,各位技術大佬有什麼建議嗎?