目录
一. Ntp介绍.....................................................................................................................................................4
二. Ntp安装.....................................................................................................................................................4
2.1安装准备...............................................................................................................................................4
2.2软件安装...............................................................................................................................................4
三. Ntp配置.....................................................................................................................................................4
3.1Ntp配置............................................................................................................................................... 4
3.2 NTP初始同步源配置..............................................................................................................................6
3.3 CMOS时钟同步配置............................................................................................................................. 6
3.4客户端同步配置......................................................................................................................................6
四. Ntp管理....................................................................................................................................................6
4.1Ntp管理...............................................................................................................................................7
4.2Ntp同步测试........................................................................................................................................7
4.3设置NTP系统自启动.............................................................................................................................7
4.4查看日志..............................................................................................................................................7
五. Ntp问题总结............................................................................................................................................8
一. Ntp介绍
Ntp的更多介绍请参见网络,主要是负责所有机器的时间一直,现在内部环境尤其是数据库和同步对时间要求非常高,否则容易导致失败或者错误,故内部配置时间服务器。
二. Ntp安装
2.1安装准备
安装环境:Linux varsphinx01 2.6.32-19.el6.x86_64 #1 SMP Tue Mar 9 17:48:46 EST 2010 x86_64 x86_64 x86_64 GNU/Linux
IP地址:192.168.10.7
备用IP地址:192.168.10.16
软件准备:
由于系统是64位,所以软件也是。
ntp.x86_64
ntpdate.x86_64
2.2软件安装
软件安装,为了保证软件安装包的依赖性,建议采用yum安装:
1.默认安装已有Ntp默认配置,只是没有启动,
2.如果系统没有安装,请按如下步骤安装,本次安装与配置以此为准
yum update
服务端安装如下:
yum install ntp.x86_64
客户端安装如下:
yum install ntpdate.x86_64
三. Ntp配置
3.1Ntp配置
修改配置文件如下:
cat /etc/ntp.conf
# For more information about this file, see the man pages
# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
driftfile /var/lib/ntp/drift
# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
restrict default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery
# Permit all access over the loopback interface. This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1
restrict -6 ::1
# Hosts on local network are less restricted.
#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
#新增允许同步网段
restrict 192.168.10.0 mask 255.255.255.0 nomodify notrap
restrict 192.168.20.0 mask 255.255.255.0 nomodify notrap
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
server 0.rhel.pool.ntp.org
server 1.rhel.pool.ntp.org
server 2.rhel.pool.ntp.org
# Undisciplined Local Clock. This is a fake driver intended for backup
# and when no outside source of synchronized time is available.
#server 127.127.1.0 # local clock
#fudge 127.127.1.0 stratum 10
# Enable public key cryptography.
#crypto
includefile /etc/ntp/crypto/pw
# Key file containing the keys and key identifiers used when operating
# with symmetric key cryptography.
keys /etc/ntp/keys
# Specify the key identifiers which are trusted.
#trustedkey 4 8 42
# Specify the key identifier to use with the ntpdc utility.
#requestkey 8
# Specify the key identifier to use with the ntpq utility.
#controlkey 8
# Enable writing of statistics records.
#statistics clockstats cryptostats loopstats peerstats
3.2 NTP初始同步源配置
cat /etc/ntp/step-tickers
# List of servers used for initial synchronization.
server 0.rhel.pool.ntp.org
3.3 CMOS时钟同步配置
cat /etc/sysconfig/ntpd
# Drop root to id 'ntp:ntp' by default.
SYNC_HWCLOCK=YES //新增允许同步CMOS时钟
OPTIONS="-u ntp:ntp -p /var/run/ntpd.pid -g"
3.4客户端同步配置
编写同步脚本如下:
cat /usr/local/bin/ntpdate.sh
#!/bin/bash
SHELL=/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin
/usr/sbin/ntpdate 192.168.10.7;/sbin/hwclock –w
chmod +x ntpdate.sh
cat /etc/crontab
SHELL=/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root
HOME=/
# For details see man 4 crontabs
# Example of job definition:
# .---------------- minute (0 - 59)
# | .------------- hour (0 - 23)
# | | .---------- day of month (1 - 31)
# | | | .------- month (1 - 12) OR jan,feb,mar,apr ...
# | | | | .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
# | | | | |
# * * * * * command to be executed
*/5 * * * * root /usr/local/bin/ntpdate.sh //5分钟同步一次
四. Ntp管理
4.1Ntp管理
/etc/init.d/ntpd {start|stop|status|restart|try-restart|force-reload}
4.2Ntp同步测试
[root@varsphinx01 ~]# ntpstat
synchronised to NTP server (114.80.81.12) at stratum 3
time correct to within 83 ms
polling server every 1024 s
[root@varsphinx01 ~]# ntpq -p
remote refid st t when poll reach delay offset jitter
==============================================================================
*114.80.81.12 204.152.184.72 2 u 884 1024 377 128.915 8.812 0.473
+123.146.124.30 61.153.197.226 3 u 827 1024 377 51.865 -65.177 4.134
+114.80.81.13 216.218.192.202 2 u 773 1024 377 128.678 6.873 0.208
4.3设置NTP系统自启动
[root@varsphinx01 ~]# chkconfig --list |grep ntpd
ntpd 0:关闭 1:关闭 2:关闭 3:关闭 4:关闭 5:关闭 6:关闭
[root@varsphinx01 ~]# chkconfig --level 345 ntpd on
[root@varsphinx01 ~]# chkconfig --list |grep ntpd
ntpd 0:关闭 1:关闭 2:关闭 3:启用 4:启用 5:启用 6:关闭
4.4查看日志
NTP日志是写系统的,可以通过查看系统日志如下:
/var/log/message
tail -100f /var/log/Ntp.log
Aug 19 09:41:15 varsphinx01 ntpd[28208]: Listening on interface #2 lo, ::1#123 Enabled
Aug 19 09:41:15 varsphinx01 ntpd[28208]: Listening on interface #3 eth0, fe80::a6ba:dbff:fe25:b346#123 Enabled
Aug 19 09:41:15 varsphinx01 ntpd[28208]: Listening on interface #4 eth1, fe80::a6ba:dbff:fe25:b348#123 Enabled
Aug 19 09:41:15 varsphinx01 ntpd[28208]: Listening on interface #5 lo, 127.0.0.1#123 Enabled
Aug 19 09:41:15 varsphinx01 ntpd[28208]: Listening on interface #6 lo:6, 192.168.10.6#123 Enabled
Aug 19 09:41:15 varsphinx01 ntpd[28208]: Listening on interface #7 eth0, 192.168.10.7#123 Enabled
Aug 19 09:41:15 varsphinx01 ntpd[28208]: Listening on interface #8 eth1, 192.168.20.7#123 Enabled
Aug 19 09:41:15 varsphinx01 ntpd[28208]: Listening on interface #9 virbr0, 192.168.122.1#123 Enabled
Aug 19 09:41:15 varsphinx01 ntpd[28208]: Listening on routing socket on fd #26 for interface updates
Aug 19 09:41:15 varsphinx01 ntpd[28208]: kernel time sync status 2040
Aug 19 09:45:35 varsphinx01 ntpd[28208]: synchronized to 114.80.81.12, stratum 2
Aug 19 09:45:35 varsphinx01 ntpd[28208]: kernel time sync status change 2001
五. Ntp问题总结
1. no server suitable for synchronization found 错误解决
在ntp客户端运行ntpdate server时,出现no server suitable for synchronization found错误。
在ntp客户端用ntpdate –d serverIP查看,发现有“Server dropped: strata too high”的错误,并且显示“stratum 16”。而正常情况下stratum这个值得范围是“0~15”。
这是因为NTP server还没有和其自身或者它的server同步上
以下的定义是让NTP Server和其自身保持同步,如果在/ntp.conf中定义的server都不可用时,将使用local时间作为ntp服务提供给ntp客户端
server 127.127.1.0 fudge
127.127.1.0 stratum 8
在ntp server上重新启动ntp服务后,ntp server自身或者与其server的同步的需要一个时间段,这个过程可能是5分钟,在这个时间之内在客户端运行ntpdate命令时会产生no server suitable for synchronization found的错误。
查看ntp server完成与自身同步的状态
在ntp server上使用命令:
# watch ntpq -p
注意LOCAL的这个就是与自身同步的ntp server, 当reach值大于17以后,客户端就可以进行同步。
已有 219871 位网友参与,快来吐槽:
发表评论