一、chrony服务端配置

1. 安装chrony软件包

dnf -y install chrony

2. 修改chrony.conf配置文件

时钟源推荐使用阿里云的时钟服务器(ntp.aliyun.com)

# file:/etc/chrony.conf
# 1. 修改pool参数,指定同步时钟源,并加速同步过程
pool ntp.aliyun.com iburst

# 2. 修改allow参数,允许那些网段可以同步
allow 0.0.0.0/0

# 3. 修改local stratum参数,开启本地授时服务
local stratum 10

3. 启动服务并设置开机自启

systemctl enable --now chronyd

4. 放开防火墙

firewall-cmd --permanent --add-service=ntp
firewall-cmd --reload

5. 检查端口侦听状态

ss -ulwn

-u 仅显示UDP协议

-l 仅列出正在监听的端口

-w 显示元数据

-n 显示端口号而非服务名

# 检查打开123端口的进程
lsof -i :123
COMMAND   PID   USER   FD   TYPE  DEVICE SIZE/OFF NODE NAME
chronyd 19300 chrony    7u  IPv4 1786893      0t0  UDP *:ntp

6. 检查时钟源状态

chronyc sources
# 列出详细参数说明
chronyc sources -v
210 Number of sources = 2

  .-- Source mode  '^' = server, '=' = peer, '#' = local clock.
 / .- Source state '*' = current synced, '+' = combined , '-' = not combined,
| /   '?' = unreachable, 'x' = time may be in error, '~' = time too variable.
||                                                 .- xxxx [ yyyy ] +/- zzzz
||      Reachability register (octal) -.           |  xxxx = adjusted offset,
||      Log2(Polling interval) --.      |          |  yyyy = measured offset,
||                                \     |          |  zzzz = estimated error.
||                                 |    |           \
MS Name/IP address         Stratum Poll Reach LastRx Last sample               
===============================================================================
^* 203.107.6.88                  2  10   377   606  -1309us[-2369us] +/-   16ms
^+ 116.62.13.223                 2   9   377   134   +230us[ +230us] +/-   18ms

二、chrony客户端配置

1. 安装chrony软件包

dnf -y install chrony

2. 修改chrony.conf配置文件

# file:/etc/chrony.conf
# 1. 修改pool参数,指定同步时钟源,并加速同步过程
pool ntp.aliyun.com iburst

3. 启动服务并配置开机自启

systemctl enable --now chronyd

4. 检查客户端服务状态

chronyc sources

在服务端可以看到连接的客户端情况

chronyc clients

其他检查命令

timedatectl status
systemctl status chronyd

在服务器端查看服务端IP地址

ip -br a

-br 是-brief的缩写,意思是概要输出,简单输出结果,便于快速查看

[root@node51 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens192: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:50:56:b5:7c:b0 brd ff:ff:ff:ff:ff:ff
    altname enp11s0
    inet 192.168.0.51/24 brd 192.168.0.255 scope global noprefixroute ens192
       valid_lft forever preferred_lft forever
    inet6 fe80::250:56ff:feb5:7cb0/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
[root@node51 ~]# ip -br a
lo               UNKNOWN        127.0.0.1/8 ::1/128 
ens192           UP             192.168.0.51/24 fe80::250:56ff:feb5:7cb0/64

标签: none

评论已关闭