chrony时间同步配置
时间的同步有两个命令:ntp(123udp端口)和chrony(323udp端口),这里介绍一下chrony的简单配置
chrony由chrony包提供,chrony是服务端客户端一体的,既可以做别的机器的服务器,也可以做别的机器的客户端,这取决于谁去同步谁
chrony有两个主程序:chronyc和chronyd
chronyd:后台运行的守护进程,用于调整内核中运行的系统时钟和时钟服务
器同步。
chronyc:命令行用户工具,用于监控性能并进行多样化的配置。chronyc可支持交互式也支持命令行方式
chronyc:进入设置
accheck: 检查NTP访问是否对特定主机可用
activity: 该命令会显示有多少NTP源在线/离线
add server: 手动添加一台新的NTP服务器。
clients: 在客户端报告已访问到服务器
delete: 手动移除NTP服务器或对等服务器
settime: 手动设置守护进程时间
tracking: 显示系统时间信息
help:显示帮助
chrony的配置文件是/etc/chrony.conf
下面来看下实际操作
1,一般系统已经装上了chrony包,没装的话yum install chrony 安装一下
[root@wyh ~]# yum install chrony
1
2,配置/etc/chrony.conf文件。如果是做客户端,那么指定一下同步的时间服务器就好了;如果是做服务端,配置允许同步的客户端网段,配置当时间服务器的网络不可用时,采用服务器自身的时间同步
2,重启chronyd服务 systemctl restart chronyd,一般时间服务器器都会开机启动的,systemctl enable chronyd
[root@wyh ~]# systemctl restart chronyd
1
3,此时可以看到323端口
[root@wyh ~]# ss -nul
State Recv-Q Send-Q Local Address:Port Peer Address:Port
UNCONN 0 0 127.0.0.1:976 *:*
UNCONN 0 0 *:111 *:*
UNCONN 0 0 *:123 *:*
UNCONN 0 0 *:5353 *:*
UNCONN 0 0 127.0.0.1:323 *:*
UNCONN 0 0 *:58791 *:*
UNCONN 0 0 *:36658 *:*
UNCONN 0 0 *:914 *:*
UNCONN 0 0 :::35902 :::*
UNCONN 0 0 :::111 :::*
UNCONN 0 0 ::1:323 :::*
UNCONN 0 0 :::914 :::*
4,chrony sources -v,查看时间的同步情况,最后一行的*代表同步成功,?代表未同步。可看到,每个符号什么意思,命令中都有解释
[root@wyh ~]# chronyc sources -v
210 Number of sources = 1
.-- Source mode '^' = server, '=' = peer, '#' = local clock.
/ .- Source state '*' = current synced, '+' = combined , '-' = not combined,
| / '?' = unreachable, 'x' = time may be in error, '~' = time too variable.
|| .- xxxx [ yyyy ] +/- zzzz
|| Reachability register (octal) -. | xxxx = adjusted offset,
|| Log2(Polling interval) --. | | yyyy = measured offset,
|| \ | | zzzz = estimated error.
|| | | \
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* 203.107.6.88 2 6 7 0 +201us[-86400s] +/- 14ms
5,故意把时间改错,然后可以看到此时同步状态是未同步
[root@wyh ~]# date
Tue Nov 12 15:26:52 CST 2019
[root@wyh ~]# date -s "-1 day"
Mon Nov 11 15:30:10 CST 2019
[root@wyh ~]# chronyc sources -v
210 Number of sources = 1
.-- Source mode '^' = server, '=' = peer, '#' = local clock.
/ .- Source state '*' = current synced, '+' = combined , '-' = not combined,
| / '?' = unreachable, 'x' = time may be in error, '~' = time too variable.
|| .- xxxx [ yyyy ] +/- zzzz
|| Reachability register (octal) -. | xxxx = adjusted offset,
|| Log2(Polling interval) --. | | yyyy = measured offset,
|| \ | | zzzz = estimated error.
|| | | \
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^? 203.107.6.88 0 6 177 - +0ns[ +0ns] +/- 0ns
6,自动同步的话,时间比较久,等不及可以直接重启chronyd服务(这是是让它自动同步,大概等了好几分钟)还有一种手动同步的方法:ntpdate ntp.aliyun.com
[root@wyh ~]# chronyc sources -v
210 Number of sources = 1
.-- Source mode '^' = server, '=' = peer, '#' = local clock.
/ .- Source state '*' = current synced, '+' = combined , '-' = not combined,
| / '?' = unreachable, 'x' = time may be in error, '~' = time too variable.
|| .- xxxx [ yyyy ] +/- zzzz
|| Reachability register (octal) -. | xxxx = adjusted offset,
|| Log2(Polling interval) --. | | yyyy = measured offset,
|| \ | | zzzz = estimated error.
|| | | \
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* 203.107.6.88 2 6 177 1 +198us[-86400s] +/- 14ms
[root@wyh ~]# date
Tue Nov 12 16:03:49 CST 2019
另一个时间相关的命令:timedatectl
查看日期时间、时区及NTP状态:timedatectl
查看时区列表:timedatectl list-timezones
修改时区:timedatectl set-timezone Asia/Shanghai
修改日期时间:timedatectl set-time “2017-01-23 10:30:00”