您好,欢迎访问本站博客!登录后台
  • 如果您觉得本站非常有看点,那么赶紧使用Ctrl+D 收藏吧
  • 网站所有资源均来自网络,如有侵权请联系站长删除!

Ntp服务器配置手册

服务器技术 中国人民很行 2016-02-03 422 次浏览 0个评论

目录

一. Ntp介绍.....................................................................................................................................................4

二. Ntp安装.....................................................................................................................................................4

        2.1安装准备...............................................................................................................................................4

        2.2软件安装...............................................................................................................................................4

三. Ntp配置.....................................................................................................................................................4

       3.1Ntp配置............................................................................................................................................... 4

       3.2 NTP初始同步源配置..............................................................................................................................6

       3.3 CMOS时钟同步配置............................................................................................................................. 6

       3.4客户端同步配置......................................................................................................................................6

四. Ntp管理....................................................................................................................................................6

       4.1Ntp管理...............................................................................................................................................7

       4.2Ntp同步测试........................................................................................................................................7

       4.3设置NTP系统自启动.............................................................................................................................7

       4.4查看日志..............................................................................................................................................7

五. Ntp问题总结............................................................................................................................................8

一. Ntp介绍

Ntp的更多介绍请参见网络,主要是负责所有机器的时间一直,现在内部环境尤其是数据库和同步对时间要求非常高,否则容易导致失败或者错误,故内部配置时间服务器。

二. Ntp安装

2.1安装准备

安装环境:Linux varsphinx01 2.6.32-19.el6.x86_64 #1 SMP Tue Mar 9 17:48:46 EST 2010 x86_64 x86_64 x86_64 GNU/Linux

IP地址:192.168.10.7

备用IP地址:192.168.10.16

软件准备:

由于系统是64位,所以软件也是。

ntp.x86_64

ntpdate.x86_64

2.2软件安装

软件安装,为了保证软件安装包的依赖性,建议采用yum安装:

1.默认安装已有Ntp默认配置,只是没有启动,

2.如果系统没有安装,请按如下步骤安装,本次安装与配置以此为准

yum update

服务端安装如下:

yum install ntp.x86_64

客户端安装如下:

yum install ntpdate.x86_64

三. Ntp配置

3.1Ntp配置

修改配置文件如下:

cat /etc/ntp.conf

# For more information about this file, see the man pages

# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).

driftfile /var/lib/ntp/drift

# Permit time synchronization with our time source, but do not

# permit the source to query or modify the service on this system.

restrict default kod nomodify notrap nopeer noquery

restrict -6 default kod nomodify notrap nopeer noquery

# Permit all access over the loopback interface. This could

# be tightened as well, but to do so would effect some of

# the administrative functions.

restrict 127.0.0.1

restrict -6 ::1

# Hosts on local network are less restricted.

#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap

#新增允许同步网段

restrict 192.168.10.0 mask 255.255.255.0 nomodify notrap

restrict 192.168.20.0 mask 255.255.255.0 nomodify notrap

# Use public servers from the pool.ntp.org project.

# Please consider joining the pool (http://www.pool.ntp.org/join.html).

server 0.rhel.pool.ntp.org

server 1.rhel.pool.ntp.org

server 2.rhel.pool.ntp.org

# Undisciplined Local Clock. This is a fake driver intended for backup

# and when no outside source of synchronized time is available.

#server 127.127.1.0 # local clock

#fudge 127.127.1.0 stratum 10

# Enable public key cryptography.

#crypto

includefile /etc/ntp/crypto/pw

# Key file containing the keys and key identifiers used when operating

# with symmetric key cryptography.

keys /etc/ntp/keys

# Specify the key identifiers which are trusted.

#trustedkey 4 8 42

# Specify the key identifier to use with the ntpdc utility.

#requestkey 8

# Specify the key identifier to use with the ntpq utility.

#controlkey 8

# Enable writing of statistics records.

#statistics clockstats cryptostats loopstats peerstats

3.2 NTP初始同步源配置

cat /etc/ntp/step-tickers

# List of servers used for initial synchronization.

server 0.rhel.pool.ntp.org

3.3 CMOS时钟同步配置

cat /etc/sysconfig/ntpd

# Drop root to id 'ntp:ntp' by default.

SYNC_HWCLOCK=YES //新增允许同步CMOS时钟

OPTIONS="-u ntp:ntp -p /var/run/ntpd.pid -g"

3.4客户端同步配置

编写同步脚本如下:

cat /usr/local/bin/ntpdate.sh

#!/bin/bash

SHELL=/bin/bash

PATH=/sbin:/bin:/usr/sbin:/usr/bin

/usr/sbin/ntpdate 192.168.10.7;/sbin/hwclock –w

chmod +x ntpdate.sh

cat /etc/crontab

SHELL=/bin/bash

PATH=/sbin:/bin:/usr/sbin:/usr/bin

MAILTO=root

HOME=/

# For details see man 4 crontabs

# Example of job definition:

# .---------------- minute (0 - 59)

# | .------------- hour (0 - 23)

# | | .---------- day of month (1 - 31)

# | | | .------- month (1 - 12) OR jan,feb,mar,apr ...

# | | | | .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat

# | | | | |

# * * * * * command to be executed

*/5 * * * * root /usr/local/bin/ntpdate.sh //5分钟同步一次

四. Ntp管理

4.1Ntp管理

/etc/init.d/ntpd {start|stop|status|restart|try-restart|force-reload}

4.2Ntp同步测试

[root@varsphinx01 ~]# ntpstat

synchronised to NTP server (114.80.81.12) at stratum 3

time correct to within 83 ms

polling server every 1024 s

[root@varsphinx01 ~]# ntpq -p

remote refid st t when poll reach delay offset jitter

==============================================================================

*114.80.81.12 204.152.184.72 2 u 884 1024 377 128.915 8.812 0.473

+123.146.124.30 61.153.197.226 3 u 827 1024 377 51.865 -65.177 4.134

+114.80.81.13 216.218.192.202 2 u 773 1024 377 128.678 6.873 0.208

4.3设置NTP系统自启动

[root@varsphinx01 ~]# chkconfig --list |grep ntpd

ntpd 0:关闭 1:关闭 2:关闭 3:关闭 4:关闭 5:关闭 6:关闭

[root@varsphinx01 ~]# chkconfig --level 345 ntpd on

[root@varsphinx01 ~]# chkconfig --list |grep ntpd

ntpd 0:关闭 1:关闭 2:关闭 3:启用 4:启用 5:启用 6:关闭

4.4查看日志

NTP日志是写系统的,可以通过查看系统日志如下:

/var/log/message

tail -100f /var/log/Ntp.log

Aug 19 09:41:15 varsphinx01 ntpd[28208]: Listening on interface #2 lo, ::1#123 Enabled

Aug 19 09:41:15 varsphinx01 ntpd[28208]: Listening on interface #3 eth0, fe80::a6ba:dbff:fe25:b346#123 Enabled

Aug 19 09:41:15 varsphinx01 ntpd[28208]: Listening on interface #4 eth1, fe80::a6ba:dbff:fe25:b348#123 Enabled

Aug 19 09:41:15 varsphinx01 ntpd[28208]: Listening on interface #5 lo, 127.0.0.1#123 Enabled

Aug 19 09:41:15 varsphinx01 ntpd[28208]: Listening on interface #6 lo:6, 192.168.10.6#123 Enabled

Aug 19 09:41:15 varsphinx01 ntpd[28208]: Listening on interface #7 eth0, 192.168.10.7#123 Enabled

Aug 19 09:41:15 varsphinx01 ntpd[28208]: Listening on interface #8 eth1, 192.168.20.7#123 Enabled

Aug 19 09:41:15 varsphinx01 ntpd[28208]: Listening on interface #9 virbr0, 192.168.122.1#123 Enabled

Aug 19 09:41:15 varsphinx01 ntpd[28208]: Listening on routing socket on fd #26 for interface updates

Aug 19 09:41:15 varsphinx01 ntpd[28208]: kernel time sync status 2040

Aug 19 09:45:35 varsphinx01 ntpd[28208]: synchronized to 114.80.81.12, stratum 2

Aug 19 09:45:35 varsphinx01 ntpd[28208]: kernel time sync status change 2001

五. Ntp问题总结

1. no server suitable for synchronization found 错误解决

在ntp客户端运行ntpdate  server时,出现no server suitable for synchronization found错误。

在ntp客户端用ntpdate –d serverIP查看,发现有“Server dropped: strata too high”的错误,并且显示“stratum 16”。而正常情况下stratum这个值得范围是“0~15”。

这是因为NTP server还没有和其自身或者它的server同步上

以下的定义是让NTP Server和其自身保持同步,如果在/ntp.conf中定义的server都不可用时,将使用local时间作为ntp服务提供给ntp客户端

server 127.127.1.0 fudge
127.127.1.0 stratum 8

在ntp server上重新启动ntp服务后,ntp server自身或者与其server的同步的需要一个时间段,这个过程可能是5分钟,在这个时间之内在客户端运行ntpdate命令时会产生no server suitable for synchronization found的错误。

查看ntp server完成与自身同步的状态

在ntp server上使用命令:

# watch ntpq -p

注意LOCAL的这个就是与自身同步的ntp server,  当reach值大于17以后,客户端就可以进行同步。

已有 422 位网友参与,快来吐槽:

发表评论