一、概述
常见的时间同步工具有:chrony、ntp、openntpd;RHEL7版本以后默认支持chrony;
三种工具的详细区别参考
https://chrony.tuxfamily.org/comparison.html
chrony包含两个程序:chronyd和chronyc,其中chronyd是守护进程,用于调整内核运行时间和时钟服务器同步;用于监视 chronyd 的性能并在运行时更改各种操作参数;
二、安装Chrony服务
[root@kmi-dawufiep ~]# yum install chrony -y[root@kmi-dawufiep ~]# systemctl enable chronyd.service[root@kmi-dawufiep ~]# systemctl restart chronyd.service[root@kmi-dawufiep ~]# systemctl status chronyd.service
在防火墙开启的情况下,需要开发ntp服务通过(ntp使用UDP端口123)
[root@kmi-dawufiep ~]# firewall-cmd --add-service=ntp --permanent[root@kmi-dawufiep ~]# firewall-cmd --reload
三、配置Chrony服务
chrony配置文件:/etc/chrony.conf
#时间同步公共服务器地址。以server开头,理论上可以添加多个时间服务器地址# These servers were defined in the installation:server ntp.ntsc.ac.cn iburstserver cn.ntp.org.cn iburstserver time.pool.aliyun.com iburstserver time1.aliyun.com iburstserver time2.aliyun.com iburstserver time1.cloud.tencent.com iburstserver time2.cloud.tencent.com iburst# Use public servers from the pool.ntp.org project.# Please consider joining the pool (http://www.pool.ntp.org/join.html).# 根据实际时间计算出服务器增减时间的比率,然后记录到一个文件中,在系统重启后为系统做出最佳时间补偿调整。# Record the rate at which the system clock gains/losses time.driftfile /var/lib/chrony/drift# chronyd根据需求减慢或加速时间调整,# 在某些情况下系统时钟可能漂移过快,导致时间调整用时过长。# 该指令强制chronyd调整时期,大于某个阀值时步进调整系统时钟。# 只有在因chronyd启动时间超过指定的限制时(可使用负值来禁用限制)没有更多时钟更新时才生效。# Allow the system clock to be stepped in the first three updates# if its offset is larger than 1 second.makestep 1.0 3# 将启用一个内核模式,在该模式中,系统时间每11分钟会拷贝到实时时钟(RTC)。# Enable kernel synchronization of the real-time clock (RTC).rtcsync# 通过使用hwtimestamp指令启用硬件时间戳# Enable hardware timestamping on all interfaces that support it.#hwtimestamp *# Increase the minimum number of selectable sources required to adjust# the system clock.#minsources 2# 指定一台主机、子网,或者网络以允许或拒绝NTP连接到扮演时钟服务器的机器# Allow NTP client access from local network.#allow 192.168.0.0/16# Serve time even if not synchronized to a time source.#local stratum 10# 指定包含NTP验证密钥的文件。# Specify file containing keys for NTP authentication.#keyfile /etc/chrony.keys# 指定日志文件的目录。# Specify directory for log files.logdir /var/log/chrony# Select which information is logged.#log measurements statistics tracking
调整公共服务器地址模块,中国国内时间同步服务器地址可参考:https://dns.icoa.cn/ntp/
四、配置时区
1.查看时间日期、时区、NTP状态
[root@kmi-dawufiep ~]# timedatectl Local time: 四 2021-05-06 16:16:09 CST Universal time: 四 2021-05-06 08:16:09 UTC RTC time: 四 2021-05-06 08:16:09 Time zone: Asia/Shanghai (CST, +0800) NTP enabled: yesNTP synchronized: yesRTC in local TZ: no DST active: n/a
2.查看时区列表
[root@kmi-dawufiep ~]# timedatectl list-timezones | grep -E "Asia/S.*"Asia/SakhalinAsia/SamarkandAsia/SeoulAsia/ShanghaiAsia/SingaporeAsia/Srednekolymsk
3.修改时区为亚洲/上海时区
[root@kmi-dawufiep ~]# timedatectl set-timezone Asia/Shanghai
4.设置硬件时间(默认为UTC:0/1)
[root@kmi-dawufiep ~]# timedatectl set-local-rtc 0
5.启用NTP时间同步
[root@kmi-dawufiep ~]# timedatectl set-ntp true
6.校准时间服务器
[root@kmi-dawufiep ~]# chronyc trackingReference ID : 8BC7D7FB (139.199.215.251)Stratum : 3Ref time (UTC) : Thu May 06 08:25:54 2021System time : 0.000144202 seconds fast of NTP timeLast offset : +0.000068143 secondsRMS offset : 0.001500069 secondsFrequency : 5.699 ppm slowResidual freq : +0.007 ppmSkew : 1.656 ppmRoot delay : 0.015710194 secondsRoot dispersion : 0.006367063 secondsUpdate interval : 5.0 secondsLeap status : Normal
7.查看时间同步状态
[root@kmi-dawufiep ~]# timedatectl status Local time: 四 2021-05-06 16:28:41 CST Universal time: 四 2021-05-06 08:28:41 UTC RTC time: 四 2021-05-06 08:28:40 Time zone: Asia/Shanghai (CST, +0800) NTP enabled: yesNTP synchronized: yesRTC in local TZ: no DST active: n/a
8.常用命令
查看时间同步源状态[root@kmi-dawufiep ~]# chronyc sourcestats -v[root@kmi-dawufiep ~]# chronyc sources -v查看ntp server 是否在线[root@kmi-dawufiep ~]# chronyc activity -v查看ntp详细信息[root@kmi-dawufiep ~]# chronyc tracking -v
调整配置/etc/chrony.conf,需要重启服务生效