欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页

使用阿里云镜像站NTP服务搭建NTP服务器(基于CentOS 7系统)

程序员文章站 2022-05-01 20:12:25
...

镜像下载、域名解析、时间同步请点击 阿里云开源镜像站

一、NTP服务器介绍

网络时间协议(Network Time Protocol,NTP)服务器,也就是日常所说的NTP服务器,用来提供同步时间服务。在生产环境中,很多人都会忽略时间问题,实际上服务器、网络设备等,特别是Linux操作系统和虚拟化平台的时间不同步会导致很多问题。那么搭建一台NTP服务器就非常重要,生产环境中的设备可以直接与NTP服务器进行时间同步,NTP服务器本身也可以访问互连的NTP服务器进行同步。NTP服务器可以是物理服务器,也可以是虚拟机。

二、安装NTP服务组件

在Linux服务器(如,CentOS、Ubuntu等操作系统)上,使用命令进行安装。
本实验以CentOS 7 Linux环境进行演示操作记录。

YUM源已更新成阿里云开源镜像站里的CentOS镜像,加速快捷访问。

  1. [root@ntp ~]# yum clean all
  2. Loaded plugins: fastestmirror
  3. Cleaning repos: base extras updates
  4. Cleaning up list of fastest mirrors
  5. [root@ntp ~]# yum repolist
  6. Loaded plugins: fastestmirror
  7. Determining fastest mirrors
  8. * base: mirrors.aliyun.com
  9. * extras: mirrors.aliyun.com
  10. * updates: mirrors.aliyun.com
  11. base | 3.6 kB 00:00:00
  12. extras | 2.9 kB 00:00:00
  13. updates | 2.9 kB 00:00:00
  14. (1/4): base/7/x86_64/group_gz | 153 kB 00:00:00
  15. (2/4): extras/7/x86_64/primary_db | 243 kB 00:00:00
  16. (3/4): updates/7/x86_64/primary_db | 12 MB 00:00:01
  17. (4/4): base/7/x86_64/primary_db | 6.1 MB 00:00:03
  18. repo id repo name status
  19. base/7/x86_64 CentOS-7 - Base - mirrors.aliyun.com 10,072
  20. extras/7/x86_64 CentOS-7 - Extras - mirrors.aliyun.com 500
  21. updates/7/x86_64 CentOS-7 - Updates - mirrors.aliyun.com 2,963
  22. repolist: 13,535
  23. [root@ntp ~]#

执行yum install -y ntp命令,进行ntp组件安装。

  1. [root@ntp ~]# yum install -y ntp
  2. Loaded plugins: fastestmirror
  3. Loading mirror speeds from cached hostfile
  4. * base: mirrors.aliyun.com
  5. * extras: mirrors.aliyun.com
  6. * updates: mirrors.aliyun.com
  7. Resolving Dependencies
  8. --> Running transaction check
  9. ---> Package ntp.x86_64 0:4.2.6p5-29.el7.centos.2 will be installed
  10. --> Processing Dependency: ntpdate = 4.2.6p5-29.el7.centos.2 for package: ntp-4.2.6p5-29.el7.centos.2.x86_64
  11. --> Processing Dependency: libopts.so.25()(64bit) for package: ntp-4.2.6p5-29.el7.centos.2.x86_64
  12. --> Running transaction check
  13. ---> Package autogen-libopts.x86_64 0:5.18-5.el7 will be installed
  14. ---> Package ntpdate.x86_64 0:4.2.6p5-29.el7.centos.2 will be installed
  15. --> Finished Dependency Resolution
  16. Dependencies Resolved
  17. =================================================================================================================
  18. Package Arch Version Repository Size
  19. =================================================================================================================
  20. Installing:
  21. ntp x86_64 4.2.6p5-29.el7.centos.2 base 549 k
  22. Installing for dependencies:
  23. autogen-libopts x86_64 5.18-5.el7 base 66 k
  24. ntpdate x86_64 4.2.6p5-29.el7.centos.2 base 87 k
  25. Transaction Summary
  26. =================================================================================================================
  27. Install 1 Package (+2 Dependent packages)
  28. Total download size: 701 k
  29. Installed size: 1.6 M
  30. Downloading packages:
  31. (1/3): autogen-libopts-5.18-5.el7.x86_64.rpm | 66 kB 00:00:00
  32. (2/3): ntpdate-4.2.6p5-29.el7.centos.2.x86_64.rpm | 87 kB 00:00:00
  33. (3/3): ntp-4.2.6p5-29.el7.centos.2.x86_64.rpm | 549 kB 00:00:00
  34. -----------------------------------------------------------------------------------------------------------------
  35. Total 1.7 MB/s | 701 kB 00:00:00
  36. Running transaction check
  37. Running transaction test
  38. Transaction test succeeded
  39. Running transaction
  40. Installing : autogen-libopts-5.18-5.el7.x86_64 1/3
  41. Installing : ntpdate-4.2.6p5-29.el7.centos.2.x86_64 2/3
  42. Installing : ntp-4.2.6p5-29.el7.centos.2.x86_64 3/3
  43. Verifying : ntpdate-4.2.6p5-29.el7.centos.2.x86_64 1/3
  44. Verifying : ntp-4.2.6p5-29.el7.centos.2.x86_64 2/3
  45. Verifying : autogen-libopts-5.18-5.el7.x86_64 3/3
  46. Installed:
  47. ntp.x86_64 0:4.2.6p5-29.el7.centos.2
  48. Dependency Installed:
  49. autogen-libopts.x86_64 0:5.18-5.el7 ntpdate.x86_64 0:4.2.6p5-29.el7.centos.2
  50. Complete!
  51. [root@ntp ~]#

三、配置阿里云镜像站NTP服务

配置之前,测试服务器是否能够访问到阿里云NTP服务器。

ping ntp.aliyun.com -c 5

使用阿里云镜像站NTP服务搭建NTP服务器(基于CentOS 7系统)

修改/etc/ntp.conf配置文件。

注释掉原来配置文件中的NTP服务器地址,添加阿里云NTP服务器地址。

使用阿里云镜像站NTP服务搭建NTP服务器(基于CentOS 7系统)

  1. [root@ntp ~]# vi /etc/ntp.conf
  2. [root@ntp ~]# cat /etc/ntp.conf
  3. # For more information about this file, see the man pages
  4. # ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
  5. driftfile /var/lib/ntp/drift
  6. # Permit time synchronization with our time source, but do not
  7. # permit the source to query or modify the service on this system.
  8. restrict default nomodify notrap nopeer noquery
  9. # Permit all access over the loopback interface. This could
  10. # be tightened as well, but to do so would effect some of
  11. # the administrative functions.
  12. restrict 127.0.0.1
  13. restrict ::1
  14. # Hosts on local network are less restricted.
  15. #restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
  16. # Use public servers from the pool.ntp.org project.
  17. # Please consider joining the pool (http://www.pool.ntp.org/join.html).
  18. #server 0.centos.pool.ntp.org iburst
  19. #server 1.centos.pool.ntp.org iburst
  20. #server 2.centos.pool.ntp.org iburst
  21. #server 3.centos.pool.ntp.org iburst
  22. server ntp.aliyun.com
  23. #broadcast 192.168.1.255 autokey # broadcast server
  24. #broadcastclient # broadcast client
  25. #broadcast 224.0.1.1 autokey # multicast server
  26. #multicastclient 224.0.1.1 # multicast client
  27. #manycastserver 239.255.254.254 # manycast server
  28. #manycastclient 239.255.254.254 autokey # manycast client
  29. # Enable public key cryptography.
  30. #crypto
  31. includefile /etc/ntp/crypto/pw
  32. # Key file containing the keys and key identifiers used when operating
  33. # with symmetric key cryptography.
  34. keys /etc/ntp/keys
  35. # Specify the key identifiers which are trusted.
  36. #trustedkey 4 8 42
  37. # Specify the key identifier to use with the ntpdc utility.
  38. #requestkey 8
  39. # Specify the key identifier to use with the ntpq utility.
  40. #controlkey 8
  41. # Enable writing of statistics records.
  42. #statistics clockstats cryptostats loopstats peerstats
  43. # Disable the monitoring facility to prevent amplification attacks using ntpdc
  44. # monlist command when default restrict does not include the noquery flag. See
  45. # CVE-2013-5211 for more details.
  46. # Note: Monitoring will not be disabled with the limited restriction flag.
  47. disable monitor
  48. [root@ntp ~]#

四、启动NTP服务

启动ntp服务
systemctl start ntpd
设置ntp服务开机自启动
systemctl enable ntpd
查看ntp服务是否正常
systemctl status ntpd

  1. [root@ntp ~]# systemctl start ntpd
  2. [root@ntp ~]# systemctl enable ntpd
  3. Created symlink from /etc/systemd/system/multi-user.target.wants/ntpd.service to /usr/lib/systemd/system/ntpd.service.
  4. [root@ntp ~]# systemctl status ntpd
  5. ntpd.service - Network Time Service
  6. Loaded: loaded (/usr/lib/systemd/system/ntpd.service; enabled; vendor preset: disabled)
  7. Active: active (running) since Sun 2021-11-28 19:06:34 CST; 23h left
  8. Main PID: 1988 (ntpd)
  9. CGroup: /system.slice/ntpd.service
  10. └─1988 /usr/sbin/ntpd -u ntp:ntp -g
  11. Nov 28 19:06:34 ntp ntpd[1988]: Listen normally on 3 ens32 192.168.1.50 UDP 123
  12. Nov 28 19:06:34 ntp ntpd[1988]: Listen normally on 4 lo ::1 UDP 123
  13. Nov 28 19:06:34 ntp ntpd[1988]: Listen normally on 5 ens32 fe80::e4b:3ef:613c:8741 UDP 123
  14. Nov 28 19:06:34 ntp ntpd[1988]: Listening on routing socket on fd #22 for interface updates
  15. Nov 28 19:06:34 ntp ntpd[1988]: 0.0.0.0 c016 06 restart
  16. Nov 28 19:06:34 ntp ntpd[1988]: 0.0.0.0 c012 02 freq_set kernel 0.000 PPM
  17. Nov 28 19:06:34 ntp ntpd[1988]: 0.0.0.0 c011 01 freq_not_set
  18. Nov 28 19:09:51 ntp ntpd[1988]: 0.0.0.0 c61c 0c clock_step -86398.982768 s
  19. Nov 27 19:09:52 ntp ntpd[1988]: 0.0.0.0 c614 04 freq_mode
  20. Nov 27 19:09:53 ntp ntpd[1988]: 0.0.0.0 c618 08 no_sys_peer
  21. [root@ntp ~]#

五、查看NTP源

ntpq -p

使用阿里云镜像站NTP服务搭建NTP服务器(基于CentOS 7系统)

即[203.107.6.88]地址为阿里云NTP服务器的IP地址。

使用阿里云镜像站NTP服务搭建NTP服务器(基于CentOS 7系统)

[root@ntp ~]# ntpq -p

  1. remote refid st t when poll reach delay offset jitter

==============================================================================
203.107.6.88 100.107.25.114 2 u 56 64 7 13.685 -0.002 0.415

六、查看NTP服务状态

  1. # 输出如下内容,表示在同步中,需要耐心等待一下
  2. [root@ntp ~]# ntpstat
  3. unsynchronised
  4. time server re-starting
  5. polling server every 8 s
  6. # 输出如下内容,表示同步成功
  7. [root@ntp ~]# ntpstat
  8. synchronised to NTP server (203.107.6.88) at stratum 3
  9. time correct to within 958 ms
  10. polling server every 64 s

使用阿里云镜像站NTP服务搭建NTP服务器(基于CentOS 7系统)

七、将客户端与NTP服务器同步

使用阿里云镜像站NTP服务搭建NTP服务器(基于CentOS 7系统)

  1. [root@client ~]# ntpdate -d 192.168.1.50
  2. 28 Nov 19:37:54 ntpdate[2880]: ntpdate 4.2.6p5@1.2349-o Tue Jun 23 15:38:19 UTC 2020 (1)
  3. Looking for host 192.168.1.50 and service ntp
  4. host found : 192.168.1.50
  5. transmit(192.168.1.50)
  6. receive(192.168.1.50)
  7. transmit(192.168.1.50)
  8. receive(192.168.1.50)
  9. transmit(192.168.1.50)
  10. receive(192.168.1.50)
  11. transmit(192.168.1.50)
  12. receive(192.168.1.50)
  13. server 192.168.1.50, port 123
  14. stratum 3, precision -25, leap 00, trust 000
  15. refid [192.168.1.50], delay 0.02652, dispersion 0.00000
  16. transmitted 4, in filter 4
  17. reference time: e54c9534.6f868aa9 Sat, Nov 27 2021 19:29:56.435
  18. originate timestamp: e54c9719.4617ce7f Sat, Nov 27 2021 19:38:01.273
  19. transmit timestamp: e54de898.b45bc870 Sun, Nov 28 2021 19:38:00.704
  20. filter delay: 0.02658 0.02655 0.02652 0.02660
  21. 0.00000 0.00000 0.00000 0.00000
  22. filter offset: -86399.4 -86399.4 -86399.4 -86399.4
  23. 0.000000 0.000000 0.000000 0.000000
  24. delay 0.02652, dispersion 0.00000
  25. offset -86399.431479
  26. 28 Nov 19:38:00 ntpdate[2880]: step time server 192.168.1.50 offset -86399.431479 sec
  27. [root@client ~]#

八、将系统时间同步到硬件

  1. [root@client ~]# hwclock -w
  2. [root@client ~]# date
  3. Sun Nov 28 19:39:10 CST 2021

本文转自:https://developer.aliyun.com/article/831625