CentOS7搭建NTP服务器及客户端同步时间
1、个人安装环境
1.1 CentOS Linux release 7.7.1908 (Core)
1.2 ntp-4.2.6
2、安装步骤
1. 查看服务器是否安装ntp,系统默认安装ntpdate
rpm -qa | grep ntp
执行结果:
fontpackages-filesystem-1.44-8.el7.noarch ntpdate-4.2.6p5-28.el7.centos.x86_64 python-ntplib-0.3.2-1.el7.noarch
2.安装ntp ntpdate,其中ntpdate默认安装,可以只安装ntp
yum install ntp ntpdate -y
3.查看是否已安装完成,与第2步对比
rpm -qa | grep ntp
执行结果:
fontpackages-filesystem-1.44-8.el7.noarch ntpdate-4.2.6p5-28.el7.centos.x86_64 ntp-4.2.6p5-28.el7.centos.x86_64 python-ntplib-0.3.2-1.el7.noarch
4.查看ntp服务器状态,两条命令效果一样
systemctl status ntpd
执行结果:
● ntpd.service - Network Time Service Loaded: loaded (/usr/lib/systemd/system/ntpd.service; disabled; vendor preset: disabled) Active: inactive (dead)
or
service ntpd status
执行结果:
Redirecting to /bin/systemctl status ntpd.service ● ntpd.service - Network Time Service Loaded: loaded (/usr/lib/systemd/system/ntpd.service; disabled; vendor preset: disabled) Active: inactive (dead)
5.修改配置文件
使该NTP服务器在不联网的情况下,使用本服务器的时间作为同步时间
vim /etc/ntp.conf
把如下四行代码注释掉
server 0.centos.pool.ntp.org iburst server 1.centos.pool.ntp.org iburst server 2.centos.pool.ntp.org iburst server 3.centos.pool.ntp.org iburst
在下面再添加一行
server 127.127.1.0 iburst
6.重启ntp服务
systemctl restart ntpd
or
service ntpd restart
7.再次查看服务器状态
systemctl status ntpd
执行结果:
● ntpd.service - Network Time Service Loaded: loaded (/usr/lib/systemd/system/ntpd.service; enabled; vendor preset: disabled) Active: active (running) since Tue 2018-08-21 14:29:12 CST; 8s ago Process: 6588 ExecStart=/usr/sbin/ntpd -u ntp:ntp $OPTIONS (code=exited, status=0/SUCCESS) Main PID: 6589 (ntpd) Tasks: 1 CGroup: /system.slice/ntpd.service └─6589 /usr/sbin/ntpd -u ntp:ntp -g Aug 21 14:29:12 web ntpd[6589]: Listen normally on 2 lo 127.0.0.1 UDP 123 Aug 21 14:29:12 web ntpd[6589]: Listen normally on 3 eno1 192.168.0.163 UDP 123 Aug 21 14:29:12 web ntpd[6589]: Listen normally on 4 virbr0 192.168.122.1 UDP 123 Aug 21 14:29:12 web ntpd[6589]: Listen normally on 5 lo ::1 UDP 123 Aug 21 14:29:12 web ntpd[6589]: Listen normally on 6 eno1 fe80::6e92:bfff:fe6f:daea UDP 123 Aug 21 14:29:12 web ntpd[6589]: Listening on routing socket on fd #23 for interface updates Aug 21 14:29:12 web ntpd[6589]: 0.0.0.0 c016 06 restart Aug 21 14:29:12 web ntpd[6589]: 0.0.0.0 c012 02 freq_set kernel 0.000 PPM Aug 21 14:29:12 web ntpd[6589]: 0.0.0.0 c011 01 freq_not_set Aug 21 14:29:13 web ntpd[6589]: 0.0.0.0 c514 04 freq_mode
or
service ntpd status
执行结果:
Redirecting to /bin/systemctl status ntpd.service ● ntpd.service - Network Time Service Loaded: loaded (/usr/lib/systemd/system/ntpd.service; enabled; vendor preset: disabled) Active: active (running) since Tue 2018-08-21 14:29:12 CST; 56s ago Process: 6588 ExecStart=/usr/sbin/ntpd -u ntp:ntp $OPTIONS (code=exited, status=0/SUCCESS) Main PID: 6589 (ntpd) Tasks: 1 CGroup: /system.slice/ntpd.service └─6589 /usr/sbin/ntpd -u ntp:ntp -g Aug 21 14:29:12 web ntpd[6589]: Listen normally on 2 lo 127.0.0.1 UDP 123 Aug 21 14:29:12 web ntpd[6589]: Listen normally on 3 eno1 192.168.0.163 UDP 123 Aug 21 14:29:12 web ntpd[6589]: Listen normally on 4 virbr0 192.168.122.1 UDP 123 Aug 21 14:29:12 web ntpd[6589]: Listen normally on 5 lo ::1 UDP 123 Aug 21 14:29:12 web ntpd[6589]: Listen normally on 6 eno1 fe80::6e92:bfff:fe6f:daea UDP 123 Aug 21 14:29:12 web ntpd[6589]: Listening on routing socket on fd #23 for interface updates Aug 21 14:29:12 web ntpd[6589]: 0.0.0.0 c016 06 restart Aug 21 14:29:12 web ntpd[6589]: 0.0.0.0 c012 02 freq_set kernel 0.000 PPM Aug 21 14:29:12 web ntpd[6589]: 0.0.0.0 c011 01 freq_not_set Aug 21 14:29:13 web ntpd[6589]: 0.0.0.0 c514 04 freq_mode
8.查看是否同步
ntpq -p
执行结果:
remote refid st t when poll reach delay offset jitter ============================================================================== *LOCAL(0) .LOCL. 5 l 20 64 7 0.000 0.000 0.000
9.设置开机启动
systemctl enable ntpd
10.设置防火墙,打开udp123端口
firewall-cmd --permanent --add-port=123/udp firewall-cmd --reload
11.查看防火墙已打开端口
iptables -L -n | grep 123
执行结果:
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:123 ctstate NEW,UNTRACKED
3、windows client 配置
1.先确认可以ping通NTP server
ping 192.168.111.131
执行结果:
正在 Ping 192.168.111.131 具有 32 字节的数据: 来自 192.168.111.131 的回复: 字节=32 时间<1ms TTL=64 来自 192.168.111.131 的回复: 字节=32 时间<1ms TTL=64 来自 192.168.111.131 的回复: 字节=32 时间<1ms TTL=64 来自 192.168.111.131 的回复: 字节=32 时间<1ms TTL=64
2.日期和时间配置
执行“时间和日期” -> Internet时间 -> 更改设置
3.时间服务器配置
勾选“与Internet时间服务器同步”,输入NTP服务器IP地址,单击“立即更新”
显示同步成功
4.特别注意
如果本地PC日期与NTP服务器跨度过大,比如相差16年,同步失败。可以先手动或者bat脚本调整大概日期,缩减跨度。
4、Linux client 配置
前5步与服务器一致
6.修改配置文件
将刚刚搭建好的NTP服务器作为客户端上游时间服务器
vim /etc/ntp.conf
内容修改如下:
#注释掉其他上游时间服务器 #server 0.centos.pool.ntp.org iburst #server 1.centos.pool.ntp.org iburst #server 2.centos.pool.ntp.org iburst #server 3.centos.pool.ntp.org iburst #配置上游时间服务器为本地的ntpd Server服务器 server 192.168.111.131 #配置允许上游时间服务器主动修改本机的时间 restrict 192.168.0.163 nomodify notrap noquery
7.与本地ntpd Server同步一下
ntpdate -u 192.168.111.131
8.启动ntp服务
systemctl start ntpd
or
service ntpd start
9.设置开机启动
systemctl enable ntpd
10.查看状态
[root@db3 ~]# ntpq -p remote refid st t when poll reach delay offset jitter ============================================================================== *192.168.111.131 LOCAL(0) 11 u 21 64 377 0.068 -0.824 0.367
5、异常处理
1.上文已经设置开机自启,实际未运行
查找资料发现,服务chrony和服务ntp冲突,导致ntp开机启动失效。使用systemctl is-enabled chronyd查看chrony的启动状态
systemctl is-enabled chronyd
关闭chrony服务的自启动
systemctl disable chronyd
再重启服务器后发现ntp服务正常启动,问题解决。
systemctl status ntpd
运行结果:
ntpd.service - Network Time Service Loaded: loaded (/usr/lib/systemd/system/ntpd.service; enabled; vendor preset: disabled) Active: active (running) since 三 2020-02-19 20:03:42 CST; 2min 1s ago Process: 2298 ExecStart=/usr/sbin/ntpd -u ntp:ntp $OPTIONS (code=exited, status=0/SUCCESS) Main PID: 2300 (ntpd) Tasks: 1 CGroup: /system.slice/ntpd.service └─2300 /usr/sbin/ntpd -u ntp:ntp -g 2月 19 20:03:42 localhost.localdomain ntpd[2300]: Listen normally on 2 lo 127.0.0.1 UD...3 2月 19 20:03:42 localhost.localdomain ntpd[2300]: Listen normally on 3 ens33 192.168.1...3 2月 19 20:03:42 localhost.localdomain ntpd[2300]: Listen normally on 4 virbr0 192.168....3 2月 19 20:03:42 localhost.localdomain ntpd[2300]: Listen normally on 5 lo ::1 UDP 123 2月 19 20:03:42 localhost.localdomain ntpd[2300]: Listen normally on 6 ens33 fe80::1ac...3 2月 19 20:03:42 localhost.localdomain ntpd[2300]: Listening on routing socket on fd #2...s 2月 19 20:03:42 localhost.localdomain ntpd[2300]: 0.0.0.0 c016 06 restart 2月 19 20:03:42 localhost.localdomain ntpd[2300]: 0.0.0.0 c012 02 freq_set kernel 0.00...M 2月 19 20:03:42 localhost.localdomain ntpd[2300]: 0.0.0.0 c011 01 freq_not_set 2月 19 20:03:43 localhost.localdomain ntpd[2300]: 0.0.0.0 c514 04 freq_mode Hint: Some lines were ellipsized, use -l to show in full.
参考文档:https://blog.csdn.net/hellboy0621/article/details/81903091
https://blog.csdn.net/I_Demo/article/details/99673094