ntp本地服务器搭建
来源:互联网 发布:银联数据是国企吗 编辑:程序博客网 时间:2024/06/05 00:37
1 前言
集群状态下或者利用ambari安装hdp时要求节点上开启ntpd服务,搭了几次步骤有那么一点点繁琐,这里总结一下。
系统信息:
[root@node1 pgsql]# uname -a
Linux node1.dcom 3.10.0-327.el7.x86_64 #1 SMP Thu Nov 19 22:10:57 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
[root@node1 pgsql]# cat /proc/version
Linux version 3.10.0-327.el7.x86_64 (builder@kbuilder.dev.centos.org) (gcc version 4.8.3 20140911 (Red Hat 4.8.3-9) (GCC) ) #1 SMP Thu Nov 19 22:10:57 UTC 2015
[root@node1 pgsql]# cat /etc/issue
\S
Kernel \r on an \m
[root@node1 pgsql]# cat /etc/redhat-release
CentOS Linux release 7.2.1511 (Core)
2 关闭防火墙
systemctl stopfirewalld.service 关闭防火墙
systemctldisable firewalld.service 禁止开机启动防火墙
3 服务器配置
这里以node1.dcom为ntp服务器节点
编辑修改/etc/ntp.conf
# For more information about this file, see the man pages
# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
driftfile /var/lib/ntp/drift
# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
#restrict default nomodify notrap nopeer noquery
restrict default nomodify
# Permit all access over the loopback interface. This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1
restrict ::1
# Hosts on local network are less restricted.
#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
显示的指出时间服务器所涉及的ip范围
restrict 20.2.37.0 mask 255.255.255.0 nomodify
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
#server 0.centos.pool.ntp.org iburst
#server 1.centos.pool.ntp.org iburst
#server 2.centos.pool.ntp.org iburst
#server 3.centos.pool.ntp.org iburst
注释掉上面的网络服务器地址,采用下面本地时间作为源
server 127.127.1.0
fudge 127.127.1.0 stratum 10
#broadcast 192.168.1.255 autokey # broadcast server
#broadcastclient # broadcast client
#broadcast 224.0.1.1 autokey # multicast server
#multicastclient 224.0.1.1 # multicast client
#manycastserver 239.255.254.254 # manycast server
#manycastclient 239.255.254.254 autokey # manycast client
# Enable public key cryptography.
#crypto
includefile /etc/ntp/crypto/pw
# Key file containing the keys and key identifiers used when operating
# with symmetric key cryptography.
keys /etc/ntp/keys
# Specify the key identifiers which are trusted.
#trustedkey 4 8 42
# Specify the key identifier to use with the ntpdc utility.
#requestkey 8
# Specify the key identifier to use with the ntpq utility.
#controlkey 8
# Enable writing of statistics records.
#statistics clockstats cryptostats loopstats peerstats
# Disable the monitoring facility to prevent amplification attacks using ntpdc
# monlist command when default restrict does not include the noquery flag. See
# CVE-2013-5211 for more details.
# Note: Monitoring will not be disabled with the limited restriction flag.
disable monitor
4 ntp client配置
客户端配置相对来说比较简单
# For more information about this file, see the man pages
# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
driftfile /var/lib/ntp/drift
# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
restrict default nomodify notrap nopeer noquery
# Permit all access over the loopback interface. This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1
restrict ::1
# Hosts on local network are less restricted.
#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
#server 0.centos.pool.ntp.org iburst
#server 1.centos.pool.ntp.org iburst
#server 2.centos.pool.ntp.org iburst
#server 3.centos.pool.ntp.org iburst
server node1.dcom 指明本地ntp服务器地址
#broadcast 192.168.1.255 autokey # broadcast server
#broadcastclient # broadcast client
#broadcast 224.0.1.1 autokey # multicast server
#multicastclient 224.0.1.1 # multicast client
#manycastserver 239.255.254.254 # manycast server
#manycastclient 239.255.254.254 autokey # manycast client
# Enable public key cryptography.
#crypto
includefile /etc/ntp/crypto/pw
# Key file containing the keys and key identifiers used when operating
# with symmetric key cryptography.
keys /etc/ntp/keys
# Specify the key identifiers which are trusted.
#trustedkey 4 8 42
# Specify the key identifier to use with the ntpdc utility.
#requestkey 8
# Specify the key identifier to use with the ntpq utility.
#controlkey 8
# Enable writing of statistics records.
#statistics clockstats cryptostats loopstats peerstats
# Disable the monitoring facility to prevent amplification attacks using ntpdc
# monlist command when default restrict does not include the noquery flag. See
# CVE-2013-5211 for more details.
# Note: Monitoring will not be disabled with the limited restriction flag.
disable monitor
5 开启ntpd服务
服务器和客户端配置完成后
systemctl enable ntpd 开机启动
systemctl start ntpd 开启服务
systemctl status ntpd 查看状态
client端具体实例:
[root@node4 ~]# systemctl enable ntpd
Created symlink from /etc/systemd/system/multi-user.target.wants/ntpd.service to /usr/lib/systemd/system/ntpd.service.
[root@node4 ~]# systemctl start ntpd
[root@node4 ~]# systemctl status ntpd
?.ntpd.service - Network Time Service
Loaded: loaded (/usr/lib/systemd/system/ntpd.service; enabled; vendor preset: disabled)
Active: active (running) since Wed 2016-07-06 10:20:28 CST; 1min 5s left
Process: 3561 ExecStart=/usr/sbin/ntpd -u ntp:ntp $OPTIONS (code=exited, status=0/SUCCESS)
Main PID: 3562 (ntpd)
CGroup: /system.slice/ntpd.service
?..3562 /usr/sbin/ntpd -u ntp:ntp -g
Jul 06 10:20:28 node4.dcom ntpd[3562]: Listen normally on 4 virbr0 192.168.122.1 UDP 123
Jul 06 10:20:28 node4.dcom ntpd[3562]: Listen normally on 5 lo ::1 UDP 123
Jul 06 10:20:28 node4.dcom ntpd[3562]: Listen normally on 6 eno1 fe80::ec4:7aff:fec1:540e UDP 123
Jul 06 10:20:28 node4.dcom ntpd[3562]: Listening on routing socket on fd #23 for interface updates
Jul 06 10:20:28 node4.dcom ntpd[3562]: 0.0.0.0 c016 06 restart
Jul 06 10:20:28 node4.dcom ntpd[3562]: 0.0.0.0 c012 02 freq_set kernel 0.000 PPM
Jul 06 10:20:28 node4.dcom ntpd[3562]: 0.0.0.0 c011 01 freq_not_set
Jul 06 10:20:29 node4.dcom ntpd[3562]: 0.0.0.0 c61c 0c clock_step -68.572092 s
Jul 06 10:19:21 node4.dcom ntpd[3562]: 0.0.0.0 c614 04 freq_mode
Jul 06 10:19:22 node4.dcom ntpd[3562]: 0.0.0.0 c618 08 no_sys_peer
[root@node4 ~]# ntpdate-u node1.dcom 手动与ntp本地服务器同步
6 Jul 10:19:52 ntpdate[3572]: adjust timeserver 20.2.37.200 offset -0.000324 sec
[root@node4 ~]# ntpq–p 查看ntpd服务状态
remote refid st t when poll reach delay offset jitter
==============================================================================
*node1.dcom LOCAL(0) 11 u 51 64 1 0.139 0.000 0.000
上面的ntpdate-u node1.dcom只是手动同步了一次,要想长期同步需要在各个客户端主机上做一些配置,具体如下:
[root@node2 yum.repos.d]# vi /etc/crontab
SHELL=/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root
# For details see man 4 crontabs
# Example of job definition:
# .---------------- minute (0 - 59)
# | .------------- hour (0 - 23)
# | | .---------- day of month (1 - 31)
# | | | .------- month (1 - 12) OR jan,feb,mar,apr ...
# | | | | .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
# | | | | |
# * * * * * user-name command to be executed
0 1 * * * /usr/sbin/ntpdate -u node1.dcom #每天的1点与本地ntp服务器同步一次
Tips:
ntpdate –u 可以去掉-u 加上-u是以防防火墙的干扰。
装机时可能没注意选择时区导致无法同步成功。
[root@node5 ~]# date -R
Wed, 06 Jul 201620:16:45 +0800 东八区北京时间
修改时区的话可采用:
cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime 将上海时区拷贝至系统时区
hwclock –w 保存配置,写入硬件时钟
时区更改生效。
6 参考资料
最后可能同步过程中会遇到一些问题,最主要的还是防火墙是否正常关闭其他的可参考以下网络资料:
7 修订说明
日期
版本
修订
审批
修订说明
2016.9.29
1.0
章鑫8
- ntp本地服务器搭建
- 本地NTP 时间服务器
- linux搭建ntp服务器
- NTP服务器搭建
- Ubuntu搭建ntp服务器
- ubuntu搭建NTP服务器
- NTP服务器搭建
- ubuntu搭建ntp服务器
- 搭建ntp时间服务器
- ntp服务器搭建
- windows ntp服务器搭建
- WIN7搭建NTP服务器
- 搭建NTP 服务器
- NTP时间服务器搭建
- CentOS搭建NTP服务器
- NTP时间服务器搭建
- ntp时间服务器搭建
- 简单搭建ntp服务器
- Java多线程使用场景
- 用flex实现弹性布局
- 对象引用与对象的区别
- 扫雷
- 日志系统架构,后台服务架构图
- ntp本地服务器搭建
- 导入Maven项目json-lib有红色感叹号,在pom.xml下中的json-lib下添加<classifier>jdkXX</classifier>即可解决
- Java中Collections.sort()的使用!
- 资料:基督徒对别的宗教之态度
- Hacker, pack your bags!
- jQuery小知识
- java json 简单例子
- 2017-12-8
- win10 搭建完整深度学习开发环境