linux 时间同步ntp和chrony服务搭建配置

admin

查看时间同步源的信息。
# chronyc sourcestats -v
210 Number of sources = 1
7 ]8 [; g, i0 S6 P% N( C/ C- E                             .- Number of sample points in measurement set.
                            /    .- Number of residual runs with same sign.
' q% J$ s) f; k1 H6 y+ S                           |    /    .- Length of measurement set (time).
                           |   |    /      .- Est. clock freq error (ppm).
                           |   |   |      /           .- Est. error in freq.
                           |   |   |     |           /         .- Est. offset.
; u6 c, v# y& l) [$ s6 W. T9 W                           |   |   |     |          |          |   On the -.
                           |   |   |     |          |          |   samples. \
                           |   |   |     |          |          |             |
Name/IP Address            NP  NR  Span  Frequency  Freq Skew  Offset  Std Dev
==============================================================================
promote.cache-dns.local     0   0     0     +0.000   2000.000     +0ns  4000ms

admin

[root@361way ~]# chronyc
2 S5 Z& [6 |) t4 z* q7 l4 Q% echrony version 1.29.1
3 f$ s- S+ G0 mCopyright (C) 1997-2003, 2007, 2009-2013 Richard P. Curnow and others
chrony comes with ABSOLUTELY NO WARRANTY.  This is free software, and
5 R; K1 t9 u1 B6 h1 Z0 u  G/ \you are welcome to redistribute it under certain conditions.  See the
GNU General Public License version 2 for details.
chronyc> activity
" _& S% G9 |8 F% R200 OK
3 sources online
0 sources offline
* L8 P, C1 U% h1 j0 sources doing burst (return to online)
0 sources doing burst (return to offline)
0 sources with unknown address
chronyc> help
Commands:
accheck <address> : Check whether NTP access is allowed to <address>
activity : Check how many NTP sources are online/offline
add peer <address> ... : Add a new NTP peer
add server <address> ... : Add a new NTP server
allow [<subnet-addr>] : Allow NTP access to that subnet as a default
allow all [<subnet-addr>] : Allow NTP access to that subnet and all children
! w7 ]; J9 ]' F; ?burst <n-good>/<n-max> [<mask>/<masked-address>] : Start a rapid set of measurements
clients : Report on clients that have accessed the server
cmdaccheck <address> : Check whether command access is allowed to <address>
cmdallow [<subnet-addr>] : Allow command access to that subnet as a default
cmdallow all [<subnet-addr>] : Allow command access to that subnet and all children
cmddeny [<subnet-addr>] : Deny command access to that subnet as a default
……………………省略

admin

配置NTP server 服务器 #yum install -y ntp
0 B; a* s7 u1 a& u●        编辑ntp 配置  vim /etc/ntp.conf
% ], ]. {; _4 r4 V5 ]3 V+ Jdriftfile /var/lib/ntp/drift
" q1 Y- A) w' ?4 Brestrict default nomodify notrap nopeer noquery
: h" Z& I& }; B, hrestrict 127.0.0.1
3 J2 l) K; g& o5 v: \- L) ]# y8 Orestrict ::1
0 \) z# W, Z( {8 n5 E' E& v+ H+ zserver 127.127.1.0                              　　
fudge 127.127.1.0 stratum 0                  
includefile /etc/ntp/crypto/pw
/ D: D, D& k, X8 S8 b  j1 xkeys /etc/ntp/keys
. z, B  K% Z$ U9 Q+ A# Pdisable monitor
●        编辑ntp 服务器的配置
# vim  /etc/sysconfig/iptables

' H1 ]2 y& D7 z2 B. g  -A INPUT -p udp --dport 123 -j ACCEPT
; G4 K  u2 C4 V2 c% P7 T$ Q4 S* `
# systemctl restart iptables
# systemctl restart iptables.service
●        将系统时间写入硬件
  # hwclock --systohc
●        重新启动NTP服务
    # service ntpd restart
6 G' t( y( R- S9 |9 ^: S
2 y" O8 K- D+ g5 M

admin

设定NTP主机来源（其中prefer表示优先主机），192.168.7.49是本地的NTP服务器，所以优先指定从该主机同步时间。

; t6 t' ^( v$ }% Hserver 192.168.7.49 prefer