目录
一. 安装相关软件
二. 修改配置文件
三. 启动
四. 测试
一. 安装相关软件
1. 没有rpm文件时
需要到与需要安装ntp服务操作系统相同的且有网络的服务器上,下载所需依赖包
yum install ntp ntpdate --downloadonly --downloaddir=/package
#语法释义:
#--downloadonly: 表示仅下载,不安装
#--downloaddir: 表示下载依赖包的路径
如此就可以将安装ntp和ntpdate的所有依赖包下载到/package下面了,然后将/package/下的所有依赖包拷贝到需要安装ntp服务的服务器中
2. 如果有依赖包了就可以直接执行安装,命令如下:
rpm -ivh /package/*.rpm
#/package/*.rpm 指的是依赖包的绝对路径
二. 修改配置文件
安装好依赖之后,就是对配置文件进行修改了,我这里列出自己的安装环境:
主服务:192.168.52.140
客户端节点A:192.168.52.141
客户端节点B:192.168.52.142
说明: 由主服务提供校时服务,客户端节点A,B每5~10分钟向主服务同步一次时间
我将分别列出主服务与客户端节点的配置文件(目录是:/etc/ntp.conf)
1. 主服务
# For more information about this file, see the man pages
# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
driftfile /var/lib/ntp/drift
# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
#restrict default nomodify notrap nopeer noquery
# Permit all access over the loopback interface. This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1
restrict ::1
# Hosts on local network are less restricted.
#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap #这一行默认的注释掉
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
#server 0.centos.pool.ntp.org iburst #这一行默认的注释掉
#server 1.centos.pool.ntp.org iburst #这一行默认的注释掉
#server 2.centos.pool.ntp.org iburst #这一行默认的注释掉
#server 3.centos.pool.ntp.org iburst #这一行默认的注释掉
restrict 192.168.52.140 nomodify notrap nopeer noquery #新增该行
server 127.127.1.0 iburst local clock #新增该行
restrict 192.168.52.0 mask 255.255.255.0 nomodify #新增该行
Fudge 127.127.1.0 stratum 10 #新增该行
#broadcast 192.168.1.255 autokey # broadcast server
#broadcastclient # broadcast client
#broadcast 224.0.1.1 autokey # multicast server
#multicastclient 224.0.1.1 # multicast client
#manycastserver 239.255.254.254 # manycast server
#manycastclient 239.255.254.254 autokey # manycast client
# Enable public key cryptography.
#crypto
includefile /etc/ntp/crypto/pw
# Key file containing the keys and key identifiers used when operating
# with symmetric key cryptography.
keys /etc/ntp/keys
# Specify the key identifiers which are trusted.
#trustedkey 4 8 42
# Specify the key identifier to use with the ntpdc utility.
#requestkey 8
# Specify the key identifier to use with the ntpq utility.
#controlkey 8
# Enable writing of statistics records.
#statistics clockstats cryptostats loopstats peerstats
# Disable the monitoring facility to prevent amplification attacks using ntpdc
# monlist command when default restrict does not include the noquery flag. See
# CVE-2013-5211 for more details.
# Note: Monitoring will not be disabled with the limited restriction flag.
disable monitor
2. 客户端A(192.168.52.141)?
# For more information about this file, see the man pages
# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
driftfile /var/lib/ntp/drift
# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
#restrict default nomodify notrap nopeer noquery
# Permit all access over the loopback interface. This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1
restrict ::1
# Hosts on local network are less restricted.
#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap #这一行默认的注释掉
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
#server 0.centos.pool.ntp.org iburst #这一行默认的注释掉
#server 1.centos.pool.ntp.org iburst #这一行默认的注释掉
#server 2.centos.pool.ntp.org iburst #这一行默认的注释掉
#server 3.centos.pool.ntp.org iburst #这一行默认的注释掉
restrict 192.168.52.141 nomodify notrap nopeer noquery #新增该行
server 192.168.52.140 #新增该行
restrict 192.168.52.0 mask 255.255.255.0 nomodify #新增该行
Fudge 192.168.52.140 stratum 10 #新增该行
#broadcast 192.168.1.255 autokey # broadcast server
#broadcastclient # broadcast client
#broadcast 224.0.1.1 autokey # multicast server
#multicastclient 224.0.1.1 # multicast client
#manycastserver 239.255.254.254 # manycast server
#manycastclient 239.255.254.254 autokey # manycast client
# Enable public key cryptography.
#crypto
includefile /etc/ntp/crypto/pw
# Key file containing the keys and key identifiers used when operating
# with symmetric key cryptography.
keys /etc/ntp/keys
# Specify the key identifiers which are trusted.
#trustedkey 4 8 42
# Specify the key identifier to use with the ntpdc utility.
#requestkey 8
# Specify the key identifier to use with the ntpq utility.
#controlkey 8
# Enable writing of statistics records.
#statistics clockstats cryptostats loopstats peerstats
# Disable the monitoring facility to prevent amplification attacks using ntpdc
# monlist command when default restrict does not include the noquery flag. See
# CVE-2013-5211 for more details.
# Note: Monitoring will not be disabled with the limited restriction flag.
disable monitor
3. 客户端B(192.168.52.142)?
# For more information about this file, see the man pages
# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
driftfile /var/lib/ntp/drift
# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
#restrict default nomodify notrap nopeer noquery
# Permit all access over the loopback interface. This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1
restrict ::1
# Hosts on local network are less restricted.
#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap #这一行默认的注释掉
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
#server 0.centos.pool.ntp.org iburst #这一行默认的注释掉
#server 1.centos.pool.ntp.org iburst #这一行默认的注释掉
#server 2.centos.pool.ntp.org iburst #这一行默认的注释掉
#server 3.centos.pool.ntp.org iburst #这一行默认的注释掉
restrict 192.168.52.142 nomodify notrap nopeer noquery #新增该行
server 192.168.52.140 #新增该行
restrict 192.168.52.0 mask 255.255.255.0 nomodify #新增该行
Fudge 192.168.52.140 stratum 10 #新增该行
#broadcast 192.168.1.255 autokey # broadcast server
#broadcastclient # broadcast client
#broadcast 224.0.1.1 autokey # multicast server
#multicastclient 224.0.1.1 # multicast client
#manycastserver 239.255.254.254 # manycast server
#manycastclient 239.255.254.254 autokey # manycast client
# Enable public key cryptography.
#crypto
includefile /etc/ntp/crypto/pw
# Key file containing the keys and key identifiers used when operating
# with symmetric key cryptography.
keys /etc/ntp/keys
# Specify the key identifiers which are trusted.
#trustedkey 4 8 42
# Specify the key identifier to use with the ntpdc utility.
#requestkey 8
# Specify the key identifier to use with the ntpq utility.
#controlkey 8
# Enable writing of statistics records.
#statistics clockstats cryptostats loopstats peerstats
# Disable the monitoring facility to prevent amplification attacks using ntpdc
# monlist command when default restrict does not include the noquery flag. See
# CVE-2013-5211 for more details.
# Note: Monitoring will not be disabled with the limited restriction flag.
disable monitor
三. 启动
#首先在主服务中先手动校时一次,并同步到硬件上
date -s '20220302 18:44:40' && hwclock -w
#启动服务(在所有服务中都执行)
systemctl start ntpd
#设置开机自启(在所有服务中都执行)
systemctl enable ntpd
#查看服务状态(在所有服务中都执行)
systemctl status ntpd
四. 测试
所有服务都启动之后,等待10分钟左右,就会发现所有的客户端(A,B)的时间已经和主服务同步了
#查看服务器当前时间
date
?如此就算大功告成啦,喜欢的就点个赞和关注吧(* ̄︶ ̄)
|