目录
一. 安装相关软件
二. 修改配置文件
三. 启动
四. 测试
一. 安装相关软件
1. 没有rpm文件时
需要到与需要安装ntp服务操作系统相同的且有网络的服务器上,下载所需依赖包
yum install ntp ntpdate --downloadonly --downloaddir=/package #语法释义: #--downloadonly: 表示仅下载,不安装 #--downloaddir: 表示下载依赖包的路径
如此就可以将安装ntp和ntpdate的所有依赖包下载到/package下面了,然后将/package/下的所有依赖包拷贝到需要安装ntp服务的服务器中
2. 如果有依赖包了就可以直接执行安装,命令如下:
rpm -ivh /package/*.rpm #/package/*.rpm 指的是依赖包的绝对路径
二. 修改配置文件
安装好依赖之后,就是对配置文件进行修改了,我这里列出自己的安装环境:
主服务:192.168.52.140
客户端节点A:192.168.52.141
客户端节点B:192.168.52.142
说明: 由主服务提供校时服务,客户端节点A,B每5~10分钟向主服务同步一次时间
我将分别列出主服务与客户端节点的配置文件(目录是:/etc/ntp.conf)
1. 主服务
# For more information about this file, see the man pages # ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5). driftfile /var/lib/ntp/drift # Permit time synchronization with our time source, but do not # permit the source to query or modify the service on this system. #restrict default nomodify notrap nopeer noquery # Permit all access over the loopback interface. This could # be tightened as well, but to do so would effect some of # the administrative functions. restrict 127.0.0.1 restrict ::1 # Hosts on local network are less restricted. #restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap #这一行默认的注释掉 # Use public servers from the pool.ntp.org project. # Please consider joining the pool (http://www.pool.ntp.org/join.html). #server 0.centos.pool.ntp.org iburst #这一行默认的注释掉 #server 1.centos.pool.ntp.org iburst #这一行默认的注释掉 #server 2.centos.pool.ntp.org iburst #这一行默认的注释掉 #server 3.centos.pool.ntp.org iburst #这一行默认的注释掉 restrict 192.168.52.140 nomodify notrap nopeer noquery #新增该行 server 127.127.1.0 iburst local clock #新增该行 restrict 192.168.52.0 mask 255.255.255.0 nomodify #新增该行 Fudge 127.127.1.0 stratum 10 #新增该行 #broadcast 192.168.1.255 autokey # broadcast server #broadcastclient # broadcast client #broadcast 224.0.1.1 autokey # multicast server #multicastclient 224.0.1.1 # multicast client #manycastserver 239.255.254.254 # manycast server #manycastclient 239.255.254.254 autokey # manycast client # Enable public key cryptography. #crypto includefile /etc/ntp/crypto/pw # Key file containing the keys and key identifiers used when operating # with symmetric key cryptography. keys /etc/ntp/keys # Specify the key identifiers which are trusted. #trustedkey 4 8 42 # Specify the key identifier to use with the ntpdc utility. #requestkey 8 # Specify the key identifier to use with the ntpq utility. #controlkey 8 # Enable writing of statistics records. #statistics clockstats cryptostats loopstats peerstats # Disable the monitoring facility to prevent amplification attacks using ntpdc # monlist command when default restrict does not include the noquery flag. See # CVE-2013-5211 for more details. # Note: Monitoring will not be disabled with the limited restriction flag. disable monitor
2. 客户端A(192.168.52.141)
# For more information about this file, see the man pages # ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5). driftfile /var/lib/ntp/drift # Permit time synchronization with our time source, but do not # permit the source to query or modify the service on this system. #restrict default nomodify notrap nopeer noquery # Permit all access over the loopback interface. This could # be tightened as well, but to do so would effect some of # the administrative functions. restrict 127.0.0.1 restrict ::1 # Hosts on local network are less restricted. #restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap #这一行默认的注释掉 # Use public servers from the pool.ntp.org project. # Please consider joining the pool (http://www.pool.ntp.org/join.html). #server 0.centos.pool.ntp.org iburst #这一行默认的注释掉 #server 1.centos.pool.ntp.org iburst #这一行默认的注释掉 #server 2.centos.pool.ntp.org iburst #这一行默认的注释掉 #server 3.centos.pool.ntp.org iburst #这一行默认的注释掉 restrict 192.168.52.141 nomodify notrap nopeer noquery #新增该行 server 192.168.52.140 #新增该行 restrict 192.168.52.0 mask 255.255.255.0 nomodify #新增该行 Fudge 192.168.52.140 stratum 10 #新增该行 #broadcast 192.168.1.255 autokey # broadcast server #broadcastclient # broadcast client #broadcast 224.0.1.1 autokey # multicast server #multicastclient 224.0.1.1 # multicast client #manycastserver 239.255.254.254 # manycast server #manycastclient 239.255.254.254 autokey # manycast client # Enable public key cryptography. #crypto includefile /etc/ntp/crypto/pw # Key file containing the keys and key identifiers used when operating # with symmetric key cryptography. keys /etc/ntp/keys # Specify the key identifiers which are trusted. #trustedkey 4 8 42 # Specify the key identifier to use with the ntpdc utility. #requestkey 8 # Specify the key identifier to use with the ntpq utility. #controlkey 8 # Enable writing of statistics records. #statistics clockstats cryptostats loopstats peerstats # Disable the monitoring facility to prevent amplification attacks using ntpdc # monlist command when default restrict does not include the noquery flag. See # CVE-2013-5211 for more details. # Note: Monitoring will not be disabled with the limited restriction flag. disable monitor
3. 客户端B(192.168.52.142)
# For more information about this file, see the man pages # ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5). driftfile /var/lib/ntp/drift # Permit time synchronization with our time source, but do not # permit the source to query or modify the service on this system. #restrict default nomodify notrap nopeer noquery # Permit all access over the loopback interface. This could # be tightened as well, but to do so would effect some of # the administrative functions. restrict 127.0.0.1 restrict ::1 # Hosts on local network are less restricted. #restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap #这一行默认的注释掉 # Use public servers from the pool.ntp.org project. # Please consider joining the pool (http://www.pool.ntp.org/join.html). #server 0.centos.pool.ntp.org iburst #这一行默认的注释掉 #server 1.centos.pool.ntp.org iburst #这一行默认的注释掉 #server 2.centos.pool.ntp.org iburst #这一行默认的注释掉 #server 3.centos.pool.ntp.org iburst #这一行默认的注释掉 restrict 192.168.52.142 nomodify notrap nopeer noquery #新增该行 server 192.168.52.140 #新增该行 restrict 192.168.52.0 mask 255.255.255.0 nomodify #新增该行 Fudge 192.168.52.140 stratum 10 #新增该行 #broadcast 192.168.1.255 autokey # broadcast server #broadcastclient # broadcast client #broadcast 224.0.1.1 autokey # multicast server #multicastclient 224.0.1.1 # multicast client #manycastserver 239.255.254.254 # manycast server #manycastclient 239.255.254.254 autokey # manycast client # Enable public key cryptography. #crypto includefile /etc/ntp/crypto/pw # Key file containing the keys and key identifiers used when operating # with symmetric key cryptography. keys /etc/ntp/keys # Specify the key identifiers which are trusted. #trustedkey 4 8 42 # Specify the key identifier to use with the ntpdc utility. #requestkey 8 # Specify the key identifier to use with the ntpq utility. #controlkey 8 # Enable writing of statistics records. #statistics clockstats cryptostats loopstats peerstats # Disable the monitoring facility to prevent amplification attacks using ntpdc # monlist command when default restrict does not include the noquery flag. See # CVE-2013-5211 for more details. # Note: Monitoring will not be disabled with the limited restriction flag. disable monitor
三. 启动
#首先在主服务中先手动校时一次,并同步到硬件上 date -s '20220302 18:44:40' && hwclock -w #启动服务(在所有服务中都执行) systemctl start ntpd #设置开机自启(在所有服务中都执行) systemctl enable ntpd #查看服务状态(在所有服务中都执行) systemctl status ntpd
四. 测试
所有服务都启动之后,等待10分钟左右,就会发现所有的客户端(A,B)的时间已经和主服务同步了
#查看服务器当前时间 date
如此就算大功告成啦,喜欢的就点个赞和关注吧(* ̄︶ ̄)
