centos 7 NTP离线安装部署

木易仁 發表於 2022-4-15 16:11:00

1.下载三个rpm离线包
ntpdate-4.2.6p5-29.el7.centos.2.x86_64
ntp-4.2.6p5-29.el7.centos.2.x86_64
autogen-libopts-5.18-5.el7.x86_64
地址：
http://mirror.centos.org/centos/7/os/x86_64/Packages/ntpdate-4.2.6p5-29.el7.centos.2.x86_64.rpm
http://mirror.centos.org/centos/7/os/x86_64/Packages/ntp-4.2.6p5-29.el7.centos.2.x86_64.rpm
http://mirror.centos.org/centos/7/os/x86_64/Packages/autogen-libopts-5.18-5.el7.x86_64.rpm
 
2.上传至centos安装
ntp -ivh ntpdate-4.2.6p5-29.el7.centos.2.x86_64.rpm
ntp -ivh ntp-4.2.6p5-29.el7.centos.2.x86_64
ntp -ivh autogen-libopts-5.18-5.el7.x86_64.rpm
<img src="https://img2022.cnblogs.com/blog/811703/202204/811703-20220415155658262-1445265620.png">
 
 
 3.查看安转版本 rpm -q ntp
<img src="https://img2022.cnblogs.com/blog/811703/202204/811703-20220415155901862-1512297820.png">
 
 
 4. 启用ntp服务  systemctl enable ntpd 
 <img src="https://img2022.cnblogs.com/blog/811703/202204/811703-20220415160005407-1350464481.png">
 
 
 5.开始ntp服务 systemctl start ntpd
     查看状态 systemctl status  ntpd
<img src="https://img2022.cnblogs.com/blog/811703/202204/811703-20220415160139272-501795829.png">
 
6. 编辑master的机器的文件/etc/ntp.conf
<div>
<div> 找到ntp时间同步的机器范围配置项 
restrict 192.168.3.0mask255.255.255.0nomodify notrap 
这里的意思代表，192.168.3的网段的机器都参与ntp的时间同步</div>

</div>
<div class="cnblogs_code">
# For more information about this file, see the man pages # ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
driftfile /var/lib/ntp/drift
# Permit time synchronization with our time source, but do not # permit the source to query or modify the service on this system. restrict default nomodify notrap nopeer noquery
# Permit all access over the loopback interface.This could # be tightened as well, but to do so would effect some of # the administrative functions. restrict 127.0.0.1 restrict ::1
# Hosts on local network are less restricted. restrict 192.168.111.0 mask 255.255.255.0 nomodify notrap
# Use public servers from the pool.ntp.org project. # Please consider joining the pool (http://www.pool.ntp.org/join.html). server ntp1.aliyun.com server ntp2.aliyun.com server ntp3.aliyun.com server 127.0.0.1 fudge 127.0.0.1 stratum 10
#broadcast 192.168.1.255 autokey # broadcast server #broadcastclient # broadcast client #broadcast 224.0.1.1 autokey # multicast server #multicastclient 224.0.1.1 # multicast client #manycastserver 239.255.254.254 # manycast server #manycastclient 239.255.254.254 autokey # manycast client
# Enable public key cryptography. #crypto
includefile /etc/ntp/crypto/pw
# Key file containing the keys and key identifiers used when operating # with symmetric key cryptography. keys /etc/ntp/keys
# Specify the key identifiers which are trusted. #trustedkey 4 8 42
# Specify the key identifier to use with the ntpdc utility. #requestkey 8
# Specify the key identifier to use with the ntpq utility. #controlkey 8
# Enable writing of statistics records. #statistics clockstats cryptostats loopstats peerstats
# Disable the monitoring facility to prevent amplification attacks using ntpdc # monlist command when default restrict does not include the noquery flag. See # CVE-2013-5211 for more details. # Note: Monitoring will not be disabled with the limited restriction flag. disable monitor

</div>
<div>
<div>ntp.conf中有默认的时间服务器，我们需要注销，然后添加上我们对应的时区时间服务器。 
server ntp1.aliyun.com 
server ntp2.aliyun.com 
server ntp3.aliyun.com
 
///当以上三个时间服务器不可用时，就是以本机时间作为集群机器的统一时间。 
server 127.0.0.1 
fudge 127.0.0.1 stratum 10

</div>

</div>
 <img src="https://img2022.cnblogs.com/blog/811703/202204/811703-20220415160542825-591940706.png">
 
 6.更新时间 ntpdate -u ntp2.aliyun.com
7.配置客户机 /etc/ntp.conf  
server 192.168.111.128
同步时间命令 ntpdate -u  192.168.111.128  需要关闭防火墙 
来源：https://www.cnblogs.com/jinpeigang/p/16149670.html

頁: [1]

琼殿技术论坛's Archiver

centos 7 NTP离线安装部署