CentOS 7.x时间同步服务chrony配置详解
<p><span style="font-size: 18pt"> <strong> CentOS 7.x时间同步服务chrony配置详解</strong></span></p><p><span style="font-size: 18pt"><strong> 作者:尹正杰</strong></span></p>
<p><span style="font-size: 18pt"><strong>版权声明:原创作品,谢绝转载!否则将追究法律责任。 </strong></span></p>
<p> </p>
<p><span style="font-size: 18pt"><strong> </strong></span></p>
<p> </p>
<p><span style="font-size: 14pt; color: rgba(255, 0, 255, 1)"><strong>一.时间服务概述</strong></span></p>
<p><span style="font-size: 18px; color: rgba(0, 0, 0, 1)"><strong>1>.为什么需要时间服务器</strong></span></p>
<div class="cnblogs_code">
<pre><span style="color: rgba(0, 0, 0, 1)"> 事实上,我们各种电子设备它们都是靠时钟驱动的,在分布式场景当中,更多主机的协作也是靠时钟驱动的。因此,多节点的主机时间必须要一致。
以Linux为例,Linux的时间是系统启动时,内核会从主板的硬件资源读取时间并设置为内核中的时钟。接下来系统时间和硬件的内核时间是各自分开独立运行的。
由于操作系统在运行过程中CPU繁忙等各种原因,久而久之很可能会导致系统时钟不精确的显现,这种不精确反应在同一个集群的多台主机上其实就是集群时间不一致。
我们大家都知道虚拟机并获得的CPU是虚拟机产品虚拟出来的CPU,并不是我们真正物理机上的CPU,因此出现时间误差的概率是相当的大,所以在我们普遍使用云计算的虚拟机上,必须要配置一个时间服务器,否则可能各个虚拟机的时间出现不一致的情况。</span></pre>
</div>
<p><span style="font-size: 18px; color: rgba(0, 0, 0, 1)"><strong>2>.ntpd时间服务</strong></span></p>
<div class="cnblogs_code">
<pre> 以RedHat的Linux发行版为例,早期用来解决时间服务器(CentOS <span style="color: rgba(128, 0, 128, 1)">6</span><span style="color: rgba(0, 0, 0, 1)">.x版本之前)的程序包是ntpd,该程序包既可以用作服务端又可以用作客户端。ntpd是基于NTP(Network Time Protocal)实现时间同步的。
ntdp的实现同步时间的逻辑:
它的思想是把时间的周期缩短,举个例一个比较极限的例子,假设一台服务器两台服务器时间相差1小时,它的思想就是将自己现有的时间周期缩短,从而间接追上时间服务器的时间。比如时间服务器跑一分钟需要60秒,而ntpd的思想是跑一分钟使用30秒甚至1秒实现跑一分钟的的时间周期,这样随着时间的推移一定会追上服务器时间的。这种方式的确是可以追到服务器时间,但是为了追到服务器时间会付出一定时间的代价,这也是ntpd之所以被淘汰的根本原因。
生产环境中,你是否也发现了这样的现象呢?明明在部署集群时时间配置是正确的,可能过了2三个月后,你会发现集群中总有那么几台及其出现时间不同步的情况。这里的根本问题在于ntpd在和时间服务器进行时间同步的核心逻辑问题,因此CentOS7.x版本将CentOS6.x版本的ntpd替换为chronyd服务啦。
配置ntpd作为时间服务器案例(博主推荐使用使用chronyd作为服务端,尽管我之前也分效果使用ntpd作为服务端的比较):
https:</span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">www.cnblogs.com/yinzhengjie/p/9480665.html</span></pre>
</div>
<p><span style="font-size: 18px; color: rgba(0, 0, 0, 1)"><strong>3>.chrony时间服务</strong></span></p>
<div class="cnblogs_code">
<pre> chrony是网络时间协议(NTP)的通用实现。它可以将系统时钟与NTP服务器、参考时钟(例如GPS接收器)和使用手表和键盘的手动输入同步。它还可以作为NTPv4(RFC <span style="color: rgba(128, 0, 128, 1)">5905</span><span style="color: rgba(0, 0, 0, 1)">)服务器和对等服务器运行,为网络中的其他计算机提供时间服务。
它被设计成在各种条件下都能很好地运行,包括断续的网络连接、严重拥挤的网络、不断变化的温度(普通的计算机时钟对温度很敏感),以及不连续运行或在虚拟机上运行的系统。
chrony是ntpd的替代方案。在互联网上同步的两台机器之间的典型精度在几毫秒内;在局域网上,精度通常在几十微秒内。使用硬件时间戳或硬件参考时钟,可以达到亚微秒精度。
chrony中包含两个程序,chronyd是一个可以在启动时启动的守护程序,chronyc是一个命令行接口程序,可用于监视chronyd的性能,并在运行时更改各种操作参数。
如果非要把NTP和chrony做一个对比的话,我们就以手动调整手表时间为例,我们假设手表时间和实际服务器时间相差3小时:
ntpd的解决思路就是飞速的转动秒针,以最快的速度调准时间,可想而是,我们需要非常快的速度转动180圈秒针才能追上时间服务器的时间,真个转动过程是相当费时间的。
chrony的解决思路就是直接调整时针,可想而知,我们挑拨时针不到一圈就能把问题解决掉了,这就是为什么生产环境中大家使用的时间服务器基本上都是chrony啦。
和ntpd一样,chronyd程序包既可以做服务端也可以做客户端,实际上chrony服务本身是兼容ntpd服务的,我们直到123/UDP是传统的NTP服务所默认监听的端口,而323/UDP是chrony所默认监听的端口。因此我们使用chronyd做服务端后,我们既可以使用ntpd做客户端也可以使用chronyd做客户端。
chrony的官方网站:
https:</span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">chrony.tuxfamily.org/</span></pre>
</div>
<p><strong><span style="font-size: 18px">4>.chrony的优势</span></strong></p>
<div class="cnblogs_code">
<pre> chrony是网络时间协议(NTP)的另一种实现,与网络时间协议后台程序(ntpd)不同,它可以更快地且更准确地同步系统时钟,请注意,ntpd仍然包含其中以供需要运行NTP服务的客户使用。<br><br> chrony的优势包括以下几点:<br> (1)更快的同步只需要数分钟而非数小时时间,从而最大程度减少时间和频率误差,这对于并非全天24小时的运行的台式计算机或系统而言非常有用;<br> (2)能够更好地响应时钟频率的快速变化,这对于具备不稳定时钟的虚拟机或导致赛事中频率发生比变化的节能技术;<br> (3)在初始同步后,它不会停止时钟,以防对需要系统时间保持单调的应用程序造成影响;<br> (4)在应对临时非对称延迟时(例如大规模下载造成链接饱和等情况)提供了更好的稳定性;<br> (5)无需对时间服务器进行定期轮询,因此具备间歇性网络连接(如网络不稳定的场景)的系统仍然可以快速同步时钟。</pre>
</div>
<p> </p>
<p><span style="font-size: 14pt; color: rgba(255, 0, 255, 1)"><strong>二.安装并<strong>配置chrony服务</strong></strong></span></p>
<p><strong><span style="font-size: 18px">1>.安装chrony</span></strong></p>
<div class="cnblogs_code"><img src="http://images.cnblogs.com/OutliningIndicators/ContractedBlock.gif"><img id="code_img_opened_12608295-adb2-4fb5-a79d-cd0df68d787d" class="code_img_opened lazyload" style="display: none" alt="" data-src="http://images.cnblogs.com/OutliningIndicators/ExpandedBlockStart.gif">
<div id="cnblogs_code_open_12608295-adb2-4fb5-a79d-cd0df68d787d" class="cnblogs_code_hide">
<pre># <span style="color: rgba(0, 0, 255, 1)">yum</span> -y <span style="color: rgba(0, 0, 255, 1)">install</span><span style="color: rgba(0, 0, 0, 1)"> chrony
Loaded plugins: fastestmirror
Determining fastest mirrors
</span>*<span style="color: rgba(0, 0, 0, 1)"> base: mirror.bit.edu.cn
</span>*<span style="color: rgba(0, 0, 0, 1)"> extras: mirror.bit.edu.cn
</span>*<span style="color: rgba(0, 0, 0, 1)"> updates: mirrors.huaweicloud.com
ambari</span>-repo | <span style="color: rgba(128, 0, 128, 1)">2.9</span> kB<span style="color: rgba(128, 0, 128, 1)">00</span>:<span style="color: rgba(128, 0, 128, 1)">00</span>:<span style="color: rgba(128, 0, 128, 1)">00</span><span style="color: rgba(0, 0, 0, 1)">
base </span>| <span style="color: rgba(128, 0, 128, 1)">3.6</span> kB<span style="color: rgba(128, 0, 128, 1)">00</span>:<span style="color: rgba(128, 0, 128, 1)">00</span>:<span style="color: rgba(128, 0, 128, 1)">00</span><span style="color: rgba(0, 0, 0, 1)">
extras </span>| <span style="color: rgba(128, 0, 128, 1)">2.9</span> kB<span style="color: rgba(128, 0, 128, 1)">00</span>:<span style="color: rgba(128, 0, 128, 1)">00</span>:<span style="color: rgba(128, 0, 128, 1)">00</span><span style="color: rgba(0, 0, 0, 1)">
mysql</span>-connectors-community | <span style="color: rgba(128, 0, 128, 1)">2.5</span> kB<span style="color: rgba(128, 0, 128, 1)">00</span>:<span style="color: rgba(128, 0, 128, 1)">00</span>:<span style="color: rgba(128, 0, 128, 1)">00</span><span style="color: rgba(0, 0, 0, 1)">
mysql</span>-tools-community | <span style="color: rgba(128, 0, 128, 1)">2.5</span> kB<span style="color: rgba(128, 0, 128, 1)">00</span>:<span style="color: rgba(128, 0, 128, 1)">00</span>:<span style="color: rgba(128, 0, 128, 1)">00</span><span style="color: rgba(0, 0, 0, 1)">
mysql80</span>-community | <span style="color: rgba(128, 0, 128, 1)">2.5</span> kB<span style="color: rgba(128, 0, 128, 1)">00</span>:<span style="color: rgba(128, 0, 128, 1)">00</span>:<span style="color: rgba(128, 0, 128, 1)">00</span><span style="color: rgba(0, 0, 0, 1)">
updates </span>| <span style="color: rgba(128, 0, 128, 1)">2.9</span> kB<span style="color: rgba(128, 0, 128, 1)">00</span>:<span style="color: rgba(128, 0, 128, 1)">00</span>:<span style="color: rgba(128, 0, 128, 1)">00</span><span style="color: rgba(0, 0, 0, 1)">
(</span><span style="color: rgba(128, 0, 128, 1)">1</span>/<span style="color: rgba(128, 0, 128, 1)">2</span>): extras/<span style="color: rgba(128, 0, 128, 1)">7</span>/x86_64/primary_db | <span style="color: rgba(128, 0, 128, 1)">159</span> kB<span style="color: rgba(128, 0, 128, 1)">00</span>:<span style="color: rgba(128, 0, 128, 1)">00</span>:<span style="color: rgba(128, 0, 128, 1)">00</span><span style="color: rgba(0, 0, 0, 1)">
(</span><span style="color: rgba(128, 0, 128, 1)">2</span>/<span style="color: rgba(128, 0, 128, 1)">2</span>): updates/<span style="color: rgba(128, 0, 128, 1)">7</span>/x86_64/primary_db | <span style="color: rgba(128, 0, 128, 1)">5.9</span> MB<span style="color: rgba(128, 0, 128, 1)">00</span>:<span style="color: rgba(128, 0, 128, 1)">00</span>:<span style="color: rgba(128, 0, 128, 1)">00</span><span style="color: rgba(0, 0, 0, 1)">
Resolving Dependencies
</span>--><span style="color: rgba(0, 0, 0, 1)"> Running transaction check
</span>---> Package chrony.x86_64 <span style="color: rgba(128, 0, 128, 1)">0</span>:<span style="color: rgba(128, 0, 128, 1)">3.4</span>-<span style="color: rgba(128, 0, 128, 1)">1</span><span style="color: rgba(0, 0, 0, 1)">.el7 will be installed
</span>--> Processing Dependency: libseccomp.so.<span style="color: rgba(128, 0, 128, 1)">2</span>()(64bit) <span style="color: rgba(0, 0, 255, 1)">for</span> package: chrony-<span style="color: rgba(128, 0, 128, 1)">3.4</span>-<span style="color: rgba(128, 0, 128, 1)">1</span><span style="color: rgba(0, 0, 0, 1)">.el7.x86_64
</span>--><span style="color: rgba(0, 0, 0, 1)"> Running transaction check
</span>---> Package libseccomp.x86_64 <span style="color: rgba(128, 0, 128, 1)">0</span>:<span style="color: rgba(128, 0, 128, 1)">2.3</span>.<span style="color: rgba(128, 0, 128, 1)">1</span>-<span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)">.el7 will be installed
</span>--><span style="color: rgba(0, 0, 0, 1)"> Finished Dependency Resolution
Dependencies Resolved
</span>==============================================================================================================================================================================================================================================================================<span style="color: rgba(0, 0, 0, 1)">
Package Arch Version Repository Size
</span>==============================================================================================================================================================================================================================================================================<span style="color: rgba(0, 0, 0, 1)">
Installing:
chrony x86_64 </span><span style="color: rgba(128, 0, 128, 1)">3.4</span>-<span style="color: rgba(128, 0, 128, 1)">1</span>.el7 base <span style="color: rgba(128, 0, 128, 1)">251</span><span style="color: rgba(0, 0, 0, 1)"> k
Installing </span><span style="color: rgba(0, 0, 255, 1)">for</span><span style="color: rgba(0, 0, 0, 1)"> dependencies:
libseccomp x86_64 </span><span style="color: rgba(128, 0, 128, 1)">2.3</span>.<span style="color: rgba(128, 0, 128, 1)">1</span>-<span style="color: rgba(128, 0, 128, 1)">3</span>.el7 base <span style="color: rgba(128, 0, 128, 1)">56</span><span style="color: rgba(0, 0, 0, 1)"> k
Transaction Summary
</span>==============================================================================================================================================================================================================================================================================<span style="color: rgba(0, 0, 0, 1)">
Install</span><span style="color: rgba(128, 0, 128, 1)">1</span> Package (+<span style="color: rgba(128, 0, 128, 1)">1</span><span style="color: rgba(0, 0, 0, 1)"> Dependent package)
Total download size: </span><span style="color: rgba(128, 0, 128, 1)">306</span><span style="color: rgba(0, 0, 0, 1)"> k
Installed size: </span><span style="color: rgba(128, 0, 128, 1)">788</span><span style="color: rgba(0, 0, 0, 1)"> k
Downloading packages:
(</span><span style="color: rgba(128, 0, 128, 1)">1</span>/<span style="color: rgba(128, 0, 128, 1)">2</span>): libseccomp-<span style="color: rgba(128, 0, 128, 1)">2.3</span>.<span style="color: rgba(128, 0, 128, 1)">1</span>-<span style="color: rgba(128, 0, 128, 1)">3</span>.el7.x86_64.rpm |<span style="color: rgba(128, 0, 128, 1)">56</span> kB<span style="color: rgba(128, 0, 128, 1)">00</span>:<span style="color: rgba(128, 0, 128, 1)">00</span>:<span style="color: rgba(128, 0, 128, 1)">00</span><span style="color: rgba(0, 0, 0, 1)">
(</span><span style="color: rgba(128, 0, 128, 1)">2</span>/<span style="color: rgba(128, 0, 128, 1)">2</span>): chrony-<span style="color: rgba(128, 0, 128, 1)">3.4</span>-<span style="color: rgba(128, 0, 128, 1)">1</span>.el7.x86_64.rpm | <span style="color: rgba(128, 0, 128, 1)">251</span> kB<span style="color: rgba(128, 0, 128, 1)">00</span>:<span style="color: rgba(128, 0, 128, 1)">00</span>:<span style="color: rgba(128, 0, 128, 1)">00</span>
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------<span style="color: rgba(0, 0, 0, 1)">
Total </span><span style="color: rgba(128, 0, 128, 1)">957</span> kB/s | <span style="color: rgba(128, 0, 128, 1)">306</span> kB<span style="color: rgba(128, 0, 128, 1)">00</span>:<span style="color: rgba(128, 0, 128, 1)">00</span>:<span style="color: rgba(128, 0, 128, 1)">00</span><span style="color: rgba(0, 0, 0, 1)">
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : libseccomp</span>-<span style="color: rgba(128, 0, 128, 1)">2.3</span>.<span style="color: rgba(128, 0, 128, 1)">1</span>-<span style="color: rgba(128, 0, 128, 1)">3</span>.el7.x86_64 <span style="color: rgba(128, 0, 128, 1)">1</span>/<span style="color: rgba(128, 0, 128, 1)">2</span><span style="color: rgba(0, 0, 0, 1)">
Installing : chrony</span>-<span style="color: rgba(128, 0, 128, 1)">3.4</span>-<span style="color: rgba(128, 0, 128, 1)">1</span>.el7.x86_64 <span style="color: rgba(128, 0, 128, 1)">2</span>/<span style="color: rgba(128, 0, 128, 1)">2</span><span style="color: rgba(0, 0, 0, 1)">
Verifying: libseccomp</span>-<span style="color: rgba(128, 0, 128, 1)">2.3</span>.<span style="color: rgba(128, 0, 128, 1)">1</span>-<span style="color: rgba(128, 0, 128, 1)">3</span>.el7.x86_64 <span style="color: rgba(128, 0, 128, 1)">1</span>/<span style="color: rgba(128, 0, 128, 1)">2</span><span style="color: rgba(0, 0, 0, 1)">
Verifying: chrony</span>-<span style="color: rgba(128, 0, 128, 1)">3.4</span>-<span style="color: rgba(128, 0, 128, 1)">1</span>.el7.x86_64 <span style="color: rgba(128, 0, 128, 1)">2</span>/<span style="color: rgba(128, 0, 128, 1)">2</span><span style="color: rgba(0, 0, 0, 1)">
Installed:
chrony.x86_64 </span><span style="color: rgba(128, 0, 128, 1)">0</span>:<span style="color: rgba(128, 0, 128, 1)">3.4</span>-<span style="color: rgba(128, 0, 128, 1)">1</span><span style="color: rgba(0, 0, 0, 1)">.el7
Dependency Installed:
libseccomp.x86_64 </span><span style="color: rgba(128, 0, 128, 1)">0</span>:<span style="color: rgba(128, 0, 128, 1)">2.3</span>.<span style="color: rgba(128, 0, 128, 1)">1</span>-<span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)">.el7
Complete</span>!<span style="color: rgba(0, 0, 0, 1)">
#</pre>
</div>
<span class="cnblogs_code_collapse"># yum -y install chrony</span></div>
<p><strong><span style="font-size: 18px">2>.查看chrony是否已经安装</span></strong></p>
<div class="cnblogs_code">
<pre># <span style="color: rgba(0, 0, 255, 1)">yum</span> <span style="color: rgba(0, 0, 255, 1)">info</span><span style="color: rgba(0, 0, 0, 1)"> chrony
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
</span>*<span style="color: rgba(0, 0, 0, 1)"> base: mirrors.aliyun.com
</span>*<span style="color: rgba(0, 0, 0, 1)"> extras: mirror.bit.edu.cn
</span>*<span style="color: rgba(0, 0, 0, 1)"> updates: mirror.bit.edu.cn
Installed Packages
Name : chrony
Arch : x86_64
Version : </span><span style="color: rgba(128, 0, 128, 1)">3.4</span><span style="color: rgba(0, 0, 0, 1)">
Release : </span><span style="color: rgba(128, 0, 128, 1)">1</span><span style="color: rgba(0, 0, 0, 1)">.el7
Size : </span><span style="color: rgba(128, 0, 128, 1)">491</span><span style="color: rgba(0, 0, 0, 1)"> k
<span style="color: rgba(255, 0, 255, 1)">Repo : installed #很显然,这里已经提示咱们该程序包已经安装成功啦~</span>
From repo : base
Summary : An NTP client</span>/<span style="color: rgba(0, 0, 0, 1)">server
URL : https:</span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">chrony.tuxfamily.org</span>
<span style="color: rgba(0, 0, 0, 1)">License : GPLv2
Description : A client</span>/server <span style="color: rgba(0, 0, 255, 1)">for</span><span style="color: rgba(0, 0, 0, 1)"> the Network Time Protocol, this program keeps your
: computer</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">s clock accurate. It was specially designed to support</span>
<span style="color: rgba(0, 0, 0, 1)"> : systems with intermittent internet connections, but it also works well
: </span><span style="color: rgba(0, 0, 255, 1)">in</span><span style="color: rgba(0, 0, 0, 1)"> permanently connected environments. It can use also hardware reference
: clocks, system real</span>-<span style="color: rgba(0, 0, 255, 1)">time</span> clock or manual input as <span style="color: rgba(0, 0, 255, 1)">time</span><span style="color: rgba(0, 0, 0, 1)"> references.
# </pre>
</div>
<p><strong><span style="font-size: 18px">3>.查看chrony服务安装的文件</span></strong></p>
<div class="cnblogs_code">
<pre># rpm -<span style="color: rgba(0, 0, 0, 1)">ql chrony
</span>/etc/NetworkManager/dispatcher.d/<span style="color: rgba(128, 0, 128, 1)">20</span>-<span style="color: rgba(0, 0, 0, 1)">chrony
</span><span style="color: rgba(255, 0, 255, 1)">/etc/chrony.conf #chrony的主配置文件
</span>/etc/<span style="color: rgba(0, 0, 0, 1)">chrony.keys
</span>/etc/dhcp/dhclient.d/chrony.<span style="color: rgba(0, 0, 255, 1)">sh</span>
/etc/logrotate.d/<span style="color: rgba(0, 0, 0, 1)">chrony
</span>/etc/sysconfig/<span style="color: rgba(0, 0, 0, 1)">chronyd
</span><span style="color: rgba(255, 0, 255, 1)">/usr/bin/chronyc #chronyc是一个命令行交互式接口程序,可用于监视chronyd的性能,并在运行时更改各种操作参数。
</span>/usr/lib/systemd/ntp-units.d/<span style="color: rgba(128, 0, 128, 1)">50</span>-<span style="color: rgba(0, 0, 0, 1)">chronyd.list
</span>/usr/lib/systemd/system/chrony-<span style="color: rgba(0, 0, 0, 1)">dnssrv@.service
</span>/usr/lib/systemd/system/chrony-<span style="color: rgba(0, 0, 0, 1)">dnssrv@.timer
</span>/usr/lib/systemd/system/chrony-<span style="color: rgba(0, 0, 255, 1)">wait</span><span style="color: rgba(0, 0, 0, 1)">.service
</span><span style="color: rgba(255, 0, 255, 1)">/usr/lib/systemd/system/chronyd.service #CentOS 7.x版本对应的unit file
</span>/usr/libexec/chrony-<span style="color: rgba(0, 0, 0, 1)">helper
</span><span style="color: rgba(255, 0, 255, 1)">/usr/sbin/chronyd #chronyd是一个可以在启动时启动的守护程序,它既可以充当服务端进程也可以充当服务端进程
</span>/usr/share/doc/chrony-<span style="color: rgba(128, 0, 128, 1)">3.4</span>
/usr/share/doc/chrony-<span style="color: rgba(128, 0, 128, 1)">3.4</span>/<span style="color: rgba(0, 0, 0, 1)">COPYING
</span>/usr/share/doc/chrony-<span style="color: rgba(128, 0, 128, 1)">3.4</span>/<span style="color: rgba(0, 0, 0, 1)">FAQ
</span>/usr/share/doc/chrony-<span style="color: rgba(128, 0, 128, 1)">3.4</span>/<span style="color: rgba(0, 0, 0, 1)">NEWS
</span>/usr/share/doc/chrony-<span style="color: rgba(128, 0, 128, 1)">3.4</span>/<span style="color: rgba(0, 0, 0, 1)">README
</span>/usr/share/<span style="color: rgba(0, 0, 255, 1)">man</span>/man1/chronyc.<span style="color: rgba(128, 0, 128, 1)">1</span><span style="color: rgba(0, 0, 0, 1)">.gz
</span>/usr/share/<span style="color: rgba(0, 0, 255, 1)">man</span>/man5/chrony.conf.<span style="color: rgba(128, 0, 128, 1)">5</span><span style="color: rgba(0, 0, 0, 1)">.gz
</span>/usr/share/<span style="color: rgba(0, 0, 255, 1)">man</span>/man8/chronyd.<span style="color: rgba(128, 0, 128, 1)">8</span><span style="color: rgba(0, 0, 0, 1)">.gz
</span>/var/lib/<span style="color: rgba(0, 0, 0, 1)">chrony
</span>/var/lib/chrony/<span style="color: rgba(0, 0, 0, 1)">drift
</span>/var/lib/chrony/<span style="color: rgba(0, 0, 0, 1)">rtc
</span>/var/log/<span style="color: rgba(0, 0, 0, 1)">chrony
# </pre>
</div>
<p><strong><span style="font-size: 18px">4>.查看chrony的帮助手册</span></strong></p>
<div class="cnblogs_code">
<pre># <span style="color: rgba(0, 0, 255, 1)">man</span><span style="color: rgba(0, 0, 0, 1)"> chrony.conf #查看chrony的配置文件帮助信息
#
# <span style="color: rgba(0, 0, 255, 1)">man</span> chronyd #查看chrony的守护进程帮助信息</pre>
</div>
<p><strong><span style="font-size: 18px">5>.服务端的配置文件(标记为粉红色字体需要注意,其它使用默认参数即可,对其它字段感兴趣的小伙伴可以参考上面的帮助信息哟)</span></strong></p>
<div class="cnblogs_code">
<pre># <span style="color: rgba(0, 0, 255, 1)">cat</span> /etc/<span style="color: rgba(0, 0, 0, 1)">chrony.conf
<span style="color: rgba(255, 0, 255, 1)">#指定当前节点为服务器时间,生产环境中建议大家指定多个事件服务器哟,起到对时间服务器备份的效果
server master200.yinzhengjie.org.cn iburst</span>
# Record the rate at </span><span style="color: rgba(0, 0, 255, 1)">which</span> the system clock gains/losses <span style="color: rgba(0, 0, 255, 1)">time</span><span style="color: rgba(0, 0, 0, 1)">.
driftfile </span>/var/lib/chrony/<span style="color: rgba(0, 0, 0, 1)">drift
# Allow the system clock to be stepped </span><span style="color: rgba(0, 0, 255, 1)">in</span><span style="color: rgba(0, 0, 0, 1)"> the first three updates
# </span><span style="color: rgba(0, 0, 255, 1)">if</span> its offset is larger than <span style="color: rgba(128, 0, 128, 1)">1</span><span style="color: rgba(0, 0, 0, 1)"> second.
makestep </span><span style="color: rgba(128, 0, 128, 1)">1.0</span> <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)">
# Enable kernel synchronization of the real</span>-<span style="color: rgba(0, 0, 255, 1)">time</span><span style="color: rgba(0, 0, 0, 1)"> clock (RTC).
rtcsync
# Enable hardware timestamping on all interfaces that support it.
#hwtimestamp </span>*<span style="color: rgba(0, 0, 0, 1)">
# Increase the minimum number of selectable sources required to adjust
# the system clock.
#minsources </span><span style="color: rgba(128, 0, 128, 1)">2</span><span style="color: rgba(255, 0, 255, 1)">
#指定允许的客户端网段来当前时间服务器节点同步时间,我们可以使用deny all拒绝所有客户端。
allow 172.200.0.0/21
#注意,如果主机位是0的话可以简写,比如下面的地址可以简写为"127/8",不过建议大家还是写完整,可读性更强。
allow 127.0.0.0/8
#如果上面使用server字段配置的时间服务器同步时间失败,默认情况下当前时间服务器是不会向客户端同步时间的,
#这是因为担心当前节点的时间不准确(因为当前节点没有和定义中的server时间服务器进行同步),如果我们想要在
#server指定的时间服务器同步失败的情况下依旧返回当前时间服务器的时间给客户端,需要开启该参数,这一项参
#数配置在生产环境中还是相当危险的,因此建议大家在server字段中指定互联网的网络时间,否则可能会出现整个
#集群时间都错的的一致!
local stratum 10</span><span style="color: rgba(0, 0, 0, 1)">
# Specify </span><span style="color: rgba(0, 0, 255, 1)">file</span> containing keys <span style="color: rgba(0, 0, 255, 1)">for</span><span style="color: rgba(0, 0, 0, 1)"> NTP authentication.
#keyfile </span>/etc/<span style="color: rgba(0, 0, 0, 1)">chrony.keys
# Specify directory </span><span style="color: rgba(0, 0, 255, 1)">for</span><span style="color: rgba(0, 0, 0, 1)"> log files.
logdir </span>/var/log/<span style="color: rgba(0, 0, 0, 1)">chrony
# Select </span><span style="color: rgba(0, 0, 255, 1)">which</span><span style="color: rgba(0, 0, 0, 1)"> information is logged.
#log measurements statistics tracking
#
# </pre>
</div>
<p><strong><span style="font-size: 18px">6>.客户端配置<strong>(标记为粉红色字体需要注意,其它使用默认参数即可,对其它字段感兴趣的小伙伴可以参考上面的帮助信息哟)</strong></span></strong></p>
<div class="cnblogs_code">
<pre># <span style="color: rgba(0, 0, 255, 1)">egrep</span> -v <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">^#|^$</span><span style="color: rgba(128, 0, 0, 1)">"</span> /etc/<span style="color: rgba(0, 0, 0, 1)">chrony.conf
<span style="color: rgba(255, 0, 255, 1)">server master200.yinzhengjie.org.cn iburst</span>
driftfile </span>/var/lib/chrony/<span style="color: rgba(0, 0, 0, 1)">drift
makestep </span><span style="color: rgba(128, 0, 128, 1)">1.0</span> <span style="color: rgba(128, 0, 128, 1)">3</span><span style="color: rgba(0, 0, 0, 1)">
rtcsync
logdir </span>/var/log/<span style="color: rgba(0, 0, 0, 1)">chrony
# </pre>
</div>
<p><strong><span style="font-size: 18px">7>.将chrony服务设置为开启自启动</span></strong></p>
<div class="cnblogs_code">
<pre># systemctl start chronyd
#
# systemctl enable chronyd
#
# systemctl list-unit-files | <span style="color: rgba(0, 0, 255, 1)">grep</span><span style="color: rgba(0, 0, 0, 1)"> chronyd
chronyd.service enabled
#
# systemctl status chronyd
● chronyd.service </span>- NTP client/<span style="color: rgba(0, 0, 0, 1)">server
Loaded: loaded (</span>/usr/lib/systemd/system/<span style="color: rgba(0, 0, 0, 1)">chronyd.service; enabled; vendor preset: enabled)
Active: active (running) since Sun </span><span style="color: rgba(128, 0, 128, 1)">2020</span>-<span style="color: rgba(128, 0, 128, 1)">02</span>-<span style="color: rgba(128, 0, 128, 1)">09</span> <span style="color: rgba(128, 0, 128, 1)">23</span>:<span style="color: rgba(128, 0, 128, 1)">42</span>:<span style="color: rgba(128, 0, 128, 1)">18</span><span style="color: rgba(0, 0, 0, 1)"> CST; 15h ago
Docs: </span><span style="color: rgba(0, 0, 255, 1)">man</span>:chronyd(<span style="color: rgba(128, 0, 128, 1)">8</span><span style="color: rgba(0, 0, 0, 1)">)
</span><span style="color: rgba(0, 0, 255, 1)">man</span>:chrony.conf(<span style="color: rgba(128, 0, 128, 1)">5</span><span style="color: rgba(0, 0, 0, 1)">)
Main PID: </span><span style="color: rgba(128, 0, 128, 1)">4678</span><span style="color: rgba(0, 0, 0, 1)"> (chronyd)
CGroup: </span>/system.slice/<span style="color: rgba(0, 0, 0, 1)">chronyd.service
└─</span><span style="color: rgba(128, 0, 128, 1)">4678</span> /usr/sbin/<span style="color: rgba(0, 0, 0, 1)">chronyd
Feb </span><span style="color: rgba(128, 0, 128, 1)">09</span> <span style="color: rgba(128, 0, 128, 1)">23</span>:<span style="color: rgba(128, 0, 128, 1)">42</span>:<span style="color: rgba(128, 0, 128, 1)">17</span> master200.yinzhengjie.org.cn systemd[<span style="color: rgba(128, 0, 128, 1)">1</span>]: Starting NTP client/<span style="color: rgba(0, 0, 0, 1)">server...
Feb </span><span style="color: rgba(128, 0, 128, 1)">09</span> <span style="color: rgba(128, 0, 128, 1)">23</span>:<span style="color: rgba(128, 0, 128, 1)">42</span>:<span style="color: rgba(128, 0, 128, 1)">18</span> master200.yinzhengjie.org.cn chronyd[<span style="color: rgba(128, 0, 128, 1)">4678</span>]: chronyd version <span style="color: rgba(128, 0, 128, 1)">3.4</span> starting (+CMDMON +NTP +REFCLOCK +RTC +PRIVDROP +SCFILTER +SIGND +ASYNCDNS +SECHASH +IPV6 +<span style="color: rgba(0, 0, 0, 1)">DEBUG)
Feb </span><span style="color: rgba(128, 0, 128, 1)">09</span> <span style="color: rgba(128, 0, 128, 1)">23</span>:<span style="color: rgba(128, 0, 128, 1)">42</span>:<span style="color: rgba(128, 0, 128, 1)">18</span> master200.yinzhengjie.org.cn chronyd[<span style="color: rgba(128, 0, 128, 1)">4678</span>]: Frequency <span style="color: rgba(128, 0, 128, 1)">0.298</span> +/- <span style="color: rgba(128, 0, 128, 1)">0.488</span> ppm read from /var/lib/chrony/<span style="color: rgba(0, 0, 0, 1)">drift
Feb </span><span style="color: rgba(128, 0, 128, 1)">09</span> <span style="color: rgba(128, 0, 128, 1)">23</span>:<span style="color: rgba(128, 0, 128, 1)">42</span>:<span style="color: rgba(128, 0, 128, 1)">18</span> master200.yinzhengjie.org.cn systemd[<span style="color: rgba(128, 0, 128, 1)">1</span>]: Started NTP client/<span style="color: rgba(0, 0, 0, 1)">server.
Feb </span><span style="color: rgba(128, 0, 128, 1)">09</span> <span style="color: rgba(128, 0, 128, 1)">23</span>:<span style="color: rgba(128, 0, 128, 1)">42</span>:<span style="color: rgba(128, 0, 128, 1)">28</span> master200.yinzhengjie.org.cn chronyd[<span style="color: rgba(128, 0, 128, 1)">4678</span>]: Selected source <span style="color: rgba(128, 0, 128, 1)">172.200</span>.<span style="color: rgba(128, 0, 128, 1)">1.200</span><span style="color: rgba(0, 0, 0, 1)">
#
# </pre>
</div>
<p><strong><span style="font-size: 18px">8>.查看chrony服务的监听端口</span></strong></p>
<div class="cnblogs_code"><img id="code_img_closed_f3fc1a46-fb70-4186-a178-ccf594128d48" class="code_img_closed lazyload" alt="" data-src="http://images.cnblogs.com/OutliningIndicators/ContractedBlock.gif"><img id="code_img_opened_f3fc1a46-fb70-4186-a178-ccf594128d48" class="code_img_opened lazyload" style="display: none" alt="" data-src="http://images.cnblogs.com/OutliningIndicators/ExpandedBlockStart.gif">
<div id="cnblogs_code_open_f3fc1a46-fb70-4186-a178-ccf594128d48" class="cnblogs_code_hide">
<pre># ss -<span style="color: rgba(0, 0, 0, 1)">untlp
NetidState Recv</span>-Q Send-<span style="color: rgba(0, 0, 0, 1)">Q Local Address:Port Peer Address:Port
udp UNCONN </span><span style="color: rgba(128, 0, 128, 1)">0</span> <span style="color: rgba(128, 0, 128, 1)">0</span> *:<span style="color: rgba(128, 0, 128, 1)">123</span> *:*<span style="color: rgba(0, 0, 0, 1)">
users:((</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">chronyd</span><span style="color: rgba(128, 0, 0, 1)">"</span>,pid=<span style="color: rgba(128, 0, 128, 1)">4678</span>,fd=<span style="color: rgba(128, 0, 128, 1)">7</span>))udp UNCONN <span style="color: rgba(128, 0, 128, 1)">0</span> <span style="color: rgba(128, 0, 128, 1)">0</span> *:<span style="color: rgba(128, 0, 128, 1)">8472</span> *:*<span style="color: rgba(0, 0, 0, 1)">
udp UNCONN </span><span style="color: rgba(128, 0, 128, 1)">0</span> <span style="color: rgba(128, 0, 128, 1)">0</span> <span style="color: rgba(128, 0, 128, 1)">127.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.1</span>:<span style="color: rgba(128, 0, 128, 1)">323</span> *:*<span style="color: rgba(0, 0, 0, 1)">
users:((</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">chronyd</span><span style="color: rgba(128, 0, 0, 1)">"</span>,pid=<span style="color: rgba(128, 0, 128, 1)">4678</span>,fd=<span style="color: rgba(128, 0, 128, 1)">5</span>))udp UNCONN <span style="color: rgba(128, 0, 128, 1)">0</span> <span style="color: rgba(128, 0, 128, 1)">0</span> ::<span style="color: rgba(128, 0, 128, 1)">1</span>:<span style="color: rgba(128, 0, 128, 1)">323</span> :::*<span style="color: rgba(0, 0, 0, 1)">
users:((</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">chronyd</span><span style="color: rgba(128, 0, 0, 1)">"</span>,pid=<span style="color: rgba(128, 0, 128, 1)">4678</span>,fd=<span style="color: rgba(128, 0, 128, 1)">6</span>))tcp LISTEN <span style="color: rgba(128, 0, 128, 1)">0</span> <span style="color: rgba(128, 0, 128, 1)">20480</span> <span style="color: rgba(128, 0, 128, 1)">127.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.1</span>:<span style="color: rgba(128, 0, 128, 1)">10248</span> *:*<span style="color: rgba(0, 0, 0, 1)">
users:((</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">kubelet</span><span style="color: rgba(128, 0, 0, 1)">"</span>,pid=<span style="color: rgba(128, 0, 128, 1)">4659</span>,fd=<span style="color: rgba(128, 0, 128, 1)">28</span>))tcp LISTEN <span style="color: rgba(128, 0, 128, 1)">0</span> <span style="color: rgba(128, 0, 128, 1)">20480</span> <span style="color: rgba(128, 0, 128, 1)">127.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.1</span>:<span style="color: rgba(128, 0, 128, 1)">10249</span> *:*<span style="color: rgba(0, 0, 0, 1)">
users:((</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">kube-proxy</span><span style="color: rgba(128, 0, 0, 1)">"</span>,pid=<span style="color: rgba(128, 0, 128, 1)">7373</span>,fd=<span style="color: rgba(128, 0, 128, 1)">13</span>))tcp LISTEN <span style="color: rgba(128, 0, 128, 1)">0</span> <span style="color: rgba(128, 0, 128, 1)">20480</span> <span style="color: rgba(128, 0, 128, 1)">172.200</span>.<span style="color: rgba(128, 0, 128, 1)">1.200</span>:<span style="color: rgba(128, 0, 128, 1)">2379</span> *:*<span style="color: rgba(0, 0, 0, 1)">
users:((</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">etcd</span><span style="color: rgba(128, 0, 0, 1)">"</span>,pid=<span style="color: rgba(128, 0, 128, 1)">6708</span>,fd=<span style="color: rgba(128, 0, 128, 1)">6</span>))tcp LISTEN <span style="color: rgba(128, 0, 128, 1)">0</span> <span style="color: rgba(128, 0, 128, 1)">20480</span> <span style="color: rgba(128, 0, 128, 1)">127.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.1</span>:<span style="color: rgba(128, 0, 128, 1)">2379</span> *:*<span style="color: rgba(0, 0, 0, 1)">
users:((</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">etcd</span><span style="color: rgba(128, 0, 0, 1)">"</span>,pid=<span style="color: rgba(128, 0, 128, 1)">6708</span>,fd=<span style="color: rgba(128, 0, 128, 1)">5</span>))tcp LISTEN <span style="color: rgba(128, 0, 128, 1)">0</span> <span style="color: rgba(128, 0, 128, 1)">20480</span> <span style="color: rgba(128, 0, 128, 1)">172.200</span>.<span style="color: rgba(128, 0, 128, 1)">1.200</span>:<span style="color: rgba(128, 0, 128, 1)">2380</span> *:*<span style="color: rgba(0, 0, 0, 1)">
users:((</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">etcd</span><span style="color: rgba(128, 0, 0, 1)">"</span>,pid=<span style="color: rgba(128, 0, 128, 1)">6708</span>,fd=<span style="color: rgba(128, 0, 128, 1)">3</span>))tcp LISTEN <span style="color: rgba(128, 0, 128, 1)">0</span> <span style="color: rgba(128, 0, 128, 1)">20480</span> <span style="color: rgba(128, 0, 128, 1)">127.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.1</span>:<span style="color: rgba(128, 0, 128, 1)">2381</span> *:*<span style="color: rgba(0, 0, 0, 1)">
users:((</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">etcd</span><span style="color: rgba(128, 0, 0, 1)">"</span>,pid=<span style="color: rgba(128, 0, 128, 1)">6708</span>,fd=<span style="color: rgba(128, 0, 128, 1)">11</span>))tcp LISTEN <span style="color: rgba(128, 0, 128, 1)">0</span> <span style="color: rgba(128, 0, 128, 1)">20480</span> <span style="color: rgba(128, 0, 128, 1)">127.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.1</span>:<span style="color: rgba(128, 0, 128, 1)">10257</span> *:*<span style="color: rgba(0, 0, 0, 1)">
users:((</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">kube-controller</span><span style="color: rgba(128, 0, 0, 1)">"</span>,pid=<span style="color: rgba(128, 0, 128, 1)">6593</span>,fd=<span style="color: rgba(128, 0, 128, 1)">6</span>))tcp LISTEN <span style="color: rgba(128, 0, 128, 1)">0</span> <span style="color: rgba(128, 0, 128, 1)">20480</span> <span style="color: rgba(128, 0, 128, 1)">127.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.1</span>:<span style="color: rgba(128, 0, 128, 1)">10259</span> *:*<span style="color: rgba(0, 0, 0, 1)">
users:((</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">kube-scheduler</span><span style="color: rgba(128, 0, 0, 1)">"</span>,pid=<span style="color: rgba(128, 0, 128, 1)">6659</span>,fd=<span style="color: rgba(128, 0, 128, 1)">6</span>))tcp LISTEN <span style="color: rgba(128, 0, 128, 1)">0</span> <span style="color: rgba(128, 0, 128, 1)">128</span> *:<span style="color: rgba(128, 0, 128, 1)">22</span> *:*<span style="color: rgba(0, 0, 0, 1)">
users:((</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">sshd</span><span style="color: rgba(128, 0, 0, 1)">"</span>,pid=<span style="color: rgba(128, 0, 128, 1)">5129</span>,fd=<span style="color: rgba(128, 0, 128, 1)">3</span>))tcp LISTEN <span style="color: rgba(128, 0, 128, 1)">0</span> <span style="color: rgba(128, 0, 128, 1)">20480</span> <span style="color: rgba(128, 0, 128, 1)">127.0</span>.<span style="color: rgba(128, 0, 128, 1)">0.1</span>:<span style="color: rgba(128, 0, 128, 1)">17369</span> *:*<span style="color: rgba(0, 0, 0, 1)">
users:((</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">kubelet</span><span style="color: rgba(128, 0, 0, 1)">"</span>,pid=<span style="color: rgba(128, 0, 128, 1)">4659</span>,fd=<span style="color: rgba(128, 0, 128, 1)">9</span>))tcp LISTEN <span style="color: rgba(128, 0, 128, 1)">0</span> <span style="color: rgba(128, 0, 128, 1)">20480</span> :::<span style="color: rgba(128, 0, 128, 1)">10250</span> :::*<span style="color: rgba(0, 0, 0, 1)">
users:((</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">kubelet</span><span style="color: rgba(128, 0, 0, 1)">"</span>,pid=<span style="color: rgba(128, 0, 128, 1)">4659</span>,fd=<span style="color: rgba(128, 0, 128, 1)">23</span>))tcp LISTEN <span style="color: rgba(128, 0, 128, 1)">0</span> <span style="color: rgba(128, 0, 128, 1)">20480</span> :::<span style="color: rgba(128, 0, 128, 1)">30443</span> :::*<span style="color: rgba(0, 0, 0, 1)">
users:((</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">kube-proxy</span><span style="color: rgba(128, 0, 0, 1)">"</span>,pid=<span style="color: rgba(128, 0, 128, 1)">7373</span>,fd=<span style="color: rgba(128, 0, 128, 1)">10</span>))tcp LISTEN <span style="color: rgba(128, 0, 128, 1)">0</span> <span style="color: rgba(128, 0, 128, 1)">20480</span> :::<span style="color: rgba(128, 0, 128, 1)">10251</span> :::*<span style="color: rgba(0, 0, 0, 1)">
users:((</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">kube-scheduler</span><span style="color: rgba(128, 0, 0, 1)">"</span>,pid=<span style="color: rgba(128, 0, 128, 1)">6659</span>,fd=<span style="color: rgba(128, 0, 128, 1)">5</span>))tcp LISTEN <span style="color: rgba(128, 0, 128, 1)">0</span> <span style="color: rgba(128, 0, 128, 1)">20480</span> :::<span style="color: rgba(128, 0, 128, 1)">6443</span> :::*<span style="color: rgba(0, 0, 0, 1)">
users:((</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">kube-apiserver</span><span style="color: rgba(128, 0, 0, 1)">"</span>,pid=<span style="color: rgba(128, 0, 128, 1)">6595</span>,fd=<span style="color: rgba(128, 0, 128, 1)">5</span>))tcp LISTEN <span style="color: rgba(128, 0, 128, 1)">0</span> <span style="color: rgba(128, 0, 128, 1)">20480</span> :::<span style="color: rgba(128, 0, 128, 1)">10252</span> :::*<span style="color: rgba(0, 0, 0, 1)">
users:((</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">kube-controller</span><span style="color: rgba(128, 0, 0, 1)">"</span>,pid=<span style="color: rgba(128, 0, 128, 1)">6593</span>,fd=<span style="color: rgba(128, 0, 128, 1)">5</span>))tcp LISTEN <span style="color: rgba(128, 0, 128, 1)">0</span> <span style="color: rgba(128, 0, 128, 1)">20480</span> :::<span style="color: rgba(128, 0, 128, 1)">10256</span> :::*<span style="color: rgba(0, 0, 0, 1)">
users:((</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">kube-proxy</span><span style="color: rgba(128, 0, 0, 1)">"</span>,pid=<span style="color: rgba(128, 0, 128, 1)">7373</span>,fd=<span style="color: rgba(128, 0, 128, 1)">14</span>))tcp LISTEN <span style="color: rgba(128, 0, 128, 1)">0</span> <span style="color: rgba(128, 0, 128, 1)">128</span> :::<span style="color: rgba(128, 0, 128, 1)">22</span> :::*<span style="color: rgba(0, 0, 0, 1)">
users:((</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">sshd</span><span style="color: rgba(128, 0, 0, 1)">"</span>,pid=<span style="color: rgba(128, 0, 128, 1)">5129</span>,fd=<span style="color: rgba(128, 0, 128, 1)">4</span>))tcp LISTEN <span style="color: rgba(128, 0, 128, 1)">0</span> <span style="color: rgba(128, 0, 128, 1)">20480</span> :::<span style="color: rgba(128, 0, 128, 1)">30080</span> :::*<span style="color: rgba(0, 0, 0, 1)">
users:((</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">kube-proxy</span><span style="color: rgba(128, 0, 0, 1)">"</span>,pid=<span style="color: rgba(128, 0, 128, 1)">7373</span>,fd=<span style="color: rgba(128, 0, 128, 1)">8</span>))# </pre>
</div>
<span class="cnblogs_code_collapse"># ss -untlp</span></div>
<p><strong><span style="font-size: 18px"><strong><img alt="" data-src="https://img2018.cnblogs.com/i-beta/795254/202002/795254-20200210221819706-1170661473.png"></strong></span></strong></p>
<p> </p>
<p><span style="font-size: 14pt; color: rgba(255, 0, 255, 1)"><strong>三.<strong>查看服务端和客户端时间是否同步完成</strong></strong></span></p>
<p><strong><span style="font-size: 18px">1>.<strong><strong>以交互式方式(支持命令补全)</strong></strong>查看时间同步资源</span></strong></p>
<div class="cnblogs_code"><img src="http://images.cnblogs.com/OutliningIndicators/ContractedBlock.gif"><img id="code_img_opened_0bea6f5d-3003-4d19-8c4f-f7e3f0460be1" class="code_img_opened lazyload" style="display: none" alt="" data-src="http://images.cnblogs.com/OutliningIndicators/ExpandedBlockStart.gif">
<div id="cnblogs_code_open_0bea6f5d-3003-4d19-8c4f-f7e3f0460be1" class="cnblogs_code_hide">
<pre>#
# chronyc
chrony version </span><span style="color: rgba(128, 0, 128, 1)">3.4</span><span style="color: rgba(0, 0, 0, 1)">
Copyright (C) </span><span style="color: rgba(128, 0, 128, 1)">1997</span>-<span style="color: rgba(128, 0, 128, 1)">2003</span>, <span style="color: rgba(128, 0, 128, 1)">2007</span>, <span style="color: rgba(128, 0, 128, 1)">2009</span>-<span style="color: rgba(128, 0, 128, 1)">2018</span><span style="color: rgba(0, 0, 0, 1)"> Richard P. Curnow and others
chrony comes with ABSOLUTELY NO WARRANTY.This is </span><span style="color: rgba(0, 0, 255, 1)">free</span><span style="color: rgba(0, 0, 0, 1)"> software, and
you are welcome to redistribute it under certain conditions.See the
GNU General Public License version </span><span style="color: rgba(128, 0, 128, 1)">2</span> <span style="color: rgba(0, 0, 255, 1)">for</span><span style="color: rgba(0, 0, 0, 1)"> details.
chronyc</span>><span style="color: rgba(0, 0, 0, 1)">
chronyc</span>><span style="color: rgba(0, 0, 0, 1)"> sources
</span><span style="color: rgba(128, 0, 128, 1)">210</span> Number of sources = <span style="color: rgba(128, 0, 128, 1)">1</span><span style="color: rgba(0, 0, 0, 1)">
MS Name</span>/<span style="color: rgba(0, 0, 0, 1)">IP address Stratum Poll Reach LastRx Last sample
</span>===============================================================================
^* master200.yinzhengjie.or> <span style="color: rgba(128, 0, 128, 1)">10</span><span style="color: rgba(128, 0, 128, 1)">10</span> <span style="color: rgba(128, 0, 128, 1)">377</span> 15h -180ns[-2930ns] +/-<span style="color: rgba(0, 0, 0, 1)"> 7588ns
chronyc</span>><span style="color: rgba(0, 0, 0, 1)">
chronyc</span>> </pre>
</div>
<span class="cnblogs_code_collapse">chronyc> sources</span></div>
<p><img alt="" data-src="https://img2018.cnblogs.com/i-beta/795254/202002/795254-20200210222354601-256119483.png"></p>
<p><strong><span style="font-size: 18px">2>.<strong>以交互式方式(支持命令补全)</strong>查看时间同步正常是否正常</span></strong></p>
<div class="cnblogs_code"><img src="http://images.cnblogs.com/OutliningIndicators/ContractedBlock.gif"><img id="code_img_opened_dbec7a04-bf11-4eed-a280-ea5e6029a87c" class="code_img_opened lazyload" style="display: none" alt="" data-src="http://images.cnblogs.com/OutliningIndicators/ExpandedBlockStart.gif">
<div id="cnblogs_code_open_dbec7a04-bf11-4eed-a280-ea5e6029a87c" class="cnblogs_code_hide">
<pre># chronyc
chrony version </span><span style="color: rgba(128, 0, 128, 1)">3.4</span><span style="color: rgba(0, 0, 0, 1)">
Copyright (C) </span><span style="color: rgba(128, 0, 128, 1)">1997</span>-<span style="color: rgba(128, 0, 128, 1)">2003</span>, <span style="color: rgba(128, 0, 128, 1)">2007</span>, <span style="color: rgba(128, 0, 128, 1)">2009</span>-<span style="color: rgba(128, 0, 128, 1)">2018</span><span style="color: rgba(0, 0, 0, 1)"> Richard P. Curnow and others
chrony comes with ABSOLUTELY NO WARRANTY.This is </span><span style="color: rgba(0, 0, 255, 1)">free</span><span style="color: rgba(0, 0, 0, 1)"> software, and
you are welcome to redistribute it under certain conditions.See the
GNU General Public License version </span><span style="color: rgba(128, 0, 128, 1)">2</span> <span style="color: rgba(0, 0, 255, 1)">for</span><span style="color: rgba(0, 0, 0, 1)"> details.
chronyc</span>><span style="color: rgba(0, 0, 0, 1)">
chronyc</span>><span style="color: rgba(0, 0, 0, 1)"> sourcestats
</span><span style="color: rgba(128, 0, 128, 1)">210</span> Number of sources = <span style="color: rgba(128, 0, 128, 1)">1</span><span style="color: rgba(0, 0, 0, 1)">
Name</span>/<span style="color: rgba(0, 0, 0, 1)">IP Address NPNRSpanFrequencyFreq SkewOffsetStd Dev
</span>==============================================================================<span style="color: rgba(0, 0, 0, 1)">
master200.yinzhengjie.or</span>><span style="color: rgba(128, 0, 128, 1)">64</span><span style="color: rgba(128, 0, 128, 1)">34</span> 14h -<span style="color: rgba(128, 0, 128, 1)">0.000</span> <span style="color: rgba(128, 0, 128, 1)">0.001</span> -<span style="color: rgba(0, 0, 0, 1)">1ns 52us
chronyc</span>><span style="color: rgba(0, 0, 0, 1)">
chronyc</span>> </pre>
</div>
<span class="cnblogs_code_collapse"># chronyc</span></div>
<p><img alt="" data-src="https://img2018.cnblogs.com/i-beta/795254/202002/795254-20200210222636260-1185806303.png"></p>
<p><strong><span style="font-size: 18px">3>.<strong><strong>以非交互式方式(注意,不支持命令补全哟)<strong>查看时间同步资源详细信息</strong></strong></strong></span></strong></p>
<div class="cnblogs_code"><img src="http://images.cnblogs.com/OutliningIndicators/ContractedBlock.gif"><img id="code_img_opened_dd324d44-21fe-47ac-ad8d-8551c554df4b" class="code_img_opened lazyload" style="display: none" alt="" data-src="http://images.cnblogs.com/OutliningIndicators/ExpandedBlockStart.gif">
<div id="cnblogs_code_open_dd324d44-21fe-47ac-ad8d-8551c554df4b" class="cnblogs_code_hide">
<pre># chronyc sources -<span style="color: rgba(0, 0, 0, 1)">v
</span><span style="color: rgba(128, 0, 128, 1)">210</span> Number of sources = <span style="color: rgba(128, 0, 128, 1)">1</span><span style="color: rgba(0, 0, 0, 1)">
.</span>-- Source mode<span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">^</span><span style="color: rgba(128, 0, 0, 1)">'</span> = server, <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">=</span><span style="color: rgba(128, 0, 0, 1)">'</span> = peer, <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">#</span><span style="color: rgba(128, 0, 0, 1)">'</span> =<span style="color: rgba(0, 0, 0, 1)"> local clock.
</span>/ .- Source state <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">*</span><span style="color: rgba(128, 0, 0, 1)">'</span> = current synced, <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">+</span><span style="color: rgba(128, 0, 0, 1)">'</span> = combined , <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">-</span><span style="color: rgba(128, 0, 0, 1)">'</span> =<span style="color: rgba(0, 0, 0, 1)"> not combined,
</span>| / <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">?</span><span style="color: rgba(128, 0, 0, 1)">'</span> = unreachable, <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">x</span><span style="color: rgba(128, 0, 0, 1)">'</span> = <span style="color: rgba(0, 0, 255, 1)">time</span> may be <span style="color: rgba(0, 0, 255, 1)">in</span> error, <span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">~</span><span style="color: rgba(128, 0, 0, 1)">'</span> = <span style="color: rgba(0, 0, 255, 1)">time</span><span style="color: rgba(0, 0, 0, 1)"> too variable.
</span>|| .- xxxx [ yyyy ] +/-<span style="color: rgba(0, 0, 0, 1)"> zzzz
</span>|| Reachability register (octal) -. |xxxx =<span style="color: rgba(0, 0, 0, 1)"> adjusted offset,
</span>|| Log2(Polling interval) --. | |yyyy =<span style="color: rgba(0, 0, 0, 1)"> measured offset,
</span>|| \ | |zzzz =<span style="color: rgba(0, 0, 0, 1)"> estimated error.
</span>|| | |<span style="color: rgba(0, 0, 0, 1)"> \
MS Name</span>/<span style="color: rgba(0, 0, 0, 1)">IP address Stratum Poll Reach LastRx Last sample
</span>===============================================================================
^* master200.yinzhengjie.or> <span style="color: rgba(128, 0, 128, 1)">11</span><span style="color: rgba(128, 0, 128, 1)">10</span> <span style="color: rgba(128, 0, 128, 1)">377</span> <span style="color: rgba(128, 0, 128, 1)">8</span> +383ns[ +554ns] +/-<span style="color: rgba(0, 0, 0, 1)">117ms
# </pre>
</div>
<span class="cnblogs_code_collapse"># chronyc sources -v</span></div>
<p><img alt="" data-src="https://img2018.cnblogs.com/i-beta/795254/202002/795254-20200210223047191-795778844.png"></p>
<p><strong><span style="font-size: 18px"><strong><strong>4>.通过chronyc交互式接口配置chrony访问可参考帮助信息(不推荐使用,建议直接修改"/etc/chrony.conf"配置文件)</strong></strong></span></strong> </p>
<div class="cnblogs_code"><img id="code_img_closed_07b91951-7b47-4cd2-ae98-6095ec2a658a" class="code_img_closed lazyload" alt="" data-src="http://images.cnblogs.com/OutliningIndicators/ContractedBlock.gif"><img id="code_img_opened_07b91951-7b47-4cd2-ae98-6095ec2a658a" class="code_img_opened lazyload" style="display: none" alt="" data-src="http://images.cnblogs.com/OutliningIndicators/ExpandedBlockStart.gif">
<div id="cnblogs_code_open_07b91951-7b47-4cd2-ae98-6095ec2a658a" class="cnblogs_code_hide">
<pre># chronyc
chrony version </span><span style="color: rgba(128, 0, 128, 1)">3.4</span><span style="color: rgba(0, 0, 0, 1)">
Copyright (C) </span><span style="color: rgba(128, 0, 128, 1)">1997</span>-<span style="color: rgba(128, 0, 128, 1)">2003</span>, <span style="color: rgba(128, 0, 128, 1)">2007</span>, <span style="color: rgba(128, 0, 128, 1)">2009</span>-<span style="color: rgba(128, 0, 128, 1)">2018</span><span style="color: rgba(0, 0, 0, 1)"> Richard P. Curnow and others
chrony comes with ABSOLUTELY NO WARRANTY.This is </span><span style="color: rgba(0, 0, 255, 1)">free</span><span style="color: rgba(0, 0, 0, 1)"> software, and
you are welcome to redistribute it under certain conditions.See the
GNU General Public License version </span><span style="color: rgba(128, 0, 128, 1)">2</span> <span style="color: rgba(0, 0, 255, 1)">for</span><span style="color: rgba(0, 0, 0, 1)"> details.
chronyc</span>><span style="color: rgba(0, 0, 0, 1)"> help
System clock:
tracking Display system </span><span style="color: rgba(0, 0, 255, 1)">time</span><span style="color: rgba(0, 0, 0, 1)"> information
makestep Correct clock by stepping immediately
makestep </span><threshold> <updates><span style="color: rgba(0, 0, 0, 1)">
Configure automatic clock stepping
maxupdateskew </span><skew><span style="color: rgba(0, 0, 0, 1)"> Modify maximum valid skew to update frequency
waitsync [</span><max-tries> [<max-correction> [<max-skew> [<interval><span style="color: rgba(0, 0, 0, 1)">]]]]
Wait </span><span style="color: rgba(0, 0, 255, 1)">until</span> synchronised <span style="color: rgba(0, 0, 255, 1)">in</span><span style="color: rgba(0, 0, 0, 1)"> specified limits
Time sources:
sources [</span>-<span style="color: rgba(0, 0, 0, 1)">v] Display information about current sources
sourcestats [</span>-<span style="color: rgba(0, 0, 0, 1)">v] Display statistics about collected measurements
reselect Force reselecting synchronisation source
reselectdist </span><dist><span style="color: rgba(0, 0, 0, 1)"> Modify reselection distance
NTP sources:
activity Check how many NTP sources are online</span>/<span style="color: rgba(0, 0, 0, 1)">offline
ntpdata [</span><address>] Display information about <span style="color: rgba(0, 0, 255, 1)">last</span><span style="color: rgba(0, 0, 0, 1)"> valid measurement
add server </span><address><span style="color: rgba(0, 0, 0, 1)">
Add new NTP server
add peer </span><address><span style="color: rgba(0, 0, 0, 1)">
Add new NTP peer
delete </span><address><span style="color: rgba(0, 0, 0, 1)"> Remove server or peer
burst </span><n-good>/<n-max> [<mask>/<address><span style="color: rgba(0, 0, 0, 1)">]
Start rapid set of measurements
maxdelay </span><address> <delay><span style="color: rgba(0, 0, 0, 1)">Modify maximum valid sample delay
maxdelayratio </span><address> <ratio><span style="color: rgba(0, 0, 0, 1)">
Modify maximum valid delay</span>/<span style="color: rgba(0, 0, 0, 1)">minimum ratio
maxdelaydevratio </span><address> <ratio><span style="color: rgba(0, 0, 0, 1)">
Modify maximum valid delay</span>/<span style="color: rgba(0, 0, 0, 1)">deviation ratio
minpoll </span><address> <poll><span style="color: rgba(0, 0, 0, 1)"> Modify minimum polling interval
maxpoll </span><address> <poll><span style="color: rgba(0, 0, 0, 1)"> Modify maximum polling interval
minstratum </span><address> <stratum><span style="color: rgba(0, 0, 0, 1)">
Modify minimum stratum
offline [</span><mask>/<address>]Set sources <span style="color: rgba(0, 0, 255, 1)">in</span><span style="color: rgba(0, 0, 0, 1)"> subnet to offline status
online [</span><mask>/<address>] Set sources <span style="color: rgba(0, 0, 255, 1)">in</span><span style="color: rgba(0, 0, 0, 1)"> subnet to online status
onoffline Set all sources to online or offline status
according to network configuration
polltarget </span><address> <target><span style="color: rgba(0, 0, 0, 1)">
Modify poll target
refresh Refresh IP addresses
Manual </span><span style="color: rgba(0, 0, 255, 1)">time</span><span style="color: rgba(0, 0, 0, 1)"> input:
manual off</span>|on|reset Disable/enable/<span style="color: rgba(0, 0, 0, 1)">reset settime command
manual list Show previous settime entries
manual delete </span><index><span style="color: rgba(0, 0, 0, 1)"> Delete previous settime entry
settime </span><<span style="color: rgba(0, 0, 255, 1)">time</span>> Set daemon <span style="color: rgba(0, 0, 255, 1)">time</span><span style="color: rgba(0, 0, 0, 1)">
(e.g. Sep </span><span style="color: rgba(128, 0, 128, 1)">25</span>, <span style="color: rgba(128, 0, 128, 1)">2015</span> <span style="color: rgba(128, 0, 128, 1)">16</span>:<span style="color: rgba(128, 0, 128, 1)">30</span>:<span style="color: rgba(128, 0, 128, 1)">05</span> or <span style="color: rgba(128, 0, 128, 1)">16</span>:<span style="color: rgba(128, 0, 128, 1)">30</span>:<span style="color: rgba(128, 0, 128, 1)">05</span><span style="color: rgba(0, 0, 0, 1)">)
NTP access:
accheck </span><address><span style="color: rgba(0, 0, 0, 1)"> Check whether address is allowed
clients Report on clients that have accessed the server
serverstats Display statistics of the server
allow [</span><subnet><span style="color: rgba(0, 0, 0, 1)">] Allow access to subnet as a default
allow all [</span><subnet><span style="color: rgba(0, 0, 0, 1)">] Allow access to subnet and all children
deny [</span><subnet><span style="color: rgba(0, 0, 0, 1)">] Deny access to subnet as a default
deny all [</span><subnet><span style="color: rgba(0, 0, 0, 1)">] Deny access to subnet and all children
local Serve </span><span style="color: rgba(0, 0, 255, 1)">time</span><span style="color: rgba(0, 0, 0, 1)"> even when not synchronised
local off Don</span><span style="color: rgba(128, 0, 0, 1)">'</span><span style="color: rgba(128, 0, 0, 1)">t serve time when not synchronised</span>
smoothtime reset|activate Reset/activate <span style="color: rgba(0, 0, 255, 1)">time</span><span style="color: rgba(0, 0, 0, 1)"> smoothing
smoothing Display current </span><span style="color: rgba(0, 0, 255, 1)">time</span><span style="color: rgba(0, 0, 0, 1)"> smoothing state
Monitoring access:
cmdaccheck </span><address><span style="color: rgba(0, 0, 0, 1)"> Check whether address is allowed
cmdallow [</span><subnet><span style="color: rgba(0, 0, 0, 1)">] Allow access to subnet as a default
cmdallow all [</span><subnet><span style="color: rgba(0, 0, 0, 1)">] Allow access to subnet and all children
cmddeny [</span><subnet><span style="color: rgba(0, 0, 0, 1)">] Deny access to subnet as a default
cmddeny all [</span><subnet><span style="color: rgba(0, 0, 0, 1)">] Deny access to subnet and all children
Real</span>-<span style="color: rgba(0, 0, 255, 1)">time</span><span style="color: rgba(0, 0, 0, 1)"> clock:
rtcdata Print current RTC performance parameters
trimrtc Correct RTC relative to system clock
writertc Save RTC performance parameters to </span><span style="color: rgba(0, 0, 255, 1)">file</span><span style="color: rgba(0, 0, 0, 1)">
Other daemon commands:
cyclelogs Close and re</span>-<span style="color: rgba(0, 0, 0, 1)">open log files
dump Dump all measurements to save files
rekey Re</span>-read keys from key <span style="color: rgba(0, 0, 255, 1)">file</span><span style="color: rgba(0, 0, 0, 1)">
shutdown Stop daemon
Client commands:
dns </span>-n|+n Disable/<span style="color: rgba(0, 0, 0, 1)">enable resolving IP addresses to hostnames
dns </span>-<span style="color: rgba(128, 0, 128, 1)">4</span>|-<span style="color: rgba(128, 0, 128, 1)">6</span>|-<span style="color: rgba(128, 0, 128, 1)">46</span> Resolve hostnames only to IPv4/IPv6/<span style="color: rgba(0, 0, 0, 1)">both addresses
timeout </span><milliseconds><span style="color: rgba(0, 0, 0, 1)"> Set initial response timeout
retries </span><retries><span style="color: rgba(0, 0, 0, 1)"> Set maximum number of retries
keygen [</span><<span style="color: rgba(0, 0, 255, 1)">id</span>> [<type> [<bits><span style="color: rgba(0, 0, 0, 1)">]]]
Generate key </span><span style="color: rgba(0, 0, 255, 1)">for</span> key <span style="color: rgba(0, 0, 255, 1)">file</span><span style="color: rgba(0, 0, 0, 1)">
exit</span>|<span style="color: rgba(0, 0, 0, 1)">quit Leave the program
help Generate this help
chronyc</span>> </pre>
</div>
<span class="cnblogs_code_collapse">chronyc> help</span></div>
<p> </p>
</div>
<div id="MySignature" role="contentinfo">
<p>本文来自博客园,作者:尹正杰,转载请注明原文链接:https://www.cnblogs.com/yinzhengjie/p/12292549.html,个人微信: "JasonYin2020"(添加时请备注来源及意图备注,有偿付费) </p>
<p>当你的才华还撑不起你的野心的时候,你就应该静下心来学习。当你的能力还驾驭不了你的目标的时候,你就应该沉下心来历练。问问自己,想要怎样的人生。</p><br><br>
来源:https://www.cnblogs.com/yinzhengjie/p/12292549.html
頁:
[1]