服务器配置
服务器IP及角色
ip 1:192.168.100.146 (NTP server)
ip 2:192.168.100.147 (NTP client)
关闭2台服务器防火墙及防火墙开机自启服务
[root@localhost ~]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: active (running) since 四 2022-02-17 15:49:09 CST; 19min ago
Docs: man:firewalld(1)
Main PID: 827 (firewalld)
CGroup: /system.slice/firewalld.service
└─827 /usr/bin/python2 -Es /usr/sbin/firewalld --nofork --nopid
2月 17 15:49:08 localhost.localdomain systemd[1]: Starting firewalld - dynamic firewall daemon...
2月 17 15:49:09 localhost.localdomain systemd[1]: Started firewalld - dynamic firewall daemon.
[root@localhost ~]# systemctl stop firewalld;systemctl disable firewalld;systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
Active: inactive (dead)
Docs: man:firewalld(1)
2月 17 15:49:08 localhost.localdomain systemd[1]: Starting firewalld - dynamic firewall daemon...
2月 17 15:49:09 localhost.localdomain systemd[1]: Started firewalld - dynamic firewall daemon.
2月 17 16:08:34 localhost.localdomain systemd[1]: Stopping firewalld - dynamic firewall daemon...
2月 17 16:08:36 localhost.localdomain systemd[1]: Stopped firewalld - dynamic firewall daemon.
[root@localhost ~]#
查看2台服务器是否安装ntp,ntpdate;
分别安装ntp ntpdate
yum install ntp ntpdate -y
分别验证ntp ntpdate
[root@localhost ~]# rpm -qa|grep ntp
ntpdate-4.2.6p5-29.el7.centos.2.x86_64
ntp-4.2.6p5-29.el7.centos.2.x86_64
server端修改配置
vim /etc/ntp.conf
将下面4行注释,结果如下
#server 0.centos.pool.ntp.org iburst
#server 1.centos.pool.ntp.org iburst
#server 2.centos.pool.ntp.org iburst
#server 3.centos.pool.ntp.org iburst
在下面添加3行
##允许局域网内所有客户端连接到这台服务器同步时间.但是拒绝让他们修改服务器上的时间
restrict 0.0.0.0 mask 255.255.255.0 nomodify notrap
server 127.127.1.0 perfer
fudge 127.127.1.0 stratum 0
###补充部分字段含义解释
#restrict default nomodify notrap nopeer noquery
#进行限制, 注意这一段需要修改, 可以讲 nopeer和noquery和notrap 删除掉 修改为
#restrict default nomodify
#default 表示所有的ip地址都可以使用这个服务器进行时间 同步
#nomodify的含义是不允许客户端修改服务器的时间.
#noquery 不允许客户端查询, 所以这个要删除掉
server端启动ntp服务,添加开机自起
[root@localhost ~]# systemctl restart ntpd;systemctl status ntpd
● ntpd.service - Network Time Service
Loaded: loaded (/usr/lib/systemd/system/ntpd.service; disabled; vendor preset: disabled)
Active: active (running) since 四 2022-02-17 16:04:08 CST; 4s ago
Process: 1862 ExecStart=/usr/sbin/ntpd -u ntp:ntp $OPTIONS (code=exited, status=0/SUCCESS)
Main PID: 1863 (ntpd)
CGroup: /system.slice/ntpd.service
└─1863 /usr/sbin/ntpd -u ntp:ntp -g
2月 17 16:04:08 localhost.localdomain ntpd[1863]: Listen and drop on 1 v6wildcard :: UDP 123
2月 17 16:04:08 localhost.localdomain ntpd[1863]: Listen normally on 2 lo 127.0.0.1 UDP 123
2月 17 16:04:08 localhost.localdomain ntpd[1863]: Listen normally on 3 ens33 192.168.100.146 UDP 123
2月 17 16:04:08 localhost.localdomain ntpd[1863]: Listen normally on 4 lo ::1 UDP 123
2月 17 16:04:08 localhost.localdomain ntpd[1863]: Listen normally on 5 ens33 fe80::4b3e:4c14:23cf:37aa UDP 123
2月 17 16:04:08 localhost.localdomain ntpd[1863]: Listening on routing socket on fd #22 for interface updates
2月 17 16:04:08 localhost.localdomain ntpd[1863]: 0.0.0.0 c016 06 restart
2月 17 16:04:08 localhost.localdomain ntpd[1863]: 0.0.0.0 c012 02 freq_set kernel 0.000 PPM
2月 17 16:04:08 localhost.localdomain ntpd[1863]: 0.0.0.0 c011 01 freq_not_set
2月 17 16:04:09 localhost.localdomain ntpd[1863]: 0.0.0.0 c514 04 freq_mode
[root@localhost ~]# systemctl enable ntpd
Created symlink from /etc/systemd/system/multi-user.target.wants/ntpd.service to /usr/lib/systemd/system/ntpd.service.
server端查看同步情况
[root@localhost ~]# ntpq -p
remote refid st t when poll reach delay offset jitter
==============================================================================
*LOCAL(0) .LOCL. 0 l 57 64 3 0.000 0.000 0.000
Client端修改配置文件
vim /etc/ntp.conf
#注释掉其他上游时间服务器
#server 0.centos.pool.ntp.org iburst
#server 1.centos.pool.ntp.org iburst
#server 2.centos.pool.ntp.org iburst
#server 3.centos.pool.ntp.org iburst
#配置上游时间服务器为本地的ntpd Server服务器
server 192.168.100.146
fudge 192.168.100.146 stratum 0
#配置允许上游时间服务器主动修改本机的时间
restrict hadoop101.com nomodify notrap noquery
Client端与 server端同步
[root@localhost ~]# ntpdate -u 192.168.100.146
17 Feb 16:24:26 ntpdate[1923]: adjust time server 192.168.100.146 offset -0.024970 sec
Client端启动并查看ntp服务;添加开机自启
[root@localhost ~]# systemctl restart ntpd;systemctl status ntpd
● ntpd.service - Network Time Service
Loaded: loaded (/usr/lib/systemd/system/ntpd.service; enabled; vendor preset: disabled)
Active: active (running) since 四 2022-02-17 16:25:45 CST; 5ms ago
Process: 1934 ExecStart=/usr/sbin/ntpd -u ntp:ntp $OPTIONS (code=exited, status=0/SUCCESS)
Main PID: 1935 (ntpd)
CGroup: /system.slice/ntpd.service
└─1935 /usr/sbin/ntpd -u ntp:ntp -g
2月 17 16:25:45 localhost.localdomain systemd[1]: Stopped Network Time Service.
2月 17 16:25:45 localhost.localdomain systemd[1]: Starting Network Time Service...
2月 17 16:25:45 localhost.localdomain ntpd[1934]: ntpd 4.2[email protected] Tue Jun 23 15:38:18 UTC 2020 (1)
2月 17 16:25:45 localhost.localdomain systemd[1]: Started Network Time Service.
2月 17 16:25:45 localhost.localdomain ntpd[1935]: proto: precision = 0.040 usec
2月 17 16:25:45 localhost.localdomain ntpd[1935]: 0.0.0.0 c01d 0d kern kernel time sync enabled
[root@localhost ~]# systemctl enable ntpd
Created symlink from /etc/systemd/system/multi-user.target.wants/ntpd.service to /usr/lib/systemd/system/ntpd.service.
Client端查看状态
[root@localhost ~]# ntpq -p
remote refid st t when poll reach delay offset jitter
==============================================================================
192.168.100.146 .LOCL. 1 u 18 64 3 0.448 12.608 0.034
Client端 crontab设置定时启动
执行 crontab -e 添加定时任务
*/1 * * * * /usr/sbin/ntpdate -u 192.168.100.146
验证NTP服务
1.client端查看当前时间,并将时间设置为2021-01-01 00:00:00
[root@localhost ~]# date
2022年 02月 17日 星期四 16:33:46 CST
[root@localhost ~]# date -s "2021-01-01 00:00:00"
2021年 01月 01日 星期五 00:00:00 CST
2.等待定时任务执行后查看client结果,时间已自动同步server
[root@localhost ~]# date
2021年 01月 01日 星期五 00:00:52 CST
[root@localhost ~]# date
2022年 02月 17日 星期四 16:36:24 CST