版权声明:fakehydra.xyz https://blog.csdn.net/fake_hydra/article/details/82733820
系统:
centos6.x
ntp服务器:
10.0.0.61
下载安装
yum install ntp ntpdate
修改配置文件:/etc/ntp/conf
[root@vpn scripts]# cat /etc/ntp.conf
# For more information about this file, see the man pages
# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
driftfile /var/lib/ntp/drift
# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
restrict default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery
# Permit all access over the loopback interface. This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1
restrict -6 ::1
# Hosts on local network are less restricted.
#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
service 172.16.1.61
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
server 0.centos.pool.ntp.org
server 1.centos.pool.ntp.org
server 2.centos.pool.ntp.org
server 3.centos.pool.ntp.org
#broadcast 192.168.1.255 autokey # broadcast server
#broadcastclient # broadcast client
#broadcast 224.0.1.1 autokey # multicast server
#multicastclient 224.0.1.1 # multicast client
#manycastserver 239.255.254.254 # manycast server
#manycastclient 239.255.254.254 autokey # manycast client
server 127.127.1.0
fudge 127.127.1.0 stratum 10
# Enable public key cryptography.
#crypto
includefile /etc/ntp/crypto/pw
# Key file containing the keys and key identifiers used when operating
# with symmetric key cryptography.
keys /etc/ntp/keys
# Specify the key identifiers which are trusted.
#trustedkey 4 8 42
# Specify the key identifier to use with the ntpdc utility.
#requestkey 8
# Specify the key identifier to use with the ntpq utility.
#controlkey 8
# Enable writing of statistics records.
#statistics clockstats cryptostats loopstats peerstats
启动服务
service ntpd start
检查
ntpq -p
[root@vpn scripts]# ntpq -p
remote refid st t when poll reach delay offset jitter
==============================================================================
+ntp5.flashdance 194.58.202.20 2 u 55 64 17 226.709 11.084 13.639
static-5-103-13 .GPS. 1 u 120 64 2 239.689 18.837 0.000
*85.199.214.101 .GPS. 1 u 54 64 17 210.012 -3.548 16.501
cn.ntp.faelix.n 185.134.196.169 2 u 115 64 16 236.597 2.159 23.535
LOCAL(0) .LOCL. 10 l 56 64 17 0.000 0.000 0.000
ps:jitter数值全部为0 的话表示失败,一般是防火墙未关闭,关闭即可
service iptables stop
或者:在vi /etc/sysconfig/iptables添加如下规则:
-A INPUT -m state --state NEW -m udp -p udp --dport 123 -j ACCEPT
客户端配置:
客户端安装ntp服务
[root@vpn scripts]# ansible all -m yum -a "name=ntp name=ntpdate state=installed"
配置ntp.conf文件
ansible all -m command -a "echo 10.0.0.61>>/etc/ntp.conf
手动同步时间
ansible all -m command -a "ntpdate 10.0.0.61"