Article Directory
1. The difference between ntp and chrony
-
ntp: Synchronize the system clock with UTC, the accuracy can reach 0.1ms in the local area network, and the accuracy can reach 1-50ms in most places on the Internet. The official website of the project: http://www.ntp.org -
chrony: Free software that implements the NTP protocol. The system clock can be synchronized with an NTP server, a reference clock (such as a GPS receiver), and manual input using the watch and keyboard. It can also operate as an NTPv4 (RFC 5905) server and peer to provide time services for computers on the network. Designed to operate well under a variety of conditions, including intermittent and highly congested network connections, temperature changes (computer clocks are sensitive to temperature), and systems that cannot run continuously or on virtual machines. The typical accuracy between two machines synchronized via the Internet is within a few milliseconds. On a LAN, the accuracy is usually tens of microseconds. Use hardware time stamp or hardware reference clock to achieve sub-microsecond accuracy
1.1, about chrony
-
Chrony official website: https://chrony.tuxfamily.org/
-
Two main programs: chronyd and chronyc
chronyd: A daemon running in the background, used to adjust the system clock running in the kernel to synchronize with the clock server. It determines the rate at which the computer increases or decreases time, and compensates for itchronyc: Command line user tool, used to monitor performance and perform diversified configurations. It can work on the computer controlled by the chronyd instance or on a different remote computer
-
Service unit file:
/usr/lib/systemd/system/chronyd.service -
Listening port:
323/udp,123/udp -
Configuration file:
/etc/chrony.conf
1.2 Advantages of chronyd
- Faster synchronization, which minimizes time and frequency errors, is very useful for virtual computers that are not running 24 hours a day
- It can better respond to rapid changes in clock frequency, which is very useful for virtual machines with unstable clocks or energy-saving technologies that cause clock frequency changes
- After the initial synchronization, it will not stop the clock to prevent impact on applications that require system time to remain monotonous
- Provides better stability when dealing with temporary asymmetric delays (for example, when large-scale downloads cause link saturation)
- There is no need to poll the server regularly, so systems with intermittent network connections can still synchronize clocks quickly
2. Environmental introduction
linux-oz6w:~ # cat /etc/os-release
NAME="SLES"
VERSION="12-SP3"
VERSION_ID="12.3"
PRETTY_NAME="SUSE Linux Enterprise Server 12 SP3"
ID="sles"
ANSI_COLOR="0;32"
CPE_NAME="cpe:/o:suse:sles:12:sp3"
3. Deploy chrony
linux-oz6w:~ # zypper in chrony # suse自带的镜像源中,有chrony这个服务
4, placement chrony
linux-oz6w:~ # cp /etc/chrony.conf{,.bak} # 良好的备份习惯,可以减少跑路的次数
linux-oz6w:~ # vim /etc/chrony.conf
server ntp.aliyun.com iburst
server ntp1-7.aliyun.com iburst
makestep 1.0 3
rtcsync
allow 192.168.10.0/16
local stratum 10
linux-oz6w:~ # systemctl enable chronyd.service --now # 设置chronyd开机自启,并立刻启动chronyd服务
4.1, configuration file analysis
server-Can be used for the clock server, the iburst option sends one eight packets instead of the usual one when the server is reachable. The packet interval is usually 2 seconds, which can speed up the initial synchronization speeddriftfile-Calculate the ratio of the increase or decrease of the computer time based on the actual time, record it in a file, and compensate the system clock after restartingrtcsync-Enable kernel mode, the system time will be copied to the real-time clock (RTC) every 11 minutesallow/deny-Specify a host, subnet, or network to allow or deny access to this servercmdallow / cmddeny-You can specify which host can use control commands through chronydbindcmdaddress-Allow chronyd to monitor which interface to receive commands executed by chronycmakestep-Usually chronyd will slow down or speed up the clock according to demand, so that the system gradually corrects all time deviations. In some specific cases, the system clock may drift too fast, causing the adjustment process to take a long time to correct the system clock. This instruction forces chronyd to adjust the system clock when the adjustment period is greater than a certain thresholdlocal stratum 10-Even if the time server is unavailable in the server command, it is allowed to use the local time as the standard time for other clients
4.2. View the time server information that chronyd is currently synchronizing
linux-oz6w:~ # chronyc sources -v
.-- Source mode '^' = server, '=' = peer, '#' = local clock.
/ .- Source state '*' = current best, '+' = combined, '-' = not combined,
| / 'x' = may be in error, '~' = too variable, '?' = unusable.
|| .- xxxx [ yyyy ] +/- zzzz
|| Reachability register (octal) -. | xxxx = adjusted offset,
|| Log2(Polling interval) --. | | yyyy = measured offset,
|| \ | | zzzz = estimated error.
|| | | \
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^- undefined.hostname.local> 2 6 175 40 +29ms[ +29ms] +/- 125ms
^- ntp1.flashdance.cx 2 6 175 38 +33ms[ +33ms] +/- 193ms
^- sv1.ggsrv.de 2 6 137 101 +44ms[ +44ms] +/- 166ms
^- ntp8.flashdance.cx 2 6 315 33 +114us[ +114us] +/- 196ms
^* 203.107.6.88 2 6 177 37 +371us[ +707us] +/- 42ms
5. Public NTP service
- Alibaba Cloud public NTP server
- ntp.aliyun.com
- ntp1-7.aliyun.com
- University ntp service
- s1a.time.edu.cn
北京邮电大学 - s1b.time.edu.cn
清华大学 - s1c.time.edu.cn
北京大学
- s1a.time.edu.cn
- National Time Service Center Server
- 210.72.145.44