NTP is mainly used to synchronize the time of each computer in the network. Its purpose is to synchronize computer clocks to Universal Coordinated Time, which
Accuracy can reach 0.1 milliseconds in LAN and 1-50 milliseconds in most places on the Internet. It enables the computer to
Synchronize the time of its server or clock source (such as quartz clock, GPS, etc.). Can provide high-precision time correction, and can use encryption
Confirm to prevent virus protocol attacks.
Generally, our internal servers will set ntp synchronization. After all, some applications require the time to be consistent, and there may be time differences.
There will be bugs, big and small.
The following are the specific steps to set up NTP synchronization:
a. Install the software package
yum -y install chrony
systemctl enable chronyd
systemctl start chronyd
systemctl restart chronyd
# Check the time synchronization status
timedatectl status
# Enable network time synchronization
timedatectl set-ntp true
b. Edit configuration file
vim /etc/chrony.conf
#NTP server address, you can also write local ip
server ntp.aliyun.com iburst
server ntp1.aliyun.com iburst
server ntp2.aliyun.com iburst
# Specify the internal network segment/mask of the client that can access the NTP server, or deny
allow 10.10.1.0/24
#deny 192.168/16
# Calculate the ratio of server increase and decrease time according to the actual time, and then record it into a file, and make the best time compensation adjustment for the system after the system restarts
drift file /var/lib/chrony/drift
# If the system clock's offset is greater than 1 second, allow the system clock to step through the previous three updates
makestep 1.0 3
# Enable kernel synchronization for real-time clock (RTC)
rtcsync
# When the time provided by the chrony server is unavailable, use the local time as the synchronization standard and continue to act as a time server to allow other hosts to synchronize the time
local stratum 10
systemctl restart chronyd
#Check if sync:
chronyc sources
Description: ^* #Synchronized^? #Not synchronized
c. Chinese public NTP server
Alibaba Public NTP
Official website: Alibaba Cloud NTP server
ntp.aliyun.com
ntp1.aliyun.com
ntp2.aliyun.com
ntp3.aliyun.com
ntp4.aliyun.com
ntp5.aliyun.com
ntp6.aliyun.com
ntp7.aliyun.com
Tencent Public NTP
Official Website: Cloud Server NTP Service Overview-Best Practices-Documentation Center-Tencent Cloud
time1.cloud.tencent.com
time2.cloud.tencent.com
time3.cloud.tencent.com
time4.cloud.tencent.com
time5.cloud.tencent.com
d. Client configuration
First set the time zone! ! ! !
timedatectl set-timezone Asia/Shanghai
or timedatectl set-timezone UTC
Network clock synchronization through udp 123 port.
firewall-cmd --zone=public --add-port=223/udp --add-port=123/udp --permanent
server changed to server ip
yum -y install chrony
systemctl enable chronyd
systemctl start chronyd
systemctl restart chronyd
# Check the time synchronization status
timedatectl status
# Enable network time synchronization
timedatectl set-ntp true
#Check if sync:
chronyc sources
Description: ^* #Synchronized^? #Not synchronized