chrony-server
(1) Definition:
It is an open source and free network time protocol NTP client and server software. Have the computer keep the system clock synchronized with a clock server (NTP). chrony consists of two programs, chronyd (server) and chronyc (client)
- chronyd : A daemon process running in the background that is used to adjust the system clock running in the kernel to synchronize with the current affairs server. It determines the ratio of computer increase and decrease time and adjusts it smoothly.
- chronyc : Provides a user interface for monitoring performance and performing various configurations. Works on the computer controlled by the chronyd instance, or on a different remote computer
查找软件安装情况
[root@localhost ~]# rpm -qa | grep chrony
chrony-3.3-3.el8.x86_64
(2) Installation configuration
yum -y install chrony --- 安装
systemctl enable chronyd --- 开机自启动
systemctl start chronyd --- 启动The chrony configuration file is: /etc/chrony.conf
details:
# Use public servers from the pool.ntp.org project. Open with server, theoretically you can add as many time servers as you want.
server 0.centos.pool.ntp.org iburst
server 1.centos.pool.ntp.org iburst# Calculate the ratio of server increase and decrease time based on the actual time, and then record it into a file, and make the best time compensation adjustment for the system after the system restarts.
driftfile /var/lib/chrony/drift# If the system clock's offset is greater than 1 second, allow the system clock to step through the previous three updates.
makestep 1.0 3# Enable kernel synchronization for the real-time clock (RTC).
rtcsync# Enable hardware timestamp
hwtimestamp by using the hwtimestamp directive *# Increase the minimum number of selectable sources needed to adjust the system clock.
minsources 2# Provide time even if not synced to time source.
# Serve time even if not synchronized to a time source.local stratum 10 (value range 1-15, when the default clock source cannot be synchronized, the current system stratum is 10)
# Specify the file containing the NTP authentication key.
keyfile /etc/chrony.keys
# Specify the directory of the log file.
logdir /var/log/chrony
# Select the information to be recorded in the log file.
log measurements statistics tracking
rtcsyc: This command causes chronyd to periodically copy the system time to the RTC clock.
(3) Synchronize network time server
<1> Enter /etc/chrony.conf to modify
Configure time source: server time source IP iburst
iburst: speed up the frequency of the adjustment time (burst)
ntp.aliyun.com --- Alibaba Cloud Time Service Center
<2> Set boot and restart service
systemctl enable chronyd --- 开机启动
systemctl restart chronyd --- 重启服务<3> View time synchronization
timedatectl status --- 时间同步状态
timedatectl set-ntp true --- 开启网络时间同步(4) chronyc command
- chronyc sources -v --- view ntp_servers
- chronyc sourcestats -v --- View ntp_servers status
- chronyc activity -v --- Check whether net_servers is online
- chronyc tracking -v --- View ntp details
- chronyc -a makestep --- Forcibly synchronize the system clock
Example: Mandatory synchronization of the system clock (it can only be done under certain conditions, and it cannot be synchronized if the step time is exceeded)
[root@localhost ~]# date -s "2023-09-11 11:30"
Mon Sep 11 11:30:00 CST 2023
[root@localhost ~]# timedatectl
Local time: Mon 2023-09-11 11:30:10 CST
Universal time: Mon 2023-09-11 03:30:10 UTC
RTC time: Mon 2023-06-12 02:34:29
Time zone: Asia/Shanghai (CST, +0800)
System clock synchronized: no
NTP service: active
RTC in local TZ: no
[root@localhost ~]# chronyc -a makestep
200 OK
[root@localhost ~]# date
Mon Sep 11 11:30:30 CST 2023
[root@localhost ~]# systemctl restart chronyd --- 需重启chronyd服务才可同步
[root@localhost ~]# date
Mon Jun 12 10:35:16 CST 2023
[root@localhost ~]# timedatectl
Local time: Mon 2023-06-12 10:35:26 CST
Universal time: Mon 2023-06-12 02:35:26 UTC
RTC time: Mon 2023-06-12 02:35:25
Time zone: Asia/Shanghai (CST, +0800)
System clock synchronized: yes
NTP service: active
RTC in local TZ: no(5) Analysis of output results of chronyc sources
<1> M
This indicates the mode of the signal source. ^ means server, = means peer, # means local connection's reference clock.
<2> S
This column indicates the status of the source.
- * Indicates the source that chronyd is currently syncing to.
- + Indicates acceptable sources, combined with the selected source.
- - Indicates acceptable sources that are excluded by the merge algorithm.
- ? Indicates a source that has lost connectivity or whose packets failed all tests. It also shows on startup until at least 3 samples have been collected from it.
- x indicates a clock that chronyd considers to be a fake quote (i.e. whose time does not agree with most other sources)
- ~ indicates a source where time seems to have too much variability.
<3> Name/IP address
This shows the name or IP address of the source, or the reference ID of the reference clock.
<4> Stratum
This shows the layer of the source, as reported in its most recently received sample. Stratum 1 represents a computer with a locally connected reference clock. Computers that sync with tier 1 computers are on tier 2. Computers that sync with computers on tier 2 are on tier 3, and so on.
<5> Poll
This shows the rate at which the source is being polled, as the base 2 logarithm of the time interval in seconds. So a value of 6 means that a measurement is taken every 64 seconds. chronyd will automatically change the polling rate according to the current situation.
<6> Reach
This shows the source's reachability register printed as an octal number. The register has 8 bits and is updated on every packet received or lost from the source. A value of 377 indicates that valid replies to all users were received from the last eight transmissions.
<7> LastRx
This column shows how long ago the last good sample was received from the source (displayed in the next column). Measurements that fail certain tests are ignored. Usually in seconds. The letters m , h , d or y indicate minutes, hours, days or years.
<8> Last sample
This column shows the offset between the local clock and the source at the time of the last measurement. Numbers in square brackets indicate actual measured offsets. Can be suffixed with ns (for nanoseconds), us (for microseconds), ms (for milliseconds), or s (for seconds). Numbers to the left of the square brackets represent raw measurements, adjusted to allow for any swing imposed on the local clock thereafter.
<9> The number behind the +/- indicator indicates the error range in the measurement. A positive offset indicates that the local clock is ahead of the source clock.
Example: the existing clock server time_server: its level is 2, a host node1 synchronizes time from time_server, then the level of node1 host is 3, and so on, another one synchronizes time with node1, then its level is 4.
Synchronize the ntp status of this virtual machine on another virtual machine
Example: when node1 synchronizes with time_server, it cannot synchronize; then the second host node2 still synchronizes time with node1, then the level of node2 at this time is ( 11 ), and the time of synchronization is ( the clock source of node1's local system time )
Enter /etc/chrony.conf, modify the server-side ip to non-existent ip, 
restart the service, check the synchronization clock source again 
, check the node1 level, 
and check the node2 level
(6) Common commands
chrony -> server: chronyd; client: chronyc
chronyc sources -v -> clock source check
timedatectl -> whether the current system has synchronized time, NTP service status
chronyc tracking -> view detailsConfiguration file: /etc/chrony.conf
In the configuration file:
server clock source address iburst
allow: do not configure, all clients are not allowed to access
(allow 192.168.0.0/16)
local stratum 10: only express far away from the real clock source
rtcsync: copy the system clock to the hardware clock