Chrony is a free open source software in RHEL 7 operating system, is already the default service, the default configuration file can remain in /etc/chrony.conf system time synchronization with a time server (NTP), so that time is always in sync. Relative NTP time synchronization software, faster, easier configuration and dependencies are
Chrony has two core components, namely: chronyd: daemon is mainly used to adjust the system time and time running in the kernel synchronization server. It determines the ratio of increase or decrease in computer time, and adjusted to compensate for this. chronyc: providing a user interface for monitoring performance and configuration diversity. It may work on a computer-controlled chronyd instance, may be working on a different remote computer.
The allocation of time, you need to configure the server chrony, and then configure the client and server-side synchronization. If the external network based on the clock of the server, you can not configure the server-side
1, chrony installation tool
1, the system version check, use the CAT / etc / System-Release
2, use rpm -qa | grep chrony chrony see if the system is installed, you can see the default chrony package is installed.
3, if not installed environment can use the command yum install chrony offline download or install rpm package, download address: http: //rpm.pbone.net/index.php3 stat = 3 & limit = 2 & srodzaj = 3 & dl = 40 & search = chrony, found? corresponding version download.
4, after downloading using rpm -ivh chrony-2.1.1-4.el7.centos.x86_64.rpm be installed
2, set the service status of chrony, and turn off the firewall
1, the service status:
Use systemctl start chronyd.service start chrony service
using systemctl enable chronyd.service set the boot time synchronization
using systemctl status chronyd.service check the service status
2, directly off the firewall
systemctl stop firewalld.service # Stop firewall
systemctl disable firewall startup ban firewalld.service #
2, or does not turn off the firewall, but allows NTP service
firewall-cmd --add-Service = ntp --permanent
firewall-cmd --reload
because NTP uses 123 / UDP port protocol, so you can allow the NTP service
3, the server and client configuration chrony
1, server configuration
1), modify the configuration file
vi /etc/chrony.conf
A, modify line 22, Allow NTP client access from local network , configured to allow access to the list of clients, support CIDR, such as:
allow 192.168/16
b, modify line 29 to set the synchronization, Serve time even if not synchronized to any NTP server, you can open the note, namely:
Stratum 10 local
2), restarting the service server chrony using systemctl restart chronyd.service restart.
2, the client configuration
1), modifying the configuration file
Vim /etc/chrony.conf
A, server to modify, delete other, adding the source IP server to be synchronized time, the following format:
xxxx iBurst Server
2), restart the client under chrony service, use systemctl restart chronyd.service restart.
The client uses chronyc sources -v command to complete the synchronization
4, commonly used commands
Check the time synchronization source:
$ chronyc Sources -v
view the status of the time synchronization source:
$ chronyc sourcestats -v
set the hardware time
hardware time defaults to UTC:
$ timedatectl the SET-local-the RTC 1
Enable NTP time synchronization:
$ timedatectl the SET-ntp yes
Calibration time server:
$ chronyc Tracking
Finally, it should be noted that, after configuring /etc/chrony.conf, you need to restart chrony service, this may not take effect.
5, various types Parameter Description
Configuration Parameter Description
| parameter |
Parameter Description |
| server |
This parameter can be used to add multiple clock server, it must be used in "server" format. In general, you want to add how many servers, how many servers can be added |
| stratumweight |
stratumweight chronyd instruction sets when the synchronization source is selected from available sources, each layer is added to the number to be synchronized from a distance. By default, CentOS is set to 0, so that in the choice of source-level chronyd ignore sources |
| File operation |
One of the main acts chronyd program, is calculated based on the actual time the increase or decrease in the ratio of computer time, record it to a file is the most reasonable, it will compensate for the system clock after the restart, even if possible, would be from clock server to get a better valuation |
| rtcsync |
rtcsync command enables a kernel mode, in this mode, the system for 11 minutes each time are copied to the real-time clock (RTC) |
| allow/deny |
Here you can specify a host, subnet, or network to allow or deny connections to machines play clock NTP server |
| cmdallow/cmddeny |
Keep face similar, but which IP address or you can specify which hosts can use the control command by chronyd |
| bindcmdaddress |
This directive allows you to restrict which network interface to listen chronyd command packet (performed by the chronyc). This instruction provides additional access available other than the above limited by the level controlling mechanism cmddeny |
| makestep |
Typically, chronyd according to requirements by slowing or accelerating the clock, so that the system gradually correct all the time offset. Under certain circumstances, the system clock may drift too fast, resulting in the adjustment process consumes very long time to correct the system clock. The directive forces chronyd during the adjustment period is greater than a certain threshold stepping adjust the system clock, but only because chronyd start time exceeds the specified limit (negative values can be used to disable the limit), take effect if there is no more clock update |
chronyc command parameters:
| parameter |
Parameter Description |
| accheck |
Check the NTP access is available for a particular host |
| activity |
This command shows how many NTP source online / offline |
| add server |
Add a new NTP server manually. |
| clients |
The client has access to the report server |
| delete |
NTP server or manually remove the server, etc. |
| settime |
Daemon manually set time |
| tracking |
Time information display system
|
6, set the time zone (optional)
View the current system time zone:
Timedatectl $
Local Time: Fri 2018-2-29 13:31:04 CST
Universal Time: Fri 2018-2-29 05:31:04 UTC
the RTC Time: Fri 2018-2-29 08:17:20
Time Zone: Asia / on Shanghai (CST, +0800)
the NTP Enabled: yes
the NTP the synchronized: yes
the RTC in local TZ: nO
DST the Active: the n-/ a
If your current time zone is incorrect, set the following operations.
View all available time zones:
$ timedatectl List-Timezones
filter type to see in Asia S opened Shanghai available time zone:
$ timedatectl List-Timezones | grep -E "Asia / S. *"
Asia / Sakhalin
Asia / Samarkand
Asia / Seoul
Asia / shanghai
Asia / Singapore
Asia / Srednekolymsk
set the current system for the Asia / shanghai shanghai time zone:
$ timedatectl the sET-timeZone Asia / shanghai
After finished setting zone, forced synchronization of the system clock:
$ -a makestep chronyc
200 is the OK
reference:
Detailed: Linux Chrony set time synchronization server clusters
RHEL7 - Use Chrony provided with a clock time synchronization server