Centos 7 chrony cluster synchronization time

Chrony has two core components: chronyd, which is a daemon. It is mainly used to adjust the system time and time server synchronization in the kernel. It determines the ratio of the increase or decrease time of the computer and adjusts the compensation. Chronyc: provides a user interface for monitoring performance and diversified configuration. It can work on a computer controlled by the chronyd instance, or on a different remote computer.

OS environment:

10.28.204.65 Client

10.28.204.66 Server

Centos Linux release 7.4.1708 (CORE)

Situation description: the two machines are both in the Intranet. 204.66 is used as the NTP time server and 204.65 is synchronized to this machine.

1. Install chrony

The system has been installed by default. If not, run the following command to install it:

$ yum install chrony -y

2. Start and add auto-start

$ systemctl enable chronyd.service$ systemctl restart chronyd.service$ systemctl status chronyd.service

3. firewalld settings

$ firewall-cmd --add-service=ntp --permanent$ firewall-cmd --reload

Because NTP uses the 123/udp port protocol, you can allow the NTP service.

4. Configure chrony

The following is the default system configuration file, which I will describe:

$ CAT/etc/chrony. conf # use the public server in the pool.ntp.org project. Start with server. Theoretically, you can add any time server. # Please consider joining the pool (http://www.pool.ntp.org/join.html ). server worker iburstserver 2.centos.pool.ntp.org iburstserver 3.centos.pool.ntp.org iburstserver # calculate the ratio of server increase/decrease time based on the actual time, then record it to a file, and make optimal time compensation adjustments after. Driftfile/var/lib/chrony/drift # chronyd slows down or adjusts the acceleration time as needed. # In some cases, the system clock may drift too fast, resulting in too long time adjustment. # This Command Forces chronyd to adjust the system clock when the threshold value is greater than a certain value. # It takes effect only when the chronyd startup time exceeds the specified limit (a negative value can be used to disable the limit) and no more clock updates. Makestep 1.0 3 # A kernel mode is enabled. In this mode, the system time is copied to the real-time clock (RTC) every 11 minutes ). Rtcsync # enable hardware timestamping on all interfaces that support it. # Use the hwtimestamp command to enable the hardware timestamp # hwtimestamp eth0 # hwtimestamp eth1 # hwtimestamp * # increase the minimum number of selectable sources required to adjust # The system clock. # minsources 2 # specify a host and subnet, or the network allows or denies NTP connection to the machine playing the clock server # Allow 192.168.0.0/16 # deny 192.168/16 # serve time even if not synchronized to a time source. local stratum 10 # specify to include N The file that verifies the key in TP. # Keyfile/etc/chrony. Keys # specify the directory of the log file. Logdir/var/log/chrony # select which information is logged. # log measurements statistics tracking

5. Set the time zone

View the current system time zone:

$ Timedatectl local time: Fri 13:31:04 CST Universal Time: Fri 05:31:04 utc rtc time: Fri 08:17:20 Time Zone: Asia/Shanghai (Cst, + 0800) NTP enabled: yesntp synchronized: yes RTC in local TZ: No DST active: N/A if your current time zone is incorrect, perform the following operations. View all available time zones: $ timedatectl list-timezones filter to view available time zones in Shanghai in Asia S: $ timedatectl list-timezones | grep-e "Asia/s. * "Asia/sahalinasia/samarkandasia/seoulasia/shanghaiasia/singaporeasia/srednekolymsk set the current system to Asia/Shanghai Time Zone: $ timedatectl set-timezone Asia/Shanghai after the time zone, forced synchronization of the system clock: $ chronyc-A makestep200 OK

6. system time synchronization between SERVER CLUSTERS

In the production environment, the network is an Intranet Structure. How does the Intranet ensure time synchronization between servers? In fact, this problem is very simple. You only need to build an intranet time server, and then let all the computers go to the server (10.28.204.66) To synchronize the time.

Note the following content on the server:

# Server synchronized iBurst # server 1.centos.pool.ntp.org iBurst # server 2.centos.pool.ntp.org iBurst # server 3.centos.pool.ntp.org iBurst and add the following content: (indicating the synchronization time with the local machine) server 10.28.204.66 iBurst. Therefore, we have configured an intranet time server. Comment out other servers on the client, and add the following to the client (10.28.204.65): Server 10.28.204.66 iBurst

The system time synchronization has been completed. This is also true for multiple machines.

7. Common commands

View the time synchronization Source:

$ Chronyc sources-V view the time synchronization source status: $ chronyc sourcestats-V sets the hardware time. The default hardware time is UTC: $ timedatectl set-local-RTC 1. Enable time synchronization NTP: $ timedatectl set-NTP Yes Calibration Time Server: $ chronyc tracking

Note that After configuring/etc/chrony. conf, you must restart the chrony service. Otherwise, it may not take effect.

Centos 7 chrony cluster synchronization time