Chrony software instructions for use, chrony instructions for use
1.1.1 chrony Introduction
Chrony is an open-source free software that can keep the system clock synchronized with the clock server (NTP) and keep the time accurate.
It consists of two programs: chronyd and chronyc.
Chronyd is a daemon running in the background. It is used to adjust the system clock running in the kernel and synchronize the clock server. It determines the ratio of the increase or decrease time of the computer and compensates for this.
ChronyIs CentOS7.xBuilt-in time synchronization software
1.1.2 chrony operations
# Yum install-y chrony --> install the service # systemctl start chronyd. service --> start the service # systemctl enable chronyd. service --> set the auto-start mode. The default value is enable.
1.1.3 chrony configuration file
The configuration file used by the chrony service is/etc/chrony. conf.
The configuration content format is similar to that of ntpd.
[root@openvpn ~]# cat /etc/chrony.conf # Use public servers from the pool.ntp.org project.# Please consider joining the pool (http://www.pool.ntp.org/join.html).server 0.centos.pool.ntp.org iburstserver 1.centos.pool.ntp.org iburstserver 2.centos.pool.ntp.org iburstserver 3.centos.pool.ntp.org iburst# Record the rate at which the system clock gains/losses time.driftfile /var/lib/chrony/drift# Allow the system clock to be stepped in the first three updates# if its offset is larger than 1 second.makestep 1.0 3# Enable kernel synchronization of the real-time clock (RTC).rtcsync# Enable hardware timestamping on all interfaces that support it.#hwtimestamp *# Increase the minimum number of selectable sources required to adjust# the system clock.#minsources 2# Allow NTP client access from local network.#allow 192.168.0.0/16# Serve time even if not synchronized to a time source.#local stratum 10# Specify file containing keys for NTP authentication.#keyfile /etc/chrony.keys# Specify directory for log files.logdir /var/log/chrony# Select which information is logged.#log measurements statistics tracking
1.1.4 configuration parameters
Parameters |
Parameter description |
Server |
This parameter can be used multiple times to add a clock server. It must be used in the "server" format. Generally, you can add as many servers as you want. |
Stratumweight |
The stratumweight command sets the synchronization distance to which each layer should be added when chronyd selects a synchronization source from the available source. By default, CentOS is set to 0, so that chronyd ignores the source level when selecting the source. |
Driftfile |
One of the main actions of the chronyd program is to calculate the ratio of the increase or decrease time of the computer based on the actual time. It is most reasonable to record it to a file, it will compensate the system clock after the restart, and, if possible, it will get a good valuation from the clock server. |
Rtcsync |
The rtcsync command enables a kernel mode in which the system time is copied to the real-time clock (RTC) every 11 minutes) |
Allow/deny |
You can specify a host, subnet, or network to allow or deny NTP connection to the machine playing the clock server. |
Cmdallow/cmddeny |
Similar to the above, but you can specify which IP address or which host can use the control command through chronyd. |
Bind1_address |
This command allows you to limit which network interface chronyd listens to (executed by chronyc ). This command provides an additional access control level available in addition to the preceding restrictions through the cmddeny mechanism. |
Makestep |
In general, chronyd will gradually correct all time deviations by slowing down or accelerating the clock as needed. In some specific circumstances, the system clock may drift too fast, resulting in a long time consumed by the adjustment process to correct the system clock. This Command Forces chronyd to step through the system clock when the adjustment period is greater than a threshold value, but only when the chronyd start time exceeds the specified limit (negative values can be used to disable the limit ), it takes effect only when no more clock updates exist. |
Check ntp source server status 1.1.5 view synchronization status
[root@openvpn ~]# chronyc sourcestats210 Number of sources = 4Name/IP Address NP NR Span Frequency Freq Skew Offset Std Dev==============================================================================61-216-153-105.HINET-IP.> 0 0 0 +0.000 2000.000 +0ns 4000msdns1.synet.edu.cn 18 9 62m +0.312 1.706 +7548ns 1920usntp2.itcompliance.dk 0 0 0 +0.000 2000.000 +0ns 4000msmx.comglobalit.com 22 11 270m +0.660 0.184 +37ms 987us
View the detailed ntp synchronization status
[root@openvpn ~]# chronyc sources -v210 Number of sources = 4 .-- Source mode '^' = server, '=' = peer, '#' = local clock. / .- Source state '*' = current synced, '+' = combined , '-' = not combined,| / '?' = unreachable, 'x' = time may be in error, '~' = time too variable.|| .- xxxx [ yyyy ] +/- zzzz|| Reachability register (octal) -. | xxxx = adjusted offset,|| Log2(Polling interval) --. | | yyyy = measured offset,|| \ | | zzzz = estimated error.|| | | \MS Name/IP address Stratum Poll Reach LastRx Last sample ===============================================================================^? 61-216-153-105.HINET-IP.> 0 10 0 - +0ns[ +0ns] +/- 0ns^* dns1.synet.edu.cn 2 8 377 38 +536us[+6474us] +/- 21ms^? ntp2.itcompliance.dk 0 10 0 - +0ns[ +0ns] +/- 0ns^- mx.comglobalit.com 2 10 377 477 +37ms[ +45ms] +/- 210ms
ChronycCommand parameter description:
Parameters |
Parameter description |
Accheck |
Check whether NTP access is available to a specific host |
Activity |
This command displays the number of NTP sources online/offline. |
Add server |
Manually Add a new NTP server. |
Clients |
Report on the client that the server has been accessed |
Delete |
Manually remove NTP servers or peer servers |
Settime |
Manually set the daemon time |
Tracking |
Display System Time Information |
View the date and time, time zone, and NTP status: # timedatectl1.1.6 other time settings related commands
View the date and time, time zone, and NTP status: # timedatectl view the time zone list: # timedatectl list-timezones modify the time zone # timedatectl set-timezone Asia/Shanghai modify the date and time: # timedatectl set-time "11:50:00" (only one of them can be modified) Enable NTP: # timedatectl set-ntp true/flase
1.1.7 advantages of chrony
Faster synchronization takes minutes rather than hours to minimize time and frequency errors, which is useful for desktop computers or systems that are not 24 hours a day.
It can better respond to the rapid changes in clock frequency, which is very useful for power-saving technologies that have virtual machines with unstable clock or that cause clock frequency changes.
After the initial synchronization, it does not stop the clock to prevent the impact on applications that require monotonous system time.
It provides better stability in response to temporary asymmetric latency (for example, when large-scale downloads result in link saturation.
You do not need to perform regular round-robin on the server, so the system with intermittent network connections can still synchronize the clock quickly.
1.2
Description
Both chrony and ntp are time synchronization software.
If the two software cannot be enabled at the same time, a time conflict may occur. We recommend that you configure ntp for ease of use.
Reference http://www.cnblogs.com/clsn/p/7724473.html