How to build an NTP server in CentOS? (1)
The Network Time Protocol (NTP) is used to synchronize the system clock of different hosts on the network. All managed hosts can synchronize time with a specified time server named NTP server. On the other hand, the NTP server synchronizes its time with any public NTP server or any server you choose. All NTP-managed devices can synchronize time in milliseconds.
In an enterprise environment, if you do not want to open a firewall for NTP traffic, it is necessary to build an internal NTP server so that employees can use internal servers instead of public NTP servers. This tutorial describes how to configure the CentOS system as an NTP server. Before introducing the details, you may first understand the NTP concept.
Why do we need NTP?
Due to manufacturing differences, all (non-atomic) clocks do not run at exactly the same speed. Some clocks tend to go faster, while others go slower. So after a long period of time, the time of one clock gradually deviates from that of the other, resulting in the so-called "clock drift" or "Time drift ". To minimize the impact of clock drift, NTP hosts should regularly contact the specified NTP server to maintain clock synchronization.
Time synchronization between different hosts is important for transactions such as scheduled backup, intrusion detection logs, distributed task scheduling, and transaction bookkeeping, and may even be a requirement for regulatory compliance.
NTP hierarchy
The NTP clock is organized in a layered hierarchy. Each layer in the hierarchy is called a layer (stratum ). The concept of layer describes how many NTP hops a machine has from an authoritative time source.
Stratum 0 contains a clock with almost no time drift, such as an atomic clock. These clocks cannot be used directly through the network. The Stratum N (N> 1) server synchronizes its time against the Stratum N-1 server. The Stratum N clock can be connected to each other through the network.
NTP supports up to 15 layers in a hierarchy. Stratum 16 is considered not synchronous and unusable.
Prepare the CentOS Server
Now let's talk about how to build an NTP server on CentOS.
First, make sure that the time zone of the server is correctly set. In CentOS 7, we can use the timedatectl command to view and change the server's time zone (for example, "Australia/adelide ").
# timedatectl list-timezones | grep Australia# timedatectl set-timezone Australia/Adelaide# timedatectl
Next, use yum to install necessary software.
# yum install ntp
Then, we will add a global NTP server for time synchronization.
# vim /etc/ntp.confserver 0.oceania.pool.ntp.orgserver 1.oceania.pool.ntp.orgserver 2.oceania.pool.ntp.orgserver 3.oceania.pool.ntp.org
By default, NTP server logs are stored in/var/log/messages. If you want to use a custom log file, you can also specify the location of the file.
logfile /var/log/ntpd.log
If you really choose to use a custom log file, make sure to change its ownership and SELinux context.
# chown ntp:ntp /var/log/ntpd.log# chcon -t ntpd_log_t /var/log/ntpd.log
Start the NTP service and make sure it has been added to the startup Item.
# systemctl restart ntp# systemctl enable ntp