Service management-ntp

Service Management & mdash; ntp-related knowledge what is the time synchronization server NetworkTimeProtocol (ntp) is a protocol used to synchronize computer time, it allows computers to synchronize their servers or clock sources (such as quartzels and GPS, it provides high-precision service management-ntp-related knowledge-what is the Network Time Protocol (NTP) of the Time synchronization server, which is used to synchronize computer Time, it synchronizes computers to their servers or clock sources (such as quartzels, GPS, and so on) and provides high-precision time correction (the difference between the LAN and the standard is less than 1 millisecond, tens of milliseconds in the WAN), and supports encryption validation to prevent malicious protocol attacks. NTP provides accurate time. first, an accurate time source is required. this time must be the international standard time UTC. NTP obtains UTC time from atomic clocks, astronomical observatory, and satellites, or from the Internet. In this way, an accurate and reliable time source is available. The time is distributed according to the NTP server level. All servers are classified into different Stratum (layers) based on the distance from the external UTC source. Stratum-1 is on the top layer, with external UTC access, while Stratum-2 gets time from Stratum-1, Stratum-3 gets time from Stratum-2, and so on, however, the total number of Stratum layers is limited to less than 15. All these servers logically form a tiered architecture to connect to each other, while the time server of Stratum-1 is the basis of the entire system. Time Synchronization is often used in real environments. different machines have different time periods. writing data to the same database server may cause problems. This is just an application. Before learning the time synchronization server, we should first understand the time-related commands: [plain] # view the time [root @ serv01 ~] # Date Wed Aug 7 17:47:44 CST 2013 [root @ serv01 ~] # Date-s "" # view The time zone [root @ larrywen/] # cat/etc/sysconfig/clock # the time zone of The system is defined bythe contents of/etc/localtime. # This file is only for evaluation bysystem-config-date, do not rely on its # contents elsewhere. ZONE = "Asia/Chongqing" # you can reset the time ZONE [root @ larrywen/] # system-config-date # view the time ZONE information of different regions [root @ larrywen/] # ls/ usr/share/zoneinfo/Africa Australia Cuba Etc GMT0 Iceland Japan MST Poland right Universal Zulu America Brazil EET Europe GMT-0 Indian sans pure Portugal roc us Canada Egypt Factory GMT + 0 Iran Libya Navajo posix rok utc Arctic CET Eire GB Greenwich iso1_6.tab met nz Singapore WET Asia Chile est gb-Eire Hongkong Israel moico NZ-CHAT PRC Turkey W-SU Atlanta CST6CDT EST5EDT gmt hst Jamaica Mideast Pacific PST8PDT UCT zone. ta B # setting the time zone is not important. it is important to synchronize time between different machines [root @ serv01 ~] # Cat/etc/sysconfig/clock ZONE = "Asia/Chongqing" [root @ serv01 ~] # Date Wed Aug 7 09:52:31 CST 2013 # Modify the time zone [root @ serv01 ~] # Date Wed Aug 7 09:52:31 CST 2013 # Change to Japan time zone [root @ serv01 ~] # Vim/etc/sysconfig/clock [root @ serv01 ~] # Cat/etc/sysconfig/clock ZONE = "Asia/Tokyo" # Copy content [root @ serv01 ~] # Cp/usr/share/zoneinfo/Asia/Tokyo/etc/localtime cp: overwrite '/etc/localtime '? Y # check the time and immediately change. you do not need to restart [root @ serv01 ~]. # Date Wed Aug 7 10:55:44 JST 2013 # Use the tool to modify the time # install the tool [root @ serv01 ~] # Yum install/usr/bin/system-config-date-y [root @ serv01 ~] # Yum installsystem-config-date-y # install the ntp server when installing system-config-date # log on to [root @ larrywen 0807] # ssh 192.168.1.11 in the form of X Windows -X root@192.168.1.11's password: last login: Wed Aug 7 18:19:30 2013 from 192.168.1.1/usr/bin/xauth: creating new authority file/root /. xauthority # Change the modification time to the Chongqing time zone [root @ serv01 ~] # System-config-date Gtk-Message: Failed to load module "pk-gtk-module": libpk-gtk-module.so: cannot open shared object file: no such file or directory [root @ serv01 ~] # Cat/etc/localtime [root @ serv01 ~] # Date Wed Aug 7 10:03:22 CST 2013 hardware Clock and software Clock Linux divides the Clock into two types: system Clock and Real Time Clock. System time refers to the clock in the current Linux Kernel, that is, the software clock. The hardware clock is the motherboard hardware clock powered by a battery on the motherboard, which can be set in the BIOS "Standard BIOS Feture" item. [Plain] # synchronize the hardware clock and software clock [root @ serv01 ~] # Clock -- help hwclock-query and set the hardware clock (RTC) Usage: hwclock [function] [options...] functions:-s | -- hctosys set the system time from the hardware clock-w | -- systohc set the hardware clock to the currentsystem time # ntp: network TimeProtocal 2 ntp synchronization time [plain] # Step 1: install ntp [root @ serv01 ~] # Yum install ntp *-y # query the installed RPM Package [root @ serv01 ~] # Rpm-qa | grep ntp ntp-4.2.4p8-2.el6.x86_64 ntpdate-4.2.4p8-2.el6.x86_64 fontpackages-filesystem-1.41-1.1.el6.noarch [root @ serv01 ~] # Chkconfig | grep ntp ntpd 0: off 1: off 2: off 3: off 4: off 5: off 6: off ntpdate 0: off 1: off 2: off 3: off 4: off 5: off 6: off [root @ serv01 ~] # Ls/etc/ntp. conf/etc/ntp. conf [root @ serv01 ~] # Rpm-ql ntp # Step 2: modify the configuration file [root @ serv01 ~] # Vim/etc/ntp. conf [root @ serv01 ~] # Man 5 ntp. conf [root @ serv01 ~] # Vim/etc/ntp. conf [root @ serv01 ~] # Cat/etc/ntp. conf # configure the following restrict 192.168.1.0 mask limit 255.0nomodify notrap # comment on the server of the previous level of time synchronization # server limit # server 2.rhel.pool.ntp.org # cancel comment on server 127.127.127.1.0 # Step 3, start the service [root @ serv01 ~] #/Etc/init. d/ntpd start Starting ntpd: [OK] # takes effect after restart [root @ serv01 ~] # Chkconfig ntpd on [root @ serv01 ~] # Chkconfig | grep ntpd 0: off 1: off 2: on 3: on 4: on 5: on 6: off ntpdate 0: off 1: off 2: off 3: off 4: off 5: off 6: off [root @ serv01 ~] # Serv02 configuration [root @ serv02 ~] # Vim/etc/ntp. conf [root @ serv02 ~] # Cat/etc/ntp. conf server 192.168.1.11 [root @ serv02 ~] # Vim/etc/ntp/step-tickers [root @ serv02 ~] # Cat/etc/ntp/step-tickers # List of servers used for initialsynchronization. 192.168.1.11 [root @ serv02 ~] # Date Wed Aug 7 18:30:18 CST 2013 [root @ serv02 ~] #/Etc/init. d/ntpdate start ntpdate: Synchronizing with time server: [OK] [root @ serv02 ~] # Date Wed Aug 7 10:29:39 CST 2013 three ssh bidirectional equivalence verification time synchronization server [plain] # serv01 [root @ serv01 ~] # Ssh-keygen [root @ serv01 ~] # Ssh-copy-id-I ~ /. Ssh/id_rsa.pub 192.168.1.12 [root @ serv01 ~] # Ssh-copy-id-I ~ /. Ssh/id_rsa.pub 192.168.1.11 # serv02 [root @ serv02 ~] # Ssh-keygen [root @ serv02 ~] # Ssh-copy-id-I ~ /. Ssh/id_rsa.pub 192.168.1.11 # You can view the synchronization time [root @ serv01 ~] # Ssh 192.168.1.11 date; ssh192.168.1.12 date; Wed Aug 7 10:34:50 CST 2013 Wed Aug 7 10:34:50 CST 2013 # Modification time [root @ serv01 ~] # Date-s "10:38:00" Wed Aug 7 10:38:00 CST 2013 # view the serv02 time [root @ serv02 ~] # Date Wed Aug 7 10:35:42 CST 2013 # disable the service [root @ serv02 ~] #/Etc/init. d/ntpdate stop # enable the service [root @ serv02 ~] #/Etc/init. d/ntpdate start ntpdate: Synchronizing with timeserver: [OK] # you can see that [root @ serv01 ~] has been synchronized. # Ssh 192.168.1.11 date; ssh192.168.1.12 date Wed Aug 7 10:38:57 CST 2013 Wed Aug 7 10:38:57 CST 2013 [root @ serv02 ~] # Ntpq-p 192.168.1.11 remote refid st t when poll reach delay offset jitter ================== ========================================================== ================= * LOCAL (0 ). LOCL. 10 l 33 64 377 0.000 0.000 0.000 # use the command for synchronization and make the synchronization command an endless loop [root @ serv02 ~] # Ntpdate 192.168.1.11 7Aug 23:02:44 ntpdate [1342]: adjust time server 192.168.1.11 offset 0.000041 sec # you can see that the [root @ serv01 ~] has been synchronized. # Ssh 192.168.1.11 date; ssh192.168.1.12 date Wed Aug 7 23:02:53 CST 2013 Wed Aug 7 23:02:53 CST 2013 [root @ serv01 ~] # Date-s "10:50:00" Wed Aug 7 CST 2013 [root @ serv02 ~] # Ntpdate 192.168.1.11 7Aug 10:51:10 ntpdate [1372]: step time server 192.168.1.11 offset-43989.248450sec [root @ serv01 ~] # Ssh 192.168.1.11 date; ssh192.168.1.12 date Wed Aug 7 10:51:15 CST 2013 Wed Aug 7 10:51:15 CST 2013 # write an endless loop [root @ serv02 ~] # While:; do ntpdate192.168.1.11; sleep 3; done 7Aug 10:53:27 ntpdate [1380]: adjust time server 192.168.1.11 offset-0.20.66sec 7Aug 10:53:31 ntpdate [1382]: adjust time server 192.168.1.11 offset 0.000133 sec [root @ serv01 ~] # Date-s "10:57:00" Wed Aug 7 CST 2013 [root @ serv01 ~] # Ssh 192.168.1.11 date; ssh192.168.1.12 date Wed Aug 7 10:57:12 CST 2013 Wed Aug 7 10:57:13 CST 2013 # it can be executed in the background [root @ serv02 ~] # While:; do ntpdate192.168.1.11; sleep 3; done>/dev/null 2> & 1 & # write it to the configuration file and run the command automatically at the next startup [root @ serv02 ~] # Vim/etc/rc. local [root @ serv02 ~] # Tail-n1/etc/rc. local while:; do ntpdate 192.168.1.11; sleep 3; done>/dev/null 2> & 1 & # Another method (insecure: anyone in the same network segment can use it) serv01 [root @ serv01 ~] # Chkconfig xinetd on [root @ serv01 ~] # Vim/etc/xinetd. d/chargen-dgram daytime-dgram discard-dgram echo-dgram tcpmux-server time-stream chargen-stream daytime-stream discard-stream echo-stream time-dgram # change disbale from yes change to no [root @ serv01 ~] # Vim/etc/xinetd. d/time-stream # change disbale from yes to no [root @ serv01 ~] # Vim/etc/xinetd. d/time-dgram # You can also open [root @ serv01 ~] # Chkconfig time-stream on [root @ serv01 ~] # Chkconfig time-dgram on # Start the xinetd service [root @ serv01 ~] #/Etc/init. d/xinetd start Starting xinetd: [OK] # install openssh-clients [root @ serv01 ~] # Yum installopenssh-clients-y # Create a public key [root @ serv01 ~] # Ssh-keygen # Copy to local Machine [root @ serv01 ~] # Ssh-copy-id-I. ssh/id_rsa.pub 192.168.1.11 # copy to serv02 [root @ serv01 ~] # Ssh-copy-id-I. ssh/id_rsa.pub 192.168.1.12 # set the time [root @ serv01 ~] # Date-s "11:36:00" Wed Aug 7 11:36:00 CST 2013 # install rdate [root @ serv02/] # yum install rdate-y # synchronization time [root @ serv02/] # rdate- s 192.168.1.11 [root @ serv01 ~] # Ssh 192.168.1.11 date; ssh192.168.1.12 date; Wed Aug 7 11:36:29 CST 2013 Wed Aug 7 11:36:28 CST 2013 # writable endless loop [root @ serv02 ~] # While:; do rdate-s192.168.1.11; sleep 3; done>/dev/null 2> & 1 & ^ C [root @ serv02 ~] # Vi/etc/rc. local [root @ serv02 ~] # Tail-n1/etc/rc. local while:; do rdate-s 192.168.1.11; sleep 3; done>/dev/null 2> & 1 &