场景：内网主机需要搭建 NTP 服务，设置一台主机作为服务端，其他主机作为客户端。

1 、服务端

1.1 、检查服务是否存在

如果服务存在可以跳过1.2、1.3，直接进行配置文件修改

systemctl status chronyd

1.2、上传安装包

如果不存在需要上传安装包，如果存在可以跳过此步骤。

上传后进行解压：

# 解压到 /root目录下
[root@Centos package]# unzip chrony.zip -d /root# 解压后得到chrony目录，包含rpm包和chrony.conf配置文件
[root@Centos chrony]# ll
总用量 248
-rw-r--r-- 1 root root 248708 4月  25 2018 chrony-3.2-2.el7.x86_64.rpm
-rw-r--r-- 1 root root   1174 11月 10 2021 chrony.conf
[root@Centos chrony]# pwd
/root/chrony

上传依赖包：

依赖包：libseccomp-2.3.1-4.el7.x86_64.rpm （根据系统而定）

1.3 、安装

先安装依赖

root@Centos package]# rpm -ivh libseccomp-2.3.1-4.el7.x86_64.rpm 
警告：libseccomp-2.3.1-4.el7.x86_64.rpm: 头V3 RSA/SHA256 Signature, 密钥 ID f4a80eb5: NOKEY
准备中...                          ################################# [100%]
正在升级/安装...1:libseccomp-2.3.1-4.el7           ################################# [100%]

在安装 chrony

root@Centos chrony]# rpm -ivh chrony-3.2-2.el7.x86_64.rpm 
警告：chrony-3.2-2.el7.x86_64.rpm: 头V3 RSA/SHA256 Signature, 密钥 ID f4a80eb5: NOKEY
准备中...                          ################################# [100%]
正在升级/安装...1:chrony-3.2-2.el7                 ################################# [100%]

查看状态

[root@Centos chrony]# systemctl status chronyd
● chronyd.service - NTP client/serverLoaded: loaded (/usr/lib/systemd/system/chronyd.service; enabled; vendor preset: enabled)Active: inactive (dead)Docs: man:chronyd(8)man:chrony.conf(5)

1.4、修改配置文件

备份原来配置文件

mv /etc/chrony.conf /etc/chrony.conf_bak
cp /root/chrony/chrony.conf /etc/

修改配置文件

# 服务端保留 15、19、22、33、36、42行
vim /etc/chrony.conf1 # Use public servers from the pool.ntp.org project.2 # Please consider joining the pool (http://www.pool.ntp.org/join.html).3 #server 0.centos.pool.ntp.org iburst4 #server 1.centos.pool.ntp.org iburst5 #server 2.centos.pool.ntp.org iburst6 #server 3.centos.pool.ntp.org iburst7 #server 127.0.0.1  iburst8 9 10 11 # 增加新的时间服务器12 # server 59.206.217.1 iburst13 14 # Record the rate at which the system clock gains/losses time.15 driftfile /var/lib/chrony/drift16 17 # Allow the system clock to be stepped in the first three updates18 # if its offset is larger than 1 second.19 makestep 1.0 320 21 # Enable kernel synchronization of the real-time clock (RTC).22 rtcsync23 24 # Enable hardware timestamping on all interfaces that support it.25 #hwtimestamp *26 27 # Increase the minimum number of selectable sources required to adjust28 # the system clock.29 #minsources 230 31 # Allow NTP client access from local network.32 #allow 192.168.0.0/1633 allow all34 35 # Serve time even if not synchronized to a time source.36 local stratum 1037 38 # Specify file containing keys for NTP authentication.39 #keyfile /etc/chrony.keys40 41 # Specify directory for log files.42 logdir /var/log/chrony43 44 # Select which information is logged.45 #log measurements statistics tracking

注意：如果服务端配置完成重启服务后，客户端配置后重启仍无法连接，需要看下36行注释是否取消，如果正常还不行可以使用nc测试下udp的123端口。

1.5、重启服务

systemctl start chronyd
systemctl status chronyd
netstat -anput |grep 123

2、客户端配置

2.1、查看服务状态

systemctl status chronyd

如果服务不存在参考客户端1.2、1.3步骤

2.2、修改配置文件

  # 保留7、10、14、17、36行，第7行为服务端IP地址vim /etc/chrony.conf1 # Use public servers from the pool.ntp.org project.2 # Please consider joining the pool (http://www.pool.ntp.org/join.html).3 # server 0.centos.pool.ntp.org iburst4 # server 1.centos.pool.ntp.org iburst5 # server 2.centos.pool.ntp.org iburst6 # server 3.centos.pool.ntp.org iburst7 server 10.10.37.25 iburst # 配置服务端IP地址8 9 # Record the rate at which the system clock gains/losses time.10 driftfile /var/lib/chrony/drift11 12 # Allow the system clock to be stepped in the first three updates13 # if its offset is larger than 1 second.14 makestep 1.0 315 16 # Enable kernel synchronization of the real-time clock (RTC).17 rtcsync18 19 # Enable hardware timestamping on all interfaces that support it.20 #hwtimestamp *21 22 # Increase the minimum number of selectable sources required to adjust23 # the system clock.24 #minsources 225 26 # Allow NTP client access from local network.27 #allow 192.168.0.0/1628 29 # Serve time even if not synchronized to a time source.30 #local stratum 1031 32 # Specify file containing keys for NTP authentication.33 #keyfile /etc/chrony.keys34 35 # Specify directory for log files.36 logdir /var/log/chrony37 38 # Select which information is logged.39 #log measurements statistics tracking

2.3、重启服务

systemctl start chronyd
systemctl status chronyd
netstat -anput |grep 123

2.4、查看同步情况

# ^*中的“*”代表是通的
root@Centos etc]# chronyc sources
210 Number of sources = 1
MS Name/IP address         Stratum Poll Reach LastRx Last sample               
===============================================================================
^* 10.10.37.25                  10  10   377   771    +39us[  +43us] +/-  461us

2.5、查看时间是否同步

date

3、相关包

chrony.zip

chrony.zip

依赖包