chrony软件使用说明
1.1.1 chrony简介
Chrony是一个开源的自由软件,它能保持系统时钟与时钟服务器(NTP)同步,让时间保持精确。
它由两个程序组成:chronyd和chronyc。
chronyd是一个后台运行的守护进程,用于调整内核中运行的系统时钟和时钟服务器同步。它确定计算机增减时间的比率,并对此进行补偿。
chrony是CentOS7.x上自带的时间同步软件
1.1.2 chrony的操作
1.1.3 chrony配置文件
chrony服务使用的配置文件为/etc/chrony.conf
其配置内容格式和ntpd服务基本相似
Record the rate at which the system clock gains/losses time.
driftfile /var/lib/chrony/drift
Allow the system clock to be stepped in the first three updates
if its offset is larger than 1 second.
makestep 1.0 3
Enable kernel synchronization of the real-time clock (RTC).
rtcsync
Enable hardware timestamping on all interfaces that support it.
#hwtimestamp *
Increase the minimum number of selectable sources required to adjust
the system clock.
#minsources 2
Allow NTP client access from local network.
#allow 192.168.0.0/16
Serve time even if not synchronized to a time source.
#local stratum 10
Specify file containing keys for NTP authentication.
#keyfile /etc/chrony.keys
Specify directory for log files.
logdir /var/log/chrony
Select which information is logged.
#log measurements statistics tracking
1.1.4 配置参数说明
<td style="width: 396.75pt; border-top-width: 1pt; border-right-width: 1pt; border-bottom-width: 1pt; border-top-color: white; border-right-color: white; border-bottom-color: white; border-left: none; background: #9bbb59; padding: 0cm 5.4pt;" width="529">
<p class="MsoNormal" style="text-align: center; mso-yfti-cnfc: 1;" align="center">
<strong><span style="font-family: '微软雅黑',sans-serif; mso-ascii-font-family: 'Courier New'; mso-hansi-font-family: 'Courier New'; color: white; mso-themecolor: background1;">参数说明</span></strong>
</p>
</td>
<td style="width: 396.75pt; border-top: none; border-left: none; border-bottom-width: 1pt; border-bottom-color: white; border-right-width: 1pt; border-right-color: white; background: #d6e3bc; padding: 0cm 5.4pt;" width="529">
<p class="MsoNormal" style="text-align: justify; text-justify: inter-ideograph; mso-yfti-cnfc: 64;">
<span style="font-family: '微软雅黑',sans-serif; mso-ascii-font-family: 'Courier New'; mso-hansi-font-family: 'Courier New';">该参数可以多次用于添加时钟服务器,必须以</span><span lang="EN-US">"server "</span><span style="font-family: '微软雅黑',sans-serif; mso-ascii-font-family: 'Courier New'; mso-hansi-font-family: 'Courier New';">格式使用。一般而言,你想添加多少服务器,就可以添加多少服务器</span>
</p>
</td>
<td style="width: 396.75pt; border-top: none; border-left: none; border-bottom-width: 1pt; border-bottom-color: white; border-right-width: 1pt; border-right-color: white; background: #eaf1dd; padding: 0cm 5.4pt;" width="529">
<p class="MsoNormal" style="text-align: justify; text-justify: inter-ideograph;">
<span lang="EN-US">stratumweight</span><span style="font-family: '微软雅黑',sans-serif; mso-ascii-font-family: 'Courier New'; mso-hansi-font-family: 'Courier New';">指令设置当</span><span lang="EN-US">chronyd</span><span style="font-family: '微软雅黑',sans-serif; mso-ascii-font-family: 'Courier New'; mso-hansi-font-family: 'Courier New';">从可用源中选择同步源时,每个层应该添加多少距离到同步距离。默认情况下,</span><span lang="EN-US">CentOS</span><span style="font-family: '微软雅黑',sans-serif; mso-ascii-font-family: 'Courier New'; mso-hansi-font-family: 'Courier New';">中设置为</span><span lang="EN-US"></span><span style="font-family: '微软雅黑',sans-serif; mso-ascii-font-family: 'Courier New'; mso-hansi-font-family: 'Courier New';">,让</span><span lang="EN-US">chronyd</span><span style="font-family: '微软雅黑',sans-serif; mso-ascii-font-family: 'Courier New'; mso-hansi-font-family: 'Courier New';">在选择源时忽略源的层级</span>
</p>
</td>
<td style="width: 396.75pt; border-top: none; border-left: none; border-bottom-width: 1pt; border-bottom-color: white; border-right-width: 1pt; border-right-color: white; background: #d6e3bc; padding: 0cm 5.4pt;" width="529">
<p class="MsoNormal" style="text-align: justify; text-justify: inter-ideograph; mso-yfti-cnfc: 64;">
<span lang="EN-US">chronyd</span><span style="font-family: '微软雅黑',sans-serif; mso-ascii-font-family: 'Courier New'; mso-hansi-font-family: 'Courier New';">程序的主要行为之一,就是根据实际时间计算出计算机增减时间的比率,将它记录到一个文件中是最合理的,它会在重启后为系统时钟作出补偿,甚至可能的话,会从时钟服务器获得较好的估值</span>
</p>
</td>
<td style="width: 396.75pt; border-top: none; border-left: none; border-bottom-width: 1pt; border-bottom-color: white; border-right-width: 1pt; border-right-color: white; background: #eaf1dd; padding: 0cm 5.4pt;" width="529">
<p class="MsoNormal" style="text-align: justify; text-justify: inter-ideograph;">
<span lang="EN-US">rtcsync</span><span style="font-family: '微软雅黑',sans-serif; mso-ascii-font-family: 'Courier New'; mso-hansi-font-family: 'Courier New';">指令将启用一个内核模式,在该模式中,系统时间每</span><span lang="EN-US">11</span><span style="font-family: '微软雅黑',sans-serif; mso-ascii-font-family: 'Courier New'; mso-hansi-font-family: 'Courier New';">分钟会拷贝到实时时钟(</span><span lang="EN-US">RTC</span><span style="font-family: '微软雅黑',sans-serif; mso-ascii-font-family: 'Courier New'; mso-hansi-font-family: 'Courier New';">)</span>
</p>
</td>
<td style="width: 396.75pt; border-top: none; border-left: none; border-bottom-width: 1pt; border-bottom-color: white; border-right-width: 1pt; border-right-color: white; background: #d6e3bc; padding: 0cm 5.4pt;" width="529">
<p class="MsoNormal" style="text-align: justify; text-justify: inter-ideograph; mso-yfti-cnfc: 64;">
<span style="font-family: '微软雅黑',sans-serif; mso-ascii-font-family: 'Courier New'; mso-hansi-font-family: 'Courier New';">这里你可以指定一台主机、子网,或者网络以允许或拒绝</span><span lang="EN-US">NTP</span><span style="font-family: '微软雅黑',sans-serif; mso-ascii-font-family: 'Courier New'; mso-hansi-font-family: 'Courier New';">连接到扮演时钟服务器的机器</span>
</p>
</td>
<td style="width: 396.75pt; border-top: none; border-left: none; border-bottom-width: 1pt; border-bottom-color: white; border-right-width: 1pt; border-right-color: white; background: #eaf1dd; padding: 0cm 5.4pt;" width="529">
<p class="MsoNormal" style="text-align: justify; text-justify: inter-ideograph;">
<span style="font-family: '微软雅黑',sans-serif; mso-ascii-font-family: 'Courier New'; mso-hansi-font-family: 'Courier New';">跟上面相类似,只是你可以指定哪个</span><span lang="EN-US">IP</span><span style="font-family: '微软雅黑',sans-serif; mso-ascii-font-family: 'Courier New'; mso-hansi-font-family: 'Courier New';">地址或哪台主机可以通过</span><span lang="EN-US">chronyd</span><span style="font-family: '微软雅黑',sans-serif; mso-ascii-font-family: 'Courier New'; mso-hansi-font-family: 'Courier New';">使用控制命令</span>
</p>
</td>
<td style="width: 396.75pt; border-top: none; border-left: none; border-bottom-width: 1pt; border-bottom-color: white; border-right-width: 1pt; border-right-color: white; background: #d6e3bc; padding: 0cm 5.4pt;" width="529">
<p class="MsoNormal" style="text-align: justify; text-justify: inter-ideograph; mso-yfti-cnfc: 64;">
<span style="font-family: '微软雅黑',sans-serif; mso-ascii-font-family: 'Courier New'; mso-hansi-font-family: 'Courier New';">该指令允许你限制</span><span lang="EN-US">chronyd</span><span style="font-family: '微软雅黑',sans-serif; mso-ascii-font-family: 'Courier New'; mso-hansi-font-family: 'Courier New';">监听哪个网络接口的命令包(由</span><span lang="EN-US">chronyc</span><span style="font-family: '微软雅黑',sans-serif; mso-ascii-font-family: 'Courier New'; mso-hansi-font-family: 'Courier New';">执行)。该指令通过</span><span lang="EN-US">cmddeny</span><span style="font-family: '微软雅黑',sans-serif; mso-ascii-font-family: 'Courier New'; mso-hansi-font-family: 'Courier New';">机制提供了一个除上述限制以外可用的额外的访问控制等级</span>
</p>
</td>
<td style="width: 396.75pt; border-top: none; border-left: none; border-bottom-width: 1pt; border-bottom-color: white; border-right-width: 1pt; border-right-color: white; background: #eaf1dd; padding: 0cm 5.4pt;" width="529">
<p class="MsoNormal" style="text-align: justify; text-justify: inter-ideograph;">
<span style="font-family: '微软雅黑',sans-serif; mso-ascii-font-family: 'Courier New'; mso-hansi-font-family: 'Courier New';">通常,</span><span lang="EN-US">chronyd</span><span style="font-family: '微软雅黑',sans-serif; mso-ascii-font-family: 'Courier New'; mso-hansi-font-family: 'Courier New';">将根据需求通过减慢或加速时钟,使得系统逐步纠正所有时间偏差。在某些特定情况下,系统时钟可能会漂移过快,导致该调整过程消耗很长的时间来纠正系统时钟。该指令强制</span><span lang="EN-US">chronyd</span><span style="font-family: '微软雅黑',sans-serif; mso-ascii-font-family: 'Courier New'; mso-hansi-font-family: 'Courier New';">在调整期大于某个阀值时步进调整系统时钟,但只有在因为</span><span lang="EN-US">chronyd</span><span style="font-family: '微软雅黑',sans-serif; mso-ascii-font-family: 'Courier New'; mso-hansi-font-family: 'Courier New';">启动时间超过指定限制(可使用负值来禁用限制),没有更多时钟更新时才生效</span>
</p>
</td>
检查ntp源服务器状态1.1.5 查看同步状态
查看ntp详细的同步状态
.– Source mode ’^’ = server, ’=’ = peer, ’#’ = local clock.
/ .- Source state ’’ = current synced, ’+’ = combined , ’-’ = not combined,
| / ’?’ = unreachable, ’x’ = time may be in error, ’~’ = time too variable.
|| .- xxxx [ yyyy ] +/- zzzz
|| Reachability register (octal) -. | xxxx = adjusted offset,
|| Log2(Polling interval) –. | | yyyy = measured offset,
|| \ | | zzzz = estimated error.
|| | |
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^? 61-216-153-105.HINET-IP.> 10 - +0ns[ +0ns] +/- 0ns
^ dns1.synet.edu.cn 2 8 377 38 +536us[+6474us] +/- 21ms
^? ntp2.itcompliance.dk 10 - +0ns[ +0ns] +/- 0ns
^- mx.comglobalit.com 2 10 377 477 +37ms[ +45ms] +/- 210ms
chronyc****命令参数说明:
<td style="width: 248.05pt; border-top-width: 1pt; border-right-width: 1pt; border-bottom-width: 1pt; border-top-color: #4bacc6; border-right-color: #4bacc6; border-bottom-color: #4bacc6; border-left: none; background: #4bacc6; padding: 0cm 5.4pt;" valign="top" width="331">
<p class="MsoNormal" style="text-align: center; mso-yfti-cnfc: 1;" align="center">
<strong><span style="font-family: '微软雅黑',sans-serif; mso-ascii-font-family: 'Courier New'; mso-hansi-font-family: 'Courier New'; color: white; mso-themecolor: background1;">参数说明</span></strong>
</p>
</td>
<td style="width: 248.05pt; border-top: none; border-left: none; border-bottom-width: 1pt; border-bottom-color: #92cddc; border-right-width: 1pt; border-right-color: #92cddc; background: #daeef3; padding: 0cm 5.4pt;" valign="top" width="331">
<p class="MsoNormal">
<span style="font-family: '微软雅黑',sans-serif; mso-ascii-font-family: 'Courier New'; mso-hansi-font-family: 'Courier New';">检查</span><span lang="EN-US">NTP</span><span style="font-family: '微软雅黑',sans-serif; mso-ascii-font-family: 'Courier New'; mso-hansi-font-family: 'Courier New';">访问是否对特定主机可用</span>
</p>
</td>
<td style="width: 248.05pt; border-top: none; border-left: none; border-bottom-width: 1pt; border-bottom-color: #92cddc; border-right-width: 1pt; border-right-color: #92cddc; padding: 0cm 5.4pt;" valign="top" width="331">
<p class="MsoNormal">
<span style="font-family: '微软雅黑',sans-serif; mso-ascii-font-family: 'Courier New'; mso-hansi-font-family: 'Courier New';">该命令会显示有多少</span><span lang="EN-US">NTP</span><span style="font-family: '微软雅黑',sans-serif; mso-ascii-font-family: 'Courier New'; mso-hansi-font-family: 'Courier New';">源在线</span><span lang="EN-US">/</span><span style="font-family: '微软雅黑',sans-serif; mso-ascii-font-family: 'Courier New'; mso-hansi-font-family: 'Courier New';">离线</span>
</p>
</td>
<td style="width: 248.05pt; border-top: none; border-left: none; border-bottom-width: 1pt; border-bottom-color: #92cddc; border-right-width: 1pt; border-right-color: #92cddc; background: #daeef3; padding: 0cm 5.4pt;" valign="top" width="331">
<p class="MsoNormal">
<span style="font-family: '微软雅黑',sans-serif; mso-ascii-font-family: 'Courier New'; mso-hansi-font-family: 'Courier New';">手动添加一台新的</span><span lang="EN-US">NTP</span><span style="font-family: '微软雅黑',sans-serif; mso-ascii-font-family: 'Courier New'; mso-hansi-font-family: 'Courier New';">服务器。</span>
</p>
</td>
<td style="width: 248.05pt; border-top: none; border-left: none; border-bottom-width: 1pt; border-bottom-color: #92cddc; border-right-width: 1pt; border-right-color: #92cddc; padding: 0cm 5.4pt;" valign="top" width="331">
<p class="MsoNormal">
<span style="font-family: '微软雅黑',sans-serif; mso-ascii-font-family: 'Courier New'; mso-hansi-font-family: 'Courier New';">在客户端报告已访问到服务器</span>
</p>
</td>
<td style="width: 248.05pt; border-top: none; border-left: none; border-bottom-width: 1pt; border-bottom-color: #92cddc; border-right-width: 1pt; border-right-color: #92cddc; background: #daeef3; padding: 0cm 5.4pt;" valign="top" width="331">
<p class="MsoNormal">
<span style="font-family: '微软雅黑',sans-serif; mso-ascii-font-family: 'Courier New'; mso-hansi-font-family: 'Courier New';">手动移除</span><span lang="EN-US">NTP</span><span style="font-family: '微软雅黑',sans-serif; mso-ascii-font-family: 'Courier New'; mso-hansi-font-family: 'Courier New';">服务器或对等服务器</span>
</p>
</td>
<td style="width: 248.05pt; border-top: none; border-left: none; border-bottom-width: 1pt; border-bottom-color: #92cddc; border-right-width: 1pt; border-right-color: #92cddc; padding: 0cm 5.4pt;" valign="top" width="331">
<p class="MsoNormal">
<span style="font-family: '微软雅黑',sans-serif; mso-ascii-font-family: 'Courier New'; mso-hansi-font-family: 'Courier New';">手动设置守护进程时间</span>
</p>
</td>
<td style="width: 248.05pt; border-top: none; border-left: none; border-bottom-width: 1pt; border-bottom-color: #92cddc; border-right-width: 1pt; border-right-color: #92cddc; background: #daeef3; padding: 0cm 5.4pt;" valign="top" width="331">
<p class="MsoNormal">
<span style="font-family: '微软雅黑',sans-serif; mso-ascii-font-family: 'Courier New'; mso-hansi-font-family: 'Courier New';">显示系统时间信息</span>
</p>
</td>
<li>
<a href="#12">1.2 说明</a>
</li>
- 原文作者:惨绿少年
- 原文链接:https://clsn.io/clsn/lx774.html
- 版权声明:本作品采用知识共享署名-非商业性使用-禁止演绎 4.0 国际许可协议进行许可,非商业转载请注明出处(作者,原文链接),商业转载请联系作者获得授权。