linux中配置NTP基本操作

计算机的系统时间是由计算机内的石英晶体震荡电路以固定的震荡频率产生的

date 查看当前时区
vim /etc/sysconfig/clock  修改时区配置文件
ZONE="America/New_York"
#改为
ZONE="Asia/Shanghai"

覆盖 /etc/localtime
cp -a /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
cp: overwrite `/etc/localtime'? y
date 111317402016  修改系统时间
hwclock -w 将系统时间同步到硬件时间

rpm -qa |grep ntp检查 NTP 是否安装
yum install ntp* -y  安装ntp

vim /etc/sysconfig/ntpdate 设置同步更新本地hwclock
在 Linux 下系统时间在开机的时候会和硬件时间同步(synchronization),之后也就各自独立运行了那么既然两个时钟独自运行,那么时间久了必然就会产生误差了,而 NTP 默认又只更新系统时间,因此我们需要设置硬件时钟进行同步调整

[root@mini ~]# vim /etc/ntp.conf       #ntp配置文件
For more information about this file, see the man pages
# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).

driftfile /var/lib/ntp/drift

# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
restrict default kod nomodify notrap nopeer noquery#禁用全部地址对NTPD各服务的访问
restrict -6 default kod nomodify notrap nopeer noquery

# Permit all access over the loopback interface.  This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1#允许本机地址（127.0.0.1）对NTPD各服务的访问
restrict -6 ::1  #ipv6

# Hosts on local network are less restricted.
restrict 192.168.100.0 mask 255.255.255.0 nomodify notrap #允许地址段192.168.100.0对NTPD各服务的访问，但不允许此地址段内客户端修改NTPD服务器时间

# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
#server 0.rhel.pool.ntp.org
#server 1.rhel.pool.ntp.org
#server 2.rhel.pool.ntp.org

#broadcast 192.168.1.255 autokey        # broadcast server
#broadcastclient                        # broadcast client
#broadcast 224.0.1.1 autokey            # multicast server
#multicastclient 224.0.1.1              # multicast client
#manycastserver 239.255.254.254         # manycast server
#manycastclient 239.255.254.254 autokey # manycast client

# Undisciplined Local Clock. This is a fake driver intended for backup
# and when no outside source of synchronized time is available.
server  127.127.1.0     # local clock  #外部时间服务器不可用时，以本地时间作为时间服务
fudge   127.127.1.0 stratum 10 #设置本地时钟源的层次为10，这样如果NTPD服务从本地时钟源获取时间的话，NTPD对外宣布的时间层次为11
...........................................................

service ntpd restart 重启服务ntp
ps aux |  grep ntpd  查看ntp进程
ntpq -p列出目前ntp相关的状态

vim /etc/selinux/config 将防火墙关闭
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
#     targeted - Targeted processes are protected,
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

ntpdate server地址  客户机同步服务器时间
注:同步需要一段时间