1、什么是NTP?
Network Time Protocol 网络时间协议,是用来使盘算机时间同步化的一种协议。
2、linux下安装ntp服务器(在线安装):
以CentOS 7为例:
先查看是否已经安装ntp组件:rpm -qa |grep ntp ,如返回效果为空,说明未安装,执行下面命令安装。
yum install -y ntp
假如安装不报错则直接查看下面步调 3、假如使用 Yum 命令安装遇到下图报错信息:
Cannot find a valid baseurl for repo:base/7/x86_64
对上述报错进行处理,分析题目原因:
1)可能无法访问外网:ping www.baidu.com ,假如能ping通说明可以访问外网,不是网络题目(ping不通必要处理网络题目)
2)假如网络正常,题目可能是当前的镜像源出现故障大概当前网络无法访问镜像源。可以实验更换为其他可用的镜像源。
vi /etc/yum.repos.d/CentOS-Base.repo
下图加粗字体加入了阿里云镜像源,将原来镜像源注释掉。
[base] name=CentOS-$releasever - Base #mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os&infra=$infra #baseurl=CentOS Mirror$releasever/os/$basearch/ baseurl=centos安装包下载_开源镜像站-阿里云$releasever/os/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
#released updates [updates] name=CentOS-$releasever - Updates #mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates&infra=$infra #baseurl=CentOS Mirror$releasever/updates/$basearch/ baseurl=centos安装包下载_开源镜像站-阿里云$releasever/updates/$basearch/
gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
#additional packages that may be useful [extras] name=CentOS-$releasever - Extras #mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras&infra=$infra #baseurl=CentOS Mirror$releasever/extras/$basearch/ baseurl=centos安装包下载_开源镜像站-阿里云$releasever/extras/$basearch/
gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
#additional packages that extend functionality of existing packages [centosplus] name=CentOS-$releasever - Plus #mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus&infra=$infra #baseurl=CentOS Mirror$releasever/centosplus/$basearch/ baseurl=centos安装包下载_开源镜像站-阿里云$releasever/centosplus/$basearch/ gpgcheck=1 enabled=0 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
修改完成后再次安装ntp成功:
yum install -y ntp
3)假如还未成功查看dns设置,系统的 DNS 设置也可能有题目。可以实验修改 /etc/resolv.conf 文件,添加可靠的 DNS 服务器地址,比方 8.8.8.8 和 8.8.4.4 。
vi /etc/resolv.conf nameserver 8.8.8.8 nameserver 8.8.4.4
3、安装完成开放防火墙端口,对于linux系统:
使用iptables的命令如下:
- sudo iptables -A INPUT -p udp --dport 123 -j ACCEPT
- sudo iptables -A OUTPUT -p udp --sport 123 -j ACCEPT
- sudo firewall-cmd --permanent --add-port=123/udp
- sudo firewall-cmd --reload
vi /etc/ntp.conf
- # For more information about this file, see the man pages
- # ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
-
- driftfile /var/lib/ntp/drift
-
- # Permit time synchronization with our time source, but do not
- # permit the source to query or modify the service on this system.
- restrict default nomodify notrap nopeer noquery
-
- # Permit all access over the loopback interface. This could
- # be tightened as well, but to do so would effect some of
- # the administrative functions.
- #restrict 127.0.0.1 #允许本机向ntp服务器源同步时间
- #restrict ::1
- restrict efault ignore #此处是所有客户端设备均可访问同步ntp服务器
- # Hosts on local network are less restricted.
- #restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap //此处配置是支持部分客户端设备(指定网段内的设备)访问ntp服务器进行时间同步
- #配置ntp服务器同步的源 prefer表示优先选择同步的源
- server pool.ntp.org prefer
- server ntp.aliyun.com
- server cn.ntp.org.cn
-
- includefile /etc/ntp/crypto/pw
-
- # Key file containing the keys and key identifiers used when operating
- # with symmetric key cryptography.
- keys /etc/ntp/keys
- disable monitor
5、客户端验证
1)windows客户端验证:
在控制面板->时钟和地区->日期和时间->Internet时间 填写设置的ntp服务器域名大概ip地址,立刻更新验证。
2)linux客户端验证
验证条件是客户端也已安装ntp服务器,设置ntp.conf,无需设置restrict项,server项设置服务端的ip作为ntp源
修改设置文件:vi /etc/ntp.conf
- # For more information about this file, see the man pages
- # ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
-
- driftfile /var/lib/ntp/drift
-
- #配置ntp服务器同步的源 prefer表示优先选择同步的源
- server 192.168.1.78 prefer
-
- includefile /etc/ntp/crypto/pw
- keys /etc/ntp/keys
- disable monitor
免责声明:如果侵犯了您的权益,请联系站长,我们会及时删除侵权内容,谢谢合作!更多信息从访问主页:qidao123.com:ToB企服之家,中国第一个企服评测及商务社交产业平台。 |
