此文轉自http://www.cnblogs.com/Csir/p/6912527.html,不足之處,多多指教
=======================環境=========================
server端
[root@zabbix ~]# hostname zabbix [root@zabbix ~]# hostname -I 10.0.0.120 172.16.1.120
先說下環境,我這裏是用ansible批量執行的。server端爲外網爲10.0.0.120。
目標是讓客戶端四臺機器作到時間同步,一秒不差html
[root@zabbix ~]# cat /etc/ansible/hosts [client] 172.16.1.51 172.16.1.52 172.16.1.53 172.16.1.250
防火牆關閉:
[root@zabbix ~]# systemctl status firewalld.service firewalld.service - firewalld - dynamic firewall daemon Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled) Active: inactive (dead)
selinux關閉:
[root@zabbix ~]# getenforce Disabled [root@localhost ~]# systemctl status chrony ● chrony.service Loaded: not-found (Reason: No such file or directory) Active: inactive (dead)
========================服務端=========================linux
1.安裝chrony(全部機器)
yum install chrony -y
2.啓動chrony
[root@zabbix ~]# systemctl start chronyd.service [root@zabbix ~]# systemctl status chronyd.service ???chronyd.service - NTP client/server Loaded: loaded (/usr/lib/systemd/system/chronyd.service; enabled; vendor preset: enabled) Active: active (running) since Sat 2017-05-27 11:47:43 CST; 4s ago
3.編輯配置文件(注意:如今是服務器端的修改)
22 allow 10.0.0.0/24 23 24 # Listen for commands only on localhost. 25 bindcmdaddress 127.0.0.1 26 bindcmdaddress ::1 27 28 # Serve time even if not synchronized to any NTP server. 29 local stratum 10 #第22行設置爲本網段 #第29行的註釋取消
4.查看配置文件以下
[root@zabbix ~]# egrep -v "#|^$" /etc/chrony.conf server ntp1.aliyun.com server time1.aliyun.com stratumweight 0 driftfile /var/lib/chrony/drift rtcsync makestep 10 3 allow 10.0.0.0/24 bindcmdaddress 127.0.0.1 bindcmdaddress ::1 local stratum 10 keyfile /etc/chrony.keys commandkey 1 generatecommandkey noclientlog logchange 0.5 logdir /var/log/chrony
5.重啓時間同步服務
[root@zabbix ~]# systemctl restart chronyd.service
======================客戶端=====================shell
方法一
客戶端的配置文件是同一個文件(/etc/chrony.conf)
1.刪掉哪些沒用的server xxxxxxxxxx iburst
1 # Use public servers from the pool.ntp.org project. 2 # Please consider joining the pool (http://www.pool.ntp.org/j oin.html). 3 server 10.0.0.120 iburst 4 # Ignore stratum in source selection.
2.在server端把配置文件編輯好而後用ansible批量分發過去
[root@zabbix ~]# ansible client -m copy -a "src=/root/chrony.conf dest=/etc/" 172.16.1.250 | SUCCESS => { "changed": true, "checksum": "52bda81d895de3c7c54886d342e5eec074df757e", "dest": "/etc/chrony.conf", "gid": 0, "group": "root", "md5sum": "aee9cc7faa70a0c189033cdb8692e4b1", "mode": "0644", "owner": "root", "size": 1038, "src": "/root/.ansible/tmp/ansible-tmp-1495860905.35-183232559888238/source", "state": "file", "uid": 0 } 172.16.1.53 | SUCCESS => { "changed": true, "checksum": "52bda81d895de3c7c54886d342e5eec074df757e", "dest": "/etc/chrony.conf", "gid": 0, "group": "root", "md5sum": "aee9cc7faa70a0c189033cdb8692e4b1", "mode": "0644", "owner": "root", "size": 1038, "src": "/root/.ansible/tmp/ansible-tmp-1495860905.34-134007063835838/source", "state": "file", "uid": 0 } 172.16.1.51 | SUCCESS => { "changed": true, "checksum": "52bda81d895de3c7c54886d342e5eec074df757e", "dest": "/etc/chrony.conf", "gid": 0, "group": "root", "md5sum": "aee9cc7faa70a0c189033cdb8692e4b1", "mode": "0644", "owner": "root", "size": 1038, "src": "/root/.ansible/tmp/ansible-tmp-1495860905.43-104570916452677/source", "state": "file", "uid": 0 } 172.16.1.52 | SUCCESS => { "changed": true, "checksum": "52bda81d895de3c7c54886d342e5eec074df757e", "dest": "/etc/chrony.conf", "gid": 0, "group": "root", "md5sum": "aee9cc7faa70a0c189033cdb8692e4b1", "mode": "0644", "owner": "root", "size": 1038, "src": "/root/.ansible/tmp/ansible-tmp-1495860905.43-40575778655199/source", "state": "file", "uid": 0 }
3.啓動同步服務,防火牆也須要關閉
[root@zabbix ~]# ansible client -m shell -a "systemctl start chronyd.service" 172.16.1.53 | SUCCESS | rc=0 >> 172.16.1.250 | SUCCESS | rc=0 >> 172.16.1.52 | SUCCESS | rc=0 >> 172.16.1.51 | SUCCESS | rc=0 >>
4.注意客戶端時間同步定時任務關閉
[root@zabbix ~]# ansible client -m shell -a "crontab -l" 172.16.1.51 | SUCCESS | rc=0 >> 172.16.1.250 | SUCCESS | rc=0 >> 172.16.1.53 | SUCCESS | rc=0 >> 172.16.1.52 | SUCCESS | rc=0 >>
5.Centos7依然能夠用ntpdate命令同步時間
[root@zabbix ~]# ansible client -m shell -a "ntpdate 10.0.0.120" 172.16.1.53 | SUCCESS | rc=0 >> 27 May 13:05:57 ntpdate[26817]: adjust time server 10.0.0.120 offset -0.001686 sec 172.16.1.250 | SUCCESS | rc=0 >> 27 May 13:05:57 ntpdate[17419]: adjust time server 10.0.0.120 offset -0.004419 sec 172.16.1.52 | SUCCESS | rc=0 >> 27 May 13:05:57 ntpdate[50111]: adjust time server 10.0.0.120 offset -0.004410 sec 172.16.1.51 | SUCCESS | rc=0 >> 27 May 13:05:57 ntpdate[114089]: adjust time server 10.0.0.120 offset -0.000597 sec
6.查看時間,如今已經都同步了,一秒不差
[root@zabbix ~]# ansible client -m shell -a "date" 172.16.1.250 | SUCCESS | rc=0 >> Sat May 27 13:06:04 CST 2017 172.16.1.51 | SUCCESS | rc=0 >> Sat May 27 13:06:04 CST 2017 172.16.1.53 | SUCCESS | rc=0 >> Sat May 27 13:06:04 CST 2017 172.16.1.52 | SUCCESS | rc=0 >> Sat May 27 13:06:04 CST 2017
方法二:放入定時任務
[root@zabbix ~]# ansible client -m cron -a "name='time sync' minute=*/5 job='/usr/sbin/ntpdate 10.0.0.120 &>/dev/null'" 172.16.1.51 | SUCCESS => { "changed": true, "envs": [], "jobs": [ "time sync" ] } 172.16.1.52 | SUCCESS => { "changed": true, "envs": [], "jobs": [ "time sync" ] } 172.16.1.53 | SUCCESS => { "changed": true, "envs": [], "jobs": [ "time sync" ] } 172.16.1.250 | SUCCESS => { "changed": true, "envs": [], "jobs": [ "time sync" ] } [root@zabbix ~]# ansible client -m shell -a "crontab -l" 172.16.1.51 | SUCCESS | rc=0 >> #Ansible: time sync */5 * * * * /usr/sbin/ntpdate 10.0.0.120 &>/dev/null 172.16.1.52 | SUCCESS | rc=0 >> #Ansible: time sync */5 * * * * /usr/sbin/ntpdate 10.0.0.120 &>/dev/null 172.16.1.53 | SUCCESS | rc=0 >> #Ansible: time sync */5 * * * * /usr/sbin/ntpdate 10.0.0.120 &>/dev/null 172.16.1.250 | SUCCESS | rc=0 >> #Ansible: time sync */5 * * * * /usr/sbin/ntpdate 10.0.0.120 &>/dev/null