ntp时间服务器搭建

系统:

centos6.x

ntp服务器：

10.0.0.61

下载安装

yum install ntp ntpdate

修改配置文件：/etc/ntp/conf

[root@vpn scripts]# cat /etc/ntp.conf
 # For more information about this file, see the man pages
 # ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).

 driftfile /var/lib/ntp/drift

 # Permit time synchronization with our time source, but do not
 # permit the source to query or modify the service on this system.
 restrict default kod nomodify notrap nopeer noquery
 restrict -6 default kod nomodify notrap nopeer noquery

 # Permit all access over the loopback interface.  This could
 # be tightened as well, but to do so would effect some of
 # the administrative functions.
 restrict 127.0.0.1 
 restrict -6 ::1

 # Hosts on local network are less restricted.
 #restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
 service 172.16.1.61
 # Use public servers from the pool.ntp.org project.
 # Please consider joining the pool (http://www.pool.ntp.org/join.html).
 server 0.centos.pool.ntp.org
 server 1.centos.pool.ntp.org
 server 2.centos.pool.ntp.org
 server 3.centos.pool.ntp.org

 #broadcast 192.168.1.255 autokey   # broadcast server
 #broadcastclient           # broadcast client
 #broadcast 224.0.1.1 autokey       # multicast server
 #multicastclient 224.0.1.1     # multicast client
 #manycastserver 239.255.254.254        # manycast server
 #manycastclient 239.255.254.254 autokey # manycast client

 server 127.127.1.0
 fudge  127.127.1.0 stratum 10

 # Enable public key cryptography.
 #crypto

 includefile /etc/ntp/crypto/pw

 # Key file containing the keys and key identifiers used when operating
 # with symmetric key cryptography. 
 keys /etc/ntp/keys

 # Specify the key identifiers which are trusted.
 #trustedkey 4 8 42

 # Specify the key identifier to use with the ntpdc utility.
 #requestkey 8

 # Specify the key identifier to use with the ntpq utility.
 #controlkey 8

 # Enable writing of statistics records.
 #statistics clockstats cryptostats loopstats peerstats

启动服务

service ntpd start

检查

ntpq -p 
 [root@vpn scripts]# ntpq -p
 remote           refid      st t when poll reach   delay   offset  jitter
 ==============================================================================
 +ntp5.flashdance 194.58.202.20    2 u   55   64   17  226.709   11.084  13.639
  static-5-103-13 .GPS.            1 u  120   64    2  239.689   18.837   0.000
 *85.199.214.101  .GPS.            1 u   54   64   17  210.012   -3.548  16.501
  cn.ntp.faelix.n 185.134.196.169  2 u  115   64   16  236.597    2.159  23.535
  LOCAL(0)        .LOCL.          10 l   56   64   17    0.000    0.000   0.000

ps:jitter数值全部为0 的话表示失败，一般是防火墙未关闭，关闭即可

service iptables stop

或者：在vi /etc/sysconfig/iptables添加如下规则：

-A INPUT -m state --state NEW -m udp -p udp --dport 123 -j ACCEPT

客户端配置：

客户端安装ntp服务

[root@vpn scripts]# ansible all -m yum -a "name=ntp name=ntpdate state=installed"

配置ntp.conf文件

ansible all -m command -a "echo 10.0.0.61>>/etc/ntp.conf

手动同步时间

ansible all -m command -a "ntpdate 10.0.0.61"