1, Time zone concept
UTC(Universal Time Coordinated)
World coordinated time; The time obtained through rigorous calculation is accurate to seconds, and the error is within 0.9s, which is a more accurate world time than GMT.
GMT(Greenwich Mean Time)
gmt; Greenwich, London, UK, is defined as the place where the 0 ° longitude begins. The earth is divided into a time zone every 15 ° longitude, which is divided into 24 time zones, with a difference of one hour between adjacent time zones; Example: Beijing, China is located in Dongba district. GMT time is 8 hours slower than Beijing time.
CST:
CST can represent the following four different time zones at the same time
Central Standard Time (USA) UT-6:00 US standard time
Central Standard Time (Australia) UT+9:30 Australian standard time
China Standard Time UT+8:00
Cuba Standard Time UT-4:00 Cuba standard time
DST(Daylight Saving Time)
Save time in summer, i.e. daylight saving time; It is to adjust the time one hour earlier in order to make use of the sufficient light in summer. Many countries in North America and Europe implement daylight saving time;
2, ntp seerver setup
1. Time zone setting
[root@localhost ~]# timedatectl [root@localhost ~]# timedatectl list-timezones [root@localhost ~]# timedatectl set-timezone Asia/Shanghai
2. ntp server setup
Check to see if it is installed [root@localhost ~]# rpm -q ntp install [root@localhost ~]# yum install ntp -y Manual synchronization time [root@localhost ~]# ntpdate -u cn.pool.ntp.org
3. Modify ntp configuration
[root@localhost ~]# vim /etc/ntp.conf # For more information about this file, see the man pages # ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5). driftfile /var/lib/ntp/drift # Add: log directory logfile /var/log/ntpd.log # Permit time synchronization with our time source, but do not # permit the source to query or modify the service on this system. restrict default nomodify notrap nopeer noquery # Permit all access over the loopback interface. This could # be tightened as well, but to do so would effect some of # the administrative functions. restrict 127.0.0.1 restrict ::1 # New: all machines in the 172.16.128.0 network segment are authorized to query and synchronize time from this machine restrict 172.16.128.0 mask 255.255.255.0 nomodify notrap # Hosts on local network are less restricted. #restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap # Use public servers from the pool.ntp.org project. # Please consider joining the pool (http://www.pool.ntp.org/join.html). # Modifying: time server list server 0.cn.pool.ntp.org iburst server 1.cn.pool.ntp.org iburst server 2.cn.pool.ntp.org iburst server 3.cn.pool.ntp.org iburst # New: use local time when external time is unavailable server 172.16.128.171 iburst fudge 127.0.0.1 stratum 10 #broadcast 192.168.1.255 autokey # broadcast server #broadcastclient # broadcast client #broadcast 224.0.1.1 autokey # multicast server #multicastclient 224.0.1.1 # multicast client #manycastserver 239.255.254.254 # manycast server #manycastclient 239.255.254.254 autokey # manycast client # New: allows the upper layer time server to actively modify the local time restrict 0.cn.pool.ntp.org nomodify notrap noquery restrict 1.cn.pool.ntp.org nomodify notrap noquery restrict 2.cn.pool.ntp.org nomodify notrap noquery # Enable public key cryptography. #crypto includefile /etc/ntp/crypto/pw # Key file containing the keys and key identifiers used when operating # with symmetric key cryptography. keys /etc/ntp/keys # Specify the key identifiers which are trusted. #trustedkey 4 8 42 # Specify the key identifier to use with the ntpdc utility. #requestkey 8 # Specify the key identifier to use with the ntpq utility. #controlkey 8 # Enable writing of statistics records. #statistics clockstats cryptostats loopstats peerstats # Disable the monitoring facility to prevent amplification attacks using ntpdc # monlist command when default restrict does not include the noquery flag. See # CVE-2013-5211 for more details. # Note: Monitoring will not be disabled with the limited restriction flag. disable monitor
4. Start service
[root@localhost ~]# systemctl enable ntpd [root@localhost ~]# systemctl start ntpd
5. View synchronization status
[root@localhost ~]# ntpq -p remote refid st t when poll reach delay offset jitter ============================================================================== *114.118.7.161 123.139.33.3 2 u 36 64 77 23.196 6.770 1.028 +120.25.115.20 10.137.53.7 2 u 24 64 77 20.913 6.897 1.506 -139.199.215.251 100.122.36.196 2 u 22 64 77 21.854 8.122 1.458 -119.28.183.184 100.122.36.196 2 u 19 64 77 33.594 4.266 2.011 +ntp6.flashdance 194.58.202.148 2 u 91 64 72 268.044 6.483 1.516 +119.28.206.193 100.122.36.4 2 u 20 64 77 32.332 7.080 1.344 [root@localhost ~]# ntpstat synchronised to NTP server (114.118.7.161) at stratum 3 time correct to within 996 ms polling server every 64 s
ntpq -p detailed explanation
- remote: the name of the NTP server that responded to this request.
- refid: the upper level NTP server used by the NTP server.
- st: level of remote server. The server level is set to 1 - 16 from high to low. In order to reduce the load and network congestion, it is recommended to avoid directly connecting to the server level 1 in principle.
- t: u: unicast, b: broadcast, l: local clock
- when: the number of seconds since the last successful request.
- Poll: how often the local machine and remote server synchronize (in seconds). When NTP is initially running, the poll value will be relatively small and the frequency of synchronization with the server will increase. It is recommended to adjust to the correct time range as soon as possible. After adjustment, the poll value will gradually increase and the synchronization frequency will decrease accordingly.
- Reach: octal value, used to test whether it can connect to the server. Each time a successful connection is made, the value of reach will increase.
- delay: send the synchronization request from the local machine to the round trip time of the NTP server.
- Offset: the time offset between the host and the synchronized time source through NTP clock, in milliseconds (ms). The closer the offset is to 0, the closer the time between the host and the NTP server is.
- Jitter: the value used for statistics. Statistics the distribution of offset s in a specific number of consecutive connections. That is, the smaller the absolute value of the jitter value, the more accurate the time of the host.
Detailed explanation of remote status identification
- Empty: indicates a host without remote communication
- x: No longer used
- -: no longer used
- #: good remote node or server but not used
- +: good and preferred remote node or server
- *****: the remote node or server that is currently the priority primary synchronization object
- o: PPS node (when the priority node is valid). The actual system synchronization is derived from the pulse per second (PPS), which may be driven by the PPS clock or through the kernel interface
3, Client synchronization - ntpd mode
1. centos7
[root@centos7 ~]# vim /etc/ntp.conf #server 0.centos.pool.ntp.org iburst #server 1.centos.pool.ntp.org iburst #server 2.centos.pool.ntp.org iburst #server 3.centos.pool.ntp.org iburst server ntpserver iburst [root@centos7 ~]# vim /etc/hosts 172.27.9.131 ntpserver [root@centos7 ~]# systemctl enable ntpd [root@centos7 ~]# systemctl start ntpd [root@centos7 ~]# ntpq -p remote refid st t when poll reach delay offset jitter ============================================================================== *ntpserver 114.118.7.161 3 u 1 64 3 0.221 12.641 0.495 [root@centos7 ~]# ntpstat synchronised to NTP server (172.27.9.131) at stratum 4 time correct to within 1049 ms polling server every 64 s
2. ubuntu1604
root@ubuntu1604:~# view /etc/hosts 172.27.9.131 ntpserver root@ubuntu1604:~# apt install -y ntp root@ubuntu1604:~# view /etc/ntp.conf server ntpserver iburst root@ubuntu1604:~# systemctl enable ntp ntp.service is not a native service, redirecting to systemd-sysv-install Executing /lib/systemd/systemd-sysv-install enable ntp root@ubuntu1604:~# systemctl start ntp root@ubuntu1604:~# ntpq -p remote refid st t when poll reach delay offset jitter ============================================================================== *ntpserver 114.118.7.161 3 u 51 64 377 0.254 -4.194 1.090
4, Client synchronization -- ntpdate service mode
[root@centos ~]# sed -i.bak '/centos.pool.ntp.org/s/^/#/' /etc/ntp.conf [root@centos ~]# sed -i.bak '/driftfile/i server ntpserver iburst' /etc/ntp.conf [root@centos ~]# sed -i.bak '$a 172.27.9.131 ntpserver' /etc/hosts [root@centos ~]# systemctl enable ntpdate [root@centos ~]# systemctl start ntpdate
5, Client synchronization -- ntpdate command mode
[root@centos7 ~]# systemctl stop ntpd
[root@centos7 ~]# ntpdate ntpserver
7 Nov 16:33:02 ntpdate[2618]: adjust time server 172.27.9.131 offset -0.002048 sec
[root@centos7 ~]# crontab -l
0 1 * * * /usr/sbin/ntpdate ntpserver