本文分享自天翼云开发者社区《chrony时间同步软件介绍》，作者：刘****苏

chrony是网络时间协议NTP的通用实现，它可以将系统时钟和`NTP服务器同步。它支持在各种条件下包括间歇性的网络连接、严重阻塞的网络、不断变化的温度以及支持不连续的运行并且可以运行于虚机上。

本文介绍chrony工具的安装和使用，包括两个节点：一个作为时间服务器，另一个作为客户端。

执行如下命令来安装chrony：

``` [root@kvm ~]# yum install chrony [root@kvm ~]# rpm -ql chrony /etc/NetworkManager/dispatcher.d/20-chrony-dhcp /etc/NetworkManager/dispatcher.d/20-chrony-onoffline /etc/chrony.conf /etc/chrony.keys /etc/dhcp/dhclient.d/chrony.sh /etc/logrotate.d/chrony /etc/sysconfig/chronyd /usr/bin/chronyc /usr/lib/.build-id /usr/lib/.build-id/38 /usr/lib/.build-id/38/1d3a324ce66865ba879dfa43d49e0e0c1e2c41 /usr/lib/.build-id/43 /usr/lib/.build-id/43/444c816fcf0802c43011f282afaf9feded4c56 /usr/lib/systemd/ntp-units.d/50-chronyd.list /usr/lib/systemd/system/chrony-dnssrv@.service /usr/lib/systemd/system/chrony-dnssrv@.timer /usr/lib/systemd/system/chrony-wait.service /usr/lib/systemd/system/chronyd.service /usr/libexec/chrony-helper /usr/sbin/chronyd /usr/share/doc/chrony /usr/share/doc/chrony/FAQ /usr/share/doc/chrony/NEWS /usr/share/doc/chrony/README /usr/share/doc/chrony/ntp2chrony.py /usr/share/licenses/chrony /usr/share/licenses/chrony/COPYING /usr/share/man/man1/chronyc.1.gz /usr/share/man/man5/chrony.conf.5.gz /usr/share/man/man8/chronyd.8.gz /var/lib/chrony /var/lib/chrony/drift /var/lib/chrony/rtc /var/log/chrony

如下所示为配置文件：

[root@kvm ~]# cat /etc/chrony.conf pool 2.centos.pool.ntp.org iburst

Record the rate at which the system clock gains/losses time.

driftfile /var/lib/chrony/drift

Allow the system clock to be stepped in the first three updates

if its offset is larger than 1 second.

makestep 1.0 3

Enable kernel synchronization of the real-time clock (RTC).

rtcsync

Enable hardware timestamping on all interfaces that support it.

#hwtimestamp *

Increase the minimum number of selectable sources required to adjust

the system clock.

#minsources 2

Allow NTP client access from local network.

allow 0/0

Serve time even if not synchronized to a time source.

local stratum 10

Specify file containing keys for NTP authentication.

keyfile /etc/chrony.keys

Get TAI-UTC offset and leap seconds from the system tz database.

leapsectz right/UTC

Specify directory for log files.

logdir /var/log/chrony

Select which information is logged.

#log measurements statistics tracking

其中：
pool：为外部时钟源地址
rtcsync：开启硬件时钟的同步机制，linux内核每11分钟同步一次系统时钟到硬件时钟
local stratum 10：当外部时钟源不可用的时候，以本机时钟为准继续提供服务
allow 0/0：允许的客户端的cidr
启动服务后查看状态：

[root@kvm ]# systemctl start chronyd [root@kvm ~]# [root@kvm ~]# [root@kvm ~]# systemctl status chronyd ● chronyd.service - NTP client/server Loaded: loaded (/usr/lib/systemd/system/chronyd.service; enabled; vendor preset: enabled) Active: active (running) since Fri 2023-09-08 19:02:50 CST; 2min 43s left Docs: man:chronyd(8) man:chrony.conf(5) Process: 11542 ExecStopPost=/usr/libexec/chrony-helper remove-daemon-state (code=exited, status=0/SUCCESS) Process: 11552 ExecStartPost=/usr/libexec/chrony-helper update-daemon (code=exited, status=0/SUCCESS) Process: 11547 ExecStart=/usr/sbin/chronyd $OPTIONS (code=exited, status=0/SUCCESS) Main PID: 11550 (chronyd) Tasks: 1 (limit: 52427) Memory: 924.0K CGroup: /system.slice/chronyd.service └─11550 /usr/sbin/chronyd Sep 08 19:02:50 kvm chronyd[11550]: chronyd version 4.2 starting (+CMDMON +NTP +REFCLOCK +RTC +PRIVDROP +SCFILTER +SIGND +ASYNCDNS +NTS +SECHASH +IPV6 +DEBUG) Sep 08 19:02:50 kvm chronyd[11550]: Frequency 1.633 +/- 0.046 ppm read from /var/lib/chrony/drift Sep 08 19:02:50 kvm chronyd[11550]: Using right/UTC timezone to obtain leap second data Sep 08 19:02:50 kvm systemd[1]: Started NTP client/server. Sep 08 19:02:55 kvm chronyd[11550]: Selected source 36.110.233.85 (2.centos.pool.ntp.org) Sep 08 19:02:55 kvm chronyd[11550]: System clock wrong by -791.549636 seconds Sep 08 18:49:44 kvm chronyd[11550]: System clock was stepped by -791.549636 seconds Sep 08 18:49:44 kvm chronyd[11550]: System clock TAI offset set to 37 seconds Sep 08 18:50:49 kvm chronyd[11550]: Selected source 119.28.206.193 (2.centos.pool.ntp.org) Sep 08 18:54:07 kvm chronyd[11550]: Source 81.16.177.123 replaced with 78.46.102.180 (2.centos.pool.ntp.org) [root@kvm ~]# [root@kvm ~]# netstat -tunlp |grep chrony udp 0 0 0.0.0.0:123 0.0.0.0:* 11550/chronyd udp 0 0 127.0.0.1:323 0.0.0.0:* 11550/chronyd udp6 0 0 ::1:323 :::* 11550/chronyd [root@kvm ~]# [root@kvm ~]# chronyc sources -v .-- Source mode '^' = server, '=' = peer, '#' = local clock. / .- Source state '*' = current best, '+' = combined, '-' = not combined, | / 'x' = may be in error, '' = too variable, '?' = unusable. || .- xxxx [ yyyy ] +/- zzzz || Reachability register (octal) -. | xxxx = adjusted offset, || Log2(Polling interval) --. | | yyyy = measured offset, || \ | | zzzz = estimated error. || | |
MS Name/IP address Stratum Poll Reach LastRx Last sample =============================================================================== ^- 79.133.44.136 1 6 377 56 -10ms[ -10ms] +/- 138ms ^- electrode.felixc.at 2 6 33 55 +17ms[ +17ms] +/- 119ms ^* 119.28.206.193 2 6 377 60 +1706us[+2327us] +/- 40ms ^+ 36.110.233.85 2 6 377 58 -1324us[-1324us] +/- 68ms

chrony守护进程监听在udp协议的123和323端口。
客户端节点上安装好chrony后，修改配置文件如下所示：

[root@node1 ~]# cat /etc/chrony.conf server 172.24.21.221 iburst

Record the rate at which the system clock gains/losses time.

driftfile /var/lib/chrony/drift

Allow the system clock to be stepped in the first three updates

if its offset is larger than 1 second.

makestep 3600 3

Enable kernel synchronization of the real-time clock (RTC).

rtcsync

Enable hardware timestamping on all interfaces that support it.

#hwtimestamp *

Increase the minimum number of selectable sources required to adjust

the system clock.

#minsources 2

Allow NTP client access from local network.

#allow 192.168.0.0/16

Serve time even if not synchronized to a time source.

#local stratum 10

Specify file containing keys for NTP authentication.

#keyfile /etc/chrony.keys

Specify directory for log files.

logdir /var/log/chrony

Select which information is logged.

#log measurements statistics tracking

查看状态：

[root@node1 ]# chronyc sources -v 210 Number of sources = 1 .-- Source mode '^' = server, '=' = peer, '#' = local clock. / .- Source state '*' = current synced, '+' = combined , '-' = not combined, | / '?' = unreachable, 'x' = time may be in error, '' = time too variable. || .- xxxx [ yyyy ] +/- zzzz || Reachability register (octal) -. | xxxx = adjusted offset, || Log2(Polling interval) --. | | yyyy = measured offset, || \ | | zzzz = estimated error. || | |
MS Name/IP address Stratum Poll Reach LastRx Last sample =============================================================================== ^* 172.24.21.221 3 6 377 37 -7753ns[ +140us] +/- 29ms

``` chrony默认是采用连续同步的方式来同步时钟的，并非采用跳变的方式。

Record the rate at which the system clock gains/losses time.

Allow the system clock to be stepped in the first three updates

if its offset is larger than 1 second.

Enable kernel synchronization of the real-time clock (RTC).

Enable hardware timestamping on all interfaces that support it.

Increase the minimum number of selectable sources required to adjust

the system clock.

Allow NTP client access from local network.

Serve time even if not synchronized to a time source.

Specify file containing keys for NTP authentication.

Get TAI-UTC offset and leap seconds from the system tz database.

Specify directory for log files.

Select which information is logged.

Record the rate at which the system clock gains/losses time.

Allow the system clock to be stepped in the first three updates

if its offset is larger than 1 second.

Enable kernel synchronization of the real-time clock (RTC).

Enable hardware timestamping on all interfaces that support it.

Increase the minimum number of selectable sources required to adjust

the system clock.

Allow NTP client access from local network.

Serve time even if not synchronized to a time source.

Specify file containing keys for NTP authentication.

Specify directory for log files.

Select which information is logged.

Java synchronized同步关键字背后的原理与源码实现

Android进阶之音视频技术

热门文章