chrony介绍和安装
1.chrony(时间同步服务)
1.1 chrony介绍
Chrony 是一个用于时间同步的软件,它旨在提供高精度的系统时钟同步。Chrony 软件包括一个 NTP(Network Time Protocol,网络时间协议)服务器和客户端,可以帮助计算机系统与网络时间服务器同步,以确保系统时钟的准确性。
以下是 Chrony 的一些关键特点和功能:
- 高精度时钟同步:Chrony 旨在提供比传统的 NTP 实现更高精度的时钟同步。它采用一些先进的算法和技术,例如平滑过渡和时钟漂移补偿,以确保系统时钟能够尽可能准确地与参考时间源同步。
- 网络时间协议支持:Chrony 支持 NTP 协议,可以与外部的 NTP 服务器进行通信,从而获取准确的时间信息。这使得计算机系统可以通过网络与可靠的时间源进行同步,以消除时钟漂移和误差。
- 灵活的配置选项:Chrony 提供了丰富的配置选项,允许管理员根据特定的需求和环境对时钟同步进行定制。管理员可以设置不同的 NTP 服务器、调整同步频率和优先级等参数。
- 容错和稳健性:Chrony 具有一定的容错机制,可以处理网络中断、临时不可用的时间服务器或其他异常情况。它可以自动调整同步策略,以确保系统时钟的稳定性和准确性。
- 系统时钟管理:除了作为 NTP 客户端,Chrony 还可以作为系统时钟管理工具,监视和调整系统时钟,以确保其精度和稳定性。
总之,Chrony 是一个功能强大的时间同步工具,适用于需要高精度时钟同步的计算机系统,尤其是对时间同步精度要求较高的服务器和网络设备。通过使用 Chrony,用户可以确保其系统时钟与外部时间源同步,从而提高计算机系统的时间准确性和稳定性。
chrony官网:https://chrony-project.org
chrony官方文档:https://chrony-project.org/documentation.html
1.2 chrony 文件组成
包:chrony
两个主要程序:chronyd和chronyc
- chronyd:后台运行的守护进程,用于调整内核中运行的系统时钟和时钟服务器同步。它确定计算机增减时间的比率,并对此进行补偿
- chronyc:命令行用户工具,用于监控性能并进行多样化的配置。它可以在chronyd实例控制的计算机上工作,也可在一台不同的远程计算机上工作
服务unit 文件: /usr/lib/systemd/system/chronyd.service
监听端口: 服务端: 123/udp,客户端: 323/udp
配置文件: /etc/chrony.conf
1.3 配置文件chrony.conf
server - 可用于时钟服务器,iburst 选项当服务器可达时,发送一个八个数据包而不是通常的一个数据包。 包间隔通常为2秒,可加快初始同步速度
driftfile - 根据实际时间计算出计算机增减时间的比率,将它记录到一个文件中,会在重启后为系统时钟作出补偿
rtcsync - 启用内核模式,系统时间每11分钟会拷贝到实时时钟(RTC)
allow / deny - 指定一台主机、子网,或者网络以允许或拒绝访问本服务器
cmdallow / cmddeny - 可以指定哪台主机可以通过chronyd使用控制命令
bindcmdaddress - 允许chronyd监听哪个接口来接收由chronyc执行的命令
makestep - 通常chronyd将根据需求通过减慢或加速时钟,使得系统逐步纠正所有时间偏差。在某些特定情况下,系统时钟可能会漂移过快,导致该调整过程消耗很长的时间来纠正系统时钟。该指令强制chronyd在调整期大于某个阀值时调整系统时钟
local stratum 10 - 即使server指令中时间服务器不可用,也允许将本地时间作为标准时间授时给其它客户端
2.chrony安装
2.1 主机初始化
2.1.1 设置网卡名和ip地址
Rocky 9和CentOS Stream 9:
bash
# Rocky 9和CentOS Stream 9默认支持修改网卡名。
[root@rocky9 ~]# grep 'plugins' /etc/NetworkManager/NetworkManager.conf
#plugins=keyfile,ifcfg-rh
# 因为网卡命名方式默认是keyfile,默认不支持修改网卡名,既然官方已经默认是keyfile那这里就不去更改网卡名了。
[root@rocky9 ~]# ETHNAME=`ip addr | awk -F"[ :]" '/^2/{print $3}'`
[root@rocky9 ~]# nmcli con delete ${ETHNAME} && nmcli connection add type ethernet con-name ${ETHNAME} ifname ${ETHNAME} ipv4.method manual ipv4.address "172.31.0.9/21" ipv4.gateway "172.31.0.2" ipv4.dns "223.5.5.5,180.76.76.76" autoconnect yes && nmcli con reload && nmcli con up ${ETHNAME}
# 172.31.0.9/21中172.31.0.9是ip地址,21是子网位数;172.31.0.2是网关地址;223.5.5.5, 180.76.76.76都是DNS,根据自己的需求修改。
[root@rocky9 ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:37:62:95 brd ff:ff:ff:ff:ff:ff
altname enp3s0
inet 172.31.0.9/21 brd 172.31.7.255 scope global noprefixroute ens160
valid_lft forever preferred_lft forever
inet6 fe80::51ca:fd5d:3552:677d/64 scope link noprefixroute
valid_lft forever preferred_lft forever
# 可以看到ip地址已修改。
Rocky 8、CentOS Stream 8和CentOS 7:
bash
# Rocky 8、CentOS Stream 8和CentOS 7支持修改网卡名。
[root@rocky8 ~]# grep 'plugins' /etc/NetworkManager/NetworkManager.conf
#plugins=ifcfg-rh
# 因为网卡命名方式默认是ifcfg-rh,支持修改网卡名。
# 修改网卡名称配置文件
[root@rocky8 ~]# sed -ri.bak '/^GRUB_CMDLINE_LINUX=/s@"$@ net.ifnames=0 biosdevname=0"@' /etc/default/grub
[root@rocky8 ~]# grub2-mkconfig -o /boot/grub2/grub.cfg
Generating grub configuration file ...
done
# 修改网卡文件名
[root@rocky8 ~]# ETHNAME=`ip addr | awk -F"[ :]" '/^2/{print $3}'`
[root@rocky8 ~]# mv /etc/sysconfig/network-scripts/ifcfg-${ETHNAME} /etc/sysconfig/network-scripts/ifcfg-eth0
[root@rocky8 ~]# shutdown -r now
[root@rocky8 ~]# nmcli dev
DEVICE TYPE STATE CONNECTION
eth0 ethernet connected Wired connection 1
lo loopback unmanaged --
# 可以看到CONNECTION的名字是Wired connection 1,要改名才可以下面设置。
[root@rocky8 ~]# ETHNAME=`ip addr | awk -F"[ :]" '/^2/{print $3}'`
[root@rocky8 ~]# nmcli connection modify "Wired connection 1" con-name ${ETHNAME}
[root@rocky8 ~]# nmcli dev
DEVICE TYPE STATE CONNECTION
eth0 ethernet connected eth0
lo loopback unmanaged --
# 修改ip地址
[root@rocky8 ~]# nmcli con delete ${ETHNAME} && nmcli connection add type ethernet con-name ${ETHNAME} ifname ${ETHNAME} ipv4.method manual ipv4.address "172.31.0.8/21" ipv4.gateway "172.31.0.2" ipv4.dns "223.5.5.5,180.76.76.76" autoconnect yes && nmcli con reload && nmcli dev up eth0
# 172.31.0.8/21中172.31.0.8是ip地址,21是子网位数;172.31.0.2是网关地址;223.5.5.5, 180.76.76.76都是DNS,根据自己的需求修改。
[root@rocky8 ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:6f:65:d3 brd ff:ff:ff:ff:ff:ff
altname enp3s0
altname ens160
inet 172.31.0.8/21 brd 172.31.7.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet6 fe80::e9c9:aa93:4a58:2cc2/64 scope link noprefixroute
valid_lft forever preferred_lft forever
# 重启系统后可以看到网卡名已经修改成eth0,ip地址也已修改。
Ubuntu:
bash
# Ubuntu先启用root用户,并设置密码
raymond@ubuntu2204:~$ cat set_root_login.sh
#!/bin/bash
read -p "请输入密码: " PASSWORD
echo ${PASSWORD} |sudo -S sed -ri 's@#(PermitRootLogin )prohibit-password@\1yes@' /etc/ssh/sshd_config
sudo systemctl restart sshd
sudo -S passwd root <<-EOF
${PASSWORD}
${PASSWORD}
EOF
raymond@ubuntu2204:~$ bash set_root_login.sh
请输入密码: 123456
[sudo] password for raymond: New password: Retype new password: passwd: password updated successfully
raymond@ubuntu2204:~$ rm -rf set_root_login.sh
# 使用root登陆,修改网卡名
root@ubuntu2204:~# sed -ri.bak '/^GRUB_CMDLINE_LINUX=/s@"$@net.ifnames=0 biosdevname=0"@' /etc/default/grub
root@ubuntu2204:~# grub-mkconfig -o /boot/grub/grub.cfg
Sourcing file `/etc/default/grub'
Sourcing file `/etc/default/grub.d/init-select.cfg'
Generating grub configuration file ...
Found linux image: /boot/vmlinuz-5.15.0-88-generic
Found initrd image: /boot/initrd.img-5.15.0-88-generic
Warning: os-prober will not be executed to detect other bootable partitions.
Systems on them will not be added to the GRUB boot configuration.
Check GRUB_DISABLE_OS_PROBER documentation entry.
done
# Ubuntu 20.04设置ip地址
root@ubuntu2004:~# cat > /etc/netplan/00-installer-config.yaml <<-EOF
network:
version: 2
renderer: networkd
ethernets:
eth0:
dhcp4: no
dhcp6: no
addresses: [172.31.0.20/21]
gateway4: 172.31.0.2
nameservers:
addresses: [223.5.5.5, 180.76.76.76]
EOF
# 说明:Ubuntu20.04网卡配置文件是00-installer-config.yaml;172.31.0.20/21中172.31.0.20是ip地址,21是子网位数;172.31.0.2是网关地址;223.5.5.5, 180.76.76.76都是DNS,根据自己的需求修改。
# Ubuntu 18.04设置ip地址
root@ubuntu1804:~# cat > /etc/netplan/01-netcfg.yaml <<-EOF
network:
version: 2
renderer: networkd
ethernets:
eth0:
dhcp4: no
dhcp6: no
addresses: [172.31.0.18/21]
gateway4: 172.31.0.2
nameservers:
addresses: [223.5.5.5, 180.76.76.76]
EOF
# 说明:Ubuntu18.04网卡配置文件是01-netcfg.yaml;172.31.0.18/21中172.31.0.18是ip地址,21是子网位数;172.31.0.2是网关地址;223.5.5.5, 180.76.76.76都是DNS,根据自己的需求修改。
root@ubuntu2004:~# shutdown -r now
root@ubuntu2004:~# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:e5:98:6f brd ff:ff:ff:ff:ff:ff
inet 172.31.0.20/21 brd 172.31.7.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fee5:986f/64 scope link
valid_lft forever preferred_lft forever
# 重启系统后可以看到网卡名已经修改成eth0,ip地址也已修改。
# Ubuntu 22.04设置ip地址
root@ubuntu2204:~# cat > /etc/netplan/00-installer-config.yaml <<-EOF
network:
version: 2
renderer: networkd
ethernets:
eth0:
dhcp4: no
dhcp6: no
addresses: [172.31.0.22/21]
routes:
- to: default
via: 172.31.0.2
nameservers:
addresses: [223.5.5.5, 180.76.76.76]
EOF
# 说明:Ubuntu 22.04网卡配置文件是00-installer-config.yaml;172.31.0.22/21中172.31.0.22是ip地址,21是子网位数;172.31.0.2是网关地址,Ubuntu 22.04设置网关地址的方法发生了改变,参考上面的方法;223.5.5.5, 180.76.76.76都是DNS,根据自己的需求修改。
root@ubuntu2204:~# shutdown -r now
# 重启后使用新设置的ip登陆
root@ubuntu2204:~# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:a7:be:f2 brd ff:ff:ff:ff:ff:ff
altname enp2s1
altname ens33
inet 172.31.0.22/21 brd 172.31.7.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fea7:bef2/64 scope link
valid_lft forever preferred_lft forever
# 重启系统后可以看到网卡名已经修改成eth0,ip地址也已修改。
2.1.2 配置镜像源
Rocky 8和9:
bash
MIRROR=mirrors.sjtug.sjtu.edu.cn
sed -i.bak -e 's|^mirrorlist=|#mirrorlist=|g' -e 's|^#baseurl=http://dl.rockylinux.org/$contentdir|baseurl=https://'${MIRROR}'/rocky|g' /etc/yum.repos.d/[Rr]ocky*.repo
dnf clean all && dnf makecache
CentOS Stream 9:
bash
cat update_mirror.pl
#!/usr/bin/perl
use strict;
use warnings;
use autodie;
# 要修改镜像源,请去修改url变量!
my $url = 'mirrors.aliyun.com';
my $mirrors = "https://$url/centos-stream";
if (@ARGV < 1) {
die "Usage: $0 <filename1> <filename2> ...\n";
}
while (my $filename = shift @ARGV) {
my $backup_filename = $filename . '.bak';
rename $filename, $backup_filename;
open my $input, "<", $backup_filename;
open my $output, ">", $filename;
while (<$input>) {
s/^metalink/# metalink/;
if (m/^name/) {
my (undef, $repo, $arch) = split /-/;
$repo =~ s/^\s+|\s+$//g;
($arch = defined $arch ? lc($arch) : '') =~ s/^\s+|\s+$//g;
if ($repo =~ /^Extras/) {
$_ .= "baseurl=${mirrors}/SIGs/\$releasever-stream/extras" . ($arch eq 'source' ? "/${arch}/" : "/\$basearch/") . "extras-common\n";
} else {
$_ .= "baseurl=${mirrors}/\$releasever-stream/$repo" . ($arch eq 'source' ? "/" : "/\$basearch/") . ($arch ne '' ? "${arch}/tree/" : "os") . "\n";
}
}
print $output $_;
}
}
rpm -q perl &> /dev/null || { echo -e "\\033[01;31m "安装perl工具,请稍等..."\033[0m";yum -y install perl ; }
perl ./update_mirror.pl /etc/yum.repos.d/centos*.repo
dnf clean all && dnf makecache
CentOS Stream 8:
bash
MIRROR=mirrors.aliyun.com
sed -i.bak -e 's|^mirrorlist=|#mirrorlist=|g' -e 's|^#baseurl=http://mirror.centos.org/$contentdir|baseurl=https://'${MIRROR}'/centos|g' /etc/yum.repos.d/CentOS-*.repo
dnf clean all && dnf makecache
CentOS 7:
bash
MIRROR=mirrors.aliyun.com
sed -i.bak -e 's|^mirrorlist=|#mirrorlist=|g' -e 's|^#baseurl=http://mirror.centos.org|baseurl=https://'${MIRROR}'|g' /etc/yum.repos.d/CentOS-*.repo
yum clean all && yum makecache
Ubuntu 22.04和20.04:
bash
MIRROR=mirrors.aliyun.com
OLD_MIRROR=`sed -rn "s@^deb http(.*)://(.*)/ubuntu/? $(lsb_release -cs) main.*@\2@p" /etc/apt/sources.list`
sed -i.bak 's/'${OLD_MIRROR}'/'${MIRROR}'/g' /etc/apt/sources.list
apt update
Ubuntu 18.04:
bash
MIRROR=mirrors.aliyun.com
OLD_MIRROR=`sed -rn "s@^deb http(.*)://(.*)/ubuntu/? $(lsb_release -cs) main.*@\2@p" /etc/apt/sources.list`
sed -i.bak 's/'${OLD_MIRROR}'/'${MIRROR}'/g' /etc/apt/sources.list
SECURITY_MIRROR=`sed -rn "s@^deb http(.*)://(.*)/ubuntu $(lsb_release -cs)-security main.*@\2@p" /etc/apt/sources.list`
sed -i.bak 's/'${SECURITY_MIRROR}'/'${MIRROR}'/g' /etc/apt/sources.list
apt update
2.1.3 关闭防火墙
bash
# Rocky和CentOS
systemctl disable --now firewalld
# CentOS 7
systemctl disable --now NetworkManager
# Ubuntu
systemctl disable --now ufw
2.1.4 禁用SELinux
bash
#CentOS
setenforce 0
sed -i 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/selinux/config
#Ubuntu
Ubuntu没有安装SELinux,不用设置
2.1.5 设置时区
bash
ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
echo 'Asia/Shanghai' >/etc/timezone
#Ubuntu还要设置下面内容
cat >> /etc/default/locale <<-EOF
LC_TIME=en_DK.UTF-8
EOF
2.2 实现私有的时间服务器
2.2.1 服务端配置
bash
[root@rocky9 ~]# hostname -I
172.31.0.9
# Rocky和CentOS
[root@rocky9 ~]# yum -y install chrony
# Ubuntu
apt -y install chrony
[root@rocky9 ~]# vim /etc/chrony.conf
-bash: vim: command not found
# Rocky和CentOS默认没有安装vim
# 安装vim
[root@rocky9 ~]# yum -y install vim
[root@rocky9 ~]# vim /etc/chrony.conf
# 下面是ntp服务器
server ntp.aliyun.com iburst
server time1.cloud.tencent.com iburst
server ntp.tuna.tsinghua.edu.cn iburst
# 把下面内容
#allow 192.168.0.0/16
# 修改为
allow 0.0.0.0/0 # 指定允许同步的网段
# 把下面内容去掉注释
#local stratum 10
# 修改为
local stratum 10 # 当互联网无法连接,仍然可以为客户端提供时间同步服务
# Rocky和CentOS使用下面命令直接替换
sed -i -e '/^pool.*/d' -e '/^server.*/d' -e '/^# Please consider .*/a\server ntp.aliyun.com iburst\nserver time1.cloud.tencent.com iburst\nserver ntp.tuna.tsinghua.edu.cn iburst' -e 's@^#allow.*@allow 0.0.0.0/0@' -e 's@^#local.*@local stratum 10@' /etc/chrony.conf
# Ubuntu使用下面命令替换
sed -i -e '/^pool.*/d' -e '/^# See http:.*/a\server ntp.aliyun.com iburst\nserver time1.cloud.tencent.com iburst\nserver ntp.tuna.tsinghua.edu.cn iburst' /etc/chrony/chrony.conf
[root@rocky9 ~]# systemctl restart chronyd
[root@rocky9 ~]# systemctl enable --now chronyd
[root@rocky9 ~]# ss -ntul
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
udp UNCONN 0 0 127.0.0.1:323 0.0.0.0:*
udp UNCONN 0 0 0.0.0.0:123 0.0.0.0:*
udp UNCONN 0 0 [::1]:323 [::]:*
tcp LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
tcp LISTEN 0 128 [::]:22 [::]:*
# 服务启动后会打开端口123/udp
[root@rocky9 ~]# chronyc sources -nv
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* 203.107.6.88 2 6 377 34 +1042us[+3109us] +/- 63ms # 带*(星号)表示是从这个时间服务器同步的时间。
^- 106.55.184.199 2 6 377 99 +5187us[+7169us] +/- 60ms
^? 101.6.6.172 0 8 0 - +0ns[ +0ns] +/- 0ns
2.2.2 客户端配置
bash
# Rocky和CentOS
[root@rocky8 ~]# yum -y install chrony
# Ubuntu
apt -y install chrony
[root@rocky8 ~]# vim /etc/chrony.conf
-bash: vim: command not found
# Rocky和CentOS默认没有安装vim
# 安装vim
[root@rocky8 ~]# yum -y install vim
[root@rocky8 ~]# vim /etc/chrony.conf
# 添加ntp服务端
server 172.31.0.9 iburst
# Rocky和CentOS使用下面命令直接替换
sed -i -e '/^pool.*/d' -e '/^server.*/d' -e '/^# Please consider .*/a\server 172.31.0.9 iburst' /etc/chrony.conf
# Ubuntu使用下面命令替换
sed -i -e '/^pool.*/d' -e '/^# See http:.*/a\server 172.31.0.9 iburst' /etc/chrony/chrony.conf
[root@rocky8 ~]# systemctl restart chronyd
[root@rocky8 ~]# systemctl enable --now chronyd
# 确认同步成功
[root@rocky8 ~]# chronyc sources -nv
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* 172.31.0.9 3 6 17 18 -47us[ +43us] +/- 60ms
# 带*(星号)表示是从这个时间服务器同步的时间。
2.3 一键安装chrony脚本
Shell脚本源码地址:
Gitee:https://gitee.com/raymond9/shell
Github:https://github.com/raymond999999/shell
可以去上面的Gitee或Github代码仓库拉取脚本。
2.3.1 一键安装chrony服务端脚本
bash
[root@rocky9 ~]# cat install_chrony_server_v2.sh
#!/bin/bash
#
#*************************************************************************************************************
#Author: Raymond
#QQ: 88563128
#Date: 2024-01-19
#FileName: install_chrony_server_v2.sh
#URL: raymond.blog.csdn.net
#Description: install_chrony_server for CentOS 7 & CentOS Stream 8/9 & Ubuntu 18.04/20.04/22.04 & Rocky 8/9
#Copyright (C): 2024 All rights reserved
#*************************************************************************************************************
COLOR="echo -e \\033[01;31m"
END='\033[0m'
os(){
OS_ID=`sed -rn '/^NAME=/s@.*="([[:alpha:]]+).*"$@\1@p' /etc/os-release`
}
install_chrony(){
if [ ${OS_ID} == "CentOS" -o ${OS_ID} == "Rocky" ] &> /dev/null;then
rpm -q chrony &> /dev/null || { ${COLOR}"安装chrony包,请稍等..."${END};yum -y install chrony &> /dev/null; }
sed -i -e '/^pool.*/d' -e '/^server.*/d' -e '/^# Please consider .*/a\server ntp.aliyun.com iburst\nserver time1.cloud.tencent.com iburst\nserver ntp.tuna.tsinghua.edu.cn iburst' -e 's@^#allow.*@allow 0.0.0.0/0@' -e 's@^#local.*@local stratum 10@' /etc/chrony.conf
systemctl restart chronyd && systemctl enable --now chronyd &> /dev/null
systemctl is-active chronyd &> /dev/null || { ${COLOR}"chrony 启动失败,退出!"${END} ; exit; }
${COLOR}"chrony安装完成"${END}
else
dpkg -s chrony &>/dev/null || { ${COLOR}"安装chrony包,请稍等..."${END};apt -y install chrony &> /dev/null; }
apt -y install chrony &> /dev/null
sed -i -e '/^pool.*/d' -e '/^# See http:.*/a\server ntp.aliyun.com iburst\nserver time1.cloud.tencent.com iburst\nserver ntp.tuna.tsinghua.edu.cn iburst' /etc/chrony/chrony.conf
echo "allow 0.0.0.0/0" >> /etc/chrony/chrony.conf
echo "local stratum 10" >> /etc/chrony/chrony.conf
systemctl restart chronyd && systemctl enable --now chronyd &> /dev/null
systemctl is-active chronyd &> /dev/null || { ${COLOR}"chrony 启动失败,退出!"${END} ; exit; }
${COLOR}"chrony安装完成"${END}
fi
}
main(){
os
install_chrony
}
main
2.3.2 一键安装chrony客户端脚本
bash
[root@rocky8 ~]# cat install_chrony_client_v2.sh
#!/bin/bash
#
#*************************************************************************************************************
#Author: Raymond
#QQ: 88563128
#Date: 2024-01-19
#FileName: install_chrony_client_v2.sh
#URL: raymond.blog.csdn.net
#Description: install_chrony_client for CentOS 7 & CentOS Stream 8/9 & Ubuntu 18.04/20.04/22.04 & Rocky 8/9
#Copyright (C): 2021 All rights reserved
#*************************************************************************************************************
COLOR="echo -e \\033[01;31m"
END='\033[0m'
SERVER=172.31.0.9
os(){
OS_ID=`sed -rn '/^NAME=/s@.*="([[:alpha:]]+).*"$@\1@p' /etc/os-release`
}
install_chrony(){
if [ ${OS_ID} == "CentOS" -o ${OS_ID} == "Rocky" ] &> /dev/null;then
rpm -q chrony &> /dev/null || { ${COLOR}"安装chrony包,请稍等..."${END};yum -y install chrony &> /dev/null; }
sed -i -e '/^pool.*/d' -e '/^server.*/d' -e '/^# Please consider .*/a\server '${SERVER}' iburst' /etc/chrony.conf
systemctl restart chronyd && systemctl enable --now chronyd &> /dev/null
systemctl is-active chronyd &> /dev/null || { ${COLOR}"chrony 启动失败,退出!"${END} ; exit; }
${COLOR}"chrony安装完成"${END}
else
dpkg -s chrony &>/dev/null || { ${COLOR}"安装chrony包,请稍等..."${END};apt -y install chrony &> /dev/null; }
sed -i -e '/^pool.*/d' -e '/^# See http:.*/a\server '${SERVER}' iburst' /etc/chrony/chrony.conf
systemctl restart chronyd && systemctl enable --now chronyd &> /dev/null
systemctl is-active chronyd &> /dev/null || { ${COLOR}"chrony 启动失败,退出!"${END} ; exit; }
${COLOR}"chrony安装完成"${END}
fi
}
main(){
os
install_chrony
}
main
ctive chronyd &> /dev/null || { C O L O R " c h r o n y 启动失败 , 退出 ! " {COLOR}"chrony 启动失败,退出!" COLOR"chrony启动失败,退出!"{END} ; exit; }
C O L O R " c h r o n y 安装完成 " {COLOR}"chrony安装完成" COLOR"chrony安装完成"{END}
else
dpkg -s chrony &>/dev/null || { C O L O R " 安装 c h r o n y 包,请稍等 . . . " {COLOR}"安装chrony包,请稍等..." COLOR"安装chrony包,请稍等..."{END};apt -y install chrony &> /dev/null; }
sed -i -e '/^pool./d' -e '/^# See http:. /a\server '${SERVER}' iburst' /etc/chrony/chrony.conf
systemctl restart chronyd && systemctl enable --now chronyd &> /dev/null
systemctl is-active chronyd &> /dev/null || { C O L O R " c h r o n y 启动失败 , 退出 ! " {COLOR}"chrony 启动失败,退出!" COLOR"chrony启动失败,退出!"{END} ; exit; }
C O L O R " c h r o n y 安装完成 " {COLOR}"chrony安装完成" COLOR"chrony安装完成"{END}
fi
}
main(){
os
install_chrony
}
main