chrony介绍和安装

chrony介绍和安装

1.chrony(时间同步服务)

1.1 chrony介绍

Chrony 是一个用于时间同步的软件,它旨在提供高精度的系统时钟同步。Chrony 软件包括一个 NTP(Network Time Protocol,网络时间协议)服务器和客户端,可以帮助计算机系统与网络时间服务器同步,以确保系统时钟的准确性。

以下是 Chrony 的一些关键特点和功能:

  1. 高精度时钟同步:Chrony 旨在提供比传统的 NTP 实现更高精度的时钟同步。它采用一些先进的算法和技术,例如平滑过渡和时钟漂移补偿,以确保系统时钟能够尽可能准确地与参考时间源同步。
  2. 网络时间协议支持:Chrony 支持 NTP 协议,可以与外部的 NTP 服务器进行通信,从而获取准确的时间信息。这使得计算机系统可以通过网络与可靠的时间源进行同步,以消除时钟漂移和误差。
  3. 灵活的配置选项:Chrony 提供了丰富的配置选项,允许管理员根据特定的需求和环境对时钟同步进行定制。管理员可以设置不同的 NTP 服务器、调整同步频率和优先级等参数。
  4. 容错和稳健性:Chrony 具有一定的容错机制,可以处理网络中断、临时不可用的时间服务器或其他异常情况。它可以自动调整同步策略,以确保系统时钟的稳定性和准确性。
  5. 系统时钟管理:除了作为 NTP 客户端,Chrony 还可以作为系统时钟管理工具,监视和调整系统时钟,以确保其精度和稳定性。

总之,Chrony 是一个功能强大的时间同步工具,适用于需要高精度时钟同步的计算机系统,尤其是对时间同步精度要求较高的服务器和网络设备。通过使用 Chrony,用户可以确保其系统时钟与外部时间源同步,从而提高计算机系统的时间准确性和稳定性。

chrony官网:https://chrony-project.org

chrony官方文档:https://chrony-project.org/documentation.html

1.2 chrony 文件组成

包:chrony

两个主要程序:chronyd和chronyc

  • chronyd:后台运行的守护进程,用于调整内核中运行的系统时钟和时钟服务器同步。它确定计算机增减时间的比率,并对此进行补偿
  • chronyc:命令行用户工具,用于监控性能并进行多样化的配置。它可以在chronyd实例控制的计算机上工作,也可在一台不同的远程计算机上工作

服务unit 文件: /usr/lib/systemd/system/chronyd.service

监听端口: 服务端: 123/udp,客户端: 323/udp

配置文件: /etc/chrony.conf

1.3 配置文件chrony.conf

server - 可用于时钟服务器,iburst 选项当服务器可达时,发送一个八个数据包而不是通常的一个数据包。 包间隔通常为2秒,可加快初始同步速度

driftfile - 根据实际时间计算出计算机增减时间的比率,将它记录到一个文件中,会在重启后为系统时钟作出补偿

rtcsync - 启用内核模式,系统时间每11分钟会拷贝到实时时钟(RTC)

allow / deny - 指定一台主机、子网,或者网络以允许或拒绝访问本服务器

cmdallow / cmddeny - 可以指定哪台主机可以通过chronyd使用控制命令

bindcmdaddress - 允许chronyd监听哪个接口来接收由chronyc执行的命令

makestep - 通常chronyd将根据需求通过减慢或加速时钟,使得系统逐步纠正所有时间偏差。在某些特定情况下,系统时钟可能会漂移过快,导致该调整过程消耗很长的时间来纠正系统时钟。该指令强制chronyd在调整期大于某个阀值时调整系统时钟

local stratum 10 - 即使server指令中时间服务器不可用,也允许将本地时间作为标准时间授时给其它客户端

2.chrony安装

2.1 主机初始化

2.1.1 设置网卡名和ip地址

Rocky 9和CentOS Stream 9:

bash 复制代码
# Rocky 9和CentOS Stream 9默认支持修改网卡名。
[root@rocky9 ~]# grep 'plugins' /etc/NetworkManager/NetworkManager.conf 
#plugins=keyfile,ifcfg-rh
# 因为网卡命名方式默认是keyfile,默认不支持修改网卡名,既然官方已经默认是keyfile那这里就不去更改网卡名了。

[root@rocky9 ~]# ETHNAME=`ip addr | awk -F"[ :]" '/^2/{print $3}'`

[root@rocky9 ~]# nmcli con delete ${ETHNAME} && nmcli connection add type ethernet con-name ${ETHNAME} ifname ${ETHNAME} ipv4.method manual ipv4.address "172.31.0.9/21" ipv4.gateway "172.31.0.2" ipv4.dns "223.5.5.5,180.76.76.76" autoconnect yes && nmcli con reload && nmcli con up ${ETHNAME}
# 172.31.0.9/21中172.31.0.9是ip地址,21是子网位数;172.31.0.2是网关地址;223.5.5.5, 180.76.76.76都是DNS,根据自己的需求修改。

[root@rocky9 ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:0c:29:37:62:95 brd ff:ff:ff:ff:ff:ff
    altname enp3s0
    inet 172.31.0.9/21 brd 172.31.7.255 scope global noprefixroute ens160
       valid_lft forever preferred_lft forever
    inet6 fe80::51ca:fd5d:3552:677d/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
# 可以看到ip地址已修改。

Rocky 8、CentOS Stream 8和CentOS 7:

bash 复制代码
# Rocky 8、CentOS Stream 8和CentOS 7支持修改网卡名。
[root@rocky8 ~]# grep 'plugins' /etc/NetworkManager/NetworkManager.conf 
#plugins=ifcfg-rh
# 因为网卡命名方式默认是ifcfg-rh,支持修改网卡名。

# 修改网卡名称配置文件
[root@rocky8 ~]# sed -ri.bak '/^GRUB_CMDLINE_LINUX=/s@"$@ net.ifnames=0 biosdevname=0"@' /etc/default/grub
[root@rocky8 ~]# grub2-mkconfig -o /boot/grub2/grub.cfg
Generating grub configuration file ...
done

# 修改网卡文件名
[root@rocky8 ~]# ETHNAME=`ip addr | awk -F"[ :]" '/^2/{print $3}'`
[root@rocky8 ~]# mv /etc/sysconfig/network-scripts/ifcfg-${ETHNAME} /etc/sysconfig/network-scripts/ifcfg-eth0

[root@rocky8 ~]# shutdown -r now


[root@rocky8 ~]# nmcli dev
DEVICE  TYPE      STATE      CONNECTION         
eth0    ethernet  connected  Wired connection 1 
lo      loopback  unmanaged  --
# 可以看到CONNECTION的名字是Wired connection 1,要改名才可以下面设置。

[root@rocky8 ~]# ETHNAME=`ip addr | awk -F"[ :]" '/^2/{print $3}'`

[root@rocky8 ~]# nmcli connection modify "Wired connection 1" con-name ${ETHNAME}
[root@rocky8 ~]# nmcli dev
DEVICE  TYPE      STATE      CONNECTION 
eth0    ethernet  connected  eth0       
lo      loopback  unmanaged  --  

# 修改ip地址
[root@rocky8 ~]# nmcli con delete ${ETHNAME} && nmcli connection add type ethernet con-name ${ETHNAME} ifname ${ETHNAME} ipv4.method manual ipv4.address "172.31.0.8/21" ipv4.gateway "172.31.0.2" ipv4.dns "223.5.5.5,180.76.76.76" autoconnect yes && nmcli con reload && nmcli dev up eth0
# 172.31.0.8/21中172.31.0.8是ip地址,21是子网位数;172.31.0.2是网关地址;223.5.5.5, 180.76.76.76都是DNS,根据自己的需求修改。

[root@rocky8 ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:0c:29:6f:65:d3 brd ff:ff:ff:ff:ff:ff
    altname enp3s0
    altname ens160
    inet 172.31.0.8/21 brd 172.31.7.255 scope global noprefixroute eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::e9c9:aa93:4a58:2cc2/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
# 重启系统后可以看到网卡名已经修改成eth0,ip地址也已修改。

Ubuntu:

bash 复制代码
# Ubuntu先启用root用户,并设置密码
raymond@ubuntu2204:~$ cat set_root_login.sh 
#!/bin/bash

read -p "请输入密码: " PASSWORD
echo ${PASSWORD} |sudo -S sed -ri 's@#(PermitRootLogin )prohibit-password@\1yes@' /etc/ssh/sshd_config
sudo systemctl restart sshd
sudo -S passwd root <<-EOF
${PASSWORD}
${PASSWORD}
EOF

raymond@ubuntu2204:~$ bash set_root_login.sh 
请输入密码: 123456
[sudo] password for raymond: New password: Retype new password: passwd: password updated successfully

raymond@ubuntu2204:~$ rm -rf set_root_login.sh

# 使用root登陆,修改网卡名
root@ubuntu2204:~# sed -ri.bak '/^GRUB_CMDLINE_LINUX=/s@"$@net.ifnames=0 biosdevname=0"@' /etc/default/grub
root@ubuntu2204:~# grub-mkconfig -o /boot/grub/grub.cfg
Sourcing file `/etc/default/grub'
Sourcing file `/etc/default/grub.d/init-select.cfg'
Generating grub configuration file ...
Found linux image: /boot/vmlinuz-5.15.0-88-generic
Found initrd image: /boot/initrd.img-5.15.0-88-generic
Warning: os-prober will not be executed to detect other bootable partitions.
Systems on them will not be added to the GRUB boot configuration.
Check GRUB_DISABLE_OS_PROBER documentation entry.
done

# Ubuntu 20.04设置ip地址
root@ubuntu2004:~# cat > /etc/netplan/00-installer-config.yaml <<-EOF
network:
  version: 2
  renderer: networkd
  ethernets:
    eth0:
      dhcp4: no
      dhcp6: no
      addresses: [172.31.0.20/21] 
      gateway4: 172.31.0.2
      nameservers:
        addresses: [223.5.5.5, 180.76.76.76]
EOF
# 说明:Ubuntu20.04网卡配置文件是00-installer-config.yaml;172.31.0.20/21中172.31.0.20是ip地址,21是子网位数;172.31.0.2是网关地址;223.5.5.5, 180.76.76.76都是DNS,根据自己的需求修改。

# Ubuntu 18.04设置ip地址
root@ubuntu1804:~# cat > /etc/netplan/01-netcfg.yaml <<-EOF
network:
  version: 2
  renderer: networkd
  ethernets:
    eth0:
      dhcp4: no
      dhcp6: no
      addresses: [172.31.0.18/21] 
      gateway4: 172.31.0.2
      nameservers:
        addresses: [223.5.5.5, 180.76.76.76]
EOF
# 说明:Ubuntu18.04网卡配置文件是01-netcfg.yaml;172.31.0.18/21中172.31.0.18是ip地址,21是子网位数;172.31.0.2是网关地址;223.5.5.5, 180.76.76.76都是DNS,根据自己的需求修改。

root@ubuntu2004:~# shutdown -r now

root@ubuntu2004:~# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 00:0c:29:e5:98:6f brd ff:ff:ff:ff:ff:ff
    inet 172.31.0.20/21 brd 172.31.7.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fee5:986f/64 scope link 
       valid_lft forever preferred_lft forever
# 重启系统后可以看到网卡名已经修改成eth0,ip地址也已修改。

# Ubuntu 22.04设置ip地址
root@ubuntu2204:~# cat > /etc/netplan/00-installer-config.yaml <<-EOF
network:
  version: 2
  renderer: networkd
  ethernets:
    eth0:
      dhcp4: no
      dhcp6: no
      addresses: [172.31.0.22/21]
      routes:
        - to: default
          via: 172.31.0.2
      nameservers:
        addresses: [223.5.5.5, 180.76.76.76]
EOF
# 说明:Ubuntu 22.04网卡配置文件是00-installer-config.yaml;172.31.0.22/21中172.31.0.22是ip地址,21是子网位数;172.31.0.2是网关地址,Ubuntu 22.04设置网关地址的方法发生了改变,参考上面的方法;223.5.5.5, 180.76.76.76都是DNS,根据自己的需求修改。

root@ubuntu2204:~# shutdown -r now

# 重启后使用新设置的ip登陆
root@ubuntu2204:~# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 00:0c:29:a7:be:f2 brd ff:ff:ff:ff:ff:ff
    altname enp2s1
    altname ens33
    inet 172.31.0.22/21 brd 172.31.7.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fea7:bef2/64 scope link 
       valid_lft forever preferred_lft forever
# 重启系统后可以看到网卡名已经修改成eth0,ip地址也已修改。

2.1.2 配置镜像源

Rocky 8和9:

bash 复制代码
MIRROR=mirrors.sjtug.sjtu.edu.cn
sed -i.bak -e 's|^mirrorlist=|#mirrorlist=|g' -e 's|^#baseurl=http://dl.rockylinux.org/$contentdir|baseurl=https://'${MIRROR}'/rocky|g' /etc/yum.repos.d/[Rr]ocky*.repo

dnf clean all && dnf makecache

CentOS Stream 9:

bash 复制代码
cat update_mirror.pl
#!/usr/bin/perl

use strict;
use warnings;
use autodie;

# 要修改镜像源,请去修改url变量!
my $url = 'mirrors.aliyun.com';
my $mirrors = "https://$url/centos-stream";

if (@ARGV < 1) {
    die "Usage: $0 <filename1> <filename2> ...\n";
}

while (my $filename = shift @ARGV) {
    my $backup_filename = $filename . '.bak';
    rename $filename, $backup_filename;

    open my $input, "<", $backup_filename;
    open my $output, ">", $filename;

    while (<$input>) {
        s/^metalink/# metalink/;

        if (m/^name/) {
            my (undef, $repo, $arch) = split /-/;
            $repo =~ s/^\s+|\s+$//g;
            ($arch = defined $arch ? lc($arch) : '') =~ s/^\s+|\s+$//g;

            if ($repo =~ /^Extras/) {
                $_ .= "baseurl=${mirrors}/SIGs/\$releasever-stream/extras" . ($arch eq 'source' ? "/${arch}/" : "/\$basearch/") . "extras-common\n";
            } else {
                $_ .= "baseurl=${mirrors}/\$releasever-stream/$repo" . ($arch eq 'source' ? "/" : "/\$basearch/") . ($arch ne '' ? "${arch}/tree/" : "os") . "\n";
            }
        }

        print $output $_;
    }
}

rpm -q perl &> /dev/null || { echo -e "\\033[01;31m "安装perl工具,请稍等..."\033[0m";yum -y install perl ; }

perl ./update_mirror.pl /etc/yum.repos.d/centos*.repo

dnf clean all && dnf makecache

CentOS Stream 8:

bash 复制代码
MIRROR=mirrors.aliyun.com
sed -i.bak -e 's|^mirrorlist=|#mirrorlist=|g' -e 's|^#baseurl=http://mirror.centos.org/$contentdir|baseurl=https://'${MIRROR}'/centos|g' /etc/yum.repos.d/CentOS-*.repo

dnf clean all && dnf makecache

CentOS 7:

bash 复制代码
MIRROR=mirrors.aliyun.com
sed -i.bak -e 's|^mirrorlist=|#mirrorlist=|g' -e 's|^#baseurl=http://mirror.centos.org|baseurl=https://'${MIRROR}'|g' /etc/yum.repos.d/CentOS-*.repo

yum clean all && yum makecache

Ubuntu 22.04和20.04:

bash 复制代码
MIRROR=mirrors.aliyun.com
OLD_MIRROR=`sed -rn "s@^deb http(.*)://(.*)/ubuntu/? $(lsb_release -cs) main.*@\2@p" /etc/apt/sources.list`

sed -i.bak 's/'${OLD_MIRROR}'/'${MIRROR}'/g' /etc/apt/sources.list

apt update

Ubuntu 18.04:

bash 复制代码
MIRROR=mirrors.aliyun.com
OLD_MIRROR=`sed -rn "s@^deb http(.*)://(.*)/ubuntu/? $(lsb_release -cs) main.*@\2@p" /etc/apt/sources.list`

sed -i.bak 's/'${OLD_MIRROR}'/'${MIRROR}'/g' /etc/apt/sources.list

SECURITY_MIRROR=`sed -rn "s@^deb http(.*)://(.*)/ubuntu $(lsb_release -cs)-security main.*@\2@p" /etc/apt/sources.list`

sed -i.bak 's/'${SECURITY_MIRROR}'/'${MIRROR}'/g' /etc/apt/sources.list

apt update

2.1.3 关闭防火墙

bash 复制代码
# Rocky和CentOS
systemctl disable --now firewalld

# CentOS 7
systemctl disable --now NetworkManager

# Ubuntu
systemctl disable --now ufw

2.1.4 禁用SELinux

bash 复制代码
#CentOS
setenforce 0
sed -i 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/selinux/config

#Ubuntu
Ubuntu没有安装SELinux,不用设置

2.1.5 设置时区

bash 复制代码
ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
echo 'Asia/Shanghai' >/etc/timezone

#Ubuntu还要设置下面内容
cat >> /etc/default/locale <<-EOF
LC_TIME=en_DK.UTF-8
EOF

2.2 实现私有的时间服务器

2.2.1 服务端配置

bash 复制代码
[root@rocky9 ~]# hostname -I
172.31.0.9

# Rocky和CentOS
[root@rocky9 ~]# yum -y install chrony

# Ubuntu
apt -y install chrony

[root@rocky9 ~]# vim /etc/chrony.conf
-bash: vim: command not found
# Rocky和CentOS默认没有安装vim

# 安装vim
[root@rocky9 ~]# yum -y install vim

[root@rocky9 ~]# vim /etc/chrony.conf
# 下面是ntp服务器
server ntp.aliyun.com iburst
server time1.cloud.tencent.com iburst
server ntp.tuna.tsinghua.edu.cn iburst

# 把下面内容
#allow 192.168.0.0/16
# 修改为
allow 0.0.0.0/0 # 指定允许同步的网段

# 把下面内容去掉注释
#local stratum 10
# 修改为
local stratum 10 # 当互联网无法连接,仍然可以为客户端提供时间同步服务

# Rocky和CentOS使用下面命令直接替换
sed -i -e '/^pool.*/d' -e '/^server.*/d' -e '/^# Please consider .*/a\server ntp.aliyun.com iburst\nserver time1.cloud.tencent.com iburst\nserver ntp.tuna.tsinghua.edu.cn iburst' -e 's@^#allow.*@allow 0.0.0.0/0@' -e 's@^#local.*@local stratum 10@' /etc/chrony.conf

# Ubuntu使用下面命令替换
sed -i -e '/^pool.*/d' -e '/^# See http:.*/a\server ntp.aliyun.com iburst\nserver time1.cloud.tencent.com iburst\nserver ntp.tuna.tsinghua.edu.cn iburst' /etc/chrony/chrony.conf


[root@rocky9 ~]# systemctl restart chronyd
[root@rocky9 ~]# systemctl enable --now chronyd

[root@rocky9 ~]# ss -ntul
Netid      State       Recv-Q      Send-Q            Local Address:Port             Peer Address:Port      Process      
udp        UNCONN      0           0                     127.0.0.1:323                   0.0.0.0:*                      
udp        UNCONN      0           0                       0.0.0.0:123                   0.0.0.0:*                      
udp        UNCONN      0           0                         [::1]:323                      [::]:*                      
tcp        LISTEN      0           128                     0.0.0.0:22                    0.0.0.0:*                      
tcp        LISTEN      0           128                        [::]:22                       [::]:* 
# 服务启动后会打开端口123/udp

[root@rocky9 ~]# chronyc sources -nv
MS Name/IP address         Stratum Poll Reach LastRx Last sample               
===============================================================================
^* 203.107.6.88                  2   6   377    34  +1042us[+3109us] +/-   63ms # 带*(星号)表示是从这个时间服务器同步的时间。
^- 106.55.184.199                2   6   377    99  +5187us[+7169us] +/-   60ms
^? 101.6.6.172                   0   8     0     -     +0ns[   +0ns] +/-    0ns

2.2.2 客户端配置

bash 复制代码
# Rocky和CentOS
[root@rocky8 ~]# yum -y install chrony
# Ubuntu
apt -y install chrony

[root@rocky8 ~]# vim /etc/chrony.conf
-bash: vim: command not found
# Rocky和CentOS默认没有安装vim

# 安装vim
[root@rocky8 ~]# yum -y install vim

[root@rocky8 ~]# vim /etc/chrony.conf
# 添加ntp服务端
server 172.31.0.9 iburst

# Rocky和CentOS使用下面命令直接替换
sed -i -e '/^pool.*/d' -e '/^server.*/d' -e '/^# Please consider .*/a\server 172.31.0.9 iburst' /etc/chrony.conf

# Ubuntu使用下面命令替换
sed -i -e '/^pool.*/d' -e '/^# See http:.*/a\server 172.31.0.9 iburst' /etc/chrony/chrony.conf

[root@rocky8 ~]# systemctl restart chronyd
[root@rocky8 ~]# systemctl enable --now chronyd

# 确认同步成功
[root@rocky8 ~]# chronyc sources -nv
MS Name/IP address         Stratum Poll Reach LastRx Last sample               
===============================================================================
^* 172.31.0.9                    3   6    17    18    -47us[  +43us] +/-   60ms
# 带*(星号)表示是从这个时间服务器同步的时间。

2.3 一键安装chrony脚本

Shell脚本源码地址:

Gitee:https://gitee.com/raymond9/shell

Github:https://github.com/raymond999999/shell

可以去上面的Gitee或Github代码仓库拉取脚本。

2.3.1 一键安装chrony服务端脚本

bash 复制代码
[root@rocky9 ~]# cat install_chrony_server_v2.sh
#!/bin/bash
#
#*************************************************************************************************************
#Author:        Raymond
#QQ:            88563128
#Date:          2024-01-19
#FileName:      install_chrony_server_v2.sh
#URL:           raymond.blog.csdn.net
#Description:   install_chrony_server for CentOS 7 & CentOS Stream 8/9 & Ubuntu 18.04/20.04/22.04 & Rocky 8/9
#Copyright (C): 2024 All rights reserved
#*************************************************************************************************************
COLOR="echo -e \\033[01;31m"
END='\033[0m'

os(){
    OS_ID=`sed -rn '/^NAME=/s@.*="([[:alpha:]]+).*"$@\1@p' /etc/os-release`
}

install_chrony(){
    if [ ${OS_ID} == "CentOS" -o ${OS_ID} == "Rocky" ] &> /dev/null;then
        rpm -q chrony &> /dev/null || { ${COLOR}"安装chrony包,请稍等..."${END};yum -y install chrony &> /dev/null; }
        sed -i -e '/^pool.*/d' -e '/^server.*/d' -e '/^# Please consider .*/a\server ntp.aliyun.com iburst\nserver time1.cloud.tencent.com iburst\nserver ntp.tuna.tsinghua.edu.cn iburst' -e 's@^#allow.*@allow 0.0.0.0/0@' -e 's@^#local.*@local stratum 10@' /etc/chrony.conf
        systemctl restart chronyd && systemctl enable --now chronyd &> /dev/null
        systemctl is-active chronyd &> /dev/null ||  { ${COLOR}"chrony 启动失败,退出!"${END} ; exit; }
        ${COLOR}"chrony安装完成"${END}
    else
        dpkg -s chrony &>/dev/null || { ${COLOR}"安装chrony包,请稍等..."${END};apt -y install chrony &> /dev/null; }
        apt -y install chrony &> /dev/null
        sed -i -e '/^pool.*/d' -e '/^# See http:.*/a\server ntp.aliyun.com iburst\nserver time1.cloud.tencent.com iburst\nserver ntp.tuna.tsinghua.edu.cn iburst' /etc/chrony/chrony.conf
        echo "allow 0.0.0.0/0" >> /etc/chrony/chrony.conf
        echo "local stratum 10" >> /etc/chrony/chrony.conf
        systemctl restart chronyd && systemctl enable --now chronyd &> /dev/null
        systemctl is-active chronyd &> /dev/null ||  { ${COLOR}"chrony 启动失败,退出!"${END} ; exit; }
        ${COLOR}"chrony安装完成"${END}
    fi
}

main(){
    os
    install_chrony
}

main

2.3.2 一键安装chrony客户端脚本

bash 复制代码
[root@rocky8 ~]# cat install_chrony_client_v2.sh
#!/bin/bash
#
#*************************************************************************************************************
#Author:        Raymond
#QQ:            88563128
#Date:          2024-01-19
#FileName:      install_chrony_client_v2.sh
#URL:           raymond.blog.csdn.net
#Description:   install_chrony_client for CentOS 7 & CentOS Stream 8/9 & Ubuntu 18.04/20.04/22.04 & Rocky 8/9
#Copyright (C): 2021 All rights reserved
#*************************************************************************************************************
COLOR="echo -e \\033[01;31m"
END='\033[0m'
SERVER=172.31.0.9

os(){
    OS_ID=`sed -rn '/^NAME=/s@.*="([[:alpha:]]+).*"$@\1@p' /etc/os-release`
}

install_chrony(){
    if [ ${OS_ID} == "CentOS" -o ${OS_ID} == "Rocky" ] &> /dev/null;then
        rpm -q chrony &> /dev/null || { ${COLOR}"安装chrony包,请稍等..."${END};yum -y install chrony &> /dev/null; }
        sed -i -e '/^pool.*/d' -e '/^server.*/d' -e '/^# Please consider .*/a\server '${SERVER}' iburst' /etc/chrony.conf
        systemctl restart chronyd && systemctl enable --now chronyd &> /dev/null
        systemctl is-active chronyd &> /dev/null ||  { ${COLOR}"chrony 启动失败,退出!"${END} ; exit; }
        ${COLOR}"chrony安装完成"${END}
    else
        dpkg -s chrony &>/dev/null || { ${COLOR}"安装chrony包,请稍等..."${END};apt -y install chrony &> /dev/null; }
        sed -i -e '/^pool.*/d' -e '/^# See http:.*/a\server '${SERVER}' iburst' /etc/chrony/chrony.conf
        systemctl restart chronyd && systemctl enable --now chronyd &> /dev/null
        systemctl is-active chronyd &> /dev/null ||  { ${COLOR}"chrony 启动失败,退出!"${END} ; exit; }
        ${COLOR}"chrony安装完成"${END}
    fi
}

main(){
    os
    install_chrony
}

main

ctive chronyd &> /dev/null || { C O L O R " c h r o n y 启动失败 , 退出 ! " {COLOR}"chrony 启动失败,退出!" COLOR"chrony启动失败,退出!"{END} ; exit; }
C O L O R " c h r o n y 安装完成 " {COLOR}"chrony安装完成" COLOR"chrony安装完成"{END}

else

dpkg -s chrony &>/dev/null || { C O L O R " 安装 c h r o n y 包,请稍等 . . . " {COLOR}"安装chrony包,请稍等..." COLOR"安装chrony包,请稍等..."{END};apt -y install chrony &> /dev/null; }

sed -i -e '/^pool./d' -e '/^# See http:. /a\server '${SERVER}' iburst' /etc/chrony/chrony.conf

systemctl restart chronyd && systemctl enable --now chronyd &> /dev/null

systemctl is-active chronyd &> /dev/null || { C O L O R " c h r o n y 启动失败 , 退出 ! " {COLOR}"chrony 启动失败,退出!" COLOR"chrony启动失败,退出!"{END} ; exit; }
C O L O R " c h r o n y 安装完成 " {COLOR}"chrony安装完成" COLOR"chrony安装完成"{END}

fi

}

main(){

os

install_chrony

}

main

复制代码
相关推荐
Swift社区32 分钟前
在 Swift 中实现字符串分割问题:以字典中的单词构造句子
开发语言·ios·swift
没头脑的ht33 分钟前
Swift内存访问冲突
开发语言·ios·swift
没头脑的ht36 分钟前
Swift闭包的本质
开发语言·ios·swift
wjs202439 分钟前
Swift 数组
开发语言
stm 学习ing2 小时前
FPGA 第十讲 避免latch的产生
c语言·开发语言·单片机·嵌入式硬件·fpga开发·fpga
湫ccc3 小时前
《Python基础》之字符串格式化输出
开发语言·python
mqiqe3 小时前
Python MySQL通过Binlog 获取变更记录 恢复数据
开发语言·python·mysql
AttackingLin3 小时前
2024强网杯--babyheap house of apple2解法
linux·开发语言·python