반응형
1. 개요
chrony는 시간 동기화를 제공하는 프로그램으로 NTP의 대안 중 하나이다.
chrony 서버 환경은 Rocky Linux 9.3, chrony 클라이언트 환경은 Rocky Linux 8.9으로 테스트를 진행했다.
로컬 레포지토리 설정은 이미 포스팅을 했으니 생략하겠다.
2. 설치 및 설정
2.1. Server
1. chrony 설치
<java />yum install chrony
<bash />
[root@localhost ~]# yum install chrony
마지막 메타자료 만료확인(0:06:22 이전): 2024년 07월 17일 (수) 오전 11시 02분 55초.
종속성이 해결되었습니다.
================================================================================
꾸러미 구조 버전 저장소 크기
================================================================================
설치 중:
chrony x86_64 4.5-1.el9 baseos 333 k
연결 요약
================================================================================
설치 1 꾸러미
전체 내려받기 크기: 333 k
설치된 크기 : 653 k
진행할까요? [y/N]:
2. 서버 chrony 설정
<java />vi /etc/chrony.conf
<bash />
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (https://www.pool.ntp.org/join.html).
#pool 2.rocky.pool.ntp.org iburst # 주석 처리
server 127.127.1.0 iburst
# Use NTP servers from DHCP.
sourcedir /run/chrony-dhcp
# Record the rate at which the system clock gains/losses time.
driftfile /var/lib/chrony/drift
# Allow the system clock to be stepped in the first three updates
# if its offset is larger than 1 second.
makestep 1.0 3
# Enable kernel synchronization of the real-time clock (RTC).
rtcsync
# Enable hardware timestamping on all interfaces that support it.
#hwtimestamp *
# Increase the minimum number of selectable sources required to adjust
# the system clock.
#minsources 2
# Allow NTP client access from local network.
allow 허용 서버 대역/24 # ex) 192.168.111.0/24
# Serve time even if not synchronized to a time source.
local stratum 10 # 주석 해제
# Require authentication (nts or key option) for all NTP sources.
#authselectmode require
# Specify file containing keys for NTP authentication.
keyfile /etc/chrony.keys
# Save NTS keys and cookies.
ntsdumpdir /var/lib/chrony
# Insert/delete leap seconds by slewing instead of stepping.
#leapsecmode slew
# Get TAI-UTC offset and leap seconds from the system tz database.
leapsectz right/UTC
# Specify directory for log files.
logdir /var/log/chrony
# Select which information is logged.
#log measurements statistics tracking
3. 방화벽 등록
<java />firewall-cmd --add-service=ntp --permanent firewall-cmd --reload
4. 서버 chrony 재시작 및 상태 확인
<java />systemctl restart chronyd systemctl status chronyd
2.2. Client
1. 클라이언트 chrony 설치
<java />yum install chrony
2. 클라이언트 chrony 설정 및 연동
<java />vi /etc/chrony.conf
<bash />
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (https://www.pool.ntp.org/join.html).
#pool 2.rocky.pool.ntp.org iburst # 주석 처리
server NTP 서버 IP iburst # 이 외 수정할 부분 딱히 없음
# Record the rate at which the system clock gains/losses time.
driftfile /var/lib/chrony/drift
# Allow the system clock to be stepped in the first three updates
# if its offset is larger than 1 second.
makestep 1.0 3
# Enable kernel synchronization of the real-time clock (RTC).
rtcsync
# Enable hardware timestamping on all interfaces that support it.
#hwtimestamp *
# Increase the minimum number of selectable sources required to adjust
# the system clock.
#minsources 2
# Allow NTP client access from local network.
#allow 192.168.0.0/8
# Serve time even if not synchronized to a time source.
#local stratum 10
# Require authentication (nts or key option) for all NTP sources.
#authselectmode require
# Specify file containing keys for NTP authentication.
keyfile /etc/chrony.keys
# Insert/delete leap seconds by slewing instead of stepping.
#leapsecmode slew
# Get TAI-UTC offset and leap seconds from the system tz database.
leapsectz right/UTC
# Specify directory for log files.
logdir /var/log/chrony
# Select which information is logged.
#log measurements statistics tracking
3. 방화벽 등록
<java />firewall-cmd --add-service=ntp --permanent firewall-cmd --reload
4. 연동 확인
<java />chronyc sources -v
<bash />
[root@localhost ~]# chronyc sources -v
.-- Source mode '^' = server, '=' = peer, '#' = local clock.
/ .- Source state '*' = current best, '+' = combined, '-' = not combined,
| / 'x' = may be in error, '~' = too variable, '?' = unusable.
|| .- xxxx [ yyyy ] +/- zzzz
|| Reachability register (octal) -. | xxxx = adjusted offset,
|| Log2(Polling interval) --. | | yyyy = measured offset,
|| \ | | zzzz = estimated error.
|| | | \
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* NTP 서버 IP 10 6 377 32 +96us[ +86us] +/- 547us
3. 특이사항
<java />timedatectl status
<bash />
[root@localhost ~]# timedatectl status
Local time: 토 2024-08-24 12:21:26 KST
Universal time: 토 2024-08-24 03:21:26 UTC
RTC time: 토 2024-08-24 03:21:26
Time zone: Asia/Seoul (KST, +0900)
System clock synchronized: no # 해당 부분이 no로 나와있을 수 있음
NTP service: active
RTC in local TZ: no
해당 부분이 no로 나와있으면,
<java />
timedatectl set-ntp yes
timedatectl set-ntp true
systemctl restart chronyd
입력 후 연동 확인
반응형
'슬기로운 SE 생활' 카테고리의 다른 글
| [Linux] 폐쇄망, 내부망 로컬 레포지토리 설정, Local Repository, 패키지 설치 (3) | 2024.03.29 |
|---|---|
| [Linux] Rocky Samba 삼바 설치, 설정, 연동 (1) | 2024.03.08 |
| [Linux] Rocky Linux vsftp 설치, 설정, 연동 (0) | 2024.03.07 |
| [윈도우서버] 원격 데스크톱, RDP 포트 변경 (1) | 2024.02.29 |
| [Linux] Rocky Linux ssh 포트 변경 (0) | 2024.02.28 |
