阅读量:2
本文记录了openEuler 22.03 (LTS-SP1)的二级时间服务器用chronyd不能自动同步GPS时间服务器,改用ntpd同步GPS时间服务器成功的案例
一、环境简述
1、本环境中有两台GPS一级时间服务器,IP如下:
192.168.188.66
192.168.188.74
2、有一台openeuler系统的服务器拟作为网络中的二级时间服务器对全网进行授时
系统版本:
[root@localhost ~]# cat /etc/os-release NAME="openEuler" VERSION="22.03 (LTS-SP1)" ID="openEuler" VERSION_ID="22.03" PRETTY_NAME="openEuler 22.03 (LTS-SP1)" ANSI_COLOR="0;31"IP地址:192.168.168.33
二、问题现象
1、使用chronyd进行时间服务器同步设置
配置如下:
[root@localhost ~]# egrep -v "^#|^$" /etc/chrony.conf server 192.168.188.66 iburst server 192.168.188.74 iburst driftfile /var/lib/chrony/drift makestep 1.0 3 rtcsync allow 192.0.0.0/8 local stratum 10 keyfile /etc/chrony.keys logdir /var/log/chrony log measurements statistics tracking2、启动服务
[root@localhost ~]# systemctl start chronyd [root@localhost ~]# systemctl status chronyd ● chronyd.service - NTP client/server Loaded: loaded (/usr/lib/systemd/system/chronyd.service; enabled; vendor preset: enabled) Active: active (running) since Fri 2024-06-21 20:37:38 CST; 5s ago Docs: man:chronyd(8) man:chrony.conf(5) Process: 392366 ExecStart=/usr/sbin/chronyd $OPTIONS (code=exited, status=0/SUCCESS) Main PID: 392368 (chronyd) Tasks: 1 (limit: 2469658) Memory: 360.0K CGroup: /system.slice/chronyd.service └─ 392368 /usr/sbin/chronyd Jun 21 20:37:38 irmsogg1733 systemd[1]: Starting NTP client/server... Jun 21 20:37:38 irmsogg1733 chronyd[392368]: chronyd version 4.1 starting (+CMDMON +NTP +REFCLOCK +RTC +PRIVDROP +SCFILTER +SIGND +ASY> Jun 21 20:37:38 irmsogg1733 chronyd[392368]: Initial frequency -46.668 ppm Jun 21 20:37:38 irmsogg1733 systemd[1]: Started NTP client/server.服务正常启动
3、检查服务器同步情况
[root@localhost ~]# chronyc sourcestats -v .- Number of sample points in measurement set. / .- Number of residual runs with same sign. | / .- Length of measurement set (time). | | / .- Est. clock freq error (ppm). | | | / .- Est. error in freq. | | | | / .- Est. offset. | | | | | | On the -. | | | | | | samples. \ | | | | | | | Name/IP Address NP NR Span Frequency Freq Skew Offset Std Dev ============================================================================== 192.168.188.66 0 0 0 +0.000 2000.000 +0ns 4000ms 192.168.188.74 0 0 0 +0.000 2000.000 +0ns 4000ms [root@localhost ~]# chronyc sources -v .-- Source mode '^' = server, '=' = peer, '#' = local clock. / .- Source state '*' = current best, '+' = combined, '-' = not combined, | / 'x' = may be in error, '~' = too variable, '?' = unusable. || .- xxxx [ yyyy ] +/- zzzz || Reachability register (octal) -. | xxxx = adjusted offset, || Log2(Polling interval) --. | | yyyy = measured offset, || \ | | zzzz = estimated error. || | | \ MS Name/IP address Stratum Poll Reach LastRx Last sample =============================================================================== ^? 192.168.188.66 0 8 0 - +0ns[ +0ns] +/- 0ns ^? 192.168.188.74 0 8 0 - +0ns[ +0ns] +/- 0ns经长时间观察,服务器前面始终为?,发现无法完成自动同步将服务器状态转为“*”或“-”。
4、检查一级服务器授时能力
[root@localhost ~]# chronyc activity -v 200 OK 2 sources online 0 sources offline 0 sources doing burst (return to online) 0 sources doing burst (return to offline) 0 sources with unknown address [root@localhost ~]# chronyc tracking -v Reference ID : 7F7F0101 () Stratum : 10 Ref time (UTC) : Fri Jun 21 11:31:11 2024 System time : 0.000000004 seconds slow of NTP time Last offset : +0.000000000 seconds RMS offset : 0.000000000 seconds Frequency : 44.979 ppm slow Residual freq : +0.000 ppm Skew : 0.000 ppm Root delay : 0.000000000 seconds Root dispersion : 0.000000000 seconds Update interval : 0.0 seconds Leap status : Normal可以看到两个时间服务器源是在线的,但tracking信息不正常
5、手动同步时间测试
[root@localhost ~]# ntpdate 192.168.188.66 21 Jun 19:19:21 ntpdate[391367]: adjust time server 192.168.188.66 offset +0.017640 sec [root@localhost ~]# ntpdate 192.168.188.74 21 Jun 19:19:34 ntpdate[391368]: adjust time server 192.168.188.74 offset +0.012333 sec [root@localhost ~]# chronyc -a makestep 200 OK手动测试一级时间服务器时间同步正常,授时端口也正常,看来chronyd与该GPS时间服务器同步存在什么问题。
三、问题处理
1、卸载chronyd
考虑到一级GPS时间服务器能正常授时,chronyd又无法完成与一级GPS时间服务器的自动同步,于是卸载chronyd,改用ntpd进行尝试(ntpd和chronyd都能启动ntp时间服务器,同时运行是有冲突的,最好只保留一个)。
[root@localhost ~]# yum remove chrony Dependencies resolved. ======================================================================================================================================= Package Architecture Version Repository Size ======================================================================================================================================= Removing: chrony x86_64 4.1-3.oe2203sp1 @openEuler2203SP1LTS 435 k Removing unused dependencies: libedit x86_64 3.1-29.oe2203sp1 @openEuler2203SP1LTS 232 k timedatex x86_64 0.6-3.oe2203sp1 @openEuler2203SP1LTS 52 k Transaction Summary ======================================================================================================================================= Remove 3 Packages Freed space: 718 k Is this ok [y/N]: y Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Preparing : 1/1 Running scriptlet: chrony-4.1-3.oe2203sp1.x86_64 1/1 Running scriptlet: chrony-4.1-3.oe2203sp1.x86_64 1/3 Removed /etc/systemd/system/multi-user.target.wants/chronyd.service. Erasing : chrony-4.1-3.oe2203sp1.x86_64 1/3 warning: /etc/chrony.conf saved as /etc/chrony.conf.rpmsave Running scriptlet: chrony-4.1-3.oe2203sp1.x86_64 1/3 Erasing : libedit-3.1-29.oe2203sp1.x86_64 2/3 Running scriptlet: timedatex-0.6-3.oe2203sp1.x86_64 3/3 Unit /etc/systemd/system/timedatex.service is masked, ignoring. Erasing : timedatex-0.6-3.oe2203sp1.x86_64 3/3 Running scriptlet: timedatex-0.6-3.oe2203sp1.x86_64 3/3 Verifying : chrony-4.1-3.oe2203sp1.x86_64 1/3 Verifying : libedit-3.1-29.oe2203sp1.x86_64 2/3 Verifying : timedatex-0.6-3.oe2203sp1.x86_64 3/3 Removed: chrony-4.1-3.oe2203sp1.x86_64 libedit-3.1-29.oe2203sp1.x86_64 timedatex-0.6-3.oe2203sp1.x86_64 Complete!2、安装ntpd
[root@localhost ~] # yum install ntp Last metadata expiration check: 0:51:16 ago on Fri 21 Jun 2024 07:47:25 PM CST. Dependencies resolved. ======================================================================================================================================= Package Architecture Version Repository Size ======================================================================================================================================= Installing: ntp x86_64 4.2.8p15-7.oe2203sp1 openEuler2203SP1LTS 619 k Installing dependencies: autogen x86_64 5.18.16-3.oe2203sp1 openEuler2203SP1LTS 469 k libedit x86_64 3.1-29.oe2203sp1 openEuler2203SP1LTS 92 k ntp-help noarch 4.2.8p15-7.oe2203sp1 openEuler2203SP1LTS 1.3 M Installing weak dependencies: ntpstat noarch 0.6-4.oe2203sp1 openEuler2203SP1LTS 11 k timedatex x86_64 0.6-3.oe2203sp1 openEuler2203SP1LTS 29 k Transaction Summary ======================================================================================================================================= Install 6 Packages Total download size: 2.4 M Installed size: 5.3 M Is this ok [y/N]: y Downloading Packages: (1/6): libedit-3.1-29.oe2203sp1.x86_64.rpm 19 MB/s | 92 kB 00:00 (2/6): autogen-5.18.16-3.oe2203sp1.x86_64.rpm 29 MB/s | 469 kB 00:00 (3/6): ntpstat-0.6-4.oe2203sp1.noarch.rpm 9.3 MB/s | 11 kB 00:00 (4/6): ntp-4.2.8p15-7.oe2203sp1.x86_64.rpm 24 MB/s | 619 kB 00:00 (5/6): timedatex-0.6-3.oe2203sp1.x86_64.rpm 3.7 MB/s | 29 kB 00:00 (6/6): ntp-help-4.2.8p15-7.oe2203sp1.noarch.rpm 42 MB/s | 1.3 MB 00:00 --------------------------------------------------------------------------------------------------------------------------------------- Total 63 MB/s | 2.4 MB 00:00 Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Preparing : 1/1 Running scriptlet: timedatex-0.6-3.oe2203sp1.x86_64 1/6 Installing : timedatex-0.6-3.oe2203sp1.x86_64 1/6 Running scriptlet: timedatex-0.6-3.oe2203sp1.x86_64 1/6 Unit /etc/systemd/system/timedatex.service is masked, ignoring. Installing : ntp-help-4.2.8p15-7.oe2203sp1.noarch 2/6 Installing : libedit-3.1-29.oe2203sp1.x86_64 3/6 Installing : autogen-5.18.16-3.oe2203sp1.x86_64 4/6 Installing : ntpstat-0.6-4.oe2203sp1.noarch 5/6 Running scriptlet: ntp-4.2.8p15-7.oe2203sp1.x86_64 6/6 Installing : ntp-4.2.8p15-7.oe2203sp1.x86_64 6/6 Running scriptlet: ntp-4.2.8p15-7.oe2203sp1.x86_64 6/6 Verifying : autogen-5.18.16-3.oe2203sp1.x86_64 1/6 Verifying : libedit-3.1-29.oe2203sp1.x86_64 2/6 Verifying : ntp-4.2.8p15-7.oe2203sp1.x86_64 3/6 Verifying : ntp-help-4.2.8p15-7.oe2203sp1.noarch 4/6 Verifying : ntpstat-0.6-4.oe2203sp1.noarch 5/6 Verifying : timedatex-0.6-3.oe2203sp1.x86_64 6/6 Installed: autogen-5.18.16-3.oe2203sp1.x86_64 libedit-3.1-29.oe2203sp1.x86_64 ntp-4.2.8p15-7.oe2203sp1.x86_64 ntp-help-4.2.8p15-7.oe2203sp1.noarch ntpstat-0.6-4.oe2203sp1.noarch timedatex-0.6-3.oe2203sp1.x86_64 Complete!3、配置ntpd
[root@localhost chrony]# egrep -v "^#|^$" /etc/ntp.conf driftfile /var/lib/ntp/drift restrict default nomodify notrap nopeer noepeer noquery restrict source nomodify notrap noepeer noquery restrict 127.0.0.1 restrict ::1 server 192.168.188.66 iburst server 192.168.188.74 iburst tos maxclock 5 includefile /etc/ntp/crypto/pw keys /etc/ntp/keys4、启动ntpd
[root@localhost chrony]# systemctl start ntpd5、查看服务状态
[root@localhost chrony]# systemctl status ntpd ● ntpd.service - Network Time Service Loaded: loaded (/usr/lib/systemd/system/ntpd.service; enabled; vendor preset: disabled) Active: active (running) since Fri 2024-06-21 20:40:16 CST; 2min 38s ago Main PID: 392489 (ntpd) Tasks: 2 (limit: 2469658) Memory: 1.6M CGroup: /system.slice/ntpd.service └─ 392489 /usr/sbin/ntpd -u ntp:ntp -g Jun 21 20:40:16 localhost ntpd[392489]: Listen and drop on 1 v4wildcard 0.0.0.0:123 Jun 21 20:40:16 localhost ntpd[392489]: Listen normally on 2 lo 127.0.0.1:123 Jun 21 20:40:16 localhost ntpd[392489]: Listen normally on 3 bond0 192.168.168.33:123 Jun 21 20:40:16 localhost ntpd[392489]: Listen normally on 4 lo [::1]:123 Jun 21 20:40:16 localhost ntpd[392489]: Listening on routing socket on fd #23 for interface updates Jun 21 20:40:16 localhost ntpd[392489]: kernel reports TIME_ERROR: 0x41: Clock Unsynchronized Jun 21 20:40:16 localhost ntpd[392489]: kernel reports TIME_ERROR: 0x41: Clock Unsynchronized Jun 21 20:40:16 localhost systemd[1]: Started Network Time Service.6、检查时间同步情况
[root@localhost chrony]# ntpq -p remote refid st t when poll reach delay offset jitter ============================================================================== +192.168.188.66 .GPS. 1 u 11 64 77 1.705 +15.730 12.199 *192.168.188.74 .GPS. 1 u 8 64 77 1.670 +16.038 12.284发现ntpd能够正常跟踪一级GPS时间服务器,相关数据显示正常。
7、使能ntpd让其开机启动
[root@localhost chrony]# systemctl enable ntpd Created symlink /etc/systemd/system/multi-user.target.wants/ntpd.service → /usr/lib/systemd/system/ntpd.service.8、通过网内其它主机进行时间同步测试
其它主机chronyd将时间服务器设置为二级服务器192.168.168.33进行同步测试
[root@localhost2 ~]# chronyc sources -v .-- Source mode '^' = server, '=' = peer, '#' = local clock. / .- Source state '*' = current best, '+' = combined, '-' = not combined, | / 'x' = may be in error, '~' = too variable, '?' = unusable. || .- xxxx [ yyyy ] +/- zzzz || Reachability register (octal) -. | xxxx = adjusted offset, || Log2(Polling interval) --. | | yyyy = measured offset, || \ | | zzzz = estimated error. || | | \ MS Name/IP address Stratum Poll Reach LastRx Last sample =============================================================================== ^* 192.168.168.33 2 6 377 17 -4658us[-7129us] +/- 11ms可以看到,能正确获取到时间,且显示二级服务器192.168.168.33处于第二层。
9、检查时间获取情况
[root@localhost2 ~]# chronyc tracking -v Reference ID : 0AE31121 (192.168.168.33) Stratum : 3 Ref time (UTC) : Fri Jun 21 14:13:29 2024 System time : 0.000004623 seconds fast of NTP time Last offset : +0.000003086 seconds RMS offset : 0.000103144 seconds Frequency : 16.338 ppm slow Residual freq : +0.001 ppm Skew : 0.072 ppm Root delay : 0.001930163 seconds Root dispersion : 0.007009792 seconds Update interval : 64.7 seconds Leap status : Normal10、用时间同步检查工具检查
可以看到 二级服务器192.168.168.33是从一级时间服务器192.168.188.74获取的时间,与“ntpq -p”检查结果一致,确认二级时间服务器自动同步GPS时间服务器并进行分发的配置ok,运行完成正常。
四、问题分析
网络中的GPS一级时间服务器启用时间较早,估计使用了较早的时间协议。chronyd对比ntpd能更快地且更准确地同步系统时钟,但ntp更多的NTP运行协议,它支持RFC 5905的所有操作模式,包括广播、多播和manycast服务器/客户端,它还支持自动密钥协议(RFC 5906)来使用公钥加密对服务器进行身份验证,因此本例可能就是因为chronyd不能完全支持GPS一级时间服务器的NTP协议,而使用ntpd则能较好地运行。
附:本文中相关配置详解见《ntpd和chronyd时间服务器配置样例及详解》
