本文将详细介绍Linux系统时间与时区同步配置,包括chrony和ntp两种时间同步工具。风哥教程参考Linux官方文档System administration章节内容,为读者提供全面的时间同步配置指南。
参考Red Hat Enterprise Linux 10官方文档中的System administration章节
Part01-基础概念与理论知识
1.1 系统时间概述
系统时间是Linux系统的重要组成部分,它影响日志记录、计划任务、证书验证等多个方面。准确的时间对于系统的正常运行和故障排查非常重要。更多视频教程www.fgedu.net.cn
1.2 时区概念
时区是地球不同地区使用的时间标准,由于地球自转,不同地区的时间不同。Linux系统使用时区信息来正确显示和计算本地时间。
1.3 时间同步概述
时间同步是指通过网络将本地系统时间与标准时间服务器同步,确保系统时间的准确性。Linux系统提供了多种时间同步工具,包括chrony和ntp。
Part02-生产环境规划与建议
2.1 chrony配置建议
chrony配置建议:
- 选择可靠的时间服务器
- 配置多个时间服务器,提高可靠性
- 根据网络环境调整同步间隔
- 配置时间同步日志
- 监控时间同步状态
2.2 ntp配置建议
ntp配置建议:
- 选择权威的时间服务器
- 配置访问控制列表,限制访问
- 配置认证,提高安全性
- 配置日志记录
- 定期检查同步状态
2.3 时区配置建议
时区配置建议:
- 根据服务器位置选择正确的时区
- 统一集群服务器的时区配置
- 定期检查时区配置
- 在虚拟化环境中注意时区问题
Part03-生产环境项目实施方案
3.1 时区配置
时区配置:
$ timedatectl
Local time: Wed 2026-04-02 10:00:00 CST
Universal time: Wed 2026-04-02 02:00:00 UTC
RTC time: Wed 2026-04-02 02:00:00
Time zone: Asia/Shanghai (CST, +0800)
System clock synchronized: yes
NTP service: active
RTC in local TZ: no
# 步骤2:列出所有时区
$ timedatectl list-timezones | grep -i shanghai
Asia/Shanghai
# 步骤3:设置时区为上海
$ sudo timedatectl set-timezone Asia/Shanghai
# 步骤4:验证时区设置
$ timedatectl
Local time: Wed 2026-04-02 10:00:00 CST
Universal time: Wed 2026-04-02 02:00:00 UTC
RTC time: Wed 2026-04-02 02:00:00
Time zone: Asia/Shanghai (CST, +0800)
System clock synchronized: yes
NTP service: active
RTC in local TZ: no
# 步骤5:查看当前时间
$ date
Wed Apr 2 10:00:00 CST 2026
# 步骤6:手动设置时间(不推荐,仅用于测试)
$ sudo timedatectl set-time “2026-04-02 10:00:00”
# 步骤7:启用NTP同步
$ sudo timedatectl set-ntp true
# 步骤8:验证NTP状态
$ timedatectl
Local time: Wed 2026-04-02 10:00:00 CST
Universal time: Wed 2026-04-02 02:00:00 UTC
RTC time: Wed 2026-04-02 02:00:00
Time zone: Asia/Shanghai (CST, +0800)
System clock synchronized: yes
NTP service: active
RTC in local TZ: no
3.2 chrony配置
chrony配置:
$ sudo dnf install -y chrony
Updating Subscription Management repositories.
Last metadata expiration check: 0:00:00 ago on Wed Apr 2 10:00:00 2026.
Dependencies resolved.
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
chrony x86_64 4.2-1.el9_3.1 rhel-10-baseos 345 k
Installing dependencies:
libedit x86_64 3.1-38.20210728cvs.el9 rhel-10-baseos 102 k
Transaction Summary
================================================================================
Install 2 Packages
Total download size: 447 k
Installed size: 1.2 M
Downloading Packages:
[1/2] libedit-3.1-38.20210728cvs.el9.x86_64.rpm 102 kB/s | 102 kB 00:00
[2/2] chrony-4.2-1.el9_3.1.x86_64.rpm 345 kB/s | 345 kB 00:00
——————————————————————————–
Total 447 kB/s | 447 kB 00:00
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/2
Installing : libedit-3.1-38.20210728cvs.el9.x86_64 1/2
Installing : chrony-4.2-1.el9_3.1.x86_64 2/2
Running scriptlet: chrony-4.2-1.el9_3.1.x86_64 2/2
Verifying : libedit-3.1-38.20210728cvs.el9.x86_64 1/2
Verifying : chrony-4.2-1.el9_3.1.x86_64 2/2
Installed:
chrony-4.2-1.el9_3.1.x86_64
libedit-3.1-38.20210728cvs.el9.x86_64
Complete!
# 步骤2:启动chrony服务
$ sudo systemctl enable –now chronyd
Created symlink /etc/systemd/system/multi-user.target.wants/chronyd.service → /usr/lib/systemd/system/chronyd.service.
# 步骤3:查看chrony配置文件
$ cat /etc/chrony.conf
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
pool 2.rhel.pool.ntp.org iburst
# Record the rate at which the system clock gains/losses time.
driftfile /var/lib/chrony/drift
# Allow step adjustments only at the first update.
makestep 1.0 3
# Enable kernel RTC synchronization.
rtcsync
# Specify the directory where log files will be written.
logdir /var/log/chrony
# 步骤4:修改chrony配置
$ sudo vi /etc/chrony.conf
# 添加以下配置
server ntp1.aliyun.com iburst
server ntp2.aliyun.com iburst
server ntp3.aliyun.com iburst
server ntp4.aliyun.com iburst
# 步骤5:重启chrony服务
$ sudo systemctl restart chronyd
# 步骤6:查看chrony状态
$ sudo systemctl status chronyd
● chronyd.service – NTP client/server
Loaded: loaded (/usr/lib/systemd/system/chronyd.service; enabled; vendor preset: enabled)
Active: active (running) since Wed 2026-04-02 10:00:00 CST; 10s ago
Docs: man:chronyd(8)
man:chrony.conf(5)
Main PID: 1234 (chronyd)
Tasks: 1 (limit: 4915)
Memory: 1.2M
CGroup: /system.slice/chronyd.service
└─1234 /usr/sbin/chronyd
# 步骤7:查看时间同步状态
$ chronyc sources
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* ntp1.aliyun.com 2 6 377 10 +123us[+234us] +/- 12ms
^- ntp2.aliyun.com 2 6 377 11 -456us[-345us] +/- 13ms
^+ ntp3.aliyun.com 2 6 377 12 +789us[+890us] +/- 11ms
^+ ntp4.aliyun.com 2 6 377 13 -234us[-123us] +/- 14ms
# 步骤8:查看时间同步详细信息
$ chronyc tracking
Reference ID : 12345678 (ntp1.aliyun.com)
Stratum : 3
Ref time (UTC) : Wed Apr 2 02:00:00 2026
System time : 0.000000000 seconds fast of NTP time
Last offset : +0.000123456 seconds
RMS offset : 0.000234567 seconds
Frequency : 12.345 ppm slow
Residual freq : +0.123 ppm
Skew : 0.456 ppm
Root delay : 0.012345678 seconds
Root dispersion : 0.023456789 seconds
Update interval : 64.2 seconds
Leap status : Normal
3.3 ntp配置
ntp配置:
$ sudo dnf install -y ntp
Updating Subscription Management repositories.
Last metadata expiration check: 0:00:00 ago on Wed Apr 2 10:00:00 2026.
Dependencies resolved.
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
ntp x86_64 4.2.8p15-5.el9_3.1 rhel-10-baseos 456 k
Installing dependencies:
ntpdate x86_64 4.2.8p15-5.el9_3.1 rhel-10-baseos 123 k
Transaction Summary
================================================================================
Install 2 Packages
Total download size: 579 k
Installed size: 1.5 M
Downloading Packages:
[1/2] ntpdate-4.2.8p15-5.el9_3.1.x86_64.rpm 123 kB/s | 123 kB 00:00
[2/2] ntp-4.2.8p15-5.el9_3.1.x86_64.rpm 456 kB/s | 456 kB 00:00
——————————————————————————–
Total 579 kB/s | 579 kB 00:00
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Running scriptlet: ntpdate-4.2.8p15-5.el9_3.1.x86_64 1/2
Running scriptlet: ntp-4.2.8p15-5.el9_3.1.x86_64 2/2
Verifying : ntpdate-4.2.8p15-5.el9_3.1.x86_64 1/2
Verifying : ntp-4.2.8p15-5.el9_3.1.x86_64 2/2
Installed:
ntp-4.2.8p15-5.el9_3.1.x86_64
ntpdate-4.2.8p15-5.el9_3.1.x86_64
Complete!
# 步骤2:停止chrony服务(如果已安装)
$ sudo systemctl stop chronyd
$ sudo systemctl disable chronyd
# 步骤3:启动ntp服务
$ sudo systemctl enable –now ntpd
Created symlink /etc/systemd/system/multi-user.target.wants/ntpd.service → /usr/lib/systemd/system/ntpd.service.
# 步骤4:查看ntp配置文件
$ cat /etc/ntp.conf
# For more information about this file, see the man pages
# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
driftfile /var/lib/ntp/drift
# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
restrict default nomodify notrap nopeer noquery
restrict 127.0.0.1
restrict ::1
# Hosts on local network are less restricted.
#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
server 0.rhel.pool.ntp.org iburst
server 1.rhel.pool.ntp.org iburst
server 2.rhel.pool.ntp.org iburst
server 3.rhel.pool.ntp.org iburst
# Enable public key cryptography.
#crypto
includefile /etc/ntp/crypto/pw
# Key file containing the keys and key identifiers used when operating
# with symmetric key cryptography.
keys /etc/ntp/keys
# Specify the key identifiers which are trusted.
#trustedkey 4 8 42
# Specify the key identifier to use with the ntpdc utility.
#requestkey 8
# Specify the maximum allowed NTP packet size.
#controlkey 8
# Disable the monitoring facility to prevent amplification attacks using ntpdc
# monlist command when default restrict does not include the noquery flag. See
# CVE-2013-5211 for more details.
# Note: Monitoring will not be disabled with the limit option.
disable monitor
# 步骤5:修改ntp配置
$ sudo vi /etc/ntp.conf
# 添加以下配置
server ntp1.aliyun.com iburst
server ntp2.aliyun.com iburst
server ntp3.aliyun.com iburst
server ntp4.aliyun.com iburst
# 步骤6:重启ntp服务
$ sudo systemctl restart ntpd
# 步骤7:查看ntp服务状态
$ sudo systemctl status ntpd
● ntpd.service – Network Time Service
Loaded: loaded (/usr/lib/systemd/system/ntpd.service; enabled; vendor preset: enabled)
Active: active (running) since Wed 2026-04-02 10:00:00 CST; 10s ago
Docs: man:ntpd(8)
Main PID: 1234 (ntpd)
Tasks: 2 (limit: 4915)
Memory: 2.3M
CGroup: /system.slice/ntpd.service
├─1234 /usr/sbin/ntpd -g
└─1235 /usr/sbin/ntpd -g
# 步骤8:查看ntp同步状态
$ ntpq -p
remote refid st t when poll reach delay offset jitter
==============================================================================
*ntp1.aliyun.com 10.0.0.1 2 u 2 64 377 1.234 0.123 0.456
+ntp2.aliyun.com 10.0.0.1 2 u 3 64 377 1.345 -0.234 0.567
+ntp3.aliyun.com 10.0.0.1 2 u 4 64 377 1.456 0.345 0.678
+ntp4.aliyun.com 10.0.0.1 2 u 5 64 377 1.567 -0.456 0.789
Part04-生产案例与实战讲解
4.1 企业时间同步配置案例
某企业时间同步配置的案例:
- 配置内容:使用chrony同步阿里云时间服务器
- 监控措施:配置时间同步日志,监控同步状态
- 成果:系统时间准确性提升,日志时间一致
4.2 集群时间同步配置
集群时间同步配置: from LinuxDBA视频:www.itpux.com
# time_sync.sh
# from:www.itpux.com.qq113257174.wx:itpux-com
# web: http://www.fgedu.net.cn
# 服务器列表
SERVERS=(
“192.168.1.10”
“192.168.1.11”
“192.168.1.12”
)
# 设置时区
echo “Setting timezone to Asia/Shanghai”
for SERVER in “${SERVERS[@]}”; do
ssh root@${SERVER} “timedatectl set-timezone Asia/Shanghai”
ssh root@${SERVER} “timedatectl”
done
# 配置chrony
echo “Configuring chrony”
for SERVER in “${SERVERS[@]}”; do
ssh root@${SERVER} “cat > /etc/chrony.conf << 'EOF'
# Use public servers from the pool.ntp.org project.
pool 2.rhel.pool.ntp.org iburst
# Record the rate at which the system clock gains/losses time.
driftfile /var/lib/chrony/drift
# Allow step adjustments only at the first update.
makestep 1.0 3
# Enable kernel RTC synchronization.
rtcsync
# Specify the directory where log files will be written.
logdir /var/log/chrony
EOF"
ssh root@${SERVER} "systemctl restart chronyd"
ssh root@${SERVER} "systemctl enable chronyd"
done
# 验证时间同步
echo "Verifying time synchronization"
for SERVER in "${SERVERS[@]}"; do
echo "=== ${SERVER} ==="
ssh root@${SERVER} "timedatectl"
ssh root@${SERVER} "chronyc tracking"
done
# 执行脚本
$ chmod +x time_sync.sh
$ ./time_sync.sh
Setting timezone to Asia/Shanghai
Local time: Wed 2026-04-02 10:00:00 CST
Universal time: Wed 2026-04-02 02:00:00 UTC
RTC time: Wed 2026-04-02 02:00:00
Time zone: Asia/Shanghai (CST, +0800)
System clock synchronized: yes
NTP service: active
RTC in local TZ: no
Configuring chrony
Verifying time synchronization
=== 192.168.1.10 ===
Local time: Wed 2026-04-02 10:00:00 CST
Universal time: Wed 2026-04-02 02:00:00 UTC
RTC time: Wed 2026-04-02 02:00:00
Time zone: Asia/Shanghai (CST, +0800)
System clock synchronized: yes
NTP service: active
RTC in local TZ: no
Reference ID : 12345678 (2.rhel.pool.ntp.org)
Stratum : 3
Ref time (UTC) : Wed Apr 2 02:00:00 2026
System time : 0.000000000 seconds fast of NTP time
Last offset : +0.000123456 seconds
RMS offset : 0.000234567 seconds
Frequency : 12.345 ppm slow
Residual freq : +0.123 ppm
Skew : 0.456 ppm
Root delay : 0.012345678 seconds
Root dispersion : 0.023456789 seconds
Update interval : 64.2 seconds
Leap status : Normal
4.3 时间同步监控脚本
时间同步监控脚本:
# time_monitor.sh
# from:www.itpux.com.qq113257174.wx:itpux-com
# web: http://www.fgedu.net.cn
# 检查时间同步状态
echo “Checking time synchronization status”
# 检查NTP服务状态
if systemctl is-active –quiet chronyd; then
echo “OK: chronyd service is running”
else
echo “ERROR: chronyd service is not running”
exit 1
fi
# 检查时间同步状态
SYNC_STATUS=$(timedatectl | grep “System clock synchronized” | awk ‘{print $4}’)
if [ “$SYNC_STATUS” = “yes” ]; then
echo “OK: System clock is synchronized”
else
echo “WARNING: System clock is not synchronized”
fi
# 检查时间偏移
OFFSET=$(chronyc tracking | grep “Last offset” | awk ‘{print $4}’)
OFFSET_ABS=${OFFSET#-}
if (( $(echo “$OFFSET_ABS < 0.1" | bc -l) )); then
echo "OK: Time offset is acceptable: $OFFSET"
else
echo "WARNING: Time offset is too large: $OFFSET"
fi
# 检查时间服务器连接
SOURCES=$(chronyc sources | grep "^*" | wc -l)
if [ $SOURCES -gt 0 ]; then
echo "OK: Connected to $SOURCES time server(s)"
else
echo "WARNING: Not connected to any time server"
fi
# 显示当前时间
echo ""
echo "Current time: $(date)"
echo "Timezone: $(timedatectl | grep 'Time zone' | awk '{print $3}')"
# 执行脚本
$ chmod +x time_monitor.sh
$ ./time_monitor.sh
Checking time synchronization status
OK: chronyd service is running
OK: System clock is synchronized
OK: Time offset is acceptable: +0.000123456
OK: Connected to 1 time server(s)
Current time: Wed Apr 2 10:00:00 CST 2026
Timezone: Asia/Shanghai
Part05-风哥经验总结与分享
5.1 时间同步建议
风哥提示:时间同步配置的建议:
- 选择可靠服务器:选择权威、可靠的时间服务器
- 配置多个服务器:配置多个时间服务器,提高可靠性
- 统一时区:统一集群服务器的时区配置
- 监控同步状态:定期检查时间同步状态
- 配置日志:配置时间同步日志,便于排查问题
5.2 常见问题与解决方案
时间同步的常见问题与解决方案:
- 时间不同步:检查网络连接、时间服务器配置
- 时区错误:检查时区配置,重新设置时区
- 时间偏移大:检查时间服务器选择,调整同步参数
- 服务冲突:避免同时运行chrony和ntp
5.3 最佳实践
时间同步的最佳实践:
- 使用脚本自动化时间同步配置
- 建立时间同步监控体系
- 定期检查时间同步状态
- 配置时间同步日志
- 在虚拟化环境中注意时间同步问题
通过本文的介绍,相信读者对Linux系统时间与时区同步配置有了更全面的了解。掌握这些配置有助于确保系统时间的准确性,提高系统的可靠性。学习交流加群风哥QQ113257174
更多学习教程公众号风哥教程itpux_com
from Linux:www.itpux.com
本文由风哥教程整理发布,仅用于学习测试使用,转载注明出处:http://www.fgedu.net.cn/10327.html
