集群内部配置chrony时间同步
下面操作在CentOS7上进行,ubuntu的话类似,安装方式和配置文件位置稍有区别
方法一:全部互联网同步时间
所有机器执行下面操作。
ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
yum install chrony -y
sed '/^server/s/^/#/' /etc/chrony.conf -i
sed '1a server ntp.aliyun.com iburst' /etc/chrony.conf -i
sed '1a server 0.cn.pool.ntp.org iburst' /etc/chrony.conf -i
sed '1a server ntp1.aliyun.com iburst' /etc/chrony.conf -i
systemctl restart chronyd
systemctl enable chronyd
方法二:从其中一台机器同步
比如有下面5台服务器,k8s-master节点做时间同步源,其他节点都从此节点同步。
| 主机名 | IP | 操作系统 | 服务器配置 | 用途 |
|---|---|---|---|---|
| k8s-master1 | 192.168.200.128 | CentOS7.6.1810 | 4C4G | master节点,etcd节点 |
| k8s-master2 | 192.168.200.129 | CentOS7.6.1810 | 4C2G | master节点,etcd节点 |
| k8s-master3 | 192.168.200.130 | CentOS7.6.1810 | 4C2G | master节点,etcd节点 |
| k8s-node1 | 192.168.200.131 | CentOS7.6.1810 | 4C2G | worker节点 |
| k8s-node2 | 192.168.200.132 | CentOS7.6.1810 | 4C2G | worker节点 |
k8s-master服务器做时间同步源的配置
ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
yum install chrony -y
sed '/^server/s/^/#/' /etc/chrony.conf -i #删除其他的时间源
sed '1a server ntp.aliyun.com iburst' /etc/chrony.conf -i
sed '1a server 0.cn.pool.ntp.org iburst' /etc/chrony.conf -i
sed '1a server ntp1.aliyun.com iburst' /etc/chrony.conf -i
sed '1a allow 192.168.0.0/16' /etc/chrony.conf -i #添加允许同步的客户端网段
sed '1a local stratum 10' /etc/chrony.conf -i #离线也能作为源服务器
systemctl restart chronyd
systemctl enable chronyd
其他节点配置
ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
yum install chrony -y
sed '/^server/s/^/#/' /etc/chrony.conf -i #删除其他的时间源
sed '1a 192.168.200.128 iburst' /etc/chrony.conf -i
systemctl restart chronyd
systemctl enable chronyd
杂项,验证配置
k8s-master1作为chrony server,检查时间源信息
[root@k8s-master1 ~]# chronyc sources -v
210 Number of sources = 3
.-- Source mode '^' = server, '=' = peer, '#' = local clock.
/ .- Source state '*' = current synced, '+' = combined , '-' = not combined,
| / '?' = unreachable, 'x' = time may be in error, '~' = time too variable.
|| .- xxxx [ yyyy ] +/- zzzz
|| Reachability register (octal) -. | xxxx = adjusted offset,
|| Log2(Polling interval) --. | | yyyy = measured offset,
|| \ | | zzzz = estimated error.
|| | | \
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* 120.25.115.20 2 6 37 1 -23us[ -242us] +/- 23ms
^- ntp8.flashdance.cx 2 6 33 62 -54ms[ -54ms] +/- 178ms
^- 203.107.6.88 2 6 17 65 -469us[ -688us] +/- 15ms
k8s-master1检查时间源同步状态
[root@k8s-master1 ~]# chronyc sourcestats -v
210 Number of sources = 3
.- Number of sample points in measurement set.
/ .- Number of residual runs with same sign.
| / .- Length of measurement set (time).
| | / .- Est. clock freq error (ppm).
| | | / .- Est. error in freq.
| | | | / .- Est. offset.
| | | | | | On the -.
| | | | | | samples. \
| | | | | | |
Name/IP Address NP NR Span Frequency Freq Skew Offset Std Dev
==============================================================================
120.25.115.20 6 4 136 -0.835 17.041 -6874ns 264us
ntp8.flashdance.cx 6 4 139 +14.016 200.195 -47ms 3579us
203.107.6.88 6 3 136 -12.237 107.962 -1856us 453us
客户端检查时间源信息
[root@k8s-master2 ~]# chronyc sources -v
210 Number of sources = 1
.-- Source mode '^' = server, '=' = peer, '#' = local clock.
/ .- Source state '*' = current synced, '+' = combined , '-' = not combined,
| / '?' = unreachable, 'x' = time may be in error, '~' = time too variable.
|| .- xxxx [ yyyy ] +/- zzzz
|| Reachability register (octal) -. | xxxx = adjusted offset,
|| Log2(Polling interval) --. | | yyyy = measured offset,
|| \ | | zzzz = estimated error.
|| | | \
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* 192.168.200.128 3 6 17 8 -78us[ -207us] +/- 16ms
验证时间同步完成
同步完成后会显示 NTP synchronized: yes
[root@k8s-master2 ~]# timedatectl
Local time: Tue 2019-12-17 13:43:53 CST
Universal time: Tue 2019-12-17 05:43:53 UTC
RTC time: Tue 2019-12-17 05:43:53
Time zone: Asia/Shanghai (CST, +0800)
NTP enabled: yes
NTP synchronized: yes
RTC in local TZ: no
DST active: n/a