这篇博客介绍了Linux运维中关于时间同步和系统时间设置的基础知识。首先讲解了如何使用chronyd服务进行时间同步,包括服务端配置、客户端设置和验证同步效果。接着,详述了利用timedatectl命令设置系统时间,包括查看、设定时间和调整时区。最后,讨论了新的日志采集方式journal,通过journalctl工具查看日志,并说明了如何保持journal日志在硬盘上的持久化。
1.时间同步服务
我们在进行日志管理的时候,需要客户端的时间与服务器端相同。
chronyd是一个同步系统时钟的守护进程。
1.1 服务端
1)在配置文件中设定:
- 允许哪些客户端来同步本机时间
- 本机作为时间源
[root@server ~]# vim /etc/chrony.conf
# 在第21行添加设定允许123.0.0.0网段的用户获取同步时间
21 # Allow NTP client access from local network.
22 allow 123.0.0.0/24
# 29行设定本机为时间源
28 # Serve time even if not synchronized to any NTP server.
29 local stratum 10
2)重启服务:
[root@server ~]# systemctl restart chronyd.service
1.2 在客户端
1)修改时间同步服务配置文件:
[root@client ~]# vim /etc/chrony.conf
#将第3行的同步源更改为123.0.0.1服务端的IP。
1 # Use public servers from the pool.ntp.org project.
2 # Please consider joining the pool (http://www.pool.ntp.org/join.html).
3 server 123.0.0.1 iburst
4
5 # Ignore stratum in source selection.
2)重新启动时间同步服务
[root@client ~]# systemctl restart chronyd.service
1.3 测试
1)客户端:输入同步命令
[root@client ~]# chronyc sources -v # 输入测试命令
210 Number of sources = 1
.-- Source mode '^' = server, '=' = peer, '#' = local clock.
/ .- Source state '*' = current synced, '+' = combined , '-' = not combined,
| / '?' = unreachable, 'x' = time may be in error, '~' = time too variable.
|| .- xxxx [ yyyy ] +/- zzzz
|| / xxxx = adjusted offset,
|| Log2(Polling interval) -. | yyyy = measured offset,
|| \ | zzzz = estimated error.
|| | |
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* server.example.com 3 6 377 13 -2713us[ -15ms] +/- 237ms
# 下面出现星号表示已经同步
2)对比客户端与服务端的时间:
服务端:
[root@server ~]# date
Fri Aug 7 03:04:49 EDT 2020
客户端:
[root@client ~]# date
Fri Aug 7 03:04:42 EDT 2020
只差几秒,这是我测试的时候中打字差的几秒,体谅。他同步了。
2.设置系统时间
采用 timedatectl 命令
说明:装了双系统以后,linux把bios时间改了,所以windows时间不对,可以设置
常使用的设定命令:
| timedatectl | 管理系统时间 |
|---|---|
| timedatectl status(可加可不加) | 显示当前时间信息 |
| timedatectl set-time | 设定当前时间 |
| timedatectl set-timezone | 设定当前时区 |
| timedatectl set-local-rtc 0或1 | 设定是否使用utc时间 vim /etc/adjtime |
| timedatectl list-timezones | 查看支持的所有时区 |
1)查看管理系统时间:
[root@server ~]# timedatectl
Local time: Fri 2020-08-07 03:10:45 EDT # 本地时间
Universal time: Fri 2020-08-07 07:10:45 UTC # 国际时间
RTC time: Fri 2020-08-07 07:08:28 # 硬件时间
Timezone: America/New_York (EDT, -0400) # 时区
NTP enabled: yes
NTP synchronized: yes
RTC in local TZ: no
DST active: yes
Last DST change: DST began at
Sun 2020-03-08 01:59:59 EST
Sun 2020-03-08 03:00:00 EDT
Next DST change: DST ends (the clock jumps one hour backwards) at
Sun 2020-11-01 01:59:59 EDT
Sun 2020-11-01 01:00:00 EST
2) timedatectl status(可加可不加) 显示当前时间信息
[root@server ~]# timedatectl status
Local time: Fri 2020-08-07 03:12:20 EDT
Universal time: Fri 2020-08-07 07:12:20 UTC
RTC time: Fri 2020-08-07 07:10:03
Timezone: America/New_York (EDT, -0400)
NTP enabled: yes
NTP synchronized: yes
RTC in local TZ: no
DST active: yes
Last DST change: DST began at
Sun 2020-03-08 01:59:59 EST
Sun 2020-03-08 03:00:00 EDT
Next DST change: DST ends (the clock jumps one hour backwards) at
Sun 2020-11-01 01:59:59 EDT
Sun 2020-11-01 01:00:00 EST
3) timedatectl set-time 设定当前时间
[root@server ~]# timedatectl set-time "2020-12-12 12:12:12"
[root@server ~]# date # 查看当前时间
Sat Dec 12 12:12:13 EST 2020
4)timedatectl set-timezone “Asia/Shanghai" 更改当前时区为东8区
[root@server ~]# timedatectl set-timezone "Asia/Shanghai" # 可以使用tab补齐
[root@server ~]# timedatectl status
Local time: Sat 2020-08-08 03:13:37 CST
Universal time: Fri 2020-08-07 19:13:37 UTC
RTC time: Fri 2020-08-07 19:13:45
Timezone: Asia/Shanghai (CST, +0800) # 时间更改成功
NTP enabled: yes
NTP synchronized: no
RTC in local TZ: no
DST active: n/a
5)timedatectl list-timezones 查看支持的所有时区
Africa/Abidjan
Africa/Accra
Africa/Addis_Ababa
Africa/Algiers
Africa/Asmara
Africa/Bamako
Africa/Bangui
Africa/Banjul
Africa/Bissau
Africa/Blantyre
Africa/Brazzaville
Africa/Bujumbura
Africa/Cairo
Africa/Casablanca
Africa/Ceuta
Africa/Conakry
Africa/Dakar
Africa/Dar_es_Salaam # 很多这里不显示了
3.新的日志采集方式journal
rsyslog采集日志,从磁盘读取,速度慢,reboot 重启系统之后系统之前的日志会被清除
journal 不采集日志,直接从内核存看日志 ,速度更快,reboot 重启系统之后系统之前的日志会被清除
3.1 journalctl 日志查看工具
| journalctl -n 3 | 查看最近3条日志 |
|---|---|
| journalctl -p err | 查看错误日志 |
| journalctl -o verbose | 查看日志的详细参数 |
| journalctl --since | 查看从什么时间开始的日志 |
| journalctl --until | 查看到什么时间为止的日志 |
- journalctl -n 3 查看最近3条日志
[root@server ~]# journalctl -n 3
-- Logs begin at Fri 2020-08-07 10:51:46 CST, end at Sat 2020-08-08 03:17:17 CST. --
Aug 08 03:16:13 server.example.com chronyd[4712]: Selected source 193.182.111.142
Aug 08 03:16:13 server.example.com chronyd[4712]: System clock wrong by 11212999.748193 seconds, adjust
Aug 08 03:17:17 server.example.com chronyd[4712]: System clock wrong by 5.691243 seconds, adjustment st
lines 1-4/4 (END)
- journalctl -p err 查看错误日志
[root@server ~]# journalctl -p err
-- Logs begin at Fri 2020-08-07 10:51:46 CST, end at Sat 2020-08-08 03:17:17 CST. --
Aug 07 10:51:46 localhost kernel: Failed to access perfctr msr (MSR c1 is 0)
Aug 07 10:51:47 localhost rpcbind[171]: rpcbind terminating on signal. Restart with "rpcbind -w"
Aug 07 10:51:49 study.example.com smartd[522]: Problem creating device name scan list
Aug 07 10:51:49 study.example.com smartd[522]: In the system's table of devices NO devices found to sca
Aug 07 10:51:51 study.example.com systemd[1]: Failed to start LSB: Starts the Spacewalk Daemon.
Aug 07 10:51:51 study.example.com systemd[1]: Failed to start /etc/rc.d/rc.local Compatibility.
Aug 07 10:51:51 study.example.com libvirtd[1163]: libvirt version: 1.1.1, package: 29.el7 (Red Hat, Inc
Aug 07 10:51:51 study.example.com libvirtd[1163]: Module /usr/lib64/libvirt/connection-driver/libvirt_d
lines 1-9/9 (END)
- journalctl -o verbose 查看日志的详细参数
-- Logs begin at Fri 2020-08-07 10:51:46 CST, end at Sat 2020-08-08 03:19:27 CST. --
Fri 2020-08-07 10:51:46.660241 CST [s=989c58cb1a2447fd8026a671bba97364;i=1;b=37c08df271244c16bd6303855a
PRIORITY=6
_TRANSPORT=driver
MESSAGE=Runtime journal is using 5.9M (max 47.3M, leaving 71.0M of free 467.6M, current limit 47.3M
MESSAGE_ID=ec387f577b844b8fa948f33cad9a75e6
_PID=86
_UID=0
_GID=0
_COMM=systemd-journal # 很多不展示了
- journalctl --since “2019-4-12 11:54:41” 查看从什么时间开始的日志
[root@server ~]# journalctl --since "2020-8-6 12:12:12"
-- Logs begin at Fri 2020-08-07 10:51:46 CST, end at Sat 2020-08-08 03:20:31 CST. --
Aug 07 10:51:46 localhost systemd-journal[86]: Runtime journal is using 5.9M (max 47.3M, leaving 71.0M
Aug 07 10:51:46 localhost systemd-journal[86]: Runtime journal is using 5.9M (max 47.3M, leaving 71.0M
Aug 07 10:51:46 localhost kernel: Initializing cgroup subsys cpuset
Aug 07 10:51:46 localhost kernel: Initializing cgroup subsys cpu
Aug 07 10:51:46 localhost kernel: Initializing cgroup subsys cpuacct
- journalctl --until “2019-4-17 12:45:53” 查看到什么时间为止的日志
[root@server ~]# journalctl --until "2020-8-7 12:12:12"
-- Logs begin at Fri 2020-08-07 10:51:46 CST, end at Sat 2020-08-08 03:20:31 CST. --
Aug 07 10:51:46 localhost systemd-journal[86]: Runtime journal is using 5.9M (max 47.3M, leaving 71.0M
Aug 07 10:51:46 localhost systemd-journal[86]: Runtime journal is using 5.9M (max 47.3M, leaving 71.0M
Aug 07 10:51:46 localhost kernel: Initializing cgroup subsys cpuset
Aug 07 10:51:46 localhost kernel: Initializing cgroup subsys cpu
Aug 07 10:51:46 localhost kernel: Initializing cgroup subsys cpuacct
- journalctl --since --until 查看一个时间段的日志
[root@server ~]# journalctl --since "2020-8-6 12:12:12" --until "2020-8-7 12:12:12"
-- Logs begin at Fri 2020-08-07 10:51:46 CST, end at Sat 2020-08-08 03:22:41 CST. --
Aug 07 10:51:46 localhost systemd-journal[86]: Runtime journal is using 5.9M (max 47.3M, leaving 71.0M
Aug 07 10:51:46 localhost systemd-journal[86]: Runtime journal is using 5.9M (max 47.3M, leaving 71.0M
Aug 07 10:51:46 localhost kernel: Initializing cgroup subsys cpuset
Aug 07 10:51:46 localhost kernel: Initializing cgroup subsys cpu
Aug 07 10:51:46 localhost kernel: Initializing cgroup subsys cpuacct
3.2 存放journal采集的日志
在硬盘创建一个区域,专门存放journal采集的日志,只有这样才会让journalctl采集日志(之前只能查看日志):
- 默认systemd-journal是不会保存系统日志到硬盘的
- 那么关机之后再次开机时只能看到本次开机之后的日志
- 关机之前的日志是无法看到的
后续更新…
扫一扫
2610
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
