Hadoop基础教程-第10章 HBase:Hadoop数据库(10.4 NTP时间同步)(草稿)

第10章 HBase:Hadoop数据库

10.4 NTP时间同步

10.4.1 为什么需要时间同步

HBase的HMaster和HRegionServer启动失败,大多是因为集群时间不同步造成的。需要定时进行集群时间同步。

10.4.1 ntp服务端

(1)安装ntp

[root@node1 ~]# yum install -y ntp
.....
Installing:
 ntp                                            x86_64                                4.2.6p5-25.el7.centos.2                                   updates                                547 k
Installing for dependencies:
 autogen-libopts                                x86_64                                5.18-5.el7                                                base                                    66 k
 ntpdate                                        x86_64                                4.2.6p5-25.el7.centos.2                                   updates                                 86 k

Transaction Summary
=============================================================================================================================================================================================
Install  1 Package (+2 Dependent packages)

Total download size: 699 k
Installed size: 1.6 M
Downloading packages:
(1/3): autogen-libopts-5.18-5.el7.x86_64.rpm                                                                                                                          |  66 kB  00:00:00     
(2/3): ntpdate-4.2.6p5-25.el7.centos.2.x86_64.rpm                                                                                                                     |  86 kB  00:00:00     
(3/3): ntp-4.2.6p5-25.el7.centos.2.x86_64.rpm                                                                                                                         | 547 kB  00:00:00     
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total                                                                                                                                                        726 kB/s | 699 kB  00:00:00     
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : autogen-libopts-5.18-5.el7.x86_64                                                                                                                                         1/3 
  Installing : ntpdate-4.2.6p5-25.el7.centos.2.x86_64                                                                                                                                    2/3 
  Installing : ntp-4.2.6p5-25.el7.centos.2.x86_64                                                                                                                                        3/3 
  Verifying  : ntp-4.2.6p5-25.el7.centos.2.x86_64                                                                                                                                        1/3 
  Verifying  : ntpdate-4.2.6p5-25.el7.centos.2.x86_64                                                                                                                                    2/3 
  Verifying  : autogen-libopts-5.18-5.el7.x86_64                                                                                                                                         3/3 

Installed:
  ntp.x86_64 0:4.2.6p5-25.el7.centos.2                                                                                                                                                       

Dependency Installed:
  autogen-libopts.x86_64 0:5.18-5.el7                                                        ntpdate.x86_64 0:4.2.6p5-25.el7.centos.2                                                       

Complete!
[root@node1 ~]# 

(2)配置/etc/ntp.conf

[root@node1 ~]# vi /etc/ntp.conf

只需将#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap修改为 restrict 192.168.80.0 mask 255.255.255.0 nomodify notrap,给局域网内主机同步时间的权限,但不允许修改时间服务器的时间。 完整的配置文件如下:

[root@node1 ~]# cat /etc/ntp.conf
# For more information about this file, see the man pages
# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).

driftfile /var/lib/ntp/drift

# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
restrict default nomodify notrap nopeer noquery

# Permit all access over the loopback interface.  This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1 
restrict ::1

# Hosts on local network are less restricted.
restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap

# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
server 0.centos.pool.ntp.org iburst
server 1.centos.pool.ntp.org iburst
server 2.centos.pool.ntp.org iburst
server 3.centos.pool.ntp.org iburst

#broadcast 192.168.1.255 autokey    # broadcast server
#broadcastclient            # broadcast client
#broadcast 224.0.1.1 autokey        # multicast server
#multicastclient 224.0.1.1      # multicast client
#manycastserver 239.255.254.254     # manycast server
#manycastclient 239.255.254.254 autokey # manycast client

# Enable public key cryptography.
#crypto

includefile /etc/ntp/crypto/pw

# Key file containing the keys and key identifiers used when operating
# with symmetric key cryptography. 
keys /etc/ntp/keys

# Specify the key identifiers which are trusted.
#trustedkey 4 8 42

# Specify the key identifier to use with the ntpdc utility.
#requestkey 8

# Specify the key identifier to use with the ntpq utility.
#controlkey 8

# Enable writing of statistics records.
#statistics clockstats cryptostats loopstats peerstats

# Disable the monitoring facility to prevent amplification attacks using ntpdc
# monlist command when default restrict does not include the noquery flag. See
# CVE-2013-5211 for more details.
# Note: Monitoring will not be disabled with the limited restriction flag.
disable monitor
[root@node1 ~]# 

(3)开机启动ntp

[root@node1 ~]# systemctl start ntpd
[root@node1 ~]# systemctl enable ntpd
Created symlink from /etc/systemd/system/multi-user.target.wants/ntpd.service to /usr/lib/systemd/system/ntpd.service.
[root@node1 ~]# 
[root@node1 ~]# systemctl status ntpd
● ntpd.service - Network Time Service
   Loaded: loaded (/usr/lib/systemd/system/ntpd.service; enabled; vendor preset: disabled)
   Active: active (running) since Tue 2017-07-25 10:40:48 EDT; 3min 18s ago
 Main PID: 2504 (ntpd)
   CGroup: /system.slice/ntpd.service
           └─2504 /usr/sbin/ntpd -u ntp:ntp -g

Jul 25 10:40:48 node1 ntpd[2504]: Listen and drop on 1 v6wildcard :: UDP 123
Jul 25 10:40:48 node1 ntpd[2504]: Listen normally on 2 lo 127.0.0.1 UDP 123
Jul 25 10:40:48 node1 ntpd[2504]: Listen normally on 3 ens32 192.168.80.131 UDP 123
Jul 25 10:40:48 node1 ntpd[2504]: Listen normally on 4 lo ::1 UDP 123
Jul 25 10:40:48 node1 ntpd[2504]: Listen normally on 5 ens32 fe80::20c:29ff:fe9c:13bd UDP 123
Jul 25 10:40:48 node1 ntpd[2504]: Listening on routing socket on fd #22 for interface updates
Jul 25 10:40:48 node1 ntpd[2504]: 0.0.0.0 c016 06 restart
Jul 25 10:40:48 node1 ntpd[2504]: 0.0.0.0 c012 02 freq_set kernel 0.000 PPM
Jul 25 10:40:48 node1 ntpd[2504]: 0.0.0.0 c011 01 freq_not_set
Jul 25 10:40:55 node1 ntpd[2504]: 0.0.0.0 c614 04 freq_mode
[root@node1 ~]# 

10.4.2 ntp客户端

安装ntp客户端,只需安装ntpdate

[root@node2 ~]# yum install -y ntpdate
[root@node3 ~]# yum install -y ntpdate

时间同步

[root@node2 ~]# ntpdate 192.168.80.131
25 Jul 11:03:47 ntpdate[2243]: adjust time server 192.168.80.131 offset -0.014726 sec
[root@node2 ~]#
[root@node3 ~]# ntpdate 192.168.80.131
25 Jul 11:03:35 ntpdate[2228]: adjust time server 192.168.80.131 offset -0.034661 sec
[root@node3 ~]#

本文参与腾讯云自媒体分享计划,欢迎正在阅读的你也加入,一起分享。

发表于

我来说两句

0 条评论
登录 后参与评论

相关文章

来自专栏java一日一条

详解Https是如何确保安全的?

HTTPS(全称:Hypertext Transfer Protocol over Secure Socket Layer),是以安全为目标的HTTP通道,简单...

471
来自专栏云计算教程系列

如何在CentOS 6上安装DavMail

如果您的工作场所或学校使用Microsoft Exchange发送电子邮件,您可能希望从不支持Exchange协议的电子邮件客户端访问您的Exchange电子邮...

1424
来自专栏云计算教程系列

如何在Nginx上为Debian 8创建ECC证书

本文介绍如何为Nginx创建椭圆曲线加密(ECC)SSL证书。在本教程结束时,您将有一个更快的加密机制供生产使用。

530
来自专栏惨绿少年

HTTPS 原理与证书实践

1.1 网络安全知识 1.1.1 网结安全出现背景 网络就是实现不同主机之间的通讯,网络出现之初利用TCP/IP协议簇的相关协议概念,已经满足了互连两台主机之间...

5107
来自专栏CDN及云技术分享

Tls v1.3的里程碑发展

TLS v1.3在TLS v1.2的基础上,吸收了之前的设计,并且做了大量的改进。相对于TLS v1.2,协议更简洁、更安全、性能也更好。以下是对比TLS v....

55021
来自专栏技术博文

ssh证书登录

ssh有密码登录和证书登录,初学者都喜欢用密码登录,甚至是root账户登录,密码是123456。但是在实际工作中,尤其是互联网公司,基本都是证书登录的。内网的机...

4816

如何使用GPG密钥进行SSH身份验证

GPGTools为OS X提供了最简单的GPG实现。否则,js brew install gnupg2如果你有Homebrew,你可以运行。

1702
来自专栏信安之路

HTTPS攻击原理与防御

超文本传输安全协议( HTTPS )是一种通过计算机网络进行安全通信的传输协议。HTTPS 经由 HTTP 进行通信,但利用 SSL/TLS 来加密数据包。 H...

730
来自专栏蓝天

Ssh,scp自动登陆方法

Ssh,scp自动登陆方法 ########################### A为本地主机(即用于控制其他主机的机器) ; B为远程主机(即被控制的机...

783
来自专栏杨建荣的学习笔记

对分区表导入导出的水平,垂直切分(r2第22天)

在工作中有时候碰到一些分区表,业务数据量很大,可能几百G,上T的规模,而且做数据的导入导出的时候,会感觉到exp/expdp的时候生成的dump文件太大了,做导...

2846

扫码关注云+社区