生产环境oracle rac集群搭建前期准备之NTP服务搭建
Posted 黑白之道
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了生产环境oracle rac集群搭建前期准备之NTP服务搭建相关的知识,希望对你有一定的参考价值。
大家好我是sean,因客户需求,首次在生产环境搭建ntp服务
硬件环境情况
准备2台独立服务器,分别为:
10.3.3.62/192.168.36.230 ntpd服务器,用于与外部公共ntpd同步标准时间
10.3.3.64/192.168.36.85 ntpd客户端,用于与ntpd同步时间
系统环境
Oracle linux7.3 x86_64
Oracle rac 集群版本 11.2.0.3
检测2台机器是否安装
[root@a05 ~]# rpm -q ntp
ntp-4.2.6p5-28.0.1.el7.x86_64
如果已经安装则略过此步,否则使用yum进行安装,并设置系统开机自动启动并启动服务
yum -y install ntp
systemctl enable ntpd(如果设置了这一步还是开无法启动,那么执行systemctl disable chronyd.service )
systemctl start ntpd
设置ntp服务器10.3.3.62
配置前先使用命令:ntpdate -u cn.pool.ntp.org,同步服务器
修改/etc/ntp.conf文件,红色字体是修改的内容
# For more information about this file, see the man pages
# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
driftfile /var/lib/ntp/drift
# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
restrict default nomodify notrap nopeer noquery
# Permit all access over the loopback interface. This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1
restrict ::1
# Hosts on local network are less restricted.
#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
restrict 192.168.36.0 mask 255.255.255.0 nomodify notrap
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
#server 0.rhel.pool.ntp.org iburst
#server 1.rhel.pool.ntp.org iburst
#server 2.rhel.pool.ntp.org iburst
#server 3.rhel.pool.ntp.org iburst
#server 2.cn.pool.ntp.org
#server 1.asia.pool.ntp.org
#server 2.asia.pool.ntp.org
#server 127.127.1.0
#broadcast 192.168.1.255 autokey # broadcast server
#broadcastclient # broadcast client
#broadcast 224.0.1.1 autokey # multicast server
#multicastclient 224.0.1.1 # multicast client
#manycastserver 239.255.254.254 # manycast server
#manycastclient 239.255.254.254 autokey # manycast client
#restrict 2.cn.pool.ntp.org nomodify notrap noquery
#restrict 1.asia.pool.ntp.org nomodify notrap noquery
restrict 127.127.1.0 nomodify notrap noquery
server 127.0.0.1 # local clock
fudge 127.0.0.1 stratum 10
# Enable public key cryptography.
#crypto
includefile /etc/ntp/crypto/pw
# Key file containing the keys and key identifiers used when operating
# with symmetric key cryptography.
keys /etc/ntp/keys
# Specify the key identifiers which are trusted.
#trustedkey 4 8 42
# Specify the key identifier to use with the ntpdc utility.
#requestkey 8
# Specify the key identifier to use with the ntpq utility.
#controlkey 8
# Enable writing of statistics records.
#statistics clockstats cryptostats loopstats peerstats
# Disable the monitoring facility to prevent amplification attacks using ntpdc
# monlist command when default restrict does not include the noquery flag. See
# CVE-2013-5211 for more details.
# Note: Monitoring will not be disabled with the limited restriction flag.
disable monitor
修改完成后重启ntpd服务systemctl restart ntpd
使用ntpq -p 查看网络中的NTP服务器,同时显示客户端和每个服务器的关系
使用ntpstat 命令查看时间同步状态,这个一般需要5-10分钟后才能成功连接和同步。所以,服务器启动后需要稍等下:
刚启动的时候,一般是:
# ntpstat
unsynchronised
time server re-starting
polling server every 64 s
连接并同步后:
# ntpstat
synchronised to NTP server (202.112.10.36) at stratum 3
time correct to within 275 ms
polling server every 256 s
设置客户端:10.3.3.64
安装ntp服务并设置为自动启动,和前面的设置方式相同。然后编辑/etc/ntp.conf文件,红色字体为变化的内容。
# For more information about this file, see the man pages
# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
driftfile /var/lib/ntp/drift
# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
restrict default nomodify notrap nopeer noquery
# Permit all access over the loopback interface. This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1
restrict ::1
# Hosts on local network are less restricted.
#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
#server 0.centos.pool.ntp.org iburst
server 192.168.36.230
restrict 192.168.36.230 nomodify notrap noquery
server 127.0.0.1
fudge 127.0.0.1 stratum 10
#broadcast 192.168.1.255 autokey # broadcast server
#broadcastclient # broadcast client
#broadcast 224.0.1.1 autokey # multicast server
#multicastclient 224.0.1.1 # multicast client
#manycastserver 239.255.254.254 # manycast server
#manycastclient 239.255.254.254 autokey # manycast client
# Enable public key cryptography.
#crypto
includefile /etc/ntp/crypto/pw
# Key file containing the keys and key identifiers used when operating
# with symmetric key cryptography.
keys /etc/ntp/keys
# Specify the key identifiers which are trusted.
#trustedkey 4 8 42
# Specify the key identifier to use with the ntpdc utility.
#requestkey 8
# Specify the key identifier to use with the ntpq utility.
#controlkey 8
# Enable writing of statistics records.
#statistics clockstats cryptostats loopstats peerstats
# Disable the monitoring facility to prevent amplification attacks using ntpdc
# monlist command when default restrict does not include the noquery flag. See
# CVE-2013-5211 for more details.
# Note: Monitoring will not be disabled with the limited restriction flag.
disable monitor
ntpdate 192.168.36.230
Ntpdate -u 192.168.36.230
重启ntpd服务
#systemctl restart ntpd
启动后,查看同步情况
# ntpq -p
# ntpstat
后期发现oraclerac集群ntp报错
解决办法是需要填写到以下内容文件(每台机器都需要添加)
[root@rac1 ~]# cat /etc/sysconfig/ntpd
# Command line options for ntpd
#OPTIONS="-g"
OPTIONS="-x -u ntp:ntp -p /var/run/ntpd.pid"
SYNC_HWCLOCK=no
NTPDATE_OPTIONS=""
[root@rac2 ~]# cat /etc/sysconfig/ntpd
# Command line options for ntpd
#OPTIONS="-g"
OPTIONS="-x -u ntp:ntp -p /var/run/ntpd.pid"
SYNC_HWCLOCK=no
NTPDATE_OPTIONS=""
第一次在生产环境这样搞,不足之处请大家多多指点,自己折腾吧
你可能喜欢
以上是关于生产环境oracle rac集群搭建前期准备之NTP服务搭建的主要内容,如果未能解决你的问题,请参考以下文章
基于CentOS7.8操作系统一步一步搭建Oracle 21c rac集群环境