redhat – 在NTP中禁用tinker panic 0有什么缺点？

概述我们有时会遇到新服务器在B IOS中有错误时间的问题,因此有一段时间可以关闭. 在VMware中挂起VM然后取消挂起时,时间也将关闭.因为NTP在最大偏移量后没有同步,所以我正在考虑在/etc/ntp.conf中使用tinker panic 0. 导致NTP停止同步时间的默认最大偏移量为1000秒的原因是什么？我们正在使用Puppet设置NTP,我正在考虑让它在ntp.conf中设置tinker 我们有时会遇到新服务器在B IOS中有错误时间的问题,因此有一段时间可以关闭.

在VMware中挂起VM然后取消挂起时,时间也将关闭.因为NTP在最大偏移量后没有同步,所以我正在考虑在/etc/ntp.conf中使用tinker panic 0.

导致NTP停止同步时间的默认最大偏移量为1000秒的原因是什么？我们正在使用Puppet设置NTP,我正在考虑让它在ntp.conf中设置tinker panic 0,所以NTP无论如何都会同步.这样做的缺点是什么？

解决方法 对于时间如此不同的服务器不同步的原因记录在 here：

5.1.1.4. What happens if the Reference Time changes?

IDeally the reference time is the same everywhere in the world. Once synchronized,there should not be any unexpected changes between the clock of the operating system and the reference clock. Therefore,NTP has no special methods to handle the situation.

Instead,ntpd’s reaction will depend on the offset between the local clock and the reference time. For a tiny offset ntpd will adjust the local clock as usual; for small and larger offsets,ntpd will reject the reference time for a while. In the latter case the operation system’s clock will continue with the last corrections effective while the new reference time is being rejected. After some time,small offsets (significantly less than a second) will be slewed (adjusted slowly),while larger offsets will cause the clock to be stepped (set anew). Huge offsets are rejected,and ntpd will terminate itself,belIEving something very strange must have happened.

@H_404_17@

在我当前的NTP配置中,也由puppet控制,我强制与服务器同步,在ntp.conf文件中,使用tinker panic,以及在守护进程设置(/ etc / sysconfig / ntpd)中,如ntpd(8)中所述手册页：

-g normally,ntpd exits with a message to the system log if the offset exceeds the panic threshold,which is 1000 s by default. This option allows the time to be set to any value without restriction; however,this can happen only once. If the threshold is exceeded after that,ntpd will exit with a message to the system log. This option can be used with the -q and -x options.

@H_404_17@

我这样做是因为我可以信任我正在连接的NTP服务器.

适用于客户的模块的相关部分如下：

class ntp (  $foo  $bar  ...  ){  $my_files = {    'ntp.conf'      => {      path    => '/etc/ntp.conf',content => template("ntp/ntp.conf.$template.erb"),selrole => 'object_r',seltype => 'net_conf_t',require => Package['ntp'],},'ntp-sysconfig' => {      path    => '/etc/sysconfig/ntpd',source  => 'puppet:///modules/ntp/ntp-sysconfig',...  }  $my_files_defaults = {    ensure   => file,owner    => 'root',group    => 'root',mode     => '0644',selrange => 's0',selrole  => 'object_r',seltype  => 'etc_t',seluser  => 'system_u',}  create_resources(file,$my_files,$my_files_defaults)  exec { 'ntp initial clock set':    command     => '/usr/sbin/ntpd -g -q -u ntp:ntp',refreshonly => true,timeout     => '-1',subscribe   => file['/etc/ntp.conf'],}}

并且引用文件的内容是：

$cat devops/puppet/modules/ntp/files/ntp-sysconfig# Drop root to ID 'ntp:ntp' by default.OPTIONS="-u ntp:ntp -p /var/run/ntpd.pID -g -a"

和：

$cat devops/puppet/modules/ntp/templates/ntp.conf.RedHat.erb# header: This file was autogenerated by puppet.# header: While it can still be managed manually,it# header: is definitely not recommended.tinker panic 0<% server.each do |ntpserver| -%>server <%= ntpserver %> autokey<% end -%>server  127.127.1.0     # local clockfudge   127.127.1.0 stratum 10driftfile /var/lib/ntp/driftcrypto pw hunter2crypto randfile /dev/urandomkeysdir /etc/ntp

这里没有hIEra部分,但你明白了.

总结

以上是内存溢出为你收集整理的redhat – 在NTP中禁用tinker panic 0有什么缺点？全部内容，希望文章能够帮你解决redhat – 在NTP中禁用tinker panic 0有什么缺点？所遇到的程序开发问题。

如果觉得内存溢出网站内容还不错，欢迎将内存溢出网站推荐给程序员好友。

欢迎分享，转载请注明来源：内存溢出

原文地址: http://outofmemory.cn/yw/1045340.html