CentOS7 NTP server + keepalived

NTP安裝

yum -y install ntp

systemctl enable ntpd

首先同步一次時間

ntpdate time.windows.com

ntp配置(Host1 Host2)

/etc/ntp.conf

server time.windows.com prefer
server 0.asia.pool.ntp.org
server 1.asia.pool.ntp.org
server 2.asia.pool.ntp.org


#記錄上次的NTP server與上層NTP server連接接所花費的時間
driftfile /var/lib/ntp/drift


#設置默認策略為允許任何主機進行時間同步
restrict 0.0.0.0 mask 0.0.0.0 nomodify


#設置ntp日志的path
statsdir /var/log/ntp/


#設置ntp日志文件
logfile /var/log/ntp/ntp.log

mkdir /var/log/ntp/; touch /var/log/ntp/ntp.log; chown ntp:ntp /var/log/ntp/ntp.log

systemctl start ntpd

Keepalived安裝

（host1、host2）

yum -y install Keepalived

NTP健康檢測腳本：

cat /script/check_ntp.sh

#!/bin/bash

# status="ntp_failed" check failed, status="ntp_success" check ntp success
status="ntp_failed"


if [ $(ps -C ntpd --no-header |wc -l) != 0 ]; then
    status="ntp_success"
else
    /bin/systemctl restart ntpd
    if [ $(ps -C ntpd --no-header |wc -l) != 0 ]; then
        status="ntp_success"
    fi
fi

chmod +x /script/check_ntp.sh

向外發(fā)送郵件告警python腳本：

cat /script/keepalived_notify.py

#!/usr/bin/env python
# -*- coding:utf-8 -*-
# use: /bin/python /script/keepalived_notify.py 角色{master/backup} 本機IP 虛擬機IP


import smtplib
from email.mime.text import MIMEText
from email.header import Header
import sys, time, subprocess



# 第三方 SMTP 服務
mail_host="smtp.exmail.qq.com"  #設置服務器
mail_user="xx@qq.com"    #用戶名
mail_pass="mail_password"   #口令


sender = 'xx@qq.com'
receivers = ['xx1@qq.com', 'xx@163.com']  # 接收告警郵件地址，可設置為你的QQ郵箱或者其他郵箱


p = subprocess.Popen('hostname', shell=True, stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
hostname = p.stdout.readline().split('\n')[0]

message_to = ''
for i in receivers:
    message_to += i + ';'

def print_help():
    note = '''python script.py role ip vip
    '''
    print(note)
    exit(1)

time_stamp = time.strftime('%Y-%m-%d %H:%M:%S',time.localtime(time.time()))

if len(sys.argv) != 4:
    print_help()
elif sys.argv[1] == 'master':
    message_content = '%s server: %s(%s) change to Master, vIP: %s' %(time_stamp, sys.argv[2], hostname, sys.argv[3])
    subject = '%s change to Master -- keepalived notify' %(sys.argv[2])
elif sys.argv[1] == 'backup':
    message_content = '%s server: %s(%s) change to Backup, vIP: %s' %(time_stamp, sys.argv[2], hostname, sys.argv[3])
    subject = '%s change to Backup -- keepalived notify' %(sys.argv[2])
else:
    print_help()

message = MIMEText(message_content, 'plain', 'utf-8')
message['From'] = Header(sender, 'utf-8')
message['To'] =  Header(message_to, 'utf-8')

message['Subject'] = Header(subject, 'utf-8')

try:
    smtpObj = smtplib.SMTP()
    smtpObj.connect(mail_host, 25)    # 25 為 SMTP 端口號
    smtpObj.login(mail_user,mail_pass)
    smtpObj.sendmail(sender, receivers, message.as_string())
    print("郵件發(fā)送成功")
except smtplib.SMTPException as e:
    print("Error: 無法發(fā)送郵件")
    print(e)

host1配置

/etc/keepalived/keepalived.conf

global_defs {
        notification_email {
                xx@xx.com
        }

        notification_email_from keepalived@xx.com
        smtp_server 127.0.0.1
        smtp_connect_timeout 30
        router_id LVS_DEVEL
}


vrrp_script chk_ntp {
        script "/script/check_ntp.sh |grep 'ntp_success' "
        interval 4
        weight -60    ## 當檢測失敗時，優(yōu)先級減60，該值的絕對要大于主備優(yōu)先級差的絕對值
}


vrrp_instance VI_1 {
        state BACKUP        ############ MASTER/BACKUP
        interface ens160
        virtual_router_id 51
        mcast_src_ip 172.16.0.2
        priority 150                  ########### MASTER權值要比BACKUP高
        advert_int 1

        authentication {
                auth_type PASS
                auth_pass GSksLAyTX9ylwG86U2Ez
        }

        track_script { 
                chk_http_port ### 執(zhí)行NTP健康檢測
        }
        
        virtual_ipaddress {
                172.16.0.10
        }

        notify_master "/bin/python /script/keepalived_notify.py master 172.16.0.2 172.16.0.10"    ## 當切換為master時執(zhí)行腳本
        notify_backup "/bin/python /script/keepalived_notify.py backup 172.16.0.2 172.16.0.10"    ## 當切換為backup時執(zhí)行腳本
}

Host2配置

global_defs {
        notification_email {
                xx@xx.com
        }

        notification_email_from keepalived@xx.com
        smtp_server 127.0.0.1
        smtp_connect_timeout 30
        router_id LVS_DEVEL
}

vrrp_script chk_ntp {
        script "/script/check_ntp.sh |grep 'ntp_success' "
        interval 4
        weight -60    ## 當檢測失敗時，優(yōu)先級減60，該值的絕對要大于主備優(yōu)先級差的絕對值
}

vrrp_instance VI_1 {
        state MASTER        ############ MASTER/BACKUP
        interface ens160
        virtual_router_id 51
        mcast_src_ip 172.16.0.3
        priority 100                  ########### MASTER權值要比BACKUP高
        advert_int 1

        authentication {
                auth_type PASS
                auth_pass GSksLAyTX9ylwG86U2Ez
        }

        track_script { 
                chk_http_port ### 執(zhí)行NTP健康檢測
        }
        virtual_ipaddress {
                172.16.0.10
        }
        
        notify_master "/bin/python /script/keepalived_notify.py master 172.16.0.3 172.16.0.10"    ## 當切換為master時執(zhí)行腳本
        notify_backup "/bin/python /script/keepalived_notify.py backup 172.16.0.3 172.16.0.10"    ## 當切換為backup時執(zhí)行腳本
}

keepalived CentOS 7 啟動腳本

#####

[Unit]

Description=Keepalived, LVS and VRRP High Availability Monitor

After=syslog.target network.target

[Service]

Type=forking

KillMode=process

EnvironmentFile=-/etc/sysconfig/keepalived

ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS

ExecReload=/bin/kill -HUP $MAINPID

[Install]

WantedBy=multi-user.target

#####

systemctl enable keepalived

systemctl start keepalived

1 windows客戶端向NTP每10分鐘同步一次時間

gpedit.msc打開組策略

1.1 啟動windows NTP客戶端

1.2 配置windows NTP客戶端

1.3 Internet時間設置里指定時間服務器

點擊立即更新

2 linux客戶端向NTP每10分鐘同步一次時間

2.1 安裝NTP

yum -y install ntp

2.2 設置時間同步

執(zhí)行下面的命令

echo -e "\n\n## sync time\n*/10 * * * *    root    ntpdate 172.16.0.10 > /dev/null && hwclock-w > /dev/null" >> /etc/crontab