在CentOS 6版本，時(shí)間設(shè)置有date、hwclock命令，從CentOS 7開(kāi)始，使用了一個(gè)新的命令timedatectl。

1. 基本概念

1.1 GMT、UTC、CST、DST 時(shí)間

• UTC

整個(gè)地球分為二十四時(shí)區(qū)，每個(gè)時(shí)區(qū)都有自己的本地時(shí)間。在國(guó)際無(wú)線電通信場(chǎng)合，為了統(tǒng)一起見(jiàn)，使用一個(gè)統(tǒng)一的時(shí)間，稱為通用協(xié)調(diào)時(shí)(UTC, Universal Time Coordinated)。

• GMT

格林威治標(biāo)準(zhǔn)時(shí)間 (Greenwich Mean Time)指位于英國(guó)倫敦郊區(qū)的皇家格林尼治天文臺(tái)的標(biāo)準(zhǔn)時(shí)間，因?yàn)楸境踝游缇€被定義在通過(guò)那里的經(jīng)線。(UTC與GMT時(shí)間基本相同，本文中不做區(qū)分)

• CST

中國(guó)標(biāo)準(zhǔn)時(shí)間 (China Standard Time)

GMT + 8 = UTC + 8 = CST

• DST

夏令時(shí)(Daylight Saving Time) 指在夏天太陽(yáng)升起的比較早時(shí)，將時(shí)間撥快一小時(shí)，以提早日光的使用。（中國(guó)不使用）

1.2 硬件時(shí)間和系統(tǒng)時(shí)間

• 硬件時(shí)間

RTC(Real-Time Clock)或CMOS時(shí)間，一般在主板上靠電池供電，服務(wù)器斷電后也會(huì)繼續(xù)運(yùn)行。僅保存日期時(shí)間數(shù)值，無(wú)法保存時(shí)區(qū)和夏令時(shí)設(shè)置。

• 系統(tǒng)時(shí)間

一般在服務(wù)器啟動(dòng)時(shí)復(fù)制RTC時(shí)間，之后獨(dú)立運(yùn)行，保存了時(shí)間、時(shí)區(qū)和夏令時(shí)設(shè)置。

2. timedatectl 命令

2.1 使用幫助

[root@localhost ~]# timedatectl -h
timedatectl [OPTIONS...] COMMAND ...

Query or change system time and date settings.

  -h --help              Show this help
     --version           Show package version
     --adjust-system-clock
                         Adjust system clock when changing local RTC mode
     --no-pager          Do not pipe output into a pager
  -P --privileged        Acquire privileges before execution
     --no-ask-password   Do not prompt for password
  -H --host=[USER@]HOST  Operate on remote host

Commands:
  status                 Show current time settings
  set-time TIME          Set system time
  set-timezone ZONE      Set system timezone
  list-timezones         Show known timezones
  set-local-rtc BOOL     Control whether RTC is in local time
  set-ntp BOOL           Control whether NTP is enabled

2.2 命令示例

1.顯示系統(tǒng)的當(dāng)前時(shí)間和日期

timedatectl
# timedatectl status
# 兩條命令效果等同

2.設(shè)置日期與時(shí)間

timedatectl set-time "YYYY-MM-DD HH:MM:SS"
timedatectl set-time "YYYY-MM-DD"
timedatectl set-time "HH:MM:SS"

3.查看所有可用的時(shí)區(qū)

timedatectl list-timezones
# 亞洲
timedatectl list-timezones |  grep  -E "Asia/S.*"

4.設(shè)置時(shí)區(qū)

timedatectl set-timezone Asia/Shanghai

5.設(shè)置硬件時(shí)間

# 硬件時(shí)間默認(rèn)為UTC
timedatectl set-local-rtc 1
# hwclock --systohc --localtime
# 兩條命令效果等同

6.啟用時(shí)間同步

timedatectl set-ntp yes
# yes或no; 1或0也可以

3. Chrony 服務(wù)

Chrony是網(wǎng)絡(luò)時(shí)間協(xié)議的 (NTP) 的另一種實(shí)現(xiàn)，由兩個(gè)程序組成，分別是chronyd和chronyc。

chronyd是一個(gè)后臺(tái)運(yùn)行的守護(hù)進(jìn)程，用于調(diào)整內(nèi)核中運(yùn)行的系統(tǒng)時(shí)鐘和時(shí)鐘服務(wù)器同步。它確定計(jì)算機(jī)增減時(shí)間的比率，并對(duì)此進(jìn)行補(bǔ)償。

chronyc提供了一個(gè)用戶界面，用于監(jiān)控性能并進(jìn)行多樣化的配置。它可以在chronyd實(shí)例控制的計(jì)算機(jī)上工作，也可以在一臺(tái)不同的遠(yuǎn)程計(jì)算機(jī)上工作。

優(yōu)勢(shì)：

• 更快的同步只需要數(shù)分鐘而非數(shù)小時(shí)時(shí)間，從而最大程度減少了時(shí)間和頻率誤差，這對(duì)于并非全天 24 小時(shí)運(yùn)行的臺(tái)式計(jì)算機(jī)或系統(tǒng)而言非常有用。
• 能夠更好地響應(yīng)時(shí)鐘頻率的快速變化，這對(duì)于具備不穩(wěn)定時(shí)鐘的虛擬機(jī)或?qū)е聲r(shí)鐘頻率發(fā)生變化的節(jié)能技術(shù)而言非常有用。
• 在初始同步后，它不會(huì)停止時(shí)鐘，以防對(duì)需要系統(tǒng)時(shí)間保持單調(diào)的應(yīng)用程序造成影響。
• 在應(yīng)對(duì)臨時(shí)非對(duì)稱延遲時(shí)（例如，在大規(guī)模下載造成鏈接飽和時(shí)）提供了更好的穩(wěn)定性。
• 無(wú)需對(duì)服務(wù)器進(jìn)行定期輪詢，因此具備間歇性網(wǎng)絡(luò)連接的系統(tǒng)仍然可以快速同步時(shí)鐘。

在CentOS7下為標(biāo)配的時(shí)間同步服務(wù)，當(dāng)然也可以使用以前的NTP同步方式，不過(guò)要安裝NTP服務(wù)。

3.1 安裝使用

yum install chrony
systemctl start chronyd
systemctl enable chronyd

3.2 配置文件

當(dāng)Chrony啟動(dòng)時(shí)，它會(huì)讀取/etc/chrony.conf配置文件中的設(shè)置。也就是鎖，如果需要更改時(shí)間同步的服務(wù)器，修改此配置文件即可。

[root@localhost ~]# grep -Ev "^$|^#" /etc/chrony.conf
# 該參數(shù)可以多次用于添加時(shí)鐘服務(wù)器，必須以"server "格式使用。一般而言，你想添加多少服務(wù)器，就可以添加多少服務(wù)器。
server 0.centos.pool.ntp.org iburst
server 1.centos.pool.ntp.org iburst
server 2.centos.pool.ntp.org iburst
server 3.centos.pool.ntp.org iburst
# stratumweight指令設(shè)置當(dāng)chronyd從可用源中選擇同步源時(shí)，每個(gè)層應(yīng)該添加多少距離到同步距離。默認(rèn)情況下，設(shè)置為0，讓chronyd在選擇源時(shí)忽略源的層級(jí)。
stratumweight 0
# chronyd程序的主要行為之一，就是根據(jù)實(shí)際時(shí)間計(jì)算出計(jì)算機(jī)增減時(shí)間的比率，將它記錄到一個(gè)文件中是最合理的，它會(huì)在重啟后為系統(tǒng)時(shí)鐘作出補(bǔ)償，甚至可能的話，會(huì)從時(shí)鐘服務(wù)器獲得較好的估值。
driftfile /var/lib/chrony/drift
# rtcsync指令將啟用一個(gè)內(nèi)核模式，在該模式中，系統(tǒng)時(shí)間每11分鐘會(huì)拷貝到實(shí)時(shí)時(shí)鐘（RTC）。
rtcsync
# 通常，chronyd將根據(jù)需求通過(guò)減慢或加速時(shí)鐘，使得系統(tǒng)逐步糾正所有時(shí)間偏差。在某些特定情況下，系統(tǒng)時(shí)鐘可能會(huì)漂移過(guò)快，導(dǎo)致該調(diào)整過(guò)程消耗很長(zhǎng)的時(shí)間來(lái)糾正系統(tǒng)時(shí)鐘。
# 該指令強(qiáng)制chronyd在調(diào)整期大于某個(gè)閥值時(shí)步進(jìn)調(diào)整系統(tǒng)時(shí)鐘，但只有在因?yàn)閏hronyd啟動(dòng)時(shí)間超過(guò)指定限制（可使用負(fù)值來(lái)禁用限制），沒(méi)有更多時(shí)鐘更新時(shí)才生效。
makestep 10 3
# 這里你可以指定一臺(tái)主機(jī)、子網(wǎng)，或者網(wǎng)絡(luò)以允許或拒絕NTP連接到扮演時(shí)鐘服務(wù)器的機(jī)器。
#allow 192.168/16
# 該指令允許你限制chronyd監(jiān)聽(tīng)哪個(gè)網(wǎng)絡(luò)接口的命令包（由chronyc執(zhí)行）。該指令通過(guò)cmddeny機(jī)制提供了一個(gè)除上述限制以外可用的額外的訪問(wèn)控制等級(jí)。
bindcmdaddress 127.0.0.1
bindcmdaddress ::1
keyfile /etc/chrony.keys
# 指定了/etc/chrony.keys中哪一條密碼被使用
commandkey 1
# 此參數(shù)指定了產(chǎn)生一個(gè)SHA1或MD5加密的密碼，存放在/etc/chrony.keys中
generatecommandkey
noclientlog
logchange 0.5
logdir /var/log/chrony

/etc/chrony.keys文件

[root@localhost ~]#  cat /etc/chrony.keys
#1 a_key

1 SHA1 HEX:8B96920E9C83612FE34A8C281C31310BD2E1F624

內(nèi)容來(lái)自 RHEL7 -- 使用Chrony設(shè)置時(shí)間與時(shí)鐘服務(wù)器同步

3.3 chronyc

1.查看幫助

[root@localhost ~]# chronyc --help
Usage: chronyc [-h HOST] [-p PORT] [-n] [-4|-6] [-a] [-f FILE] [-m] [COMMAND]

2.查看詳細(xì)的幫助信息

[root@localhost ~]# chronyc
chrony version 2.1.1
Copyright (C) 1997-2003, 2007, 2009-2015 Richard P. Curnow and others
chrony comes with ABSOLUTELY NO WARRANTY.  This is free software, and
you are welcome to redistribute it under certain conditions.  See the
GNU General Public License version 2 for details.

chronyc> help
Commands:
accheck <address> : Check whether NTP access is allowed to <address>
activity : Check how many NTP sources are online/offline
add peer <address> ... : Add a new NTP peer
add server <address> ... : Add a new NTP server
allow [<subnet-addr>] : Allow NTP access to that subnet as a default
allow all [<subnet-addr>] : Allow NTP access to that subnet and all children
burst <n-good>/<n-max> [<mask>/<masked-address>] : Start a rapid set of measurements
clients : Report on clients that have accessed the server
cmdaccheck <address> : Check whether command access is allowed to <address>
cmdallow [<subnet-addr>] : Allow command access to that subnet as a default
cmdallow all [<subnet-addr>] : Allow command access to that subnet and all children
cmddeny [<subnet-addr>] : Deny command access to that subnet as a default
cmddeny all [<subnet-addr>] : Deny command access to that subnet and all children
cyclelogs : Close and re-open logs files
delete <address> : Remove an NTP server or peer
deny [<subnet-addr>] : Deny NTP access to that subnet as a default
deny all [<subnet-addr>] : Deny NTP access to that subnet and all children
dump : Dump all measurements to save files
local off : Disable server capability for unsynchronised clock
local stratum <stratum> : Enable server capability for unsynchronised clock
makestep [<threshold> <updates>] : Correct clock by stepping
manual off|on|reset : Disable/enable/reset settime command and statistics
manual list : Show previous settime entries
maxdelay <address> <new-max-delay> : Modify maximum round-trip valid sample delay for source
maxdelayratio <address> <new-max-ratio> : Modify max round-trip delay ratio for source
maxdelaydevratio <address> <new-max-ratio> : Modify max round-trip delay dev ratio for source
maxpoll <address> <new-maxpoll> : Modify maximum polling interval of source
maxupdateskew <new-max-skew> : Modify maximum skew for a clock frequency update to be made
minpoll <address> <new-minpoll> : Modify minimum polling interval of source
minstratum <address> <new-min-stratum> : Modify minimum stratum of source
offline [<mask>/<masked-address>] : Set sources in subnet to offline status
online [<mask>/<masked-address>] : Set sources in subnet to online status
password [<new-password>] : Set command authentication password
polltarget <address> <new-poll-target> : Modify poll target of source
reselect : Reselect synchronisation source
rtcdata : Print current RTC performance parameters
settime <date/time (e.g. Nov 21, 1997 16:30:05 or 16:30:05)> : Manually set the daemon time
smoothing : Display current time smoothing state
smoothtime reset|activate : Reset/activate time smoothing
sources [-v] : Display information about current sources
sourcestats [-v] : Display estimation information about current sources
tracking : Display system time information
trimrtc : Correct RTC relative to system clock
waitsync [max-tries [max-correction [max-skew]]] : Wait until synchronised
writertc : Save RTC parameters to file

authhash <name>: Set command authentication hash function
dns -n|+n : Disable/enable resolving IP addresses to hostnames
dns -4|-6|-46 : Resolve hostnames only to IPv4/IPv6/both addresses
timeout <milliseconds> : Set initial response timeout
retries <n> : Set maximum number of retries
exit|quit : Leave the program
help : Generate this help

chronyc> quit

3.常用命令

• accheck 檢查NTP訪問(wèn)是否對(duì)特定主機(jī)可用
• activity 該命令會(huì)顯示有多少NTP源在線/離線
• add server 手動(dòng)添加一臺(tái)新的NTP服務(wù)器
• clients 在客戶端報(bào)告已訪問(wèn)到服務(wù)器
• delete 手動(dòng)移除NTP服務(wù)器或?qū)Φ确?wù)器
• settime 手動(dòng)設(shè)置守護(hù)進(jìn)程時(shí)間
• tracking 顯示系統(tǒng)時(shí)間信息

示例：查看時(shí)間同步的信息來(lái)源

[root@localhost ~]# chronyc sources
210 Number of sources = 3
MS Name/IP address         Stratum Poll Reach LastRx Last sample
===============================================================================
^+ 202.118.1.130                 2   6    37   104  +2189us[  +23ms] +/-   27ms
^* dns1.synet.edu.cn             2   6    77    40   +626us[  +21ms] +/-   33ms
^? 2001:da8:9000::81             0   6     0   10y     +0ns[   +0ns] +/-    0ns

sources可以加-v參數(shù)查看狀態(tài)信息的說(shuō)明

[root@localhost ~]# chronyc sources -v
210 Number of sources = 3

  .-- Source mode  '^' = server, '=' = peer, '#' = local clock.
 / .- Source state '*' = current synced, '+' = combined , '-' = not combined,
| /   '?' = unreachable, 'x' = time may be in error, '~' = time too variable.
||                                                 .- xxxx [ yyyy ] +/- zzzz
||      Reachability register (octal) -.           |  xxxx = adjusted offset,
||      Log2(Polling interval) --.      |          |  yyyy = measured offset,
||                                \     |          |  zzzz = estimated error.
||                                 |    |           \
MS Name/IP address         Stratum Poll Reach LastRx Last sample
===============================================================================
^+ 202.118.1.130                 2   6    37   126  +2189us[  +23ms] +/-   27ms
^* dns1.synet.edu.cn             2   6    77    61   +626us[  +21ms] +/-   33ms
^? 2001:da8:9000::81             0   6     0   10y     +0ns[   +0ns] +/-    0ns

4.chronyc在桌面版提供用戶界面，需要通過(guò)以下命令安裝

yum -y install system-config-date

4. 實(shí)例

4.1 設(shè)置系統(tǒng)時(shí)間為中國(guó)時(shí)區(qū)并啟用時(shí)間同步

# 安裝
yum install chrony
# 啟用
systemctl start chronyd
systemctl enable chronyd
# 設(shè)置亞洲時(shí)區(qū)
timedatectl set-timezone Asia/Shanghai
# 啟用NTP同步
timedatectl set-ntp yes

這樣服務(wù)器的時(shí)間就跟NTP服務(wù)器同步了，非常簡(jiǎn)單的操作。

也可以不使用Chrony，用NTP服務(wù)的時(shí)間同步。但不推薦。

4.2 安裝NTP服務(wù)使用其同步時(shí)間

# 安裝ntp服務(wù)
yum install ntp
# 開(kāi)機(jī)啟動(dòng)服務(wù)
systemctl enable ntpd
# 啟動(dòng)服務(wù)
systemctl start ntpd
# 設(shè)置亞洲時(shí)區(qū)
timedatectl set-timezone Asia/Shanghai
# 啟用NTP同步
timedatectl set-ntp yes
# 重啟ntp服務(wù)
systemctl restart ntpd
# 手動(dòng)同步時(shí)間
ntpq -p

4.3 RTC設(shè)為本地時(shí)間會(huì)有告警

[root@localhost ~]# timedatectl set-local-rtc 1
[root@localhost ~]# timedatectl
      Local time: Thu 2016-05-26 15:31:59 CST
  Universal time: Thu 2016-05-26 07:31:59 UTC
        RTC time: Thu 2016-05-26 15:31:59
       Time zone: Asia/Shanghai (CST, +0800)
     NTP enabled: yes
NTP synchronized: yes
 RTC in local TZ: yes
      DST active: n/a

Warning: The system is configured to read the RTC time in the local time zone.
         This mode can not be fully supported. It will create various problems
         with time zone changes and daylight saving time adjustments. The RTC
         time is never updated, it relies on external facilities to maintain it.
         If at all possible, use RTC in UTC by calling
         'timedatectl set-local-rtc 0'.

因?yàn)橛布r(shí)鐘不能保存時(shí)區(qū)和夏令時(shí)調(diào)整，修改后就無(wú)法從硬件時(shí)鐘中讀取出準(zhǔn)確標(biāo)準(zhǔn)時(shí)間；不建議修改。

• timedatectl 中文手冊(cè)
• 如何在 systemd 下管理Linux系統(tǒng)的時(shí)間和日期
• CentOS 7.x中正確設(shè)置時(shí)間與時(shí)鐘服務(wù)器同步