Signed-off-by: Wang Chenglong 18509160991@163.com --- container/ntp-server/ntp.conf | 62 +++++++++++++++++++++++++++++++++++ 1 file changed, 62 insertions(+) create mode 100644 container/ntp-server/ntp.conf
diff --git a/container/ntp-server/ntp.conf b/container/ntp-server/ntp.conf new file mode 100644 index 0000000..9c58a91 --- /dev/null +++ b/container/ntp-server/ntp.conf @@ -0,0 +1,62 @@ +#For more information about this file, see the ntp.conf(5) man page. + +# Record the frequency of the system clock. +driftfile /var/lib/ntp/drift + +# Permit time synchronization with our time source, but do not +# permit the source to query or modify the service on this system. +restrict default nomodify notrap nopeer noepeer noquery + +# Permit association with pool servers. +restrict source nomodify notrap noepeer noquery + +# Permit all access over the loopback interface. This could +# be tightened as well, but to do so would effect some of +# the administrative functions. +restrict 127.0.0.1 +restrict ::1 + +# Hosts on local network are less restricted. +restrict 172.0.0.0 mask 255.0.0.0 nomodify notrap + +# Use public servers from the pool.ntp.org project. +# Please consider joining the pool (http://www.pool.ntp.org/join.html). +# pool 2.openEuler.pool.ntp.org iburst +server 0.centos.pool.ntp.org +server 0.asia.pool.ntp.org +server ntp.sjtu.edu.cn +server ntp1.aliyun.com + +# When all ntp servers on Internet are not reacheable, it will use +# it's local time to give service to the ntp clients. +# If not set, the ntpserver will go to stratum 16 and cannot serve +# any ntp clients when it loses connection with upstream ntp servers. +# This is common in a LAN enviroment isolated with Internet. +server 127.127.1.0 +fudge 127.127.1.0 stratum 8 + + +# Reduce the maximum number of servers used from the pool. +tos maxclock 5 + +# Enable public key cryptography. +# crypto + +includefile /etc/ntp/crypto/pw + +# Key file containing the keys and key identifiers used when operating +# with symmetric key cryptography. +keys /etc/ntp/keys + +# Specify the key identifiers which are trusted. +# trustedkey 4 8 42 + +# Specify the key identifier to use with the ntpdc utility. +# requestkey 8 + +# Specify the key identifier to use with the ntpq utility. +# controlkey 8 + +# Enable writing of statistics records. +# statistics clockstats cryptostats loopstats peerstats +
On Thu, Oct 29, 2020 at 05:31:57PM +0800, Wang Chenglong wrote:
Signed-off-by: Wang Chenglong 18509160991@163.com
container/ntp-server/ntp.conf | 62 +++++++++++++++++++++++++++++++++++ 1 file changed, 62 insertions(+) create mode 100644 container/ntp-server/ntp.conf
diff --git a/container/ntp-server/ntp.conf b/container/ntp-server/ntp.conf new file mode 100644 index 0000000..9c58a91 --- /dev/null +++ b/container/ntp-server/ntp.conf @@ -0,0 +1,62 @@ +#For more information about this file, see the ntp.conf(5) man page.
Better, add a space here.
# For more... ^
+# Record the frequency of the system clock. +driftfile /var/lib/ntp/drift
+# Permit time synchronization with our time source, but do not +# permit the source to query or modify the service on this system. +restrict default nomodify notrap nopeer noepeer noquery
+# Permit association with pool servers. +restrict source nomodify notrap noepeer noquery
+# Permit all access over the loopback interface. This could +# be tightened as well, but to do so would effect some of +# the administrative functions. +restrict 127.0.0.1 +restrict ::1
+# Hosts on local network are less restricted. +restrict 172.0.0.0 mask 255.0.0.0 nomodify notrap
+# Use public servers from the pool.ntp.org project. +# Please consider joining the pool (http://www.pool.ntp.org/join.html). +# pool 2.openEuler.pool.ntp.org iburst +server 0.centos.pool.ntp.org +server 0.asia.pool.ntp.org +server ntp.sjtu.edu.cn +server ntp1.aliyun.com
+# When all ntp servers on Internet are not reacheable, it will use +# it's local time to give service to the ntp clients. +# If not set, the ntpserver will go to stratum 16 and cannot serve +# any ntp clients when it loses connection with upstream ntp servers. +# This is common in a LAN enviroment isolated with Internet.
--> environment
Thanks, Zhang Yuhang
+server 127.127.1.0 +fudge 127.127.1.0 stratum 8
+# Reduce the maximum number of servers used from the pool. +tos maxclock 5
+# Enable public key cryptography. +# crypto
+includefile /etc/ntp/crypto/pw
+# Key file containing the keys and key identifiers used when operating +# with symmetric key cryptography. +keys /etc/ntp/keys
+# Specify the key identifiers which are trusted. +# trustedkey 4 8 42
+# Specify the key identifier to use with the ntpdc utility. +# requestkey 8
+# Specify the key identifier to use with the ntpq utility. +# controlkey 8
+# Enable writing of statistics records. +# statistics clockstats cryptostats loopstats peerstats
-- 2.23.0
On Thu, Oct 29, 2020 at 05:48:29PM +0800, Zhang Yuhang wrote:
On Thu, Oct 29, 2020 at 05:31:57PM +0800, Wang Chenglong wrote:
Signed-off-by: Wang Chenglong 18509160991@163.com
container/ntp-server/ntp.conf | 62 +++++++++++++++++++++++++++++++++++ 1 file changed, 62 insertions(+) create mode 100644 container/ntp-server/ntp.conf
diff --git a/container/ntp-server/ntp.conf b/container/ntp-server/ntp.conf new file mode 100644 index 0000000..9c58a91 --- /dev/null +++ b/container/ntp-server/ntp.conf @@ -0,0 +1,62 @@ +#For more information about this file, see the ntp.conf(5) man page.
Better, add a space here.
# For more... ^
Ok.
+# Record the frequency of the system clock. +driftfile /var/lib/ntp/drift
+# Permit time synchronization with our time source, but do not +# permit the source to query or modify the service on this system. +restrict default nomodify notrap nopeer noepeer noquery
+# Permit association with pool servers. +restrict source nomodify notrap noepeer noquery
+# Permit all access over the loopback interface. This could +# be tightened as well, but to do so would effect some of +# the administrative functions. +restrict 127.0.0.1 +restrict ::1
+# Hosts on local network are less restricted. +restrict 172.0.0.0 mask 255.0.0.0 nomodify notrap
+# Use public servers from the pool.ntp.org project. +# Please consider joining the pool (http://www.pool.ntp.org/join.html). +# pool 2.openEuler.pool.ntp.org iburst +server 0.centos.pool.ntp.org +server 0.asia.pool.ntp.org +server ntp.sjtu.edu.cn +server ntp1.aliyun.com
+# When all ntp servers on Internet are not reacheable, it will use +# it's local time to give service to the ntp clients. +# If not set, the ntpserver will go to stratum 16 and cannot serve +# any ntp clients when it loses connection with upstream ntp servers. +# This is common in a LAN enviroment isolated with Internet.
--> environment
Ok.
Thanks, Zhang Yuhang
+server 127.127.1.0 +fudge 127.127.1.0 stratum 8
+# Reduce the maximum number of servers used from the pool. +tos maxclock 5
+# Enable public key cryptography. +# crypto
+includefile /etc/ntp/crypto/pw
+# Key file containing the keys and key identifiers used when operating +# with symmetric key cryptography. +keys /etc/ntp/keys
+# Specify the key identifiers which are trusted. +# trustedkey 4 8 42
+# Specify the key identifier to use with the ntpdc utility. +# requestkey 8
+# Specify the key identifier to use with the ntpq utility. +# controlkey 8
+# Enable writing of statistics records. +# statistics clockstats cryptostats loopstats peerstats
-- 2.23.0
+# Reduce the maximum number of servers used from the pool. +tos maxclock 5
+# Enable public key cryptography. +# crypto
+includefile /etc/ntp/crypto/pw
+# Key file containing the keys and key identifiers used when operating +# with symmetric key cryptography. +keys /etc/ntp/keys
+# Specify the key identifiers which are trusted. +# trustedkey 4 8 42
+# Specify the key identifier to use with the ntpdc utility. +# requestkey 8
+# Specify the key identifier to use with the ntpq utility. +# controlkey 8
+# Enable writing of statistics records. +# statistics clockstats cryptostats loopstats peerstats
delete the blank line
Thanks, Jiaxin
-- 2.23.0
On Thu, Oct 29, 2020 at 05:50:02PM +0800, Lin Jiaxin wrote:
+# Reduce the maximum number of servers used from the pool. +tos maxclock 5
+# Enable public key cryptography. +# crypto
+includefile /etc/ntp/crypto/pw
+# Key file containing the keys and key identifiers used when operating +# with symmetric key cryptography. +keys /etc/ntp/keys
+# Specify the key identifiers which are trusted. +# trustedkey 4 8 42
+# Specify the key identifier to use with the ntpdc utility. +# requestkey 8
+# Specify the key identifier to use with the ntpq utility. +# controlkey 8
+# Enable writing of statistics records. +# statistics clockstats cryptostats loopstats peerstats
delete the blank line
ok
Thanks, Jiaxin
-- 2.23.0
-
Lin Jiaxin -
Liu Yinsi -
Wang Chenglong -
Zhang Yuhang