# 使用 Podman 自建 ntp-server ## 編輯 Dockerfile * 需要更換允許同步時間的網段 ``` $ nano Dockerfile FROM registry.suse.com/bci/bci-base:15.5 RUN zypper -n in chrony && \ echo "server time.google.com iburst" > /etc/chrony.d/pool.conf && \ # 允許所有人都可以向他校時 sed -i "25iallow 0.0.0.0/0" /etc/chrony.conf EXPOSE 123/udp ENTRYPOINT [ "/usr/sbin/chronyd", "-d", "-s"] ``` ## Build image ``` $ sudo podman build -t ntp_server:latest . ``` ## 部署 ntp server ``` $ nano ntp_server.yaml apiVersion: v1 kind: Pod metadata: labels: app: chrony name: chrony spec: containers: - image: localhost/ntp_server:latest name: chrony securityContext: capabilities: add: - CAP_SYS_NICE - CAP_SYS_RESOURCE - CAP_SYS_TIME hostNetwork: true hostname: ntp-server ``` ``` $ sudo podman kube play ntp_server.yaml ``` ## 檢查 ``` $ sudo podman ps -a --pod CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES POD ID PODNAME ab2fc7e93236 localhost/podman-pause:4.4.4-1680004800 39 seconds ago Up 35 seconds d709efb8d672-infra d709efb8d672 chrony d2a616434c9a quay.io/hahappyman/ntp_server:latest 35 seconds ago Up 35 seconds chrony-chrony d709efb8d672 chrony ``` ## 測試校時 * 在 ubuntu server 上安裝 sntp 套件 ``` $ sudo apt update; sudo apt install sntp ``` ``` $ sntp <ntp server> $ sntp 10.10.7.20 2025-11-24 14:06:17.507479 (+0800) +0.000181 +/- 0.000256 10.10.7.20 s2 no-leap ```