◆案例1◆ 构建LVS-NAT模式的Web集群
=====================================================================================
实验环境
[类型] [网卡] [IP地址] [接入模式]
LVS-NAT eno16777728 192.168.1.12 桥接
eno33554960 192.168.20.14 NAT
Read-Ser1 eno16777728 192.168.20.15 NAT
Read-Ser2 eno16777728 192.168.20.16 NAT
=====================================================================================
◆配置主LVS-NAT模式的负载调度器◆
1.安装ipvsadm
yum install -y ipvsadm
2.开启IP转发
临时开启 echo "1" > /proc/sys/net/ipv4/ip_forward 永久开启 vim /etc/sysctl.conf net.ipv4.ip_forward=1 sysctl –p
3.配置LVS-NAT调度器
ipvsadm -A -t 192.168.1.12:80 -s rr #指定网卡1地址 -------------------------------------------------------------------------------------------------------------- -A 添加规则 -t TCP 指定分发器VIP -s 指定调度算法 rr 代表轮询round-robin -------------------------------------------------------------------------------------------------------------- ipvsadm -a -t 192.168.1.12:80 -r 192.168.20.15 -m ipvsadm -a -t 192.168.1.12:80 -r 192.168.20.16 -m -------------------------------------------------------------------------------------------------------------- -a 添加real-server地址 -r 指定real-server地址 -m 表示masquerade NAT方式的LVS -------------------------------------------------------------------------------------------------------------- [root@localhost ~]# ipvsadm -L -n #查看规则 IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 192.168.1.12:80 rr -> 192.168.20.15:80 Masq 1 0 0 -> 192.168.20.16:80 Masq 1 0 0 /sbin/ipvsadm-save #保存规则
4.配置防火墙SNAT
iptables -t nat -A POSTROUTING \ #指定NAT表的POSTROUTING -s 192.168.1.0/24 \ #指定内网的网段 -o eno16777728 \ #指定外网口网卡名称 -j SNAT \ #指定为SNAT --to-source 59.110.167.239 #指定外网卡的地址 iptables -t nat -L #查看添加的规则
◆RelServer节点配置◆ 注:客户端每个节点都应该配置
1.安装测试apache
yum install -y httpd echo "web 1" > /var/www/html/index.html systemctl restart httpd
2.RelServer节点指定网关
route add default gw 192.168.20.14 #指向主调度器的eth1网口
◆案例2◆ 构建基于LVS-DR模式的Web集群
=====================================================================================
实验环境
[类型 ] [网卡] [IP地址] [VIP/IO] [接入模式]
LVS-DR eno16777728 192.168.1.12 192.168.1.20(VIP) 桥接
Read-Ser1 eno16777728 192.168.1.13 192.168.1.20(IO) 桥接
Read-Ser2 eno16777728 192.168.1.14 192.168.1.20(IO) 桥接
注: 如果是在真实环境中 RealServer应把网关指向路由器eth1口
=====================================================================================
◆配置主LVS-DR模式的负载调度器◆
1.安装ipvsadm
yum install -y ipvsadm
2.修改内核参数,防止相同网络地址广播冲突
vim /etc/sysctl.conf net.ipv4.conf.all.send_redirects = 0 net.ipv4.conf.eno16777728.send_redirects = 0 net.ipv4.conf.default.send_redirects = 0 sysctl -p #刷新内核参数(使其生效) modprobe ip_vs #查看内核是否加载,无提示则加载成功
3.配置临时网卡
ifconfig eno16777728:0 192.168.1.20 netmask 255.255.255.0 #在eth0上添加一个子接口,VIP的地址 route add -host 192.168.1.20 dev eno16777728 #在eth0上添加一条路由记录
4.添加轮询规则
ipvsadm -A -t 192.168.1.20:80 -s rr #添加虚拟服务指定VIP地址 -------------------------------------------------------------------------------------------------------------- -A 添加规则 -t TCP 指定分发器VIP -s 指定调度算法 rr 代表轮询round-robin -------------------------------------------------------------------------------------------------------------- ipvsadm -a -t 192.168.1.20:80 -r 192.168.1.13:80 -g #针对虚拟服务添加RS节点 ipvsadm -a -t 192.168.1.20:80 -r 192.168.1.14:80 -g #针对虚拟服务添加RS节点 -------------------------------------------------------------------------------------------------------------- -a 添加real-server地址 -r 指定real-server地址 -m 以NAT模式分配 -g 以DR模式分配 -w 指定权值 -------------------------------------------------------------------------------------------------------------- [root@localhost ~]# ipvsadm -L -n --stats #查看VIP和RS是否已经配置成功 IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Conns InPkts OutPkts InBytes OutBytes -> RemoteAddress:Port TCP 192.168.1.20:80 0 0 0 0 0 -> 192.168.1.13:80 0 0 0 0 0 -> 192.168.1.14:80 0 0 0 0 0 /sbin/ipvsadm-save #保存规则
◆配置RealServer节点◆ 注:客户端每个节点都应该配置
service NetworkManager stop #关闭管理工具,图形界面下才要关闭
1.首先关闭ARP宣告,和ARP转发
临时关闭 -------------------------------------------------------------------------------------------------------------- echo "1" > /proc/sys/net/ipv4/conf/lo/arp_ignore echo "2" > /proc/sys/net/ipv4/conf/lo/arp_announce echo "1" > /proc/sys/net/ipv4/conf/all/arp_announce echo "2" > /proc/sys/net/ipv4/conf/all/arp_ignore -------------------------------------------------------------------------------------------------------------- 永久关闭 -------------------------------------------------------------------------------------------------------------- vim /etc/sysctl.conf net.ipv4.conf.eno16777728.arp_ignore=1 net.ipv4.conf.eno16777728.arp_announce=2 net.ipv4.conf.all.arp_ignore=1 net.ipv4.conf.all.arp_announce=2 -------------------------------------------------------------------------------------------------------------- sysctl -p
2.添加本地回环口
ifconfig lo:0 192.168.1.20 netmask 255.255.255.255 #添加本地回环口,设置24位掩码 route add -host 192.168.1.20 dev lo #添加路由记录
◆案例3◆ 构建基于LVS-IP-TUN模式的Web集群
=====================================================================================
实验环境
[类型] [网卡] [IP地址] [VIP/Tunl] [接入模式]
LVS-IPTUN eno16777728 200.168.10.1 200.168.10.10(VIP) 外网IP
Read-Ser1 eno16777728 200.168.10.2 200.168.10.10(Tunl) 外网IP
Read-Ser2 eno16777728 200.168.10.3 200.168.10.10(Tunl) 外网IP
=====================================================================================
◆配置主LVS-IP-TUN模式的负载调度器◆
1.LVS服务器配置虚拟IP
ifconfig tunl0 200.168.10.10 netmask 255.255.255.255 up #虚拟一个隧道IP 4个255代表它自己一个网段 route add -host 200.168.10.10 dev tunl0 #把网段添加到路由表 防止走 200.168.10.0 网段 route -n #查看路由
2.设置LVS调度器
ipvsadm -C ipvsadm -A -t 200.168.10.10:80 -s rr ipvsadm -a -t 200.168.10.10:80 -r 200.168.10.2 -i ipvsadm -a -t 200.168.10.10:80 -r 200.168.10.3 -i ipvsadm -L -n --stat #查看规则
◆配置RealServer节点◆ 注:客户端每个节点都应该配置
ifconfig tunl0 200.168.10.10 netmask 255.255.255.255 up route add -host 200.168.10.10 dev tunl0
vim /etc/sysctl.conf echo "1" > /proc/sys/net/ipv4/conf/tunl0/arp_ignore echo "2" > /proc/sys/net/ipv4/conf/tunl0/arp_announce echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce sysctl -p
测试 http://200.168.10.10