LVS load balancing cluster enterprise applications in actual combat LVS / DR mode LVS-NAT mode

Preparing the Environment

1. Preparing Virtual Machines

Prepare three pure virtual machine, one as load balancing agent, both as a web server

2, LVS-server management software installed lvs

[root@lvs-server ~]# yum -y install ipvsadm
程序包：ipvsadm（LVS管理工具）

主程序：/usr/sbin/ipvsadm

规则保存工具：/usr/sbin/ipvsadm-save > /path/to/file

配置文件：/etc/sysconfig/ipvsadm-config

##### 

3, LVS / DR mode

Experiment Description:
1. virtual machine networks use NAT mode
2.DR mode requires Director DIP and all RealServer RIP must be in the same segment and broadcast domains
are designated 3. All true gateway node gateway

RS：Real Server                #后端请求处理服务器 

CIP: Client IP                      #用户端IP

VIP：Director Virtual IP   #负载均衡器虚拟IP

DIP：Director IP               #负载均衡器真实IP

RIP：Real Server IP         #后端请求处理服务器真实IP

4.LVS / DR mode embodiment (deployment)

1. Preparation (all hosts in the cluster) turn off the firewall and selinux

[root@lvs-server ~]# vim /etc/hosts     #配置解析
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.246.166 lvs-server
192.168.246.161 real-server1
192.168.246.162 real-server2

2, Director Distribution Configuration

VIP configuration

[root@lvs-server ~]# ip addr add dev ens33 192.168.246.160/32 #设置VIP
[root@lvs-server ~]# yum install -y ipvsadm   #RHEL确保LoadBalancer仓库可用
[root@lvs-server ~]# service ipvsadm start  #启动
注意:启动如果报错: /bin/bash: /etc/sysconfig/ipvsadm: 没有那个文件或目录
需要手动生成文件
[root@lvs-server ~]# ipvsadm --save > /etc/sysconfig/ipvsadm    然后再启动就可以了
如果添加ip错了，删除命令如下:
# ip addr del 192.168.246.193 dev ens33

LVS distribution policy defined
parameters reference: Parameter Description

VIP 192.168.246.160
RIP 192.168.246.161
RIP 192.168.246.162
[root@lvs-server ~]# ipvsadm -C    #清除内核虚拟服务器表中的所有记录。
[root@lvs-server ~]# ipvsadm -A -t 192.168.246.160:80 -s rr 
[root@lvs-server ~]# ipvsadm -a -t 192.168.246.160:80 -r 192.168.246.161 -g 
[root@lvs-server ~]# ipvsadm -a -t 192.168.246.160:80 -r 192.168.246.162 -g  
[root@lvs-server ~]# service ipvsadm save #保存方式一，使用下面的保存方式，版本7已经不支持了
[root@lvs-server ~]# ipvsadm -S > /etc/sysconfig/ipvsadm  #保存方式二，保存到一个文件中
[root@lvs-server ~]# ipvsadm -ln    （查看保存的规则）
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  192.168.246.160:80 rr
  -> 192.168.246.161:80           Route   1      0          0         
  -> 192.168.246.162:80           Route   1      0          0         

All RS configuration

The server is configured to test all RS # To test the effect of providing different pages (the following are two real-server operation)

[root@real-server1 ~]# yum install -y nginx
[root@real-server1 ~]# echo "real-server1" >> /usr/share/nginx/html/index.html
两台机器都安装，按顺序添加不同的主机名以示区分
[root@real-server1 ~]# ip addr add dev lo 192.168.246.160/32   #在lo接口上绑定VIP
[root@real-server1 ~]# echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore  #忽略arp广播
[root@real-server1 ~]# echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce #匹配精确ip地址回包
[root@real-server1 ~]# systemctl start nginx 
[root@real-server1 ~]# systemctl enable  nginx
=========================================================================================
因为：realServer的vip有了，接着就是同一个网段中拥有两个vip, 客户端在网关发送arp广播需找vip时需要让realServer不接受响应.
解决：
echo 1 >/proc/sys/net/ipv4/conf/eth0/arp_ignore
arp_ignore 设置为1，意味着当别人的arp请求过来的时候，如果接收的设备没有这个ip，就不做出响应(这个ip在lo上，lo不是接收设备的进口)
echo 2 >/proc/sys/net/ipv4/conf/eth0/arp_announce
使用最好的ip来回应，什么是最好的ip？同一个网段内子网掩码最长的

4, test (long link modify the backend server nginx)

[root@client ~]# elinks -dump http://192.168.246.160
或者在自己的浏览器上输入 http://192.168.246.160 查看结果 

LVS-NAT mode:

View linux kernel module loaded

[root@sql-review ~]# lsmod

Loading and unloading kernel modules

[root@sql-review ~]# modprobe ip_vs      #动态加载ip_vs 模块，这个命令只是临时生效，需要添加到开机启动项目里面
[root@sql-review ~]# lsmod | grep ip_vs     #过滤模块是否加载成功！
[root@sql-review ~]# modprobe -r ip_vs      #动态卸载ip_vs模块

Viewing the kernel module information

[root@sql-review ~]# modinfo ip_vs

设置开机启动项
[root@sql-review ~]# echo "modprobe ip_vs" >> /etc/rc.local
[root@sql-review ~]# chmod +x /etc/rc.local     切记添加执行权限
添加到开机启动项里面如果不需要这个模块的时候只需要将etc/rc.local里面对应的命令删除掉。但是这样需要重新启动服务器。 可以通过下面的命令立即生效。
root@sql-review ~]# modprobe -r ip_vs      #动态卸载ip_vs模块

Recommendation: install as nginx (two machines real-server) in the Real Server

[root@real-server1 ~]# yum install -y nginx
[root@real-server1 ~]# echo "real-server1" >> /usr/share/nginx/html/index.html
两台机器都安装，按顺序添加不同的主机名以示区分

所有机器
systemctl stop firewalld && setenforce 0

LVS / NAT mode embodiment

1. Preparation (all hosts in the cluster) [Optional] Each machine needs to be done

[root@lvs-server ~]# vim /etc/hosts   #做解析
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.246.166 lvs-server
192.168.246.161 real-server1
192.168.246.162 real-server2

2, RS Configuration

real-server all server - the default gateway point to the DIP Directory

root@real-server1 ~]# route add default gw 192.168.246.166  dev ens33

3, Director Distribution Configuration

LVS give new server add a network card network mode is set to bridge mode. It will automatically generate a ip, as a VIP.
Only this new card is added to the bridge, the other is net mode mode

[root@lvs-server ~]# ip addr add dev ens37 192.168.50.128/24   #设置VIP （如果已经自动生成 此步不用做）
[root@lvs-server ~]# vim /etc/sysctl.conf #开启路由转发
net.ipv4.ip_forward = 1
[root@lvs-server ~]#sysctl -p #开启转发功能

LVS defined distribution strategy

VIP 192.168.50.128
DIP 192.168.246.166
RIP 192.168.246.161  192.168.246.162
[root@lvs-server ~]# yum install -y ipvsadm  #RHEL确保LoadBalancer仓库可用
[root@lvs-server ~]# ipvsadm -S > /etc/sysconfig/ipvsadm
[root@lvs-server ~]# service ipvsadm start  #启动
[root@lvs-server ~]# ipvsadm -A -t 192.168.50.128:80 -s rr 
[root@lvs-server ~]# ipvsadm -a -t 192.168.50.128:80 -r 192.168.246.161 -m  
[root@lvs-server ~]# ipvsadm -a -t 192.168.50.128:80 -r 192.168.246.162 -m  
[root@lvs-server ~]# ipvsadm -S > /etc/sysconfig/ipvsadm  #保存方式一
[root@lvs-server ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  192.168.50.128:80 rr
  -> 192.168.246.161:80           Masq    1      1          3         
  -> 192.168.246.162:80           Masq    1      1          3         
[root@lvs-server ~]# ipvsadm -L -n --stats			      // 显示统计信息
[root@lvs-server ~]# ipvsadm -L -n --rate				//看速率

4, the test

[root@client ~]# elinks -dump http://192.168.50.128
或者在自己的浏览器上输入 http://192.168.50.128 查看结果