The actual deployment of LVS-DR mode! ! Personally organize...

DR mode

Direct Routing
●Direct Routing, referred to as DR mode
●It adopts a semi-open network structure, which is similar to the structure of TUN mode, but the nodes are not scattered in various
places, but are located on the same physical network as the
scheduler. ●Load scheduler and Each node server is connected through the local network, no need to establish a dedicated IP tunnel

Prepare the environment:

服务器                           系统                                            ip                                        作用
客户端                           win10                   192.168.75.10                                                                                       客户机测试访问lvs负载集群           
调度器                         centos7.6               192.168.100.25（物理网口）|  192.168.100.100 （vip地址）                      LVS调度器
web1                           centos7.6                192.168.100.26（物理网口）| 192.168.100.100（vip地址）                        提供web服务
web2                           centos7.6                192.168.100.27（物理网口）| 192.168.100.100（vip地址）                        提供web服务        
nfs存储                        centos7.6                192.168.100.28                                                                                nfs共享服务

statement:

Let's first talk about the points and problems that need attention in the DR mode! !

1. Problem
Having the same IP address in the local area network will inevitably cause disturbances in the ARP communication of each server.
● When the ARR broadcast is sent to the LVS-DR cluster, because the load balancer and the node server are connected to the same network, they Will receive ARP broadcasts
●Only the front-end load balancer responds, other node servers should not respond to ARP broadcasts

Solution:
Process the node server so that it does not respond to ARP requests for VIP
#Set the kernel parameter arp_ ignore=1: The system only responds to ARP requests whose destination IP is the local IP

2. Questions
■ RealServer returns packets (the source IP is VIP) are forwarded by the router. When re-encapsulating the packets, you need to obtain the MAC address of the router first

■When sending an ARP request, Linux defaults to use the source IP address of the IP packet (ie VIP) as the source IP address in the ARP request packet, instead of using the ip address of the sending interface
such as: ens33

3. After the router receives the ARP request, it will update the ARP table entry
. The MAC address of the original VIP corresponding to the Director will be updated to the mac address of the VIP corresponding to the RealServer.

4. Problems:
● The router forwards the new
request message to RealServer according to the ARP table entry , causing the
Director's VIP to fail

Solution
● Process the node server and set the kernel parameter
arp_ announce=2: The system does not use the
source address of the IP packet to set the source address of the ARP request, but
selects the IP address of the sending interface

修改/etc/sysctl.conf 文件
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.default.arp_ignore = 1
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2

Modify the /etc/sysctl.conf file on the scheduler
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0

Scheduler configuration 192.168.100.25

【1】配置虚拟IP地址（VIP）
[root@localhost ~]# cd /etc/sysconfig/network-scripts/
[root@localhost network-scripts]# cp ifcfg-ens33 ifcfg-ens33:0
[root@localhost network-scripts]# vi ifcfg-ens33:0
NAME=ens33:0
DEVICE=ens33:0
ONBOOT=yes
IPADDR=192.168.100.100
NETMASK=255.255.255.255

[root@localhost network-scripts]# ifup ifcfg-ens33:0
[root@localhost network-scripts]# ifconfig

ens33:0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.100.100  netmask 255.255.255.0  broadcast 192.168.32.255
        ether 00:0c:29:9b:a7:cc  txqueuelen 1000  (Ethernet)


【2】调整/proc响应参数  对于 DR 群集模式来说，由于 LVS 负载调度器和各节点需要共用 VIP 地址，应该关闭 Linux 内核的重定向参数响应
服务器不是一台路由器，那么它不会发送重定向，所以可以关闭该功能

vi /etc/sysctl.conf 

net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0

[root@localhost network-scripts]# sysctl -p     ###生效


【3】配置负载分配策略
[root@localhost /]# ipvsadm -v
[root@localhost ~]#yum -y install ipvsadm
[root@localhost ~]# modprobe ip_vs
[root@localhost ~]# cat /proc/net/ip_vs
[root@localhost ~]#ipvsadm -A -t 192.168.100.100:80 -s rr
[root@localhost ~]#ipvsadm -a -t 192.168.100.100:80 -r 192.168.100.26:80 -g -w 1
[root@localhost ~]#ipvsadm -a -t 192.168.100.100:80 -r 192.168.100.27:80 -g -w 1

Configure NFS storage server 192.168.100.28

1.安装nfs-utils   rpcbind  

yum -y install nfs-utils               #nfs必须安装的，不然无法识别nfs格式，
yum -y install rpcbind

2.创建共享测试目录，和网页文件

mkdir  /opt/as1   /opt/as2

echo 'this is as1' >/opt/as1/index.html         #写些数据定义web1
echo 'this is as2' >/opt/as2/index.html         #写些数据定义web2

3.添加共享目录，
vi /etc/exports                  #将共享目录添加在配置内，相当于发布

/opt/as1 192.168.100.0/24(rw,sync)
/opt/as2 192.168.100.0/24(rw,sync)

                                         #重启服务，设置开机自启
systemctl restart nfs      
systemctl restart rpcbind
systemctl enable nfs
systemctl enable rpcbind


showmount -e                  #查看当前共享的目录
Export list for localhost.localdomain:
/opt/as2 192.168.100.0/24
/opt/as1 192.168.100.0/24

web1 server 192.168.100.26

[root@localhost ~]# cd /etc/sysconfig/network-scripts/
[root@localhost network-scripts]# cp ifcfg-lo ifcfg-lo:0
[root@localhost network-scripts]# vi ifcfg-lo:0
DEVICE=lo:0
IPADDR=192.168.100.100
NETMASK=255.255.255.255
ONBOOT=yes

ifup lo:0
ifconfig

vi /etc/sysctl.conf 
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.default.arp_ignore = 1
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2

sysctl -p



1.安装nfs ，rpcbind 服务

yum -y install nfs-utils               #nfs必须安装的，不然无法识别nfs格式，
yum -y install rpcbind

2.查看nfs存储服务器共享，需输入nfs地址
showmount -e 192.168.100.28
Export list for 192.168.100.28:
/opt/as2 192.168.100.0/24
/opt/as1 192.168.100.0/24

3.安装apache web服务器！咱们直接yum安装了

yum  -y install httpd

systemctl restart httpd           #开启httpd服务
systemctl enable httpd 

4.将nfs的共享目录下的测试网页，挂载到apahce下的html下

mount 192.168.100.28:/opt/as1/   /var/www/html/

vi /etc/fstab           #配置文件下添加
192.168.100.28:/opt/as1  /var/www/html/  nfs defaults,_netdev 0 0

init 6  #重启服务，验证搭建环境是否正确！

web2 server 192.168.100.27

准备环境
[root@localhost ~]# cd /etc/sysconfig/network-scripts/
[root@localhost network-scripts]# cp ifcfg-lo ifcfg-lo:0
[root@localhost network-scripts]# vi ifcfg-lo:0
DEVICE=lo:0
IPADDR=192.168.100.100
NETMASK=255.255.255.255
ONBOOT=yes

 ifup lo:0
ifconfig

vi /etc/sysctl.conf 
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.default.arp_ignore = 1
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2

sysctl -p





1.安装nfs ，rpcbind 服务

yum -y install nfs-utils               #nfs必须安装的，不然无法识别nfs格式，
yum -y install rpcbind

2.查看nfs存储服务器共享，需输入nfs地址
showmount -e 192.168.100.28
Export list for 192.168.100.28:
/opt/as2 192.168.100.0/24
/opt/as1 192.168.100.0/24

3.安装apache web服务器！咱们直接yum安装了

yum  -y install httpd

systemctl restart httpd           #开启httpd服务
systemctl enable httpd 

4.将nfs的共享目录下的测试网页，挂载到apahce下的html下

mount 192.168.100.28:/opt/as2/   /var/www/html/

vi /etc/fstab           #配置文件下添加
192.168.100.28:/opt/as2  /var/www/html/  nfs defaults,_netdev 0 0

init 6  #重启服务，验证搭建环境是否正确！

Configure routing

VM2 network card------routing-------VM1 network card (LVS load balancing cluster)

verification

win10 (VM2 network card) Verification!

Enter the LVS load balancing cluster address; (vip address) 192.168.100.100