1. Network topology diagram of LVS load balancing based on NAT mode
:
Tips:
Set up services from bottom to top to facilitate timely testing;
close services from top to bottom, first interrupt service access requests.
Process
1. First, configure the network environment according to the topology diagram, and select the host-only mode to distinguish between the public network and the internal network;
1.1 Client
vim /etc/sysconfig/network-scripts/ifcfg-eth0
IPADDR=192.168.45.11
service network restart
1.2 负载调度器
eth0:vim /etc/sysconfig/network-scripts/ifcfg-eth0
IPADDR=192.168.45.12
eth1:vim /etc/sysconfig/network-scripts/ifcfg-eth1
IPADDR=192.168.88.10
service network restart
1.3 Real server
RS1:
vim /etc/sysconfig/network-scripts/ifcfg-eth0
IPADDR=192.168.88.11
GATEWAY=192.168.88.10
service network restart
route -n
RS2:
vim /etc/sysconfig/network-scripts/ifcfg-eth0
IPADDR=192.168.88.12
GATEWAY=192.168.88.10
service network restart
route -n
2. Install Apache on the real server, start it and set it to start automatically after booting;
yum -y install httpd
service httpd start
chkconfig httpd on
echo "pag1" >> /var/www/html/index.html
curl 192.168.88.11
echo "pag2" >> /var/www/html/index.html
curl 192.168.88.12 #Write
content and test on the real server webpage
3. The load scheduler enables routing and forwarding;
vim /etc/sysctl.conf
net.ipv4.ip_forward = 1 #Enable
routing and forwarding
sysctl -p
#Refresh the configuration file to make it effective
4、负载调度器加载ipvs模块,安装命令管理行工具ipvsadm;
modprobe ip_vs
#加载ipvs模块
cat /proc/net/ip_vs
#查看当前进程有没有加载ipvs
yum -y install ipvsadm
#安装命令行管理工具
5、负载调度器添加集群,设置调度规则;
ipvsadm -A -t 192.168.45.12:80 -s rr
#添加调度集群(这里相当于用VIP代表集群),指定算法为rr算法,若增加-p的话就是指定持久化连接时间(-p 120)
ipvsadm -a -t 192.168.45.12:80 -r 192.168.88.11:80 -m
ipvsadm -a -t 192.168.45.12:80 -r 192.168.88.12:80 -m
#添加真实服务器,-m指使用NAT模式得LVS负载均衡
ipvsadm -Ln
#列出当前的调度策略
service ipvsadm save
#由于上面添加的记录放在内核里,系统重载后会丢失,所以有必要保存当前的命令规则保证持久化
chkconfig ipvsadm on
#设置ipvs开机自启
service ipvsadm start/stop/restart
#ipvs服务临时管理命令
6、修改防火墙规则,添加DNAT转换(增加规则的步骤可省略,但防火墙必须开启);
service iptables start
iptables -L
#查看防火墙状态,如果开启防火墙后状态仍为空,可使用iptables -F先刷新一下
chkconfig iptables on
iptables -t nat -A POSTROUTING -s 192.168.88.0/24 -o eth1 -j SNAT --to-source 192.168.45.12
#添加DNAT装换,虽然防火墙会自动完成,但为了减少错误,再手动添加规则匹配内网网段,目的是将源地址改为出口(公网)地址
iptables:命令行管理工具
-t nat:指定nat表
-s 192.168.88.0/24:指定内网网段,即真实服务器所在网段
-A POSTROUTING:指定链
-o eth1:指定出口网卡名称,即负载调度器与真实服务器通信的网卡名称
-j SNAT:指定动作类型为SNAT
–to-source 192.168.45.12:公网地址,即VIP
iptables -t nat -L
#查看NAT模式防火墙规则
7、客户机测试。
while 2>1; do curl 192.168.45.12; sleep 1s; done
#客户端测试
ipvsadm -Ln --stats
#负载调度器端查看调度详情
提示:流量单位为字节
ipvsadm -D -t 192.168.45.12:80
#删除集群
ipvsadm -d -t 192.168.45.12:80 -r 192.168.88.11:80
#删除调度规则,某真实服务器
ipvsadm -a -t 192.168.45.12:80 -r 192.168.88.11:6666
#由于NAT模式支持端口映射,当真实服务器访问端口更改时,使用此命令修改
故障点:负载调度器宕机、真实服务器宕机(负载调度器会继续把访问申请分配给宕机的真实服务器,导致用户访问请求得不到响应)
解决方案:可通过脚本监测真实服务器状态来调整
二、基于DR模式的LVS负载均衡搭建
网络拓扑图
流程
1、搭建网络环境,仅主机模式,关闭NetworkManager;
service NetworkManager stop
1.1 客户端
vim /etc/sysconfig/network-scripts/ifcfg-eth0
IPADDR=192.168.45.11
1.2 负载调度器
vim /etc/sysconfig/network-scripts/ifcfg-eth0
IPADDR=192.168.45.12
#内部通信用
vim /etc/sysconfig/network-scripts/ifcfg-eth0:0
IPADDR=192.168.45.100
NETMASK=255.255.255.0
#子接口作为集群VIP
service network restart && ping -c 4 192.168.45.100
1.3 真实服务器
RS1:
vim /etc/sysconfig/network-scripts/ifcfg-eth0
IPADDR=192.168.45.13
#内部通信用
cp -a /etc/sysconfig/network-scripts/ifcfg-lo /etc/sysconfig/network-scripts/ifcfg-lo:0
vim /etc/sysconfig/network-scripts/ifcfg-lo:0
DEVICE=lo:0
IPADDR=192.168.45.100
NETMASK=255.255.255.255
#开启回环网卡子接口,配置IP与VIP一致,子网掩码设置为255.255.255.255是为了只能被自己识别
service network restart && ping -c 4 192.168.45.100
RS2:
vim /etc/sysconfig/network-scripts/ifcfg-eth0
IPADDR=192.168.45.14
cp -a /etc/sysconfig/network-scripts/ifcfg-lo /etc/sysconfig/network-scripts/ifcfg-lo:0
vim /etc/sysconfig/network-scripts/ifcfg-lo:0
DEVICE=lo:0
IPADDR=192.168.45.100
NETMASK=255.255.255.255
service network restart && ping -c 4 192.168.45.100
2、为2台真实服务器安装并启动Apache服务,添加网页内容;
yum -y install httpd
service httpd start
echo “pag1” >> /var/www/html/index.html
echo “pag2” >> /var/www/html/index.html
curl localhost
3、修改2台真实服务器网卡ARP通告响应行为级别;
vim /etc/sysctl.conf
#LVS ARP
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.default.arp_ignore = 1
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
#在配置文件末行添加,设置当前所有网卡默认的通告和响应级别
sysctl -p
ifup lo:0 && ifconfig
route add -host 192.168.45.100 dev lo:0
#添加到回环接口子接口的路由记录
echo “/sbin/route add -host 192.168.45.100 dev lo:0” >> /etc/rc.local
#设置为开机自动添加此路由记录
route -n
4、修改负载调度器配置文件,关闭网卡重定向;
vim /etc/sysctl.conf
net.ipv4.conf.eth0.send_redirects = 0
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
#关闭网卡重定向,不关也行
sysctl -p
modprobe ip_vs
cat /proc/net/ip_vs
yum -y install ipvsadm
ipvsadm -A -t 192.168.45.100:80 -s rr
#ipvsadm -A -t 虚拟IP:80 -s rr
ipvsadm -a -t 192.168.45.100:80 -r 192.168.45.13:80 -g
#ipvsadm -a -t 虚拟IP:80 -r 网站1:80 -g
ipvsadm -a -t 192.168.45.100:80 -r 192.168.45.14:80 -g
#ipvsadm -a -t 虚拟IP:80 -r 网站2:80 -g
ipvsadm -Ln
#列出当前的调度策略
service ipvsadm save
chkconfig ipvsadm on
5. Test.
while 2>1; do curl 192.168.45.100; sleep 1s; done
ipvsadm -Ln --stats #Load
scheduler to view scheduling details.
Tip: The flow unit is byte
ipvsadm -D -t 192.168.45.100:80 #Delete
cluster
ipvsadm -d -t 192.168.45.100:80 -r 192.168.88.11:80 #Delete
scheduling rules, a real server
ipvsadm -a -t 192.168.45.100:80 -r 192.168.88.11: 6666 #Because the
NAT mode supports port mapping, when the real server access port changes, first delete the original one, and then use this command to increase
3. Persistent connection
environment: based on the DR mode
ipvsadm -D -t 192.168.45.100:80 #Delete the
previously added cluster
ipvsadm -A -t 192.168.45.100:80 -s rr -p 60
#Re-add the cluster -p 60, specify the persistent connection time as 60S
ipvsadm -a -t 192.168.45.100:80 -r 192.168.45.13:80 -g
ipvsadm -a -t 192.168.45.100:80 -r 192.168.45.12:80 -g #add
real Server
ipvsadm -lnc #View
the real server for load scheduling