LVS load balancing cluster
1. Experiment preparation
DR server (load scheduler) | 192.168.153.10 |
---|---|
Web1 server 1 | 192.168.153.20 |
Web2 server 2 | 192.168.153.30 |
NFS server | 192.168.153.40 |
vip | 192.168.153.188 |
Client | 192.168.153.128 |
2. Deploy the load scheduler (192.168.153.10)
systemctl stop firewalld.service
setenforce 0
modprobe ip_vs #加载ip_vs模块
cat /proc/net/ip_vs #查看ip_vs版本信息
yum -y install ipvsadm #安装软件包
① Configure the virtual IP address (VIP: 192.168.153.188)
cd /etc/sysconfig/network-scripts/
cp ifcfg-ens33 ifcfg-ens33:0 #若隧道模式,复制为ifcfg-tunl0
vim ifcfg-ens33:0 #清空原先配置,并添加
DEVICE=ens33:0
ONBOOT=yes
IPADDR=192.168.153.188
NETMASK=255.255.255.255
ifup ens33:0 #开启虚拟IP
ifconfig ens33:0 #查看虚拟IP
②Adjust proc response parameters
Since the LVS load scheduler and each node need to share the VIP address, the redirection parameter response of the Linux kernel should be turned off and not act as a router.
vim /etc/sysctl.conf #添加以下内容
net.ipv4.ip_forward = 0
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0
sysctl -p
③Configure load distribution strategy
ipvsadm-save > /etc/sysconfig/ipvsadm
systemctl start ipvsadm
ipvsadm -C
ipvsadm -A -t 192.168.153.188:80 -s rr
ipvsadm -a -t 192.168.153.188:80 -r 192.168.153.20:80 -g #若隧道模式,-g替换为-i
ipvsadm -a -t 192.168.153.188:80 -r 192.168.153.30:80 -g
ipvsadm
ipvsadm -ln #查看节点状态,Route代表DR模式
3. Deploy NFS server (192.168.153.40)
systemctl stop firewalld.service
setenforce 0
yum -y install nfs-utils rpcbind
mkdir /opt/test1 /opt/test2
chmod 777 /opt/test1 /opt/test2
vim /etc/exports
/usr/share *(ro,sync)
/opt/test1 192.168.153.0/24(rw,sync)
/opt/test2 192.168.153.0/24(rw,sync)
systemctl start nfs.service
systemctl start rpcbind.service
exportfs -rv
showmount -e
Fourth, deploy node servers (192.168.153.20, 192.168.153.30)
①Close the firewall and security mechanism, modify the gateway configuration file
systemctl stop firewalld.service
setenforce 0
#将两个节点服务器的网关和DNS注释掉后重启网卡,如果有网关服务器则指向网关服务器
②Configure virtual IP address (VIP: 192.168.153.188)
#此地址仅用作发送Web响应数据包的源地址,并不需要监听客户机的访问请求(改由调度器监听并分发)。因此使用虚接口lo:0
来承载VIP地址,并为本机添加一条路由记录,将访问VIP的数据限制在本地,以避免通信紊乱。
cd /etc/sysconfig/network-scripts/
cp ifcfg-lo ifcfg-lo:0
vim ifcfg-lo:0
DEVICE=lo:0
ONBOOT=yes
IPADDR=192.168.153.188
NETMASK=255.255.255.255 #注意:子网掩码必须全为1
ifup lo:0
ifconfig lo:0
route add -host 192.168.153.188 dev lo:0
vim /etc/rc.local
/sbin/route add -host 192.168.153.188 dev lo:0
chmod +x /etc/rc.d/rc.local
③Adjust the kernel's ARP response parameters to prevent the VIP MAC address from being updated and avoid conflicts
方法一:
vim /etc/sysctl.conf
net.ipv4.conf.lo.arp_ignore = 1 #系统只响应目的IP为本地IP的ARP请求
net.ipv4.conf.lo.arp_announce = 2 #系统不使用IP包的源地址来设置ARP请求的源地址,而选择发送接口的IP地址
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
sysctl -p
方法二:
echo "1" >/proc/sys/net/ipv4/conf/1o/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/1o/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
sysctl -p
④Mount the shared directory
yum -y install nfs-utils rpcbind httpd
systemctl start rpcbind
systemctl start httpd
--192.168.153.20---
mount.nfs 192.168.153.40:/opt/test1 /var/www/html
echo 'this is test1 web!' > /var/www/html/index.html
--192.168.153.30---
mount.nfs 192.168.153.40:/opt/test2 /var/www/html
echo 'this is test2 web!' > /var/www/html/index.html
Five, client browser access test
Use a browser on the client to visit http://192.168.153.188/, the default gateway points to 192.168.153.188