1. Introduction to NAT mode
Advantages: Load balancing can be easily and quickly configured
Disadvantage: Single machine has bottleneck
The gateway (GATEWAY) of the affiliated machine must be the host's intranet ip
2. Installation
yum install -y ipvsadm
3. Create a new script
#!/bin/bash # Enable routing forwarding on the director server echo 1 > /proc/sys/net/ipv4/ip_forward ## Turn off icmp redirection echo 0 > /proc/sys/net/ipv4/conf/all/send_redirects echo 0 > /proc/sys/net/ipv4/conf/default/send_redirects echo 0 > /proc/sys/net/ipv4/conf/eth0/send_redirects # director set nat firewall function iptables -t nat -F iptables -t nat -X iptables -t nat -A POSTROUTING -s 192.168.200.0/24 -j MASQUERADE # director set ipsadm IPVSADM='/sbin/ipvsadm' $IPVSADM -C #Clear the rules of ipvsadm # 192.168.145.128 Extranet $IPVSADM -A -t 192.168.145.128:80 -s rr $IPVSADM -a -t 192.168.145.128:80 -r 192.168.1.27:80 -m $IPVSADM -a -t 192.168.145.128:80 -r 192.168.1.28:80 -m
4. Introduction to DR Mode
Advantages: There is no bottleneck for the server, and it needs to be accessed through virtual ip. The eth0:0 IP of the host and the lo:0 ip of the affiliated machine need to be kept all the time.
5. The main server executes the script
#!/bin/bash # Enable routing forwarding on the director server echo 1 > /proc/sys/net/ipv4/ip_forward ipv=/sbin/ipvsadm vip=192.168.1.100 rs1=192.168.1.27 rs2=192.168.1.28 ifconfig eth0:0 $vip broadcast $vip netmask 255.255.255.255 down ifconfig eth0:0 $vip broadcast $vip netmask 255.255.255.255 up route add -host $vip dev eth0:0 $instead of -C $ipv -A -t $vip:80 -s rr $ipv -a -t $vip:80 -r $rs1:80 -g -w 1 $ipv -a -t $vip:80 -r $rs2:80 -g -w 1
6. Execute the script from the machine
#!/usr/bin/env bash vip=192.168.1.100 ifconfig lo:0 $vip broadcast $vip netmask 255.255.255.255 down ifconfig lo:0 $vip broadcast $vip netmask 255.255.255.255 up route add -host $vip lo:0 echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce