Under Centos7 lvs load balancing mode configuration lvs-tun

First, architecture

director:172.28.18.69 vip:172.28.18.70

real server1:172.28.18.71

real server2:172.28.18.78

Second, install nginx on two real server

Configuring nginx yum source

[root@localhost ~]# vim /etc/yum.repos.d/nginx.repo

[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/7/$basearch/
gpgcheck=0
enabled=1

installation

[root@localhost ~]# yum install -y nginx

View

[root@localhost ~]# whereis nginx
nginx: /usr/sbin/nginx /usr/lib64/nginx /etc/nginx /usr/share/nginx /usr/share/man/man8/nginx.8.gz
[root@localhost ~]# 

Profiles

Review the default root directory page address

[root@localhost ~]# vim /etc/nginx/conf.d/default.conf 

server {
    listen       80;
    server_name  localhost;

    #charset koi8-r;
    #access_log  /var/log/nginx/host.access.log  main;

    location / {
        root   /usr/share/nginx/html;
        index  index.html index.htm;
    }

Edit /usr/share/nginx/html/index.html

Plus the local IP address, when the test load balancing, distributed to know On which real server

[root@localhost ~]# vim /usr/share/nginx/html/index.html 

<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
    body {
        width: 35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to nginx!-71</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

Save and exit

Start nginx

[root@localhost conf.d]# nginx -c /etc/nginx/nginx.conf

IP can be displayed, the same server is 172.28.18.78 install and configure nginx

Third, the installation ipvsadm on 172.28.18.69

[root@localhost mysql-5.7.26]# yum install -y ipvsadm
已加载插件：fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirrors.tuna.tsinghua.edu.cn
 * extras: mirrors.huaweicloud.com
 * updates: mirrors.tuna.tsinghua.edu.cn
base                                                                                | 3.6 kB  00:00:00     
extras                                                                              | 3.4 kB  00:00 : 00      
the Updates                                                                              | 3.4 kB   00 : 00 : 00      
is addressing dependencies
 -> Checking affairs
 ---> packages ipvsadm.x86_64. 0.1 . 27 - 7 .el7 will be installed
 -> resolve dependencies complete 

dependence relations resolve

 ================================================ ================================================== ========= 
 Package Penalty for architecture version of the source size
================================================== ================================================== ======= 
being installed: 
 the ipvsadm x86_64                   1.27 - 7 .el7 Base                    45 k 

transaction summary
 ============================ ================================================== ============================= 
install   1 package 

total downloads: 45 k 
installation size: 75 k 
downloading packages Standard package: 
the ipvsadm - 1.27 - 7 .el7.x86_64.rpm |   45 kB  00 : 00 : 00      
Running Transaction the Check 
Running the Test Transaction 
Transaction the Test succeeded. 
Running Transaction 
Warning: RPM database has been non- yum modify the program.
** found 2 has been RPM database problem exists, ' yum Check ' output is as follows:
 2 : postfix- 2.10 . . 1 - . 7 . .El7.x86_64 missing demand libmysqlclient.so is 18 is () (64bit)
 2 : postfix- 2.10 . 1 - 7 .el7.x86_64 there is a lack of demand libmysqlclient.so. 18 (libmysqlclient_18) (64bit)
  It is installed: the ipvsadm -  1.27- 7 .el7.x86_64                                                               1 / 1  
  verification: the ipvsadm - 1.27 - 7 .el7.x86_64                                                               1 / 1  

is installed: 
  ipvsadm.x86_64 0 : 1.27 - 7 .el7                                                                               

finished!

Fourth, configure the virtual server

[root@director ~]# ipvsadm -A -t 172.28.18.70:80 -s rr

To add a virtual server 172.28.18.69, -A: add a virtual server -t: tcp agreement -s: distribution algorithm rr polling

Fifth, the actual increase in the back-end server

[root@director home]# ipvsadm -a -t 172.28.18.70:80 -r 172.28.18.71:80 -i -w 1
[root@director home]# ipvsadm -a -t 172.28.18.70:80 -r 172.28.18.78:80 -i -w 1

-a: increasing the back-end server -t: the corresponding virtual server IP -r: corresponding back-end server IP -i: lvs-tun mode -w: Weight

Sixth, view the configuration rules

[root@director home]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  172.28.18.70:80 rr
  -> 172.28.18.71:80              Tunnel  1      0          0         
  -> 172.28.18.78:80              Tunnel  1      0          0         

Seven, set director distributed virtual IP to the device em1: 0

[root@director home]# ip addr add 172.28.18.70 dev em1:0

Eight, the load on the back-end server module ipip

After loading ipip module, there will be a default tunl0 tunnel

1, to see if there tunl0 tunnel

[root@localhost conf]# lsmod|grep ipip
[root@localhost conf]#

No ipip module, load module ipip

[root@localhost conf]# modprobe ipip

View, with the

[root @ localhost conf] # lsmod | grep PIP 
PIP                    13465   0  
tunnel4                 13252   1 PIP 
ip_tunnel               25163   1 PIP

ip a, has also been to see tunl0

[root@server-1 html]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: em1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 90:b1:1c:15:be:09 brd ff:ff:ff:ff:ff:ff
    inet 172.28.18.78/28 brd 172.28.18.79 scope global noprefixroute em1
       valid_lft forever preferred_lft forever
    inet6 fe80::e6fb:2cb7:2743:4720/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
3: em2: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN group default qlen 1000
    link/ether 90:b1:1c:15:be:0a brd ff:ff:ff:ff:ff:ff
    inet 192.168.18.103/24 brd 192.168.18.255 scope global noprefixroute em2
       valid_lft forever preferred_lft forever
    inet6 fe80::3137:91de:1663:a505/64 scope link tentative 
       valid_lft forever preferred_lft forever
4: tunl0@NONE: <NOARP> mtu 1480 qdisc noop state DOWN group default qlen 1000
    link/ipip 0.0.0.0 brd 0.0.0.0

 

Nine, configure virtual IP binding tunl0 on the back-end server

[root@localhost conf]# ip addr add 172.28.18.70 dev tunl0

Ten, on the back-end server is configured to forward ARP closed

net.ipv4.conf.tunl0.arp_ignore = 1
net.ipv4.conf.tunl0.arp_announce = 2
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.tunl0.rp_filter = 0
net.ipv4.conf.all.rp_filter = 0

[root@localhost conf]# sysctl -p