LVS-DR（直接路由）集群的部署

目录

一，LVS-DR原理介绍

二，LVS-DR配置过程

1，配置负载调度服务器

2，节点服务器配置

3，客户机测试

---

一，LVS-DR原理介绍

客户机发起请求，经过调度服务器（lvs），经过算法调度，去访问真实服务器（RS）

由于不原路返回，客户机不知道，真实主机的ip地址，

所以只能通过调度服务器的外网ip（vip）去反回报文信息

访问过程（不靠路过程中的问题）：

客户端---->外网地址12.0.0.100      12.0.0.100---->客户端 
#12.0.0.18-----客户端   客户端会直接丢弃
对每台真实服务器配置外网地址 12.0.0.100
12.0.0.100------>客户端 

出现的问题：

问题1
IP 地址冲突的
路由器发送ARP请求（广播）
ARP---->广播去找ip地址解析成mac地址
默认使用调度服务器上的外网地址（vip地址）响应，
在真实服务器上修改内核参数
使真实服务器只对自己服务器上的真实IP地址响应ARP解析。

第二次再有访问请求
问题2
路由器上绑定了 真实服务器1的mac信息，
#请求到达真实服务器
在真实服务器上修改内核参数
只对所有服务器真实网卡上的地址进行反馈，解析

二，LVS-DR配置过程

环境设定：

DR 服务器：192.168.18.100
web 服务器1：192.168.18.90
web 服务器2：192.168.18.91
vip（虚拟回环）：192.168.18.123
客户端：192.168.18.156

1，配置负载调度服务器

192.168.18.100配置

关闭防火墙和setenforce

[root@localhost ~]# systemctl stop firewalld.service 
[root@localhost ~]# setenforce 0

安装服务

[root@localhost ~]# yum install ipvsadm.x86_64  -y

启动服务

[root@localhost ~]# modprobe ip_vs   #启动模块
[root@localhost ~]# cat /proc/net/ip_vs  #查看
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port Forward Weight ActiveConn InActConn
[root@localhost ~]# ipvsadm-save>/etc/sysconfig/ipvsadm   #重定向服务保存位置
[root@localhost ~]# systemctl start ipvsadm.service       #开启服务

配置虚拟网卡（192.168.18.123）

[root@localhost ~]# cd /etc/sysconfig/network-scripts/  #切换目录
[root@localhost network-scripts]# ls
ifcfg-ens33  ifdown-ppp       ifup-ib      ifup-Team
ifcfg-lo     ifdown-routes    ifup-ippp    ifup-TeamPort
ifdown       ifdown-sit       ifup-ipv6    ifup-tunnel
ifdown-bnep  ifdown-Team      ifup-isdn    ifup-wireless
ifdown-eth   ifdown-TeamPort  ifup-plip    init.ipv6-global
ifdown-ib    ifdown-tunnel    ifup-plusb   network-functions
ifdown-ippp  ifup             ifup-post    network-functions-ipv6
ifdown-ipv6  ifup-aliases     ifup-ppp
ifdown-isdn  ifup-bnep        ifup-routes
ifdown-post  ifup-eth         ifup-sit
[root@localhost network-scripts]# cp ifcfg-ens33 ifcfg-ens33:0   #复制ens33配置文件为ens33:0
[root@localhost network-scripts]# vim ifcfg-ens33:0              #修改虚拟网卡配置文件

重启网卡服务

[root@localhost network-scripts]# systemctl restart network

调整/proc响应参数

[root@localhost network-scripts]# vim /etc/sysctl.conf 

# sysctl settings are defined through files in
# /usr/lib/sysctl.d/, /run/sysctl.d/, and /etc/sysctl.d/.
#
# Vendors settings live in /usr/lib/sysctl.d/.
# To override a whole file, create a new file with the same in
# /etc/sysctl.d/ and put new settings there. To override
# only specific settings, add a file with a lexically later
# name in /etc/sysctl.d/ and put new settings there.
#
# For more information, see sysctl.conf(5) and sysctl.d(5).
net.ipv4.ip_forward = 0                            #添加
net.ipv4.conf.all.send_redirects = 0               #添加
net.ipv4.conf.default.send_redirects = 0           #添加
net.ipv4.conf.ens33.send_redirects = 0             #添加




：wq

刷新配置

[root@localhost network-scripts]# sysctl -p
net.ipv4.ip_forward = 0
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0
[root@localhost network-scripts]#

清空ipvsadm配置 配置

[root@localhost network-scripts]# ipvsadm -C    #清空配置
[root@localhost network-scripts]# ipvsadm -A -t 192.168.18.123:80 -s rr

 #指定IP地址 虚拟ip地址  -s指定调度算法 rr  轮询

添加服务器

[root@localhost network-scripts]# ipvsadm -a -t 192.168.18.123:80 -r 192.168.18.90:80 -g
[root@localhost network-scripts]# ipvsadm -a -t 192.168.18.123:80 -r 192.168.18.91:80 -g
#添加真实服务器-a  指定VIP地址及TCP端口-t   指定RIP地址及TCP端口 -r 指定DR模式-g

查看配置，保存配置

[root@localhost network-scripts]# ipvsadm    #查看配置
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  localhost.localdomain:http rr
  -> 192.168.18.90:http           Route   1      0          0         
  -> 192.168.18.91:http           Route   1      0          0            
[root@localhost network-scripts]# ipvsadm-save >/etc/sysconfig/ipvsadm  #保存配置

2，节点服务器配置

1节点192.168.18.90

关闭防火墙和setenforce

[root@localhost ~]# systemctl stop firewalld.service
[root@localhost ~]# setenforce 0

安装httpd服务，开启服务

[root@localhost ~]# yum install httpd -y


[root@localhost ~]# systemctl start httpd

编写站点文件

[root@localhost network-scripts]# vim /var/www/html/index.html 

this is 192.168.18.90 web



：wq

配置虚拟回环网卡

[root@localhost ~]# cd /etc/sysconfig/network-scripts/  #切换目录
[root@localhost network-scripts]# ls
ifcfg-ens33    ifdown-Team      ifup-post
ifcfg-lo       ifdown-TeamPort  ifup-ppp
ifdown         ifdown-tunnel    ifup-routes
ifdown-bnep    ifup             ifup-sit
ifdown-eth     ifup-aliases     ifup-Team
ifdown-ib      ifup-bnep        ifup-TeamPort
ifdown-ippp    ifup-eth         ifup-tunnel
ifdown-ipv6    ifup-ib          ifup-wireless
ifdown-isdn    ifup-ippp        init.ipv6-global
ifdown-post    ifup-ipv6        network-functions
ifdown-ppp     ifup-isdn        network-functions-ipv6
ifdown-routes  ifup-plip
ifdown-sit     ifup-plusb
[root@localhost network-scripts]# cp ifcfg-lo ifcfg-lo:0  #复制配置文件   
[root@localhost network-scripts]# vim ifcfg-lo:0          #修改虚拟网卡

配置前

配置后

重启网络服务

[root@localhost network-scripts]# systemctl restart network

设置路由

[root@localhost network-scripts]# route add -host 192.168.18.123 dev lo:0 #设置
[root@localhost network-scripts]# route -n   #查看
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.18.2    0.0.0.0         UG    100    0        0 ens33
192.168.18.0    0.0.0.0         255.255.255.0   U     100    0        0 ens33
192.168.18.123  0.0.0.0         255.255.255.255 UH    0      0        0 lo
192.168.122.0   0.0.0.0         255.255.255.0   U     0      0        0 virbr0

上述只是临时生效，可以设置成开机自启

[root@localhost network-scripts]# vim /etc/rc.d/rc.local 

 

[root@localhost network-scripts]# chmod +x /etc/rc.d/rc.local  #赋予执行权限

 添加系统只响应目的IP为本地IP的ARP请求

系统不使用原地址来设置ARP请求的源地址，而是物理mac地址上的IP

[root@localhost network-scripts]# vim /etc/sysctl.conf 

# sysctl settings are defined through files in
# /usr/lib/sysctl.d/, /run/sysctl.d/, and /etc/sysctl.d/.
#
# Vendors settings live in /usr/lib/sysctl.d/.
# To override a whole file, create a new file with the same in
# /etc/sysctl.d/ and put new settings there. To override
# only specific settings, add a file with a lexically later
# name in /etc/sysctl.d/ and put new settings there.
#
# For more information, see sysctl.conf(5) and sysctl.d(5).
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.default.arp_ignore = 1
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2

[root@localhost network-scripts]# sysctl -p  
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.default.arp_ignore = 1
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2

2节点192.168.18.91

 关闭防火墙和setenforce

[root@localhost ~]# systemctl stop firewalld.service
[root@localhost ~]# setenforce 0

安装httpd服务，开启服务

[root@localhost ~]# yum install httpd -y


[root@localhost ~]# systemctl start httpd

编写站点文件

[root@localhost network-scripts]# vim /var/www/html/index.html 

this is 192.168.18.91 web



：wq

配置虚拟回环网卡

[root@localhost ~]# cd /etc/sysconfig/network-scripts/  #切换目录
[root@localhost network-scripts]# ls
ifcfg-ens33    ifdown-Team      ifup-post
ifcfg-lo       ifdown-TeamPort  ifup-ppp
ifdown         ifdown-tunnel    ifup-routes
ifdown-bnep    ifup             ifup-sit
ifdown-eth     ifup-aliases     ifup-Team
ifdown-ib      ifup-bnep        ifup-TeamPort
ifdown-ippp    ifup-eth         ifup-tunnel
ifdown-ipv6    ifup-ib          ifup-wireless
ifdown-isdn    ifup-ippp        init.ipv6-global
ifdown-post    ifup-ipv6        network-functions
ifdown-ppp     ifup-isdn        network-functions-ipv6
ifdown-routes  ifup-plip
ifdown-sit     ifup-plusb
[root@localhost network-scripts]# cp ifcfg-lo ifcfg-lo:0  #复制配置文件   
[root@localhost network-scripts]# vim ifcfg-lo:0          #修改虚拟网卡

配置前

配置后

重启网络服务

[root@localhost network-scripts]# systemctl restart network

设置路由

[root@localhost network-scripts]# route add -host 192.168.18.123 dev lo:0 #设置
[root@localhost network-scripts]# route -n   #查看
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.18.2    0.0.0.0         UG    100    0        0 ens33
192.168.18.0    0.0.0.0         255.255.255.0   U     100    0        0 ens33
192.168.18.123  0.0.0.0         255.255.255.255 UH    0      0        0 lo
192.168.122.0   0.0.0.0         255.255.255.0   U     0      0        0 virbr0

 添加系统只响应目的IP为本地IP的ARP请求

系统不使用原地址来设置ARP请求的源地址，而是物理mac地址上的IP

[root@localhost network-scripts]# vim /etc/sysctl.conf 

# sysctl settings are defined through files in
# /usr/lib/sysctl.d/, /run/sysctl.d/, and /etc/sysctl.d/.
#
# Vendors settings live in /usr/lib/sysctl.d/.
# To override a whole file, create a new file with the same in
# /etc/sysctl.d/ and put new settings there. To override
# only specific settings, add a file with a lexically later
# name in /etc/sysctl.d/ and put new settings there.
#
# For more information, see sysctl.conf(5) and sysctl.d(5).
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.default.arp_ignore = 1
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2

[root@localhost network-scripts]# sysctl -p  
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.default.arp_ignore = 1
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2

3，客户机测试

客户机IP设置

测试网络连通性

 网页测试负载均衡