目录
一,LVS-DR原理介绍
客户机发起请求,经过调度服务器(lvs),经过算法调度,去访问真实服务器(RS)
由于不原路返回,客户机不知道,真实主机的ip地址,
所以只能通过调度服务器的外网ip(vip)去反回报文信息
访问过程(不靠路过程中的问题):
客户端---->外网地址12.0.0.100 12.0.0.100---->客户端
#12.0.0.18-----客户端 客户端会直接丢弃
对每台真实服务器配置外网地址 12.0.0.100
12.0.0.100------>客户端
出现的问题:
问题1
IP 地址冲突的
路由器发送ARP请求(广播)
ARP---->广播去找ip地址解析成mac地址
默认使用调度服务器上的外网地址(vip地址)响应,
在真实服务器上修改内核参数
使真实服务器只对自己服务器上的真实IP地址响应ARP解析。第二次再有访问请求
问题2
路由器上绑定了 真实服务器1的mac信息,
#请求到达真实服务器
在真实服务器上修改内核参数
只对所有服务器真实网卡上的地址进行反馈,解析
二,LVS-DR配置过程
环境设定:
DR 服务器:192.168.18.100
web 服务器1:192.168.18.90
web 服务器2:192.168.18.91
vip(虚拟回环):192.168.18.123
客户端:192.168.18.156
1,配置负载调度服务器
192.168.18.100配置
关闭防火墙和setenforce
[root@localhost ~]# systemctl stop firewalld.service
[root@localhost ~]# setenforce 0
安装服务
[root@localhost ~]# yum install ipvsadm.x86_64 -y
启动服务
[root@localhost ~]# modprobe ip_vs #启动模块
[root@localhost ~]# cat /proc/net/ip_vs #查看
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
[root@localhost ~]# ipvsadm-save>/etc/sysconfig/ipvsadm #重定向服务保存位置
[root@localhost ~]# systemctl start ipvsadm.service #开启服务
配置虚拟网卡(192.168.18.123)
[root@localhost ~]# cd /etc/sysconfig/network-scripts/ #切换目录
[root@localhost network-scripts]# ls
ifcfg-ens33 ifdown-ppp ifup-ib ifup-Team
ifcfg-lo ifdown-routes ifup-ippp ifup-TeamPort
ifdown ifdown-sit ifup-ipv6 ifup-tunnel
ifdown-bnep ifdown-Team ifup-isdn ifup-wireless
ifdown-eth ifdown-TeamPort ifup-plip init.ipv6-global
ifdown-ib ifdown-tunnel ifup-plusb network-functions
ifdown-ippp ifup ifup-post network-functions-ipv6
ifdown-ipv6 ifup-aliases ifup-ppp
ifdown-isdn ifup-bnep ifup-routes
ifdown-post ifup-eth ifup-sit
[root@localhost network-scripts]# cp ifcfg-ens33 ifcfg-ens33:0 #复制ens33配置文件为ens33:0
[root@localhost network-scripts]# vim ifcfg-ens33:0 #修改虚拟网卡配置文件
重启网卡服务
[root@localhost network-scripts]# systemctl restart network
调整/proc响应参数
[root@localhost network-scripts]# vim /etc/sysctl.conf
# sysctl settings are defined through files in
# /usr/lib/sysctl.d/, /run/sysctl.d/, and /etc/sysctl.d/.
#
# Vendors settings live in /usr/lib/sysctl.d/.
# To override a whole file, create a new file with the same in
# /etc/sysctl.d/ and put new settings there. To override
# only specific settings, add a file with a lexically later
# name in /etc/sysctl.d/ and put new settings there.
#
# For more information, see sysctl.conf(5) and sysctl.d(5).
net.ipv4.ip_forward = 0 #添加
net.ipv4.conf.all.send_redirects = 0 #添加
net.ipv4.conf.default.send_redirects = 0 #添加
net.ipv4.conf.ens33.send_redirects = 0 #添加
:wq
刷新配置
[root@localhost network-scripts]# sysctl -p
net.ipv4.ip_forward = 0
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0
[root@localhost network-scripts]#
清空ipvsadm配置 配置
[root@localhost network-scripts]# ipvsadm -C #清空配置
[root@localhost network-scripts]# ipvsadm -A -t 192.168.18.123:80 -s rr
#指定IP地址 虚拟ip地址 -s指定调度算法 rr 轮询
添加服务器
[root@localhost network-scripts]# ipvsadm -a -t 192.168.18.123:80 -r 192.168.18.90:80 -g
[root@localhost network-scripts]# ipvsadm -a -t 192.168.18.123:80 -r 192.168.18.91:80 -g
#添加真实服务器-a 指定VIP地址及TCP端口-t 指定RIP地址及TCP端口 -r 指定DR模式-g
查看配置,保存配置
[root@localhost network-scripts]# ipvsadm #查看配置
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP localhost.localdomain:http rr
-> 192.168.18.90:http Route 1 0 0
-> 192.168.18.91:http Route 1 0 0
[root@localhost network-scripts]# ipvsadm-save >/etc/sysconfig/ipvsadm #保存配置
2,节点服务器配置
1节点192.168.18.90
关闭防火墙和setenforce
[root@localhost ~]# systemctl stop firewalld.service
[root@localhost ~]# setenforce 0
安装httpd服务,开启服务
[root@localhost ~]# yum install httpd -y
[root@localhost ~]# systemctl start httpd
编写站点文件
[root@localhost network-scripts]# vim /var/www/html/index.html
this is 192.168.18.90 web
:wq
配置虚拟回环网卡
[root@localhost ~]# cd /etc/sysconfig/network-scripts/ #切换目录
[root@localhost network-scripts]# ls
ifcfg-ens33 ifdown-Team ifup-post
ifcfg-lo ifdown-TeamPort ifup-ppp
ifdown ifdown-tunnel ifup-routes
ifdown-bnep ifup ifup-sit
ifdown-eth ifup-aliases ifup-Team
ifdown-ib ifup-bnep ifup-TeamPort
ifdown-ippp ifup-eth ifup-tunnel
ifdown-ipv6 ifup-ib ifup-wireless
ifdown-isdn ifup-ippp init.ipv6-global
ifdown-post ifup-ipv6 network-functions
ifdown-ppp ifup-isdn network-functions-ipv6
ifdown-routes ifup-plip
ifdown-sit ifup-plusb
[root@localhost network-scripts]# cp ifcfg-lo ifcfg-lo:0 #复制配置文件
[root@localhost network-scripts]# vim ifcfg-lo:0 #修改虚拟网卡
配置前
配置后
重启网络服务
[root@localhost network-scripts]# systemctl restart network
设置路由
[root@localhost network-scripts]# route add -host 192.168.18.123 dev lo:0 #设置
[root@localhost network-scripts]# route -n #查看
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.18.2 0.0.0.0 UG 100 0 0 ens33
192.168.18.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33
192.168.18.123 0.0.0.0 255.255.255.255 UH 0 0 0 lo
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
上述只是临时生效,可以设置成开机自启
[root@localhost network-scripts]# vim /etc/rc.d/rc.local
[root@localhost network-scripts]# chmod +x /etc/rc.d/rc.local #赋予执行权限
添加系统只响应目的IP为本地IP的ARP请求
系统不使用原地址来设置ARP请求的源地址,而是物理mac地址上的IP
[root@localhost network-scripts]# vim /etc/sysctl.conf
# sysctl settings are defined through files in
# /usr/lib/sysctl.d/, /run/sysctl.d/, and /etc/sysctl.d/.
#
# Vendors settings live in /usr/lib/sysctl.d/.
# To override a whole file, create a new file with the same in
# /etc/sysctl.d/ and put new settings there. To override
# only specific settings, add a file with a lexically later
# name in /etc/sysctl.d/ and put new settings there.
#
# For more information, see sysctl.conf(5) and sysctl.d(5).
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.default.arp_ignore = 1
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
[root@localhost network-scripts]# sysctl -p
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.default.arp_ignore = 1
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
2节点192.168.18.91
关闭防火墙和setenforce
[root@localhost ~]# systemctl stop firewalld.service
[root@localhost ~]# setenforce 0
安装httpd服务,开启服务
[root@localhost ~]# yum install httpd -y
[root@localhost ~]# systemctl start httpd
编写站点文件
[root@localhost network-scripts]# vim /var/www/html/index.html
this is 192.168.18.91 web
:wq
配置虚拟回环网卡
[root@localhost ~]# cd /etc/sysconfig/network-scripts/ #切换目录
[root@localhost network-scripts]# ls
ifcfg-ens33 ifdown-Team ifup-post
ifcfg-lo ifdown-TeamPort ifup-ppp
ifdown ifdown-tunnel ifup-routes
ifdown-bnep ifup ifup-sit
ifdown-eth ifup-aliases ifup-Team
ifdown-ib ifup-bnep ifup-TeamPort
ifdown-ippp ifup-eth ifup-tunnel
ifdown-ipv6 ifup-ib ifup-wireless
ifdown-isdn ifup-ippp init.ipv6-global
ifdown-post ifup-ipv6 network-functions
ifdown-ppp ifup-isdn network-functions-ipv6
ifdown-routes ifup-plip
ifdown-sit ifup-plusb
[root@localhost network-scripts]# cp ifcfg-lo ifcfg-lo:0 #复制配置文件
[root@localhost network-scripts]# vim ifcfg-lo:0 #修改虚拟网卡
配置前
配置后
重启网络服务
[root@localhost network-scripts]# systemctl restart network
设置路由
[root@localhost network-scripts]# route add -host 192.168.18.123 dev lo:0 #设置
[root@localhost network-scripts]# route -n #查看
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.18.2 0.0.0.0 UG 100 0 0 ens33
192.168.18.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33
192.168.18.123 0.0.0.0 255.255.255.255 UH 0 0 0 lo
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
添加系统只响应目的IP为本地IP的ARP请求
系统不使用原地址来设置ARP请求的源地址,而是物理mac地址上的IP
[root@localhost network-scripts]# vim /etc/sysctl.conf
# sysctl settings are defined through files in
# /usr/lib/sysctl.d/, /run/sysctl.d/, and /etc/sysctl.d/.
#
# Vendors settings live in /usr/lib/sysctl.d/.
# To override a whole file, create a new file with the same in
# /etc/sysctl.d/ and put new settings there. To override
# only specific settings, add a file with a lexically later
# name in /etc/sysctl.d/ and put new settings there.
#
# For more information, see sysctl.conf(5) and sysctl.d(5).
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.default.arp_ignore = 1
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
[root@localhost network-scripts]# sysctl -p
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.default.arp_ignore = 1
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
3,客户机测试
客户机IP设置
测试网络连通性
网页测试负载均衡