lvs-nat 示例详解
lvs-nat 设计要点
- RIP与DIP在同一IP网络, RIP的网关要指向DIP
- 支持端口映射
- Director要打开核心转发功能
lvs-nat 示例步骤
1、绘制拓扑
2、各个虚拟机配置
2.1 RS1 和 RS2(配置 Nginx 服务)
-
RS1
[root@neo-neo ~]# ifconfig | grep "inet 192" inet 192.168.10.12 netmask 255.255.255.0 broadcast 192.168.10.255 [root@neo-neo ~]# cat /var/www/html/index.html <h1>RS1 web-server</h1> [root@neo-neo ~]# ss -tnl | grep 80 LISTEN 0 128 :::80 :::*
-
RS2
[root@Neo_Tang ~]# ifconfig | grep "inet 192" inet 192.168.10.13 netmask 255.255.255.0 broadcast 192.168.10.255 [root@Neo_Tang ~]# cat /var/www/html/index.html <h1>RS2 web-server</h1> [root@Neo_Tang ~]# ss -tnl | grep 80 LISTEN 0 128 :::80 :::*
2.2 RS1 和 RS2(配置默认路由,指向 VS)
-
RS1
[root@neo-neo ~]# route add default gw 192.168.10.11 [root@neo-neo ~]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.10.11 0.0.0.0 UG 0 0 0 ens37 192.168.10.0 0.0.0.0 255.255.255.0 U 101 0 0 ens37
-
RS2
[root@Neo_Tang ~]# route add default gw 192.168.10.11 [root@Neo_Tang ~]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.10.11 0.0.0.0 UG 0 0 0 ens37 192.168.10.0 0.0.0.0 255.255.255.0 U 101 0 0 ens37
2.3 VS 进行验证,看能否正常访问 RS1 和 RS2
[root@Neo_Tang ~]# curl http://192.168.10.12
<h1>RS1 web-server</h1>
[root@Neo_Tang ~]# curl http://192.168.10.13
<h1>RS2 web-server</h1>
2.4 VS 安装 ipvsadm
[root@Neo_Tang ~]# yum install ipvsadm -y
[root@Neo_Tang ~]# rpm -ql ipvsadm
/etc/sysconfig/ipvsadm-config
/usr/lib/systemd/system/ipvsadm.service
/usr/sbin/ipvsadm
/usr/sbin/ipvsadm-restore
/usr/sbin/ipvsadm-save
/usr/share/doc/ipvsadm-1.27
/usr/share/doc/ipvsadm-1.27/README
/usr/share/man/man8/ipvsadm-restore.8.gz
/usr/share/man/man8/ipvsadm-save.8.gz
/usr/share/man/man8/ipvsadm.8.gz
3、调度算法-RR
3.1 VS 进行集群设置和RS设置
[root@Neo_Tang ~]# ipvsadm -A -t 192.168.1.11:80 -s rr # 集群服务管理
[root@Neo_Tang ~]# ipvsadm -a -t 192.168.1.11:80 -r 192.168.10.12 -m # 集群RS1设置
[root@Neo_Tang ~]# ipvsadm -a -t 192.168.1.11:80 -r 192.168.10.13 -m # 集群RS2设置
[root@Neo_Tang ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.1.11:80 rr
-> 192.168.10.12:80 Masq 1 0 0
-> 192.168.10.13:80 Masq 1 0 0
3.2 用户A 进行web访问
[root@Tang-Neo ~]# ifconfig | grep "inet 192"
inet 192.168.1.9 netmask 255.255.255.0 broadcast 192.168.1.255
[root@Tang-Neo ~]# for i in {
1..10}; do curl http://192.168.1.11/index.html; done
<h1>RS1 web-server</h1>
<h1>RS2 web-server</h1>
<h1>RS1 web-server</h1>
<h1>RS2 web-server</h1>
<h1>RS1 web-server</h1>
<h1>RS2 web-server</h1>
<h1>RS1 web-server</h1>
<h1>RS2 web-server</h1>
<h1>RS1 web-server</h1>
<h1>RS2 web-server</h1>
3.3 用户B 进行web访问
[root@neo ~]# ifconfig | grep "inet 192"
inet 192.168.1.10 netmask 255.255.255