目录
LVS之DR模式实战
3台机器
DS:192.168.179.130
RS1:192.168.179.131
RS2:192.168.179.132
VIP:192.168.179.100 ——>三台机器上都需要配置VIP
DR上操作
环境准备:
1. 关闭防火墙
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# setenforce 0
2. 加载ip_vs模块
[root@localhost ~]# modprobe ip_vs -----加载内核模块
[root@localhost ~]# cat /proc/net/ip_vs -----查看当前ip_vs模块加载情况
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
3. 安装管理软件ipvsadm
[root@localhost ~]# yum -y install ipvsadm -----安装管理软件ipvsadm,不需要启动
4. 配置虚拟地址
[root@localhost ~]# ifconfig lo:0 192.168.179.100 broadcast 192.168.179.100 netmask 255.255.255.255 up
注:再LVS方案中,虚拟ip地址和普通网络接口完全不同。虚拟ip地址的广播就是它自己本身,子网掩码是4个255,这样就不会造成ip地址冲突,否则lvs将不能正常的转发访问请求。
[root@localhost ~]# ip a -----查看VIP是否添加成功
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet 192.168.179.100/32 brd 192.168.179.100 scope global lo:0
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:d5:df:f7 brd ff:ff:ff:ff:ff:ff
inet 192.168.179.130/24 brd 192.168.179.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet6 fe80::8252:b9a6:afff:3331/64 scope link noprefixroute
valid_lft forever preferred_lft forever
5. 配置路由
[root@localhost ~]# route add -host 192.168.119.100 dev lo:0
[root@localhost ~]# ipvsadm -C -----清除内核虚拟服务器表中的所有记录
6. 创建虚拟服务器
[root@localhost ~]# ipvsadm -A -t 192.168.179.100:80 -s rr -----添加服务器节点
[root@localhost ~]# ipvsadm -a -t 192.168.179.100:80 -r 192.168.179.131:80 -g
[root@localhost ~]# ipvsadm -a -t 192.168.179.100:80 -r 192.168.179.132:80 -g
[root@localhost ~]# ipvsadm -Ln -----查看是否成功
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.179.100:80 rr
-> 192.168.179.131:80 Route 1 0 0
-> 192.168.179.132:80 Route 1 0 0
RS1和RS2上操作(两台操作基本一致)
1. 关闭防火墙
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# setenforce 0
2. 安装httpd
[root@localhost ~]#yum -y install httpd -----安装apache服务
3. 修改web访问页面
[root@localhost ~]# echo "test1" > /var/www/html/index.html -----因为要测试,需要保持两台服务器页面不一致
[root@localhost ~]# echo "test2" > /var/www/html/index.html -----因为要测试,需要保持两台服务器页面不一致
[root@localhost ~]# systemctl restart httpd -----重启apache
4. 配置虚拟地址
[root@localhost ~]# ifconfig lo:0 192.168.179.100 broadcast 192.168.179.100 netmask 255.255.255.255 up
注:再LVS方案中,虚拟ip地址和普通网络接口完全不同。虚拟ip地址的广播就是它自己本身,子网掩码是4个255,这样就不会造成ip地址冲突,否则lvs将不能正常的转发访问请求。
[root@localhost ~]# ip a -----查看VIP是否添加成功
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet 192.168.179.100/32 brd 192.168.179.100 scope global lo:0
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:d5:df:f7 brd ff:ff:ff:ff:ff:ff
inet 192.168.179.130/24 brd 192.168.179.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet6 fe80::8252:b9a6:afff:3331/64 scope link noprefixroute
valid_lft forever preferred_lft forever
5. 配置路由
[root@localhost ~]# route add -host 192.168.119.100 dev lo:0
[root@localhost ~]# ipvsadm -C -----清除内核虚拟服务器表中的所有记录
6. 添加内核参数
echo "1" > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce
echo "2" > /proc/sys/net/ipv4/conf/lo/arp_announce
[root@localhost ~]# sysctl -p -----刷新到内存
7. 登录网页验证