LVS ipvsadm 命令的使用
1、LVS-server安装lvs管理软件
yum -y install ipvsadm
程序包:ipvsadm(LVS管理工具)
主程序:/usr/sbin/ipvsadm
规则保存工具:/usr/sbin/ipvsadm-save > /path/to/file
配置文件:/etc/sysconfig/ipvsadm-config
2、命令选项
-A --add-service #在服务器列表中新添加一条新的虚拟服务器记录
-s --scheduler #使用的调度算法, rr | wrr | lc | wlc | lblb | lblcr | dh | sh | sed | nq 默认调度算法是 wlc
例:ipvsadm -A -t 192.168.1.250:80 -s wrr
-a --add-server #在服务器表中添加一条新的真实主机记录
-t --tcp-service #说明虚拟服务器提供tcp服务
-u --udp-service #说明虚拟服务器提供udp服务
-r --real-server #真实服务器地址
-m --masquerading #指定LVS工作模式为NAT模式
-w --weight #真实服务器的权值
-g --gatewaying #指定LVS工作模式为直接路由器模式(也是LVS默认的模式)
-i --ip #指定LVS的工作模式为隧道模式
-p #会话保持时间,定义流量被转到同一个realserver的会话存留时间
例:ipvsadm -a -t 192.168.1.2:80 -r 192.168.2.10:80 -m -w 1
-E -edit-service #编辑内核虚拟服务器表中的一条虚拟服务器记录。
-D -delete-service #删除内核虚拟服务器表中的一条虚拟服务器记录。
-C -clear #清除内核虚拟服务器表中的所有记录。
-R -restore #恢复虚拟服务器规则
-S -save #保存虚拟服务器规则到标准输出,输出为-R 选项可读的格式
-e -edit-server #编辑一条虚拟服务器记录中的某条真实服务器记录
-d -delete-server #删除一条虚拟服务器记录中的某条真实服务器记录
-L|-l –list #显示内核虚拟服务器表
--numeric, -n:#以数字形式输出地址和端口号
--exact: #扩展信息,精确值
--connection,-c: #当前IPVS连接输出
--stats: #统计信息
--rate : #输出速率信息
ipvsadm -D -t|u|f service-address 删除一个集群服务
ipvsadm -C 清空所有的规则
ipvsadm -R 重新载入规则
ipvsadm -S [-n] 保存规则
ipvsadm -L|l [options] 查看
options:
-n:numeric,基于数字格式显示地址和端口
-c:connection,显示当前ipvs连接
--stats:统计数据
--rate:输出速率信息
--exact:显示精确值,不做单位换算
参数也可以从/proc/net/ip_vs*映射文件中查看
-Z –zero #虚拟服务表计数器清零(清空当前的连接数量等)
DR模式配置http负载均衡
//先在两台RS上部署好网站服务然后关闭防火墙,selinux
[root@RS1 ~]# yum -y install httpd
[root@RS1 ~]# systemctl enable --now httpd
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.
[root@RS1 ~]# echo hello rs1 > /var/www/html/index.html
[root@RS1 ~]# systemctl restart httpd
[root@RS2 ~]# yum -y install httpd
[root@RS2 ~]# systemctl enable --now httpd
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.
[root@RS2 ~]# echo hello rs2 > /var/www/html/index.html
[root@RS2 ~]# systemctl restart httpd
[root@RS2 ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 *:80 *:*
LISTEN 0 128 [::]:22 [::]:*
//DR配置VIP
[root@localhost ~]# ip addr add 192.168.216.250/24 dev ens33
[root@localhost ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:b8:1e:94 brd ff:ff:ff:ff:ff:ff
inet 192.168.216.179/24 brd 192.168.216.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet 192.168.216.250/24 scope global secondary ens33
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:feb8:1e94/64 scope link
valid_lft forever preferred_lft forever
//安装命令,配置转发规则
[root@localhost ~]# yum -y install ipvsadm
[root@localhost ~]# echo net.ipv4.ip_forward = 1 >> /etc/sysctl.conf
[root@localhost ~]# sysctl -p
net.ipv4.ip_forward = 1
//添加虚拟主机和调度规则
[root@localhost ~]# ipvsadm -At 192.168.216.250:80 -s rr
[root@localhost ~]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.216.250:80 rr
//将RS添加进来
[root@localhost ~]# ipvsadm -at 192.168.216.250:80 -r 192.168.216.200:80 -m
[root@localhost ~]# ipvsadm -at 192.168.216.250:80 -r 192.168.216.202:80 -m
[root@localhost ~]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.216.250:80 rr
-> 192.168.216.200:80 Masq 1 0 0
-> 192.168.216.202:80 Masq 1 0 0
[root@localhost ~]# curl 192.168.216.200
hello rs1
[root@localhost ~]# curl 192.168.216.202
hello rs2
[root@localhost ~]# curl 192.168.216.250
hello rs1
[root@localhost ~]# curl 192.168.216.250
hello rs2
//2次访问192.168.216.250,轮询得到不同的结果
[root@localhost ~]# ipvsadm-save > ipv.txt //保存规则到到一个文件
[root@localhost ~]# ipvsadm-restore < ipv.txt //读取文件的规则
NAT模式配置http负载均衡
//先在两台RS上部署好网站服务然后关闭防火墙,selinux
[root@RS1 ~]# yum -y install httpd
[root@RS1 ~]# systemctl enable --now httpd
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.
[root@RS1 ~]# echo hello 1111 > /var/www/html/index.html
[root@RS1 ~]# systemctl restart httpd
[root@RS2 ~]# yum -y install httpd
[root@RS2 ~]# systemctl enable --now httpd
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.
[root@RS2 ~]# echo hello 2222 > /var/www/html/index.html
[root@RS2 ~]# systemctl restart httpd
//与前面一样不同的是网站内容
//DR配置VIP
[root@localhost ~]# ip addr add 192.168.216.250/24 dev ens33
[root@localhost ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:b8:1e:94 brd ff:ff:ff:ff:ff:ff
inet 192.168.216.179/24 brd 192.168.216.255 scope global noprefixroute ens33
inet 192.168.216.250/24 scope global secondary ens33
valid_lft forever preferred_lft foreve
//RS1和RS2配置内核参数
[root@RS1 ~]# vim /etc/sysctl.conf
[root@RS1 ~]# sysctl -p
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
[root@RS2 ~]# vim /etc/sysctl.conf
[root@RS2 ~]# sysctl -p
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
//要先设置好内核参数在配置VIP,如果先配置VIP,VIP配置好后会立即通告给所有人
[root@RS2 ~]# ip addr add 192.168.216.250/24 dev ens160
[root@RS2 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:b6:9b:7a brd ff:ff:ff:ff:ff:ff
inet 192.168.216.202/24 brd 192.168.216.255 scope global dynamic noprefixroute ens160
valid_lft 1414sec preferred_lft 1414sec
inet 192.168.216.250/24 scope global secondary ens160
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:feb6:9b7a/64 scope link noprefixroute
valid_lft forever preferred_lft forever
[root@RS1 ~]# ip addr add 192.168.216.250/24 dev ens160
[root@RS1 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:0c:29:63:5f:81 brd ff:ff:ff:ff:ff:ff
inet 192.168.216.200/24 brd 192.168.216.255 scope global noprefixroute ens160
valid_lft forever preferred_lft forever
inet 192.168.216.250/24 scope global secondary ens160
valid_lft forever preferred_lft forever
//DR上添加转发规则
[root@localhost ~]# yum -y install ipvsadm
[root@localhost ~]# ipvsadm -At 192.168.216.250:80 -s rr
[root@localhost ~]# ipvsadm -at 192.168.216.250:80 -r 192.168.216.200:80 -g
[root@localhost ~]# ipvsadm -at 192.168.216.250:80 -r 192.168.216.202:80 -g
[root@localhost ~]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.216.250:80 rr
-> 192.168.216.200:80 Route 1 0 0
-> 192.168.216.202:80 Route 1 0 0
等一会刷新