LVS-NAT模式
准备环境:
192.168.6.12 lvsweb1
192.168.6.13 lvsweb2
192.168.6.14 lvsnat
lvsweb1主机配置
[root@lvsweb1 ~]# yum install -y httpd
[root@lvsweb1 ~]# echo "hello lvsweb1" > /var/www/html/index.html
[root@lvsweb1 ~]# systemctl restart httpd
[root@lvsweb1 ~]# systemctl status httpd
[root@lvsweb1 ~]# nmtui ----配置192.168.6.12的网关192.168.6.14
[root@lvsweb1 ~]# ifdown eth0;ifup eth0
成功断开设备 'eth0'。
连接已成功激活(D-Bus 活动路径:/org/freedesktop/NetworkManager/ActiveConnection/5)
[root@lvsweb1 ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.6.14 0.0.0.0 UG 100 0 0 eth0
192.168.6.0 0.0.0.0 255.255.255.0 U 100 0 0 eth0
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
lvsweb2主机配置
[root@lvsweb2 ~]# yum install -y httpd
[root@lvsweb2 ~]# echo "hello lvsweb2" > /var/www/html/index.html
[root@lvsweb2 ~]# systemctl restart httpd
[root@lvsweb2 ~]# systemctl status httpd
[root@lvsweb2 ~]# nmtui ----配置192.168.6.13的网关192.168.6.14
[root@lvsweb2 ~]# ifdown eth0;ifup eth0
成功断开设备 'eth0'。
连接已成功激活(D-Bus 活动路径:/org/freedesktop/NetworkManager/ActiveConnection/5)
[root@lvsweb2 ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.6.14 0.0.0.0 UG 100 0 0 eth0
192.168.6.0 0.0.0.0 255.255.255.0 U 100 0 0 eth0
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
lvsnat主机配置
[root@lvsnat ~]# nmtui ----添加eth2网关
eth2: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 201.1.1.4 netmask 255.255.255.0 broadcast 201.1.1.255
[root@lvsnat ~]# echo net.ipv4.ip_forward = 1 > /etc/sysctl.conf
[root@lvsnat ~]# sysctl -p
net.ipv4.ip_forward = 1
[root@lvsnat ~]# ipvsadm -A -t 201.1.1.4:80 -s rr
[root@lvsnat ~]# ipvsadm -L
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP lvsnat:http rr
[root@lvsnat ~]# ipvsadm -a -t 201.1.1.4:80 -r 192.168.6.12 -m
[root@lvsnat ~]# ipvsadm -a -t 201.1.1.4:80 -r 192.168.6.13 -m
[root@lvsnat ~]# ipvsadm -L
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP lvsnat:http rr
-> 192.168.6.12:http Masq 1 0 0
-> 192.168.6.13:http Masq 1 0 0
-m 表示NAT模式,-t是TCP,-w 设置权重
[root@lvsnat ~]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 201.1.1.4:80 rr
-> 192.168.6.12:80 Masq 1 0 0
-> 192.168.6.13:80 Masq 1 0 0
测试:http://201.1.1.4/ ----可以轮询的访问
如果用浏览器查看的话,可能会得不到轮询的效果,主要是因为缓存或者浏览器的问题,我们可以用curl进行进一步的认证
[root@room9pc01 ~]# curl http://201.1.1.4
hello lvsweb2
[root@room9pc01 ~]# curl http://201.1.1.4
hello lvsweb1
扩展一些ipvsadm的命令
从虚拟服务器中删除RIP
ipvsadm -d -t 201.1.1.4:80 -r 192.168.6.12
删除虚拟服务器
ipvsadm -D -t 201.1.1.4:80
修改调度算法为WRR
ipvsadm -E -t 201.1.1.4:80 -s wrr
配置起来很简单的东西配置就会有一定的错误
故障切换脚本
[root@lvsnat ~]# mkdir bin
[root@lvsnat ~]# cd bin/
[root@lvsnat bin]# vim monitor_web.sh
#!/bin/bash
VIP=201.1.1.4:80
RIP1=192.168.6.12
RIP2=192.168.6.13
while :
do
for IP in $RIP1 $RIP2
do
curl http://$IP &> /dev/null
web_stat=$?
ipvsadm -Ln | grep $IP &> /dev/null
web_in_lvs=$?
if [ $web_stat -ne 0 -a $web_in_lvs -eq 0 ]; then
ipvsadm -d -t $VIP -r $IP
elif [ $web_stat -eq 0 -a $web_in_lvs -ne 0 ]; then
ipvsadm -a -t $VIP -r $IP -m
fi
done
sleep 1
done
LVS-DR模式
准备环境:
192.168.6.12 lvsweb1
192.168.6.13 lvsweb2
lvsdr主机配置192.168.6.15 VIP192.168.6.100
(注意:lvsweb1和lvsweb2用前一个模式配好的举例)
一、 拓扑:LVS调度器只有一个IP地址,它和real server在同一网络。
二、 客户机要把数据发给VIP。VIP需要出现在每台服务器上(调度器、web服务器)
三、 为了地址不冲突,需要把VIP配置在调度器的eth0上,把VIP配置在web服务器的lo上
四、 每台主机都有VIP,客户端发来的请求,只有LVS回应。为了实现这一点,需要改web服务器的内核参数
五、 实施
lvsdr主机配置192.168.6.15 VIP192.168.6.100
[root@lvsdr ~]# yum -y install ipvsadm
[root@lvsdr ~]# cd /etc/sysconfig/network-scripts/
[root@lvsdr network-scripts]# cp ifcfg-eth0 ifcfg-eth0:0
[root@lvsdr network-scripts]# vim ifcfg-eth0:0
[root@lvsdr network-scripts]# cat ifcfg-eth0:0
TYPE=Ethernet
BOOTPROTO=none
NAME=eth0:0
DEVICE=eth0:0
ONBOOT=yes
IPADDR=192.168.6.100
PREFIX=24
[root@lvsdr network-scripts]# ifup eth0:0
[root@lvsdr network-scripts]# ifconfig eth0:0
eth0:0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.6.100 netmask 255.255.255.0 broadcast 192.168.6.255
ether 52:54:00:19:99:d4 txqueuelen 1000 (Ethernet)
lvsweb1主机配置192.168.6.12 VIP192.168.6.100
[root@lvsweb1 ~]# cd /etc/sysconfig/network-scripts/
[root@lvsweb1 network-scripts]# cp ifcfg-lo ifcfg-lo:0
[root@lvsweb1 network-scripts]# vim ifcfg-lo:0
DEVICE=lo:0
IPADDR=192.168.6.100
NETMASK=255.255.255.255
NETWORK=192.168.6.100
# If you're having problems with gated making 127.0.0.0/8 a martian,
# you can change this to something else (255.255.255.255, for example)
BROADCAST=192.168.6.100
ONBOOT=yes
NAME=lo:0
[root@lvsweb1 network-scripts]# ifup lo:0
[root@lvsweb1 network-scripts]# ifconfig lo:0
lo:0: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 192.168.6.100 netmask 255.255.255.255
loop txqueuelen 1 (Local Loopback)
[root@lvsweb1 ~]#echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
[root@lvsweb1 ~]#echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
[root@lvsweb1 ~]#echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
[root@lvsweb1 ~]#echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
lvsweb1主机配置192.168.6.13 VIP192.168.6.100
[root@lvsweb2 ~]# cd /etc/sysconfig/network-scripts/
[root@lvsweb2 network-scripts]# cp ifcfg-lo ifcfg-lo:0
[root@lvsweb2 network-scripts]# vim ifcfg-lo:0
DEVICE=lo:0
IPADDR=192.168.6.100
NETMASK=255.255.255.255
NETWORK=192.168.6.100
# If you're having problems with gated making 127.0.0.0/8 a martian,
# you can change this to something else (255.255.255.255, for example)
BROADCAST=192.168.6.100
ONBOOT=yes
NAME=lo:0
[root@lvsweb2 network-scripts]# ifup lo:0
[root@lvsweb2 network-scripts]# ifconfig lo:0
lo:0: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 192.168.6.100 netmask 255.255.255.255
loop txqueuelen 1 (Local Loopback)
[root@lvsweb2 ~]#echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
[root@lvsweb2 ~]#echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
[root@lvsweb2 ~]#echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
[root@lvsweb2 ~]#echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
测试访问:
[root@pc1 ~]# curl http://192.168.6.100
hello lvsweb2
[root@pc1 ~]# curl http://192.168.6.100
hello lvsweb2
[root@pc1 ~]# curl http://192.168.6.100
hello lvsweb1