LVS 集群技术基础
LVS(linux virual server)
LVS集群技术---NAT模式
一.准备四台虚拟机
1.client(eth0=ip:172.254.100)
2.lvs(eth0=ip:172.254.200;eth1=ip:192.168.0.200)
3.rs1(eht0=ip:192.168.0.10)
4.rs2(eth0=ip:192.168.0.20)
二:在rs1和rs2安装httpd功能
dnf/yum install htppd -y
三:在rs1上操作
[root@RS1 ~]# systemctl disable --now firewalld #禁用并停止 firewalld 服务
[root@RS1 ~]# echo RS1 - 192.168.0.10 > /var/www/html/index.html #创建并写入内容到 index.html 文件:
[root@RS1 ~]# systemctl enable --now http d #启用并启动 Apache HTTP 服务
在rs2操作相同
四:在lvs操作
[root@lvs ~]# sysctl -a | grep ip_forwardnet.ipv4.ip_forward = 0 #net.ipv4.ip_forward = 0:这意味着当前 IPv4 数据包转发功能被禁用了(值为0表示禁用,1表示启用)net.ipv4.ip_forward_update_priority = 1net.ipv4.ip_forward_use_pmtu = 0[root@lvs ~]# echo net.ipv4.ip_forward=1 > /etc/sysctl.conf #这条命令将 net.ipv4.ip_forward=1 写入到了 /etc/sysctl.conf 配置文件中,使得系统在启动时启用 IPv4 转发。[root@lvs ~]# sysctl -p #使用 sysctl -p 使配置立即生效。net.ipv4.ip_forward = 1
五:检查lvs需要的安装包
dnf search lvs
六:在lvs上安装ipvsadm
dnf install ipvsadm -y
七:查看策略调度机制
watch -n1 ipvsadm -Ln
八:配置一个虚拟服务
ipvsadm -A -t
172.25.254.200:80 -s rr #这条命令使用 ipvsadm
工具配置一个虚拟服务 172.25.254.200:80
,并使用 轮询(Round Robin) 调度算法(-S rr
)来分发流量到后端服务器
[root@lvs ~]# ipvsadm -E -t 172.25.254.200:80 -s wrr #-E表示更改为wrr机制 TCP 172.25.254.200:80 wrr[root@lvs ~]# ipvsadm -E -t 172.25.254.200:80 -s wrr -p 360 #-p设置持久连接超时规定时间内同一来源请求调度到同一realserver-----这里时间设为360TCP 172.25.254.200:80 wrr persistent 360
[root@lvs ~]# ipvsadm -A -f 66 -s rr #设置火墙TCP 172.25.254.200:80 wrr persistent 360FWM 66 rr
删除机制
[root@lvs ~]# ipvsadm -D -f 66 #删除火墙-D[root@lvs ~]# ipvsadm -C #全部删除
九:模式不能混用
[root@lvs ~]# ipvsadm -A -t 172.25.254.200:80 -s rr[root@lvs ~]# ipvsadm -a -t 172.25.254.200:80 -r 192.168.0.10:80 -g[root@lvs ~]# ipvsadm -a -t 172.25.254.200:80 -r 192.168.0.20:80 -g#-g为直连路由
[root@lvs ~]# ipvsadm -a -t 172.25.254.200:80 -r 192.168.0.20:80 -m[root@lvs ~]# ipvsadm -a -t 172.25.254.200:80 -r 192.168.0.10:80 -m#-m为nat模式
[root@lvs ~]# ipvsadm -e -t 172.25.254.200:80 -r 192.168.0.20:80 -i[root@lvs ~]# ipvsadm -e -t 172.25.254.200:80 -r 192.168.0.10:80 -i#-e为切换模式 -i为ipip隧道模式
十:设置权重
[root@lvs ~]# ipvsadm -e -t 172.25.254.200:80 -r 192.168.0.10:80 -i -w 2#-w 后面跟数字代表权重这里设置2--权重不是所有模式一定生效
十一:保存策略
[root@lvs ~]# ipvsadm-save -n > /mnt/ipvsadm.rule如果用ipvsadm -C删除后用命令
ipvsadm-restore < /mnt/ipvsadm.rule
恢复策略
永久保存 #开机时加载策略
ipvsadm-save -n > /etc/sysconfig/ipvsadm
十二:测试
LVS---DR模式
一:实验环境
client eth0=ip 172.25.254.111
路由器 eth0=ip 172.25.254.100 eth1=ip192.168.0.100
DR-LVS eth0=ip 192.168.0.200
RS1 eth0=ip192.168.0.10
RS2 eth0=ip 192.168.0.20
二:客户端 clent网络设置
[connection]
id=eth0
type=ethernet
interface-name=eth0[ipv4]
method=manual
address1=172.25.254.111/24,172.25.254.100
dns=8.8.8.8
三:路由器网络设置
(1) eth0 配置
[connection]
id=eth0
type=ethernet
interface-name=eth0[ipv4]
method=manual
address1=172.25.254.100/24
(2) eth1 配置
[connection]
id=eth1
type=ethernet
interface-name=eth1[ipv4]
method=manual
address1=192.168.0.100/24
(3) 激活网口
nmcli connection reload
nmcli connection up eth0
nmcli connection up eth1
(4) 开启路由转发功能
[root@luyou ~] vim /etc/sysctl.conf #编辑文件开启内核路由功能net.ipv4.ip_forward=1开启内核路由功能[root@luyou ~] sysctl -p #激活
[root@luyou system-connections] firewall-cmd --permanent --add-masquerade
Warning: ALREADY_ENABLED: masquerade
success
四:lvs主机设置
网口eth0.nmconnection
[root@dr-lvs system-connections] cat eth0.nmconnection
[connection]
id=eth0
type=ethernet
interface-name=eth0[ipv4]
method=manual
address1=192.168.0.200/24,192.168.0.100
address2=192.168.0.220/24
dns=8.8.8.8[root@dr-lvs system-connections]# nmcli connection reload #重启
[root@dr-lvs system-connections]# nmcli connection up eth0 #激活
[root@dr-lvs system-connections] cat lo.nmconnection
[connection]
id=lo
type=loopback
interface-name=lo[ipv4]
pmethod=manual#静态
address1=127.0.0.1/8
address2=192.168.0.220/32不对外相应32
[root@dr-lvs system-connections]# nmcli connection reload #重启
[root@dr-lvs system-connections]# nmcli connection up lo #激活
五:RS1和RS2设置
1.RS1设置
[root@RS1 system-connections]# cat eth0.nmconnection
[connection]
id=eth0
type=ethernet
interface-name=eth0[ipv4]
method=manual
address1=192.168.0.10/24,192.168.0.100
dns=8.8.8.8
[root@RS1 system-connections]# cat lo.nmconnection
[connection]
id=lo
type=loopback
interface-name=lo[ipv4]
method=manual
address1=127.0.0.1/8
address2=192.168.0.220/32
设置相应管控
[root@RS1 ~] sysctl -a | grep arp #搜索arp相关设置[root@RS1 ~] echo net.ipv4.conf.lo.arp_ignore =1 >> /etc/sysctl.conf[root@RS1 ~] echo net.ipv4.conf.lo.arp_announce = 2 >> /etc/sysctl.conf[root@RS1 ~] echo net.ipv4.conf.all.arp_ignore = 1 >> /etc/sysctl.conf[root@RS1 ~] echo net.ipv4.conf.all.arp_announce = 2 >> /etc/sysctl.conf[root@RS1 ~] sysctl -p #生效
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
vnet.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
2.RS2设置
[root@RS2 system-connections]# cat eth0.nmconnection
[connection]
id=eth0
type=ethernet
interface-name=eth0[ipv4]
method=manual
address1=192.168.0.20/24,192.168.0.100
dns=8.8.8.8
[root@RS2 system-connections]# cat lo.nmconnection
[connection]
id=lo
type=loopback
interface-name=lo[ipv4]
method=manual
address1=127.0.0.1/8
address2=192.168.0.220/32
[root@RS2 ~] sysctl -a | grep arp #搜索arp相关设置[root@RS2 ~] echo net.ipv4.conf.lo.arp_ignore =1 >> /etc/sysctl.conf[root@RS2 ~] echo net.ipv4.conf.lo.arp_announce = 2 >> /etc/sysctl.conf[root@RS2 ~] echo net.ipv4.conf.all.arp_ignore = 1 >> /etc/sysctl.conf[root@RS2 ~] echo net.ipv4.conf.all.arp_announce = 2 >> /etc/sysctl.conf[root@RS2 ~] sysctl -p #生效
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
vnet.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2