LVS(linux virual server)
LVS集群技術---NAT模式
一.準備四臺虛擬機
1.client(eth0=ip:172.254.100)
2.lvs(eth0=ip:172.254.200;eth1=ip:192.168.0.200)
3.rs1(eht0=ip:192.168.0.10)
4.rs2(eth0=ip:192.168.0.20)
二:在rs1和rs2安裝httpd功能
dnf/yum install htppd -y
三:在rs1上操作
?[root@RS1 ~]# systemctl disable --now firewalld ? #禁用并停止 firewalld 服務
[root@RS1 ~]# echo RS1 - 192.168.0.10 > /var/www/html/index.html #創建并寫入內容到 index.html 文件:
[root@RS1 ~]# systemctl enable --now http d ? ? #啟用并啟動 Apache HTTP 服務
在rs2操作相同
四:在lvs操作
[root@lvs ~]# sysctl -a | grep ip_forwardnet.ipv4.ip_forward = 0 #net.ipv4.ip_forward = 0:這意味著當前 IPv4 數據包轉發功能被禁用了(值為0表示禁用,1表示啟用)net.ipv4.ip_forward_update_priority = 1net.ipv4.ip_forward_use_pmtu = 0[root@lvs ~]# echo net.ipv4.ip_forward=1 > /etc/sysctl.conf #這條命令將 net.ipv4.ip_forward=1 寫入到了 /etc/sysctl.conf 配置文件中,使得系統在啟動時啟用 IPv4 轉發。[root@lvs ~]# sysctl -p #使用 sysctl -p 使配置立即生效。net.ipv4.ip_forward = 1
五:檢查lvs需要的安裝包
dnf search lvs
六:在lvs上安裝ipvsadm
dnf install ipvsadm -y
七:查看策略調度機制
watch -n1 ipvsadm -Ln
八:配置一個虛擬服務
ipvsadm -A -t
172.25.254.200:80 -s rr #這條命令使用?ipvsadm
?工具配置一個虛擬服務?172.25.254.200:80
,并使用?輪詢(Round Robin)?調度算法(-S rr
)來分發流量到后端服務器
[root@lvs ~]# ipvsadm -E -t 172.25.254.200:80 -s wrr #-E表示更改為wrr機制 TCP 172.25.254.200:80 wrr[root@lvs ~]# ipvsadm -E -t 172.25.254.200:80 -s wrr -p 360 #-p設置持久連接超時規定時間內同一來源請求調度到同一realserver-----這里時間設為360TCP 172.25.254.200:80 wrr persistent 360
[root@lvs ~]# ipvsadm -A -f 66 -s rr #設置火墻?TCP 172.25.254.200:80 wrr persistent 360FWM 66 rr
刪除機制
[root@lvs ~]# ipvsadm -D -f 66 #刪除火墻-D?[root@lvs ~]# ipvsadm -C #全部刪除
九:模式不能混用
[root@lvs ~]# ipvsadm -A -t 172.25.254.200:80 -s rr[root@lvs ~]# ipvsadm -a -t 172.25.254.200:80 -r 192.168.0.10:80 -g[root@lvs ~]# ipvsadm -a -t 172.25.254.200:80 -r 192.168.0.20:80 -g#-g為直連路由
[root@lvs ~]# ipvsadm -a -t 172.25.254.200:80 -r 192.168.0.20:80 -m[root@lvs ~]# ipvsadm -a -t 172.25.254.200:80 -r 192.168.0.10:80 -m#-m為nat模式
[root@lvs ~]# ipvsadm -e -t 172.25.254.200:80 -r 192.168.0.20:80 -i[root@lvs ~]# ipvsadm -e -t 172.25.254.200:80 -r 192.168.0.10:80 -i#-e為切換模式 -i為ipip隧道模式
十:設置權重
[root@lvs ~]# ipvsadm -e -t 172.25.254.200:80 -r 192.168.0.10:80 -i -w 2#-w 后面跟數字代表權重這里設置2--權重不是所有模式一定生效
十一:保存策略
[root@lvs ~]# ipvsadm-save -n > /mnt/ipvsadm.rule如果用ipvsadm -C刪除后用命令
ipvsadm-restore < /mnt/ipvsadm.rule
恢復策略
永久保存 #開機時加載策略
ipvsadm-save -n > /etc/sysconfig/ipvsadm
十二:測試
LVS---DR模式
一:實驗環境
client?? ?eth0=ip 172.25.254.111
路由器?? ?eth0=ip 172.25.254.100 eth1=ip192.168.0.100
DR-LVS?? ?eth0=ip 192.168.0.200
RS1?? ?eth0=ip192.168.0.10
RS2?? ?eth0=ip 192.168.0.20
二:客戶端 clent網絡設置
[connection]
id=eth0
type=ethernet
interface-name=eth0[ipv4]
method=manual
address1=172.25.254.111/24,172.25.254.100
dns=8.8.8.8
三:路由器網絡設置
(1) eth0 配置
[connection]
id=eth0
type=ethernet
interface-name=eth0[ipv4]
method=manual
address1=172.25.254.100/24
(2) eth1 配置
[connection]
id=eth1
type=ethernet
interface-name=eth1[ipv4]
method=manual
address1=192.168.0.100/24
(3) 激活網口
nmcli connection reload
nmcli connection up eth0
nmcli connection up eth1
(4) 開啟路由轉發功能
[root@luyou ~] vim /etc/sysctl.conf #編輯文件開啟內核路由功能net.ipv4.ip_forward=1開啟內核路由功能[root@luyou ~] sysctl -p #激活
[root@luyou system-connections] firewall-cmd --permanent --add-masquerade
Warning: ALREADY_ENABLED: masquerade
success
四:lvs主機設置
網口eth0.nmconnection
[root@dr-lvs system-connections] cat eth0.nmconnection
[connection]
id=eth0
type=ethernet
interface-name=eth0[ipv4]
method=manual
address1=192.168.0.200/24,192.168.0.100
address2=192.168.0.220/24
dns=8.8.8.8[root@dr-lvs system-connections]# nmcli connection reload #重啟
[root@dr-lvs system-connections]# nmcli connection up eth0 #激活
[root@dr-lvs system-connections] cat lo.nmconnection
[connection]
id=lo
type=loopback
interface-name=lo[ipv4]
pmethod=manual#靜態
address1=127.0.0.1/8
address2=192.168.0.220/32不對外相應32
[root@dr-lvs system-connections]# nmcli connection reload #重啟
[root@dr-lvs system-connections]# nmcli connection up lo #激活
五:RS1和RS2設置
1.RS1設置
[root@RS1 system-connections]# cat eth0.nmconnection
[connection]
id=eth0
type=ethernet
interface-name=eth0[ipv4]
method=manual
address1=192.168.0.10/24,192.168.0.100
dns=8.8.8.8
[root@RS1 system-connections]# cat lo.nmconnection
[connection]
id=lo
type=loopback
interface-name=lo[ipv4]
method=manual
address1=127.0.0.1/8
address2=192.168.0.220/32
設置相應管控
[root@RS1 ~] sysctl -a | grep arp #搜索arp相關設置[root@RS1 ~] echo net.ipv4.conf.lo.arp_ignore =1 >> /etc/sysctl.conf[root@RS1 ~] echo net.ipv4.conf.lo.arp_announce = 2 >> /etc/sysctl.conf[root@RS1 ~] echo net.ipv4.conf.all.arp_ignore = 1 >> /etc/sysctl.conf[root@RS1 ~] echo net.ipv4.conf.all.arp_announce = 2 >> /etc/sysctl.conf[root@RS1 ~] sysctl -p #生效
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
vnet.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
2.RS2設置
[root@RS2 system-connections]# cat eth0.nmconnection
[connection]
id=eth0
type=ethernet
interface-name=eth0[ipv4]
method=manual
address1=192.168.0.20/24,192.168.0.100
dns=8.8.8.8
[root@RS2 system-connections]# cat lo.nmconnection
[connection]
id=lo
type=loopback
interface-name=lo[ipv4]
method=manual
address1=127.0.0.1/8
address2=192.168.0.220/32
[root@RS2 ~] sysctl -a | grep arp #搜索arp相關設置[root@RS2 ~] echo net.ipv4.conf.lo.arp_ignore =1 >> /etc/sysctl.conf[root@RS2 ~] echo net.ipv4.conf.lo.arp_announce = 2 >> /etc/sysctl.conf[root@RS2 ~] echo net.ipv4.conf.all.arp_ignore = 1 >> /etc/sysctl.conf[root@RS2 ~] echo net.ipv4.conf.all.arp_announce = 2 >> /etc/sysctl.conf[root@RS2 ~] sysctl -p #生效
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
vnet.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2