网站导航
> 文档中心 > Linux学习-LVS之NAT模型部署

Linux学习-LVS之NAT模型部署

网友: 文档中心 2022-05-05 21:51:43

以下实例通过Vmware下Centos7系统上部署

环境准备

  1. 准备3台centos7虚拟机
  2. Director Server:VIP:192.168.88.101,DIP:172.16.1.3
  3. Real Server1(web服务器):RIP1:172.16.1.2 网关(指向Director Server):172.16.1.3
  4. Real Server2(web服务器):RIP2:172.16.1.4 网关(指向Director Server):172.16.1.3

基本配置(网络)

#--------Director配置[root@ds ~]# ip addr1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00    inet 127.0.0.1/8 scope host lovalid_lft forever preferred_lft forever    inet6 ::1/128 scope host valid_lft forever preferred_lft forever2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000    link/ether 00:0c:29:48:d3:cd brd ff:ff:ff:ff:ff:ff    inet 192.168.88.101/24 brd 192.168.88.255 scope global noprefixroute ens33valid_lft forever preferred_lft forever    inet6 fe80::a03d:1c5b:d3d8:111c/64 scope link noprefixroute valid_lft forever preferred_lft forever3: ens37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000    link/ether 00:0c:29:48:d3:d7 brd ff:ff:ff:ff:ff:ff    inet 172.16.1.3/24 brd 172.16.1.255 scope global noprefixroute ens37valid_lft forever preferred_lft forever    inet6 fe80::7586:86b3:e6bd:c477/64 scope link noprefixroute valid_lft forever preferred_lft forever#---------RS1网络配置[root@rs1 ~]# ifconfigens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500 inet 172.16.1.2  netmask 255.255.255.0  broadcast 172.16.1.255 inet6 fe80::2792:a1c1:4941:9616  prefixlen 64  scopeid 0x20<link> inet6 fe80::b28c:edf9:5114:7241  prefixlen 64  scopeid 0x20<link> ether 00:0c:29:f6:fc:bd  txqueuelen 1000  (Ethernet) RX packets 322  bytes 53537 (52.2 KiB) RX errors 0  dropped 0  overruns 0  frame 0 TX packets 376  bytes 39955 (39.0 KiB) TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0#查看网关配置[root@rs1 ~]# ip routedefault via 172.16.1.3 dev ens33 proto static metric 100 172.16.1.0/24 dev ens33 proto kernel scope link src 172.16.1.2 metric 100 #--------RS2网络配置[root@rs2 ~]# ifconfigens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500 inet 172.16.1.4  netmask 255.255.255.0  broadcast 172.16.1.255 inet6 fe80::2792:a1c1:4941:9616  prefixlen 64  scopeid 0x20<link> inet6 fe80::8a17:99a0:3797:98ee  prefixlen 64  scopeid 0x20<link> inet6 fe80::b28c:edf9:5114:7241  prefixlen 64  scopeid 0x20<link> ether 00:0c:29:90:1b:3e  txqueuelen 1000  (Ethernet) RX packets 297  bytes 48616 (47.4 KiB) RX errors 0  dropped 0  overruns 0  frame 0 TX packets 358  bytes 34366 (33.5 KiB) TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0#查看网关配置[root@rs2 ~]# ip route listdefault via 172.16.1.3 dev ens33 proto static metric 100 172.16.1.0/24 dev ens33 proto kernel scope link src 172.16.1.4 metric 100

在DS安装ipvsadm

[root@ds ~]# yum install -y ipvsadm#设置网络转发[root@ds ~]# cat /proc/sys/net/ipv4/ip_forward1#如网络转发没打开,则手动配置,并通过sysctl -p 使之生效[root@ds ~]# cat /etc/sysctl.d/ip_net.conf net.ipv4.ip_forward = 1#配置ipvs规则#添加集群[root@ds ~]# ipvsadm -A -t 192.168.88.101:80 -s rr[root@ds ~]# ipvsadm -L -nIP Virtual Server version 1.2.1 (size=4096)Prot LocalAddress:Port Scheduler Flags  -> RemoteAddress:Port    Forward Weight ActiveConn InActConnTCP  192.168.88.101:80 rr#添加RS主机[root@ds ~]# ipvsadm -a -t 192.168.88.101:80 -r 172.16.1.2 -m[root@ds ~]# ipvsadm -a -t 192.168.88.101:80 -r 172.16.1.4 -m[root@ds ~]# ipvsadm -l -nIP Virtual Server version 1.2.1 (size=4096)Prot LocalAddress:Port Scheduler Flags  -> RemoteAddress:Port    Forward Weight ActiveConn InActConnTCP  192.168.88.101:80 rr  -> 172.16.1.2:80  Masq    1      0   0    -> 172.16.1.4:80  Masq    1      0   0

配置RS1,RS2为web服务器

#在RS1和RS2两台服务器上安装nginx或httpd#httpd编译安装--https://blog.csdn.net/xuwenpeng/article/details/115679566#通过yum install -y httpd安装即可#nginx编译安装--https://blog.csdn.net/xuwenpeng/article/details/116557439#通过yum install -y nginx安装即可#安装完成后启动nginx或httpd服务,实现以nginx为例#在RS1,RS2启动nginx服务[root@rs1 ~]# /usr/local/nginx/sbin/nginx [root@rs2 ~]# /usr/local/nginx/sbin/nginx#修改RS1和RS2主页[root@rs1 ~]# cat /usr/local/nginx/html/index.html<h1>RS1 Server</h1>[root@rs2 ~]# cat /usr/local/nginx/html/index.html<h1>RS2 Server</h2>#在DS上测试RS1和RS2Web服务[root@ds ~]# curl 172.16.1.2<h1>RS1 Server</h1>[root@ds ~]# curl 172.16.1.4<h1>RS2 Server</h2>

ipvsadm命令

#-n|--numeric:基于数字格式显示地址和端口#-c|--connection:显示ipvs连接#--stats:输出统计数据#--rate:速率#--exact:显示精确值不做单位换算
[root@ds ~]# ipvsadm -L -cIPVS connection entriespro expire statesource      virtual     destinationTCP 01:57  TIME_WAIT   localhost:60532    localhost:http     172.16.1.2:webcacheTCP 01:55  TIME_WAIT   localhost:60530    localhost:http     172.16.1.2:webcache[root@ds ~]# ipvsadm -L -n --statsIP Virtual Server version 1.2.1 (size=4096)Prot LocalAddress:Port Conns   InPkts  OutPkts  InBytes OutBytes  -> RemoteAddress:PortTCP  192.168.88.101:80    18      150      106    16117    12586  -> 172.16.1.2:808085640     3600     4192  -> 172.16.1.4:808021410      900     104[root@ds ~]# ipvsadm -L -n --rateIP Virtual Server version 1.2.1 (size=4096)Prot LocalAddress:Port   CPS    InPPS   OutPPS    InBPS   OutBPS  -> RemoteAddress:PortTCP  192.168.88.101:80     0 0 0 0 0  -> 172.16.1.2:80800 0 0 0 0  -> 172.16.1.4:80800 0 0 0 #保存ipvs规则至本地磁盘[root@ds ~]# ipvsadm -S >/etc/sysconfig/ipvsadm#清空ipvsadm规则[root@ds ~]# ipvsadm -C[root@ds ~]# ipvsadm -L -nIP Virtual Server version 1.2.1 (size=4096)Prot LocalAddress:Port Scheduler Flags  -> RemoteAddress:Port    Forward Weight ActiveConn InActConn#载入ipvs规则[root@ds ~]# ipvsadm -R < /etc/sysconfig/ipvsadm[root@ds ~]# ipvsadm -L -nIP Virtual Server version 1.2.1 (size=4096)Prot LocalAddress:Port Scheduler Flags  -> RemoteAddress:Port    Forward Weight ActiveConn InActConnTCP  127.0.0.1:80 rr  -> 172.16.1.2:80  Masq    1      0   0    -> 172.16.1.4:80  Masq    1      0   0  #删除指定的RS[root@ds ~]# ipvsadm -d -t 192.168.88.101:80 -r 172.16.1.2      [root@ds ~]# ipvsadm -d -t 192.168.88.101:80 -r 172.16.1.4[root@ds ~]# ipvsadm -l -nIP Virtual Server version 1.2.1 (size=4096)Prot LocalAddress:Port Scheduler Flags  -> RemoteAddress:Port    Forward Weight ActiveConn InActConnTCP  192.168.88.101:80 rr#修改调度算法,修改成dh后,同一主机访问时,会定位至同一后端server响应[root@ds ~]# ipvsadm -E -t 192.168.88.101:80 -s dh[root@ds ~]# ipvsadm -L -nIP Virtual Server version 1.2.1 (size=4096)Prot LocalAddress:Port Scheduler Flags  -> RemoteAddress:Port    Forward Weight ActiveConn InActConnTCP  192.168.88.101:80 dh  -> 172.16.1.2:8080Masq    1      0   0    -> 172.16.1.4:8080Masq    1      0   0

Linux学习-LVS之NAT模型部署 创作打卡挑战赛 Linux学习-LVS之NAT模型部署 赢取流量/现金/CSDN周边激励大奖

网络标签:

相关问题