LVS-NAT演示:

          测试环境:

                 OS:rhel6.4

                 Director:

                              Vip:192.168.10.118

                              Dip:192.168.20.1

                 RS1: Rip:192.168.20.11 

                 RS2: Rip:192.168.20.12

PS:Director上有两块网卡,一块是桥接网络 eth0(公网地址),另一块使用内部网络 eth1;RS1和RS2上都只有一块网卡都使用的是内部网络 eth0;为了避免其他因素的影响需要关闭防火墙和selinux;


1.在Director上看内核是否已经支持ipvs模块

     # grep -E -i "ipvs|IP_VS" /boot/config-2.6.32-358.el6.x86_64 

2.在Director上安装ipvsadm

     # mount -r /dev/cdrom /media/cdrom

     # vim /etc/yum.repo.d/server.repo

           [Base]

           name=server

           baseurl=file:///media/cdrom/Server

           enable=1

           gpgcheck=0

     # yum -y install ipvsadm

PS:如果系统用的是其他的版本没有自带ipvsadm的rpm包,可以去 www.rpmfind.net 上下载;

3.在Director上配置启用eth1网卡(eth0是使用之前的配置,这里不再修改)

     # ifconfig eth1 192.168.20.1/24 up

     # ifconfig                   ###查看eth1是否已经启用并配置成功

4.在RS1和RS2上安装httpd服务

     # mount -r /dev/cdrom /media/cdrom

     # vim /etc/yum.repo.d/server.repo

           [Base]

           name=server

           baseurl=file:///media/cdrom/Server

           enable=1

           gpgcheck=0

     # yum -y install httpd

     # echo "

web 1 server

" > /var/www/html/index.html    ###RS1

     # echo "

web 2 server

" > /var/www/html/index.html    ###RS2

5.在RS1上配置Rip(eth0)

     # ifconfig eth0 192.168.20.11/24

     # route add default gw 192.168.20.1

     # service httpd restart

6.在RS2上配置Rip(eth0) 

     # ifconfig eth0 192.168.20.12/24

     # route add default gw 192.168.20.1

     # service httpd restart

7.在RS1和RS2上测试看是否能ping通网关

     # ping 192.168.20.1

8.在Director上看是否能ping同RS1和RS2以及是否能访问web服务

     # ping 192.168.20.11

     # ping 192.168.20.12

     # curl http://192.168.20.11

     # curl http://192.168.20.12

9.在Director上打开路由转发功能

     # vim /etc/sysctl.conf

           net.ipv4_forward=1 

     # sysctl -p 

10.在Director上配置Vip

     # ifconfig eth0:0 192.168.10.118

11.在Director上配置集群服务

      # ipvsadm -A -t 192.168.10.118:80 -s rr     ###定义一个集群服务

      # ipvsadm -a -t 192.168.10.118:80 -r 192.168.20.11 -m  ###向指定的集群服务里添加RS

      # ipvsadm -a -t 192.168.10.118:80 -r 192.168.20.12 -m

      # ipvsadm -L -n   ###查看集群配置信息

12.在宿主机上访问 192.168.10.118 看是否能看到测试页面及使用的是否为轮询的方式

13.在RS上查看httpd的访问日志能看到Cip的真实地址

14.修改一个已经定义的集群使其负载调度算法为wrr

       # ipvsadm -E -t 192.168.10.118:80 -s wrr

       # ipvsadm -e -t 192.168.10.118:80 -r 192.168.20.11 -m -w 3

       # ipvsadm -e -t 192.168.10.118:80 -r 192.168.20.12 -m -w 1

15.再次进行访问测试

16.保存ipvs规则到文件中

       # ipvsadm-save   |  service ipvsadm save


17.提供在Director上配置服务脚本:

       # vim /etc/rc.d/init.d/lvs-nat

#!/bin/bash
#
# chkconfig: - 88 12
# description: LVS script for VS/NAT
#
 . /etc/rc.d/init.d/functions
#Vip,Dip,Rip Setting

 VIP=192.168.10.118
 DIP=192.168.20.1
 RIP1=192.168.20.11
 RIP2=192.168.20.12

#install  ipvsadm
  /bin/umount /dev/cdrom
  /bin/mount -r /dev/cdrom  /media/cdrom

  /bin/touch  /etc/yum.repos.d/server.repo
  echo -e "[Base]\nname=server\nbaseurl=file:///medai/cdrom/Server\nenable=1\ngpgcheck=0" > /etc/yum.repos.d/server.repo

 /usr/bin/yum -y remove ipvsadm
 /usr/bin/yum -y install ipvsadm

# start | stop
 case "$1" in
      start)    
   
# set Dip
 /sbin/ifconfig eth1 $DIP netmask 255.255.255.0 up  
   
# set Vip
 /sbin/ifconfig eth0:0 $VIP netmask 255.255.255.0 up

# Since this is the Director we must be able to forward packets
 echo 1 > /proc/sys/net/ipv4/ip_forward

# Clear all iptables rules.
 /sbin/iptables -F

# Reset iptables counters.
 /sbin/iptables -Z

# Clear all ipvsadm rules/services.
 /sbin/ipvsadm -C

# Add an IP virtual service for VIP 192.168.10.118 port 80
# In this recipe, we will use the round-robin scheduling method.
# In production, however, you should use a weighted, dynamic scheduling method.
 /sbin/ipvsadm -A -t $VIP:80 -s rr

# Now direct packets for this VIP to
# the real server IP (RIP) inside the cluster
 /sbin/ipvsadm -a -t $VIP:80 -r $RIP1 -m
 /sbin/ipvsadm -a -t $VIP:80 -r $RIP2 -m
 
 /bin/touch /var/lock/subsys/ipvsadm.lock
;;

stop)
# Stop forwarding packets
 echo 0 > /proc/sys/net/ipv4/ip_forward

# Reset ipvsadm
 /sbin/ipvsadm -C

# Bring down the VIP interface
 ifconfig eth0:0 down
 
 rm -rf /var/lock/subsys/ipvsadm.lock
;;

status)
 [ -e /var/lock/subsys/ipvsadm.lock ] && echo "ipvs is running..." || echo "ipvsadm is stopped..."
;;
*)
 echo "Usage: $0 {start|stop}"
;;
esac

18.赋予执行权限

       # chmod +x /etc/rc.d/init.d/lvs-nat

       # chkconfig --add lvs-nat

19.启动服务

       # service lvs-nat start