LVS-NAT演示:
测试环境:
OS:rhel6.4
Director:
Vip:192.168.10.118
Dip:192.168.20.1
RS1: Rip:192.168.20.11
RS2: Rip:192.168.20.12
PS:Director上有两块网卡,一块是桥接网络 eth0(公网地址),另一块使用内部网络 eth1;RS1和RS2上都只有一块网卡都使用的是内部网络 eth0;为了避免其他因素的影响需要关闭防火墙和selinux;
1.在Director上看内核是否已经支持ipvs模块
# grep -E -i "ipvs|IP_VS" /boot/config-2.6.32-358.el6.x86_64
2.在Director上安装ipvsadm
# mount -r /dev/cdrom /media/cdrom
# vim /etc/yum.repo.d/server.repo
[Base]
name=server
baseurl=file:///media/cdrom/Server
enable=1
gpgcheck=0
# yum -y install ipvsadm
PS:如果系统用的是其他的版本没有自带ipvsadm的rpm包,可以去 www.rpmfind.net 上下载;
3.在Director上配置启用eth1网卡(eth0是使用之前的配置,这里不再修改)
# ifconfig eth1 192.168.20.1/24 up
# ifconfig ###查看eth1是否已经启用并配置成功
4.在RS1和RS2上安装httpd服务
# mount -r /dev/cdrom /media/cdrom
# vim /etc/yum.repo.d/server.repo
[Base]
name=server
baseurl=file:///media/cdrom/Server
enable=1
gpgcheck=0
# yum -y install httpd
# echo "web 1 server
" > /var/www/html/index.html ###RS1
# echo "web 2 server
" > /var/www/html/index.html ###RS2
5.在RS1上配置Rip(eth0)
# ifconfig eth0 192.168.20.11/24
# route add default gw 192.168.20.1
# service httpd restart
6.在RS2上配置Rip(eth0)
# ifconfig eth0 192.168.20.12/24
# route add default gw 192.168.20.1
# service httpd restart
7.在RS1和RS2上测试看是否能ping通网关
# ping 192.168.20.1
8.在Director上看是否能ping同RS1和RS2以及是否能访问web服务
# ping 192.168.20.11
# ping 192.168.20.12
# curl http://192.168.20.11
# curl http://192.168.20.12
9.在Director上打开路由转发功能
# vim /etc/sysctl.conf
net.ipv4_forward=1
# sysctl -p
10.在Director上配置Vip
# ifconfig eth0:0 192.168.10.118
11.在Director上配置集群服务
# ipvsadm -A -t 192.168.10.118:80 -s rr ###定义一个集群服务
# ipvsadm -a -t 192.168.10.118:80 -r 192.168.20.11 -m ###向指定的集群服务里添加RS
# ipvsadm -a -t 192.168.10.118:80 -r 192.168.20.12 -m
# ipvsadm -L -n ###查看集群配置信息
12.在宿主机上访问 192.168.10.118 看是否能看到测试页面及使用的是否为轮询的方式
13.在RS上查看httpd的访问日志能看到Cip的真实地址
14.修改一个已经定义的集群使其负载调度算法为wrr
# ipvsadm -E -t 192.168.10.118:80 -s wrr
# ipvsadm -e -t 192.168.10.118:80 -r 192.168.20.11 -m -w 3
# ipvsadm -e -t 192.168.10.118:80 -r 192.168.20.12 -m -w 1
15.再次进行访问测试
16.保存ipvs规则到文件中
# ipvsadm-save | service ipvsadm save
17.提供在Director上配置服务脚本:
# vim /etc/rc.d/init.d/lvs-nat
#!/bin/bash
#
# chkconfig: - 88 12
# description: LVS script for VS/NAT
#
. /etc/rc.d/init.d/functions
#Vip,Dip,Rip Setting
VIP=192.168.10.118
DIP=192.168.20.1
RIP1=192.168.20.11
RIP2=192.168.20.12
#install ipvsadm
/bin/umount /dev/cdrom
/bin/mount -r /dev/cdrom /media/cdrom
/bin/touch /etc/yum.repos.d/server.repo
echo -e "[Base]\nname=server\nbaseurl=file:///medai/cdrom/Server\nenable=1\ngpgcheck=0" > /etc/yum.repos.d/server.repo
/usr/bin/yum -y remove ipvsadm
/usr/bin/yum -y install ipvsadm
# start | stop
case "$1" in
start)
# set Dip
/sbin/ifconfig eth1 $DIP netmask 255.255.255.0 up
# set Vip
/sbin/ifconfig eth0:0 $VIP netmask 255.255.255.0 up
# Since this is the Director we must be able to forward packets
echo 1 > /proc/sys/net/ipv4/ip_forward
# Clear all iptables rules.
/sbin/iptables -F
# Reset iptables counters.
/sbin/iptables -Z
# Clear all ipvsadm rules/services.
/sbin/ipvsadm -C
# Add an IP virtual service for VIP 192.168.10.118 port 80
# In this recipe, we will use the round-robin scheduling method.
# In production, however, you should use a weighted, dynamic scheduling method.
/sbin/ipvsadm -A -t $VIP:80 -s rr
# Now direct packets for this VIP to
# the real server IP (RIP) inside the cluster
/sbin/ipvsadm -a -t $VIP:80 -r $RIP1 -m
/sbin/ipvsadm -a -t $VIP:80 -r $RIP2 -m
/bin/touch /var/lock/subsys/ipvsadm.lock
;;
stop)
# Stop forwarding packets
echo 0 > /proc/sys/net/ipv4/ip_forward
# Reset ipvsadm
/sbin/ipvsadm -C
# Bring down the VIP interface
ifconfig eth0:0 down
rm -rf /var/lock/subsys/ipvsadm.lock
;;
status)
[ -e /var/lock/subsys/ipvsadm.lock ] && echo "ipvs is running..." || echo "ipvsadm is stopped..."
;;
*)
echo "Usage: $0 {start|stop}"
;;
esac
18.赋予执行权限
# chmod +x /etc/rc.d/init.d/lvs-nat
# chkconfig --add lvs-nat
19.启动服务
# service lvs-nat start