参考文档:http://www.linuxvirtualserver.org/Documents.html
LVS:linux virture server
常见的模式:
DR:(个人理解是当做负载均衡器)
-lvs将vip解析成RS的物理地址
-RS直接将信息发送给cip(client ip)
NAT:(个人理解是当做反向代理)
-进入的时候,将vip解释成rip(real ip)
-出去的时候,将rip解释成vip

说明:因为真正实现反向代理或者负载均衡是ip_vs,但是ip_vs是加载在linux的内核中,不能直接操作,所以需要ipvsadm进行管理,
ipvsadm的命令和iptables很相似,可以对照

测试结果:lvs配置的端口必须与后端的服务的端口一致,不能随便更改端口

查看ipvsadm帮助文档
man ipvsadm

1、安装
yum install ipvsadm.x86_64 -y
rpm -ql ipvsadm

2、将ip_vs加载到内核
/sbin/ipvsadm
lsmod |grep ip_vs
ip_vs 141092 0
nf_conntrack 133387 1 ip_vs
libcrc32c 12644 3 sctp,ip_vs,nf_conntrack

ln -s /usr/src/kernels/$(uname -r) /usr/src/linux

3、在lvs机器添加一个vip
ifconfig ens33:0 192.168.124.199/32 up

4、在lvs机器创建一个负载均衡器:
ipvsadm -A -t 192.168.124.199:80 -s wrr -p 20
添加RS服务器:
ipvsadm -a -t 192.168.124.199:80 -r 192.168.124.201:80 -g -w 1
ipvsadm -a -t 192.168.124.199:80 -r 192.168.124.200:80 -g -w 1
查看配置情况:
ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.124.199:81 wrr persistent 20
-> 192.168.124.200:81 Route 1 0 0
-> 192.168.124.201:81 Route 1 0 0

用ipvsadm-save的好处是可以保存到文件,然后用ipvsadm-restore直接恢复
ipvsadm-save -n
-A -t 192.168.124.199:81 -s wrr -p 20
-a -t 192.168.124.199:81 -r 192.168.124.200:81 -g -w 1
-a -t 192.168.124.199:81 -r 192.168.124.201:81 -g -w 1

5、在RS机器上添加vip:
ip addr add 192.168.124.199/32 dev lo label lo:0
ifconfig lo:0 down

6、手工在RS机器端抑制ARP响应
cat >>/etc/sysctl.conf
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2

sysctl -p

7、安装keepalived
yum install keepalived.x86_64 -y
Rpm -ql keepalived

修改配置:
MASTER
cat keepalived.conf
global_defs {
notification_email {br/>[email protected]
[email protected]/>[email protected]
}
notification_email_from [email protected]
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_01
vrrp_skip_check_adv_addr
vrrp_garp_interval 0
vrrp_gna_interval 0
}

vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.124.199
}
}

virtual_server 192.168.124.199 80 {
delay_loop 6
lb_algo wrr
lb_kind NAT
persistence_timeout 50
protocol TCP

real_server 192.168.124.201 80 {
    weight 2
    TCP_CHECK {  
    connect_timeout 10         
    nb_get_retry 3  
    delay_before_retry 3  
    connect_port 80  
    }  
}

}

BACKUP:
cat keepalived.conf
global_defs {
notification_email {br/>[email protected]
[email protected]/>[email protected]
}
notification_email_from [email protected]
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_02
vrrp_skip_check_adv_addr
vrrp_garp_interval 0
vrrp_gna_interval 0
}

vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 51
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.124.199
}
}

virtual_server 192.168.124.199 80 {
delay_loop 6
lb_algo wrr
lb_kind NAT
persistence_timeout 50
protocol TCP

real_server 192.168.124.200 80 {
    weight 1
    TCP_CHECK {  
    connect_timeout 10         
    nb_get_retry 3  
    delay_before_retry 3  
    connect_port 80  
    }  
}

real_server 192.168.124.201 80 {
    weight 2
    TCP_CHECK {  
    connect_timeout 10         
    nb_get_retry 3  
    delay_before_retry 3  
    connect_port 80  
    }  
}

}

注意:ping vip一直不通,原因是需要将vrrp_strict 删掉