LVS是Linux Virtual Server的简写,Linux虚拟服务器,是一个虚拟的服务器集群系统。
类型
LVS调度方法
LVS DR
四层:D_NAT :::S,D
四层:DR模型
负载均衡器只需要处理上行数据realserver处理后直接返回客户端解决了NAT的I/O瓶颈问题。
负载均衡器和realserver在同一个局域网
二层技术:MAC地址欺骗:节点间,下一跳。
对外隐藏,对内可见的VIP
四层:TUN模型(隧道技术,VPN)
LVS是Linux Virtual Server的简写,意即Linux虚拟服务器,是一个虚拟的服务器集群系统。本项目在1998年5月由章文嵩博士成立,是中国国内最早出现的自由软件项目之一。
隐藏VIP方法:对外隐藏,对内可见
LVS命令:监控多个端口号
ipvs内核
yum -y install ipvsadm
集群管理服务
ipvsadm -A -t 192.168.159.98:80 -s rr
ipvsadm -A -t 172.16.11.1:8080 -s rr
LVS命令:管理集群服务中的RS
添加:-a -t|u|f service-address [-g|i|m] -w weight
-t|u|f service-address:事先定义好某集群服务
-r service-address:某RS的地址,在NAT模型中,可使用IP:PORT实现端口映射
[-g|i|m] :LVS类型
g:DR
i:TUN
m:NAT
修改:-e
删除:-d -t|u|f service-address -r server-address
ipvsadm -a -t 172.16.100.1:80 -r 192.168.10.8 -g
ipvsadm -a -t 172.16.100.1:80 -r 192.168.10.8 -g
查看:
删除所有集群服务
保存规则
-S
ipvsadm -S > /path/to/somefile
载入此前的规则
-R
ipvsadm -R < /path/to/somefile
具体配置:
1.准备3台虚拟机
2.先配置3台虚拟机的网络
3.配置lvs的VIP
4.调整RS的响应,通告级别
echo 1 > /proc/sys/net/ipv4/conf/eth0/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/eth0/arp_announce
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
5.配置RS的VIP(每一台PS都配)
ifconfig lo:8 192.168.159.97 netmask 255.255.255.255
1.准备四台服务器,node01,node02,node03,node04
2.配置4台虚拟机的网络,先打通DIP,RIP的网络(DIP(node01),RIP(其他三台)必须在同一网段)
注意:在xshell中使用发送键盘输入的所有会话,进行快速操作
3.配置lvs的VIP
[root@node01 ~]# ifconfig eth0:2 192.168.159.120/24
[root@node01 ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:E8:99:52
inet addr:192.168.159.97 Bcast:192.168.159.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fee8:9952/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:8941 errors:0 dropped:0 overruns:0 frame:0
TX packets:1385 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:582425 (568.7 KiB) TX bytes:96202 (93.9 KiB)
eth0:2 Link encap:Ethernet HWaddr 00:0C:29:E8:99:52
inet addr:192.168.159.120 Bcast:192.168.159.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
注意:以上配法只是临时配置,一旦重启服务器,配置即失效。
设置数据包的转发功能
#临时配置
[root@node01 ~]# echo 1 > /proc/sys/net/ipv4/ip_forward
4.调整RS的响应,通告级别(每一台RS都配)
[root@node02 ~]# cd /proc/sys/net/ipv4/conf
[root@node02 conf]# ll
total 0
dr-xr-xr-x 0 root root 0 Jun 1 05:24 all
dr-xr-xr-x 0 root root 0 Jun 1 05:06 default
dr-xr-xr-x 0 root root 0 Jun 1 05:24 eth0
dr-xr-xr-x 0 root root 0 Jun 1 05:24 lo
[root@node02 conf]# cd eth0
[root@node02 eth0]# ll
total 0
-rw-r--r-- 1 root root 0 Jun 1 05:25 accept_local
-rw-r--r-- 1 root root 0 Jun 1 05:25 accept_redirects
-rw-r--r-- 1 root root 0 Jun 1 05:25 accept_source_route
-rw-r--r-- 1 root root 0 Jun 1 05:25 arp_accept
-rw-r--r-- 1 root root 0 Jun 1 05:25 arp_announce
-rw-r--r-- 1 root root 0 Jun 1 05:25 arp_filter
-rw-r--r-- 1 root root 0 Jun 1 05:25 arp_ignore
-rw-r--r-- 1 root root 0 Jun 1 05:25 arp_notify
-rw-r--r-- 1 root root 0 Jun 1 05:25 bootp_relay
-rw-r--r-- 1 root root 0 Jun 1 05:25 disable_policy
-rw-r--r-- 1 root root 0 Jun 1 05:25 disable_xfrm
-rw-r--r-- 1 root root 0 Jun 1 05:25 force_igmp_version
-rw-r--r-- 1 root root 0 Jun 1 05:25 forwarding
-rw-r--r-- 1 root root 0 Jun 1 05:25 log_martians
-r--r--r-- 1 root root 0 Jun 1 05:25 mc_forwarding
-rw-r--r-- 1 root root 0 Jun 1 05:25 medium_id
-rw-r--r-- 1 root root 0 Jun 1 05:25 promote_secondaries
-rw-r--r-- 1 root root 0 Jun 1 05:25 proxy_arp
-rw-r--r-- 1 root root 0 Jun 1 05:25 proxy_arp_pvlan
-rw-r--r-- 1 root root 0 Jun 1 05:25 route_localnet
-rw-r--r-- 1 root root 0 Jun 1 05:25 rp_filter
-rw-r--r-- 1 root root 0 Jun 1 05:25 secure_redirects
-rw-r--r-- 1 root root 0 Jun 1 05:25 send_redirects
-rw-r--r-- 1 root root 0 Jun 1 05:25 shared_media
-rw-r--r-- 1 root root 0 Jun 1 05:25 src_valid_mark
-rw-r--r-- 1 root root 0 Jun 1 05:25 tag
[root@node02 eth0]# echo 1 > arp_ignore
[root@node02 eth0]# echo 2 > arp_announce
[root@node02 eth0]# pwd
/proc/sys/net/ipv4/conf/eth0
#对未来新增接口做预配置
[root@node02 eth0]# cd ..
[root@node02 conf]# ll
total 0
dr-xr-xr-x 0 root root 0 Jun 1 05:24 all
dr-xr-xr-x 0 root root 0 Jun 1 05:06 default
dr-xr-xr-x 0 root root 0 Jun 1 05:24 eth0
dr-xr-xr-x 0 root root 0 Jun 1 05:24 lo
[root@node02 conf]# cd all
[root@node02 all]# ls
accept_local accept_source_route arp_announce arp_ignore bootp_relay disable_xfrm forwarding mc_forwarding promote_secondaries proxy_arp_pvlan rp_filter send_redirects src_valid_mark
accept_redirects arp_accept arp_filter arp_notify disable_policy force_igmp_version log_martians medium_id proxy_arp route_localnet secure_redirects shared_media tag
[root@node02 all]# echo 1 > arp_ignore
[root@node02 all]# echo 2 > arp_announce
简化写法
[root@node03 ~]# echo 1 > /proc/sys/net/ipv4/conf/eth0/arp_ignore
[root@node03 ~]# echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
[root@node03 ~]# echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
[root@node03 ~]# echo 2 > /proc/sys/net/ipv4/conf/eth0/arp_announce
5.给每个RS配置VIP
[root@node02 all]# ifconfig lo:8 192.168.159.120 netmask 255.255.255.255
[root@node02 all]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:5F:DA:06
inet addr:192.168.159.98 Bcast:192.168.159.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe5f:da06/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:943 errors:0 dropped:0 overruns:0 frame:0
TX packets:358 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:74685 (72.9 KiB) TX bytes:43344 (42.3 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
lo:8 Link encap:Local Loopback
inet addr:192.168.159.120 Mask:255.255.255.255
UP LOOPBACK RUNNING MTU:16436 Metric:1
6.启动RS上的httpd
#安装httpd服务
yum -y install httpd
#编辑每台服务器响应的内容
cd /var/www/html
vi index.html
------------------------------------------------------------
from [RS的IP地址]
------------------------------------------------------------
#启动httpd服务
service httpd start
验证httpd服务是否启动成功
在客户端浏览器上访问每一台RS服务器的httpd服务,按照每一台RS的真实ip地址访问
启动httpd时报错
Starting httpd: httpd: apr_sockaddr_info_get() failed for node02
httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName
[ OK ]
解决方法
vi /etc/hosts
------------------------------------------------------------------------------------------
127.0.0.1 localhost.localdomain localhost 主机名
7.LVS——安装ipvsadm,配置lvs集群
#安装ipvsadm
yum -y install ipvsadm
#1.设置监控的包
[root@node01 ~]# ipvsadm -A -t 192.168.159.120:80 -s rr
[root@node01 ~]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.159.120:80 rr
#2.添加负载的列表
[root@node01 ~]# ipvsadm -a -t 192.168.159.120:80 -r 192.168.159.98:80 -g
[root@node01 ~]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.159.120:80 rr
-> 192.168.159.98:80 Route 1 0 0
[root@node01 ~]# ipvsadm -a -t 192.168.159.120:80 -r 192.168.159.99:80 -g
[root@node01 ~]# ipvsadm -a -t 192.168.159.120:80 -r 192.168.159.100:80 -g
[root@node01 ~]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.159.120:80 rr
-> 192.168.159.98:80 Route 1 0 0
-> 192.168.159.99:80 Route 1 0 0
-> 192.168.159.100:80 Route 1 0 0
ipvsadm常用命令
#1.偷窥RS
[root@node01 ~]# ipvsadm -lnc
IPVS connection entries
pro expire state source virtual destination
TCP 00:17 FIN_WAIT 192.168.159.1:60664 192.168.159.120:80 192.168.159.100:80
TCP 00:17 FIN_WAIT 192.168.159.1:60666 192.168.159.120:80 192.168.159.98:80
TCP 00:10 FIN_WAIT 192.168.159.1:60621 192.168.159.120:80 192.168.159.98:80
TCP 00:13 FIN_WAIT 192.168.159.1:60643 192.168.159.120:80 192.168.159.100:80
TCP 00:08 FIN_WAIT 192.168.159.1:60612 192.168.159.120:80 192.168.159.98:80
TCP 00:14 FIN_WAIT 192.168.159.1:60648 192.168.159.120:80 192.168.159.98:80
TCP 00:14 FIN_WAIT 192.168.159.1:60645 192.168.159.120:80 192.168.159.98:80
TCP 00:06 FIN_WAIT 192.168.159.1:60601 192.168.159.120:80 192.168.159.100:80
TCP 00:09 FIN_WAIT 192.168.159.1:60616 192.168.159.120:80 192.168.159.100:80
TCP 00:09 FIN_WAIT 192.168.159.1:60615 192.168.159.120:80 192.168.159.98:80
TCP 00:07 FIN_WAIT 192.168.159.1:60607 192.168.159.120:80 192.168.159.100:80
TCP 00:15 FIN_WAIT 192.168.159.1:60652 192.168.159.120:80 192.168.159.100:80
TCP 00:17 FIN_WAIT 192.168.159.1:60662 192.168.159.120:80 192.168.159.99:80
TCP 00:14 FIN_WAIT 192.168.159.1:60647 192.168.159.120:80 192.168.159.99:80
以上LVS集群就已经搭建好了。