使用LVS的 NAT 模式实现 3 台RS的轮询访问

节点规划

1、配置RS

RS的网络配置为NAT模式，三台RS的网关配置为192.168.10.8

1.1配置RS1

1.1.1修改主机名和IP地址

[root@localhost ~]# hostnamectl hostname rs1
[root@localhost ~]# nmcli c modify ens160 ipv4.method manual ipv4.addresses 192.168.10.7/24 ipv4.gateway 192.168.10.8 connection.autoconnect yes
[root@localhost ~]# nmcli c up ens160

1.1.2安装nginx，修改默认访问页，测试

[root@rs1 ~]# dnf install nginx -y
[root@rs1 ~]# echo $(hostname -I) > /usr/share/nginx/html/index.html
[root@rs1 ~]# systemctl start nginx
[root@rs1 ~]# curl localhost
192.168.10.7

1.2配置RS2 

1.2.1修改主机名和IP地址

[root@localhost ~]# hostnamectl hostname rs2
[root@localhost ~]# nmcli c modify ens160 ipv4.method manual ipv4.addresses 192.168.10.17/24 ipv4.gateway 192.168.10.8 connection.autoconnect yes
[root@localhost ~]# nmcli c up ens160

1.2.2 安装nginx，修改默认访问页，测试

[root@rs2 ~]# dnf install nginx -y
[root@rs2 ~]# echo $(hostname -I) > /usr/share/nginx/html/index.html
[root@rs2 ~]# systemctl start nginx
[root@rs2 ~]# curl localhost
192.168.10.17

1.3配置RS3 

1.3.1修改主机名和IP地址

[root@localhost ~]# hostnamectl hostname rs3
[root@localhost ~]# nmcli c modify ens160 ipv4.method manual ipv4.addresses 192.168.10.27/24 ipv4.gateway 192.168.10.8 connection.autoconnect yes
[root@localhost ~]# nmcli c up ens160

  1.3.2安装nginx，修改默认访问页，测试

[root@rs3 ~]# dnf install nginx -y
[root@rs3 ~]# echo $(hostname -I) > /usr/share/nginx/html/index.html
[root@rs3 ~]# systemctl start nginx
[root@rs3 ~]# curl localhost
192.168.10.27

2、配置LVS 

2.1修改虚拟网络

lvs服务器有两块网卡，第一块网卡采用仅主机模式，IP 地址为 192.168.20.200，第二块网卡采用 NAT 模式，IP 地址为192.168.10.8

2.1.1修改网络设备连接名称

查看网络设备连接设备

[root@localhost ~]# nmcli connection show 
NAME                UUID                                  TYPE      DEVICE 
ens160              7b6ddf1c-4c7b-3bfd-b415-ca96de17cc9f  ethernet  ens160 
Wired connection 1  267b4a09-717b-3c98-b9cd-f144a31f474e  ethernet  ens224 
lo                  5d77457a-166c-4646-b4ba-501cf54a8ef7  loopback  lo    

修改Wired connection 1 改为 ens224

[root@localhost ~]# nmcli c modify 'Wired connection 1' connection.id ens224
[root@localhost ~]# nmcli connection show 
NAME    UUID                                  TYPE      DEVICE 
ens160  7b6ddf1c-4c7b-3bfd-b415-ca96de17cc9f  ethernet  ens160 
ens224  267b4a09-717b-3c98-b9cd-f144a31f474e  ethernet  ens224 
lo      5d77457a-166c-4646-b4ba-501cf54a8ef7  loopback  lo     

2.1.2修改主机名并配置仅主机模式网卡 

[root@localhost ~]# hostnamectl hostname lvs
[root@localhost ~]# nmcli c modify ens160 ipv4.method manual ipv4.addresses 192.168.20.200/24 ipv4.gateway 192.168.20.2 ipv4.dns 223.5.5.5 connection.autoconnect yes
[root@localhost ~]# nmcli c up ens160

2.1.3安装ipvsadm软件

[root@lvs ~]# dnf install ipvsadm -y

2.1.4配置NET模式网卡

[root@lvs ~]# nmcli c modify ens224 ipv4.method manual ipv4.addresses 192.168.10.8/24 ipv4.gateway 192.168.10.2 connection.autoconnect yes
[root@lvs ~]# nmcli c up ens224

2.1.5查看配置完的网络设备 

[root@lvs ~]# ip a
1: lo:  mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens160:  mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:0c:29:44:fb:7f brd ff:ff:ff:ff:ff:ff
    altname enp3s0
    inet 192.168.20.200/24 brd 192.168.20.255 scope global noprefixroute ens160
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fe44:fb7f/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
3: ens224:  mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:0c:29:44:fb:89 brd ff:ff:ff:ff:ff:ff
    altname enp19s0
    inet 192.168.10.8/24 brd 192.168.10.255 scope global noprefixroute ens224
       valid_lft forever preferred_lft forever
    inet6 fe80::4c3e:c674:776a:8407/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever

3、配置客户端 

客户端网络采用仅主机模式

3.1修改主机名和IP地址

[root@localhost ~]# hostnamectl hostname client
[root@localhost ~]# nmcli c modify ens160 ipv4.method manual ipv4.addresses 192.168.20.100/24 ipv4.gateway 192.168.20.2 ipv4.dns 223.5.5.5 connection.autoconnect yes
[root@localhost ~]# nmcli c up ens160

4、功能测试 

4.1启动ipvsadm服务

[root@lvs ~]# ipvsadm-save > /etc/sysconfig/ipvsadm
[root@lvs ~]# systemctl start ipvsadm

4.2做LVS规则匹配

4.2.1配置一条规则

[root@lvs ~]# ipvsadm -A -t 192.168.20.200:80 -s rr

4.2.2为规则增加RS 

[root@lvs ~]# ipvsadm -a -t 192.168.20.200:80 -r 192.168.10.7:80 -m -w 2
[root@lvs ~]# ipvsadm -a -t 192.168.20.200:80 -r 192.168.10.17:80 -m -w 2
[root@lvs ~]# ipvsadm -a -t 192.168.20.200:80 -r 192.168.10.27:80 -m -w 2

4.2.3列出当前LPVS表

[root@lvs ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  192.168.20.200:80 rr
  -> 192.168.10.7:80              Masq    2      0          0         
  -> 192.168.10.17:80             Masq    2      0          0         
  -> 192.168.10.27:80             Masq    2      0          0        

 4.2.4重启服务

[root@lvs ~]# systemctl restart ipvsadm

4.2.5配置内核转发参数

[root@lvs ~]# echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
[root@lvs ~]# sysctl -p
net.ipv4.ip_forward = 1

5、客户端测试 

[root@client ~]# curl 192.168.20.200
192.168.10.27
[root@client ~]# curl 192.168.20.200
192.168.10.17
[root@client ~]# curl 192.168.20.200
192.168.10.7
[root@client ~]# curl 192.168.20.200
192.168.10.27
[root@client ~]# curl 192.168.20.200
192.168.10.17
[root@client ~]# curl 192.168.20.200
192.168.10.7
[root@client ~]# curl 192.168.20.200
192.168.10.27
[root@client ~]# curl 192.168.20.200
192.168.10.17
[root@client ~]# curl 192.168.20.200
192.168.10.7