lvs-dr模式简单项目

于 2024-04-25 20:21:34 发布
阅读量191 收藏 4
点赞数 7
CC 4.0 BY-SA版权
文章标签: lvs linux 负载均衡
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.youkuaiyun.com/Peter1617/article/details/138198701
本文介绍LVS-DR模式负载均衡配置。先给出原理图,准备三台机子lvs、real_1、real_2并关闭防火墙和selinux。在lvs上加公网网卡并配置规则,在real_1和real_2上添加公网IP、设静默模式、开启精准回包,最后访问特定网站查看网页及请求变化。

摘要生成于 C知道 ,由 DeepSeek-R1 满血版支持, 前往体验 >

1,lvs-dr原理图

2,准备工作:三台机子,lvs,real_1,real_2。

(1)都关闭防火墙和selinux

[root@localhost ~]# systemctl disable firewalld --now
[root@localhost ~]# setenforce 0

3,在lvs上配置,首先加一个公网网卡,然后配置负载均衡规则。

[root@localhost ~]# cd /etc/sysconfig/network-scripts/
[root@localhost network-scripts]# ls
ifcfg-ens33  ifdown-isdn      ifdown-tunnel  ifup-isdn    ifup-Team
ifcfg-lo     ifdown-post      ifup           ifup-plip    ifup-TeamPort
ifdown       ifdown-ppp       ifup-aliases   ifup-plusb   ifup-tunnel
ifdown-bnep  ifdown-routes    ifup-bnep      ifup-post    ifup-wireless
ifdown-eth   ifdown-sit       ifup-eth       ifup-ppp     init.ipv6-global
ifdown-ippp  ifdown-Team      ifup-ippp      ifup-routes  network-functions
ifdown-ipv6  ifdown-TeamPort  ifup-ipv6      ifup-sit     network-functions-ipv6
[root@localhost network-scripts]# cp ifcfg-ens33 ifcfg-ens36  #添加网卡后,我这里没出现ens36的网卡配置文件,所以自己就写了一个
[root@localhost network-scripts]# ls
ifcfg-ens33  ifdown-post      ifup-bnep   ifup-routes
ifcfg-ens36  ifdown-ppp       ifup-eth    ifup-sit
ifcfg-lo     ifdown-routes    ifup-ippp   ifup-Team
ifdown       ifdown-sit       ifup-ipv6   ifup-TeamPort
ifdown-bnep  ifdown-Team      ifup-isdn   ifup-tunnel
ifdown-eth   ifdown-TeamPort  ifup-plip   ifup-wireless
ifdown-ippp  ifdown-tunnel    ifup-plusb  init.ipv6-global
ifdown-ipv6  ifup             ifup-post   network-functions
ifdown-isdn  ifup-aliases     ifup-ppp    network-functions-ipv6
[root@localhost network-scripts]# vim ifcfg-ens36
#修改为如下内容
TYPE="Ethernet"
PROXY_METHOD="none"
BROWSER_ONLY="no"
BOOTPROTO="static"  #设置为静态网址IP
DEFROUTE="yes"
IPV4_FAILURE_FATAL="no"
DEVICE="ens36"
ONBOOT="yes"
IPADDR=192.168.163.100    #IP地址
PREFIX=24    #子网掩码24位
GATEWAY=192.168.163.2    #网关
DNS1=8.8.8.8    #域名解析服务器
[root@localhost network-scripts]# systemctl restart network
[root@localhost network-scripts]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:82:83:8a brd ff:ff:ff:ff:ff:ff
    inet 192.168.163.162/24 brd 192.168.163.255 scope global noprefixroute dynamic ens33
       valid_lft 1790sec preferred_lft 1790sec
    inet6 fe80::dc6d:c524:26ee:93ff/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
3: ens36: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:82:83:94 brd ff:ff:ff:ff:ff:ff
    inet 192.168.163.100/24 brd 192.168.163.255 scope global noprefixroute ens36
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fe82:8394/64 scope link 
       valid_lft forever preferred_lft forever
[root@localhost network-scripts]# yum install -y ipvsadm
[root@localhost ~]# ipvsadm -A -t 192.168.163.100:80 -s rr    #编写负载均衡规则
[root@localhost ~]# ipvsadm -a -t 192.168.163.100:80 -r 192.168.163.163:80
[root@localhost ~]# ipvsadm -a -t 192.168.163.100:80 -r 192.168.163.164:80
[root@localhost ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  192.168.163.100:80 rr
  -> 192.168.163.163:80           Route   1      0          0         
  -> 192.168.163.164:80           Route   1      0          0

4,在real_1上,添加lvs上的公网IP地址到real_1上的主机本地网卡上,这样子的话就可以直接返回用户请求了,不用过lvs了。并且设置静默模式,然后开启精准回包。

[root@localhost ~]# cd /etc/sysconfig/network-scripts/
[root@localhost network-scripts]# ls
ifcfg-ens33  ifdown-isdn      ifdown-tunnel  ifup-isdn    ifup-Team
ifcfg-lo     ifdown-post      ifup           ifup-plip    ifup-TeamPort
ifdown       ifdown-ppp       ifup-aliases   ifup-plusb   ifup-tunnel
ifdown-bnep  ifdown-routes    ifup-bnep      ifup-post    ifup-wireless
ifdown-eth   ifdown-sit       ifup-eth       ifup-ppp     init.ipv6-global
ifdown-ippp  ifdown-Team      ifup-ippp      ifup-routes  network-functions
ifdown-ipv6  ifdown-TeamPort  ifup-ipv6      ifup-sit     network-functions-ipv6
[root@localhost network-scripts]# cp ifcfg-lo ifcfg-lo:1  #添加一块本地公网网卡,用来精准回包
[root@localhost network-scripts]# ls
ifcfg-ens33  ifdown-post      ifup-bnep   ifup-routes
ifcfg-lo     ifdown-ppp       ifup-eth    ifup-sit
ifcfg-lo:1   ifdown-routes    ifup-ippp   ifup-Team
ifdown       ifdown-sit       ifup-ipv6   ifup-TeamPort
ifdown-bnep  ifdown-Team      ifup-isdn   ifup-tunnel
ifdown-eth   ifdown-TeamPort  ifup-plip   ifup-wireless
ifdown-ippp  ifdown-tunnel    ifup-plusb  init.ipv6-global
ifdown-ipv6  ifup             ifup-post   network-functions
ifdown-isdn  ifup-aliases     ifup-ppp    network-functions-
[root@localhost network-scripts]# vim ifcfg-lo:1
#修改为如下内容
DEVICE=lo
IPADDR=192.168.163.100  #添加lvs公网IP
NETMASK=255.255.255.255  #子网掩码设置为32位,公网都是32位
ONBOOT=yes
NAME=loopback
[root@localhost network-scripts]# systemctl restart network
[root@localhost network-scripts]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet 192.168.163.100/32 brd 192.168.163.100 scope global lo    #有这个就是好了
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:6c:64:87 brd ff:ff:ff:ff:ff:ff
    inet 192.168.163.163/24 brd 192.168.163.255 scope global noprefixroute dynamic ens33
       valid_lft 1799sec preferred_lft 1799sec
    inet6 fe80::dc6d:c524:26ee:93ff/64 scope link tentative noprefixroute dadfailed 
       valid_lft forever preferred_lft forever
    inet6 fe80::5ba9:8fb:3ae0:1fde/64 scope link tentative noprefixroute 
       valid_lft forever preferred_lft forever
[root@localhost network-scripts]# scp ./ifcfg-lo:1 192.168.163.164:`pwd`    #传给另一个机器
[root@localhost ~]# vim /etc/sysctl.conf
# 加入如下内容
net.ipv4.conf.all.arp_ignore = 1    #设置为静默模式
net.ipv4.conf.all.arp_announce = 2    #打开精准回包
[root@localhost ~]# sysctl -p  #当下生效,下次开机也生效
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
[root@localhost ~]# nginx
[root@localhost ~]# ss -lntp
State       Recv-Q Send-Q Local Address:Port               Peer Address:Port              
LISTEN      0      128          *:80                       *:*                   users:(("nginx",pid=2364,fd=6),("nginx",pid=2363,fd=6))
LISTEN      0      128          *:22                       *:*                   users:(("sshd",pid=1143,fd=3))
LISTEN      0      100    127.0.0.1:25                       *:*                   users:(("master",pid=1304,fd=13))
LISTEN      0      128       [::]:22                    [::]:*                   users:(("sshd",pid=1143,fd=4))
LISTEN      0      100      [::1]:25                    [::]:*                   users:(("master",pid=1304,fd=14))
[root@localhost ~]# vim /etc/nginx/nginx.conf
keepalive_timeout  0;    #将设置时间改为0,以便我们测试的时候看到变化,生产中就不要改了,原值为60
[root@localhost ~]# nginx -s reload  #修改配置文件后,一定要重启服务
[root@localhost ~]# systemctl restart network   #必须要重启网络,因为我们修改了配置文件

5,real_2和real_1相似

6,访问网站192.168.163.100,查看网页变化。Fn + F12可以查看请求变化。

Peter1617
关注
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值