LVS小型系统架构搭建笔记

搭建环境说明

      本次实现用到了6台节点,实现一个小型的Lvs负载调度

节点1客户端配置代表互联网用户

[root@centos7 network-scripts]# vi ifcfg-ens37 

TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
IPADDR=172.20.0.222
NETMASK=255.255.0.0
GATEWAY=172.20.0.80
DNS=172.20.127.159
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens37
UUID=d4341ea9-dfc5-4eb4-8f08-6349b7315cd8
DEVICE=ens37
ONBOOT=yes
PEERDNS=no

网卡配置

[root@centos7 network-scripts]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:6e:7f:0b brd ff:ff:ff:ff:ff:ff
    inet 172.20.0.222/16 brd 172.20.255.255 scope global ens37
       valid_lft forever preferred_lft forever
    inet6 fe80::385:eb6f:c485:527e/64 scope link 
       valid_lft forever preferred_lft forever
3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN qlen 1000
    link/ether 52:54:00:e0:74:53 brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
       valid_lft forever preferred_lft forever
4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN qlen 1000
    link/ether 52:54:00:e0:74:53 brd ff:ff:ff:ff:ff:ff

#路由配置
[root@centos7 network-scripts]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         172.20.0.80     0.0.0.0         UG    100    0        0 ens37
172.20.0.0      0.0.0.0         255.255.0.0     U     100    0        0 ens37
192.168.122.0   0.0.0.0         255.255.255.0   U     0      0        0 virbr0

路由和网络

[root@centos7 network-scripts]# cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 172.20.127.159
[root@centos7 network-scripts]#

配置DNS

 

节点2DNS服务器

[root@localhost ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:f6:59:d2 brd ff:ff:ff:ff:ff:ff
    inet 172.20.127.159/16 brd 172.20.255.255 scope global dynamic ens33
       valid_lft 77367sec preferred_lft 77367sec
    inet 172.20.127.160/16 brd 172.20.255.255 scope global secondary ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::c4be:ccbf:ed3c:f146/64 scope link 
       valid_lft forever preferred_lft forever
[root@localhost ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         172.20.0.1      0.0.0.0         UG    100    0        0 ens33
172.20.0.0      0.0.0.0         255.255.0.0     U     100    0        0 ens33

网络和路由

[root@localhost network-scripts]# vi ifcfg-ens33

TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=dhcp
IPADDR=172.20.127.160
NETMASK=255.255.0.0
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens33
UUID=9eb578d3-4019-478f-9f9f-8a75dc50b157
DEVICE=ens33
ONBOOT=yes

网卡配置

 

节点3路由器

[root@localhost network-scripts]# vi ifcfg-ens33

TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
IPADDR=172.20.0.80
NETMASK=255.255.0.0
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens33
DEVICE=ens33
ONBOOT=yes

[root@localhost network-scripts]# vi ifcfg-ens37

TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
IPADDR=192.168.30.200
NETMASK=255.255.255.0
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens37
DEVICE=ens37
ONBOOT=yes

网卡配置

[root@localhost network-scripts]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:3b:b5:39 brd ff:ff:ff:ff:ff:ff
    inet 172.20.0.80/16 brd 172.20.255.255 scope global ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::fa59:9f2f:aa03:7229/64 scope link 
       valid_lft forever preferred_lft forever
3: ens37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:3b:b5:43 brd ff:ff:ff:ff:ff:ff
    inet 192.168.30.200/24 brd 192.168.30.255 scope global ens37
       valid_lft forever preferred_lft forever
    inet 10.0.0.100/24 scope global ens37
       valid_lft forever preferred_lft forever
    inet6 fe80::7c:88e7:2378:b883/64 scope link 
       valid_lft forever preferred_lft forever

[root@localhost network-scripts]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.0.0.0        10.0.0.200      255.255.255.255 UGH   0      0        0 ens37
10.0.0.0        0.0.0.0         255.255.255.0   U     0      0        0 ens37
172.20.0.0      0.0.0.0         255.255.0.0     U     100    0        0 ens33
192.168.30.0    0.0.0.0         255.255.255.0   U     100    0        0 ens37

路由表

 开启路由包转发

     echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf 

     sysctl -p               ----加载,使得配置文件立即生效

 

节点4Lvs服务器

      1.安装lvs客户端管理工具包

         [root@localhost network-scripts]# yum install ipvsadm

[root@localhost network-scripts]# vi ifcfg-ens33

TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
IPADDR=192.168.30.7
NETMASK=255.255.255.0
GATEWAY=192.168.30.200
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens33
UUID=9eb578d3-4019-478f-9f9f-8a75dc50b157
DEVICE=ens33
ONBOOT=yes

[root@localhost network-scripts]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         172.20.0.1      0.0.0.0         UG    100    0        0 ens37
0.0.0.0         192.168.30.200  0.0.0.0         UG    101    0        0 ens33
10.0.0.0        0.0.0.0         255.255.255.0   U     0      0        0 ens37
172.20.0.0      0.0.0.0         255.255.0.0     U     100    0        0 ens37
192.168.30.0    0.0.0.0         255.255.255.0   U     100    0        0 ens33

[root@localhost network-scripts]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:a6:8d:ce brd ff:ff:ff:ff:ff:ff
    inet 192.168.30.7/24 brd 192.168.30.255 scope global ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::389:d83b:6d7a:226d/64 scope link 
       valid_lft forever preferred_lft forever
3: ens37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:a6:8d:d8 brd ff:ff:ff:ff:ff:ff
    inet 172.20.127.175/16 brd 172.20.255.255 scope global dynamic ens37
       valid_lft 81555sec preferred_lft 81555sec
    inet 10.0.0.200/24 scope global ens37
       valid_lft forever preferred_lft forever
    inet6 fe80::80ef:9ba0:749:8123/64 scope link 
       valid_lft forever preferred_lft forever

网卡配置和路由

[root@localhost network-scripts]# ipvsadm -A -t 10.0.0.200:80 -s rr
[root@localhost network-scripts]# ipvsadm -a -t 10.0.0.200:80 -r 192.168.30.17
[root@localhost network-scripts]# ipvsadm -a -t 10.0.0.200:80 -r 192.168.30.27
[root@localhost network-scripts]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  10.0.0.200:80 rr
  -> 192.168.30.17:80             Route   1      0          0         
  -> 192.168.30.27:80             Route   1      0          0

lvs设置命令

 

 

节点5webserver1

TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
IPADDR=192.168.30.17
NETMASK=255.255.255.0
GATEWAY=192.168.30.200
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens33
UUID=9eb578d3-4019-478f-9f9f-8a75dc50b157
DEVICE=ens33
ONBOOT=yes


 [root@localhost html]# ip addr a 10.0.0.200/24 dev ens33
 [root@localhost html]# cd /proc/sys/net/ipv4/conf/all
 [root@localhost all]# echo 1 > arp_ignore
 [root@localhost all]# echo 2 > arp_announce

网络配置

 

节点6webserver2

TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
IPADDR=192.168.30.27
NETMASK=255.255.255.0
GATEWAY=192.168.30.200
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens33
UUID=9eb578d3-4019-478f-9f9f-8a75dc50b157
DEVICE=ens33
ONBOOT=yes


[root@localhost html]# ip addr a 10.0.0.200/24 dev ens33
[root@localhost html]# cd /proc/sys/net/ipv4/conf/all
[root@localhost all]# echo 1 > arp_ignore
[root@localhost all]# echo 2 > arp_announce

网络配置

 

注意事项

IP地址每段的最大值是255,超过255的设置都不会生效
   [root@centos7 ~]# ip addr a 10.0.0.100/24 dev ens37
   [root@centos7 ~]# ip addr del 10.0.0.100/24 dev ens37

 添加静态路由
   ip route add 10.0.0.0/24 via 10.0.0.100 dev ens37

 给一个网卡添加多个IP地址 不能使用ifconfig查看
   [root@localhost ]# ip addr

如果在ip配置文件里面配置的网关,需要重启网络服务才会生效
路由匹配和系统中路由表记录的顺序有关,当匹配到前一条记录的时候后面的记录不会再生效
#记录顺序1 不能访问外网
[root@localhost network-scripts]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.30.200  0.0.0.0         UG    100    0        0 ens33
0.0.0.0         172.20.0.1      0.0.0.0         UG    101 
[root@localhost network-scripts]# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
From 192.168.30.200 icmp_seq=1 Destination Net Unreachable

#记录顺序2 能访问外网
[root@localhost network-scripts]# route del default gw 192.168.30.200
[root@localhost network-scripts]# systemctl restart network
[root@localhost network-scripts]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         172.20.0.1      0.0.0.0         UG    100    0        0 ens37
0.0.0.0         192.168.30.200  0.0.0.0         UG    101  

[root@localhost network-scripts]# ping www.baidu.com
PING www.a.shifen.com (61.135.169.125) 56(84) bytes of data.
64 bytes from 61.135.169.125 (61.135.169.125): icmp_seq=1 ttl=56 time=96.8 ms
From 172.20.127.96 (172.20.127.96) icmp_seq=2 Redirect Network(New nexthop: gateway (172.20.0.1))

View Code

 

最终效果

在节点1上进行测试

[root@centos7 ~]# curl www.tianhuang.com
<h1>万岁,我是web1</h1>
[root@centos7 ~]# curl www.tianhuang.com
<h1>万岁,我是web2</h1>
[root@centos7 ~]# curl www.tianhuang.com
<h1>万岁,我是web1</h1>
[root@centos7 ~]# curl www.tianhuang.com
<h1>万岁,我是web2</h1>
[root@centos7 ~]# curl www.tianhuang.com
<h1>万岁,我是web1</h1>
[root@centos7 ~]# curl www.tianhuang.com
<h1>万岁,我是web2</h1>
[root@centos7 ~]#

View Code