一、简介
1、理论已经在上一篇博客简述,不了解得可以看看
https://www.cnblogs.com/zhangxingeng/p/10497279.html
2、LVS-NAT优缺点复习
关于这种模式
1、RIP和DIP一般处于同一私有网段中。但并非必须,RS的网关要指向DIP,这样能保证将响应数据交给Director
2、支持端口映射,可修改请求报文的目标端口;
3、VS/NAT模式的最大缺点使Director负责所有进出数据:不仅处理客户端发起的请求,还负责将响应传输给客户端。而响应数据一般比请求数据大得多,调度器Director容易出现瓶颈。(也就是像7层负载的处理方式一样,但却没有7层负载那么多功能)
4、vs必须使linux系统,RS可以是任何系统
缺点:在整个过程中,所有输入输出的流量都要经过LVS调度器,调度器网络I/O压力就会非常大,因此很容易称为瓶颈,特别使对请求流量很小,而响应流量很大的web类应用来说更为如此;
优点:NAT模式配置管理简单,由于使用了NAT技术,LVS调度器及应用服务器可以在不同网段中,网络架构灵活,应用服务器只需要进行简单的网络设定即可加入集群。
3、实验拓扑
说明:虚拟机做实验有关网段的设计,Director调度器需要配置两块网卡,我们CIP和VIP可以用NAT模式,DIP、RS、NFS可以用仅主机模式。
二、开始部署
1、网络配置
添加网卡后别忘了点击设备状态“已连接”
[root@web1 ~]# cat /etc/sysconfig/network-scripts/ifcfg-ens37
TYPE="Ethernet"
3 BOOTPROTO="static"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_FAILURE_FATAL="no"
IPV6_ADDR_GEN_MODE="stable-privacy"
NAME="ens37"
UUID="4f788070-131a-4f10-85a8-179b4f14gg48"
DEVICE="ens37"
ONBOOT="yes"
15 DNS1=192.168.13.2
16 IPADDR=192.168.13.11
#PREFIX=
18 GATEWAY=192.168.13.2
IPV6_PEERDNS=yes
IPV6_PEERROUTES=yes
~
[root@web1 ~]# cat /etc/sysconfig/network-scripts/ifcfg-ens33
TYPE="Ethernet"
24 BOOTPROTO="static"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_FAILURE_FATAL="no"
IPV6_ADDR_GEN_MODE="stable-privacy"
NAME="ens33"
UUID="4f788080-131a-4f10-85a8-179b4f14ab48"
DEVICE="ens33"
ONBOOT="yes"
36 DNS1=192.168.216.2
37 IPADDR=192.168.216.51
PREFIX=
39 GATEWAY=192.168.216.2
IPV6_PEERDNS=yes
IPV6_PEERROUTES=yes
#在添加一块网卡后,没有网卡设置,请按照自己得ip自行配制即可
[root@web1 ~]# cat /etc/sysconfig/network-scripts/ifcfg-ens37
TYPE="Ethernet"
44 BOOTPROTO="static"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_FAILURE_FATAL="no"
IPV6_ADDR_GEN_MODE="stable-privacy"
52 NAME="ens37"
UUID="4f788070-131a-4f10-85a8-179b4f14gg48"
54 DEVICE="ens37"
ONBOOT="yes"
56 DNS1=192.168.13.2
57 IPADDR=192.168.13.11
58 #PREFIX=24
59 GATEWAY=192.168.13.2
IPV6_PEERDNS=yes
IPV6_PEERROUTES=yes
2、关闭防火墙及selinux
systemctl stop firewalld systemctl disable firewalld sed -i '/SELINUX/s/enforcing/disabled/' /etc/selinux/config
3、安装软件
51上安装ipvsadm
2 yum install ipvsadm -y
3 、13安装httpd
4 yum install httpd -y
5 14上安装nfs,rpcbind
6 yum install nfs-utils rpcbind -y
4、配置web2、web3的网关改为192.168.13.11
web2 echo "welcom to web2" >/var/www/html/index.html web3
echo "welcom to web3" >/var/www/html/index.html
两台同时配置网关
响应报文的目标地址是CIP,所以RS网关需要执行Director的DIP
route add default gw 192.168.13.11
systemctl restart httpd
systemctl enable httpd
5、配置director调度器
开启转发功能
director接收到CIP的数据包,需要转发给RS处理,接着VIP收到数据需要转发DIP,所以需要开启转发功能
echo > /proc/sys/net/ipv4/ip_forward 配置负载调度器SNAT转发规则
ipvsadm -A -t 192.168.216.51: -s rr
ipvsadm -a -t 192.168.216.51: -r 192.168.13.12: -m -w
ipvsadm -a -t 192.168.216.51: -r 192.168.13.13: -m -w
检查规则
ipvsadm -Ln [root@web1 ~]# ipvsadm -Ln
IP Virtual Server version 1.2. (size=)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.216.51: rr
-> 192.168.13.12: Masq
-> 192.168.13.13: Masq
[root@web1 ~]#
6、测试功能
director调度器上基本测试
ping两台RS,并访问web
[root@web1 ~]# ping 192.168.13.12
PING 192.168.13.12 (192.168.13.12) () bytes of data.
bytes from 192.168.13.12: icmp_seq= ttl= time=0.683 ms
bytes from 192.168.13.12: icmp_seq= ttl= time=2.15 ms
^C
--- 192.168.13.12 ping statistics ---
packets transmitted, received, % packet loss, time 1001ms
rtt min/avg/max/mdev = 0.683/1.418/2.153/0.735 ms
[root@web1 ~]# ping 192.168.13.13
PING 192.168.13.13 (192.168.13.13) () bytes of data.
bytes from 192.168.13.13: icmp_seq= ttl= time=0.654 ms
bytes from 192.168.13.13: icmp_seq= ttl= time=0.589 ms
^C
--- 192.168.13.13 ping statistics ---
packets transmitted, received, % packet loss, time 1000ms
rtt min/avg/max/mdev = 0.589/0.621/0.654/0.040 ms
[root@web1 ~]# curl 192.168.13.12
welcom to web2
[root@web1 ~]# curl 192.168.13.13
20 welcom to web3
[root@web1 ~]#
client*问192.168.216.51
[root@web5 ~]# curl 192.168.216.51
welcom to web3
[root@web5 ~]# curl 192.168.216.51
welcom to web2
[root@web5 ~]# curl 192.168.216.51
welcom to web3
[root@web5 ~]# curl 192.168.216.51
welcom to web2
7、配置后端共享存储NFS
前面已经安装了程序包这里只需要配置
#设置共享目录,权限
[root@web4 cdrom]# mkdir -p /data/www/
[root@web4 cdrom]# vim /etc/exports
/data/www 192.168.13.0/(ro,sync,no_root_squash)
#设置index.html文件
[root@web4 cdrom]# cd /data/www/
[root@web4 www]# echo "this is www data" index.html
#启动并开机自启
[root@web4 cdrom]# systemctl start rpcbind
[root@web4 cdrom]# systemctl start nfs
[root@web4 cdrom]# systemctl enable rpcbind
[root@web4 cdrom]# systemctl enable nfs
#查看可挂载目录,13网段其他机器也可以使用测试
[root@web4 www]# showmount -e 192.168.13.14
Export list for 192.168.13.14:
/data/www 192.168.13.0/
测试
web2、web3执行挂载
[root@web2 yum.repos.d]# showmount -e 192.168.13.14
Export list for 192.168.13.14:
/data/www 192.168.13.0/
[root@web2 yum.repos.d]# mount 192.168.13.14:/data/www /var/www/html
client测试
root@web5 ~]# curl 192.168.216.51
this is www data
[root@web5 ~]# curl 192.168.216.51
this is www data
[root@web5 ~]# curl 192.168.216.51
this is www data
[root@web5 ~]# curl 192.168.216.51
this is www data
[root@web5 ~]# curl 192.168.216.51
this is www data
[root@web5 ~]# curl 192.168.216.51
this is www data
调度器上可以看到统计信息及连接条目
[root@web1 ~]# ipvsadm -ln --stats #统计信息
IP Virtual Server version 1.2. (size=)
Prot LocalAddress:Port Conns InPkts OutPkts InBytes OutBytes
-> RemoteAddress:Port
TCP 192.168.216.51:
-> 192.168.13.12:
-> 192.168.13.13:
[root@web1 ~]# ipvsadm -lnc #连接条目
IPVS connection entries
pro expire state source virtual destination
TCP : TIME_WAIT 192.168.216.55: 192.168.216.51: 192.168.13.12:
TCP : TIME_WAIT 192.168.216.55: 192.168.216.51: 192.168.13.12:
TCP : TIME_WAIT 192.168.216.55: 192.168.216.51: 192.168.13.12:
TCP : TIME_WAIT 192.168.216.55: 192.168.216.51: 192.168.13.13:
TCP : TIME_WAIT 192.168.216.55: 192.168.216.51: 192.168.13.13:
TCP : TIME_WAIT 192.168.216.55: 192.168.216.51: 192.168.13.12:
TCP : TIME_WAIT 192.168.216.55: 192.168.216.51: 192.168.13.13:
[root@web1 ~]#
转载请注明出处:https://www.cnblogs.com/zhangxingeng/p/10538679.html