@[TOC](KVM 多网络 web案例(小节2))
server2
[root@server2 ~]# yum install qemu-kvm qemu-kvm-tools libvirt libvirt-client virt-manager virt-install -y
server1
[root@server1 ~]# qemu-img create -f qcow2 /var/lib/libvirt/images/centos7-bridg
[root@server1 ~]# virt-install --virt-type kvm --name linux37-bridge --ram 1024 --vcpus 2 --cdrom=/usr/local/src/CentOS-7-x86_64-Minimal-1810.iso --disk path=/var/lib/libvirt/images/centos7-bridge.qcow2 --network bridge=br0 --graphics vnc,listen=0.0.0.0 --noautoconsole
[root@server1 ~]# cd /var/lib/libvirt/images/
[root@server1 images]# ll
total 3383304
-rw-r--r-- 1 root root 1573257216 Sep 3 14:22 centos7-bridge.qcow2
-rw-r--r-- 1 root root 1891368960 Sep 2 15:33 linux37_centos7.6.qcow2
-rw-r--r-- 1 root root 10737418240 Aug 31 21:28 linux37_centos7.6.raw
#备份
[root@server1 images]# cp centos7-bridge.qcow2 centos7-bridge_bak.qcow2
#拷贝到远程主机
[root@server1 images]# scp centos7-bridge_bak.qcow2 192.168.1.102://var/lib/libvirt/images/
server2
[root@server2 ~]# cd /usr/local/src/
#上传ISO镜像文件
[root@server2 src]# ll
总用量 940032
-rw-r--r-- 1 root root 962592768 8月 21 13:00 CentOS-7-x86_64-Minimal-1810.iso
[root@server2 ~]# grep 192.168.* /etc/libvirt/ -R
/etc/libvirt/qemu/networks/autostart/default.xml: <ip address='192.168.122.1' netmask='255.255.255.0'>
/etc/libvirt/qemu/networks/autostart/default.xml: <range start='192.168.122.2' end='192.168.122.254'/>
/etc/libvirt/qemu/networks/default.xml: <ip address='192.168.122.1' netmask='255.255.255.0'>
/etc/libvirt/qemu/networks/default.xml: <range start='192.168.122.2' end='192.168.122.254'/>
/etc/libvirt/libvirtd.conf:#listen_addr = "192.168.0.1"
[root@server2 ~]# vim /etc/libvirt/qemu/networks/default.xml
<!--
WARNING: THIS IS AN AUTO-GENERATED FILE. CHANGES TO IT ARE LIKELY TO BE
OVERWRITTEN AND LOST. Changes to this xml configuration should be made using:
virsh net-edit default
or other application using the libvirt API.
-->
<network>
<name>default</name>
<uuid>01918562-70b6-437f-8ed8-9ff3e398c064</uuid>
<forward mode='nat'/>
<bridge name='virbr0' stp='on' delay='0'/>
<mac address='52:54:00:6b:50:ba'/>
<ip address='192.200.1.1' netmask='255.255.255.0'>
<dhcp>
<range start='192.200.1.2' end='192.200.1.254'/>
</dhcp>
</ip>
</network>
[root@server2 ~]# systemctl restart libvirtd
[root@server2 ~]# systemctl enable libvirtd
server1和server2
前两块网卡做了网卡绑定、第三块选择仅主机
添加网卡
server1
[root@server1 ~]# cd /etc/sysconfig/network-scripts/
[root@server1 network-scripts]# cp /opt/ifcfg-eth0 ifcfg-eth2
[root@server1 network-scripts]# vim ifcfg-eth2
TYPE=Ethernet
BOOTPROTO=static
NAME=eth2
DEVICE=eth2
ONBOOT=yes
BRIDGE=br1
[root@server1 network-scripts]# cp /opt/ifcfg-br0 ifcfg-br1
[root@server1 network-scripts]# vim ifcfg-br1
TYPE=Bridge
BOOTPROTO=static
NAME=br1
DEVICE=br1
ONBOOT=yes
IPADDR=10.20.1.101
PREFIX=24
#重启网络
[root@server1 network-scripts]# systemctl restart network
#拷贝到远程主机
[root@server1 network-scripts]# scp ifcfg-eth2 ifcfg-br1 192.168.1.102:/etc/sysconfig/network-scripts/
server2
[root@server2 ~]# cd /etc/sysconfig/network-scripts/
#修改IP地址
[root@server2 network-scripts]# vim ifcfg-br1
TYPE=Bridge
BOOTPROTO=static
NAME=br1
DEVICE=br1
ONBOOT=yes
IPADDR=10.20.1.102
PREFIX=24
#重启网络
[root@server2 network-scripts]# systemctl restart network
添加网卡后、关机再开机
[root@server2 ~]# cd /var/lib/libvirt/images/
[root@server2 images]# cp centos7-bridge_bak.qcow2 centos7-web1.qcow2
[root@server2 images]# virt-install --virt-type kvm --name centos7-web --ram 1024 --vcpus 2 --cdrom=/usr/local/src/CentOS-7-x86_64-Minimal-1810.iso --disk path=/var/lib/libvirt/images/centos7-web1.qcow2 --network bridge=br0 --graphics vnc,listen=0.0.0.0 --noautoconsole
[root@server2 ~]# virt-manager
强制关机后添加网卡
关闭无关服务
去掉外网网卡
server1
[root@server1 network-scripts]# telnet 10.20.1.204 80
Trying 10.20.1.204...
Connected to 10.20.1.204.
Escape character is '^]'.
^C
Connection closed by foreign host.
[root@server1 network-scripts]# curl 10.20.1.204
10.20.1.204 web1
安装反向代理
[root@192 ~]# vim /etc/haproxy/haproxy.cfg
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000
#---------------------------------------------------------------------
# main frontend which proxys to the backends
#---------------------------------------------------------------------
#后面的内容全部删掉、改成如下内容
listen web-linux37
bind 192.168.1.201:80
mode http
server web1 10.20.1.204:80 check inter 3s fall 3 rise 5
#重启haprxoy服务
[root@192 ~]# systemctl restart haproxy
[root@192 ~]# systemctl enable haproxy
[root@192 ~]# systemctl disable NetworkManager
[root@192 ~]# systemctl disable firewalld
#禁用SELinux
[root@192 ~]# cat /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of three values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
[root@192 ~]# reboot
server2
[root@server2 ~]# cd /var/lib/libvirt/images/
[root@server2 images]# scp centos7-web1.qcow2 10.20.1.101:/var/lib/libvirt/images/
server1
[root@server1 ~]# cd /var/lib/libvirt/images/
[root@server1 images]# mv centos7-web1.qcow2 centos7-web2.qcow2
[root@server1 images]# virt-install --virt-type kvm --name centos7-web2 --ram 1024 --vcpus 2 --cdrom=/usr/local/src/CentOS-7-x86_64-Minimal-1810.iso --disk path=/var/lib/libvirt/images/centos7-web2.qcow2 --network bridge=br0 --graphics vnc,listen=0.0.0.0 --noautoconsole
[root@server1 images]# virt-manager #强制关机
更改为桥接的网卡
浏览器测试
