实验内容:
LVS调度器作为Web服务器池的网关,LVS两块网卡,分别连接内外网,使用轮询(rr)调度算法。
实验环境:
负载调度器:内网关 ens33:192.168.37.101,外网关 ens36:12.0.0.254
Web节点服务器1:192.168.37.135
Web节点服务器2:192.168.37.134
NFS服务器:192.168.37.133
客户端:11.0.0.12
1.部署共享存储(NFS服务器:192.168.37.133)
systemctl stop firewalld.service
systemctl disable firewalld.service
setenforce 0
yum install nfs-utils rpcbind -y
systemctl start rpcbind.service
systemctl start nfs.service
systemctl enable nfs.service
systemctl enable rpcbind.service
mkdir /opt/nmixx /opt/itzy
chmod 777 /opt/nmixx /opt/itzy
echo 'this is nmixx word!' > /opt/nmixx/index.html
echo 'this is itzy word!' > /opt/itzy/index.html
vim /etc/exports
/usr/share *(ro,sync)
/opt/nmixx 192.168.37.0/24(rw,sync)
/opt/itzy 192.168.37.0/24(rw,sync)
exportfs -rv
2.配置节点服务器(192.168.37.135、192.168.37.134)
systemctl stop firewalld.service
systemctl disable firewalld.service
setenforce 0
yum install httpd -y
systemctl start httpd.service
systemctl enable httpd.service
yum install nfs-utils rpcbind -y
showmount -e 192.168.37.133
systemctl start rpcbind
systemctl enable rpcbind
--192.168.37.135---
mount.nfs 192.168.37.133:/opt/nmixx /var/www/html
vim /etc/fstab
192.168.37.133:/opt/nmixx /var/www/html nfs defaults,_netdev 0 0
mount -a
--192.168.37.134---
mount.nfs 192.168.37.133:/opt/itzy /var/www/html
vim /etc/fstab
192.168.37.133:/opt/itzy /var/www/html nfs defaults,_netdev 0 0
vim /etc/sysconfig/network-scripts/ifcfg-ens33
GATEWAY=192.168.72.10 //改成负载调度器的内网地址
#DNS1=8.8.8.8 //DNS要注销
3.配置负载调度器(内网关 ens33:192.168.37.101,外网关 ens36:12.0.0.254)
systemctl stop firewalld.service
systemctl disable firewalld.service
setenforce 0
(1)配置SNAT转发规则
配置网卡
cd /etc/sysconfig/network-scripts/
vim ifcfg-ens33 //将网卡和DNS服务器地址注释掉
#GATEWAY=192.168.37.2
#DNS1=8.8.8.8
cp ifcfg-ens33 ifcfg-ens36
vim ifcfg-ens36
IPADDR=12.0.0.254 //设置IP地址
NETMASK=255.255.255.0
#UUID
#GATEWAY=192.168.37.2
#DNS1=8.8.8.8
systemctl restart network
开启路由转发功能
vim /etc/sysctl.conf
net.ipv4.ip_forward = 1 //添加这一行
sysctl -p //读取修改后的配置
net.ipv4.ip_forward = 1
配置SNAT策略(如果内网想主动连接外网的话,需要配置SNAT策略)
[root@ziyu ~]# iptables -t nat -F
[root@ziyu ~]# iptables -t nat -A POSTROUTING -s 192.168.37.0/24 -o ens36 -j SNAT --to-source 12.0.0.254
[root@ziyu ~]# iptables -nL POSTROUTING -t nat
加载LVS内核模块,加载LVS所有调度算法
[root@ziyu ~]# modprobe ip_vs
[root@ziyu ~]# for i in $(ls /usr/lib/modules/$(uname -r)/kernel/net/netfilter/ipvs|grep -o "^[^.]*");do echo $i; /sbin/modinfo -F filename $i >/dev/null 2>&1 && /sbin/modprobe $i;done
ip_vs_dh
ip_vs_ftp
ip_vs
ip_vs_lblc
ip_vs_lblcr
ip_vs_lc
ip_vs_nq
ip_vs_pe_sip
ip_vs_rr
ip_vs_sed
ip_vs_sh
ip_vs_wlc
ip_vs_wrr
ipvsadm管理工具,开启服务
[root@ziyu ~]# ipvsadm-save > /etc/sysconfig/ipvsadm
[root@ziyu ~]# systemctl start ipvsadm.service
[root@ziyu ~]# ipvsadm -C //清空原有规则
[root@ziyu ~]# ipvsadm -A -t 12.0.0.254:80 -s rr
[root@ziyu ~]# ipvsadm -a -t 12.0.0.254:80 -r 192.168.37.135:80 -m -w 1
[root@ziyu ~]# ipvsadm -a -t 12.0.0.254:80 -r 192.168.37.134:80 -m -w 1
[root@ziyu ~]# ipvsadm
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP ziyu:http rr
-> 192.168.37.134:http Masq 1 0 0
-> 192.168.37.135:http Masq 1 0 0
[root@ziyu ~]# ipvsadm-save > /etc/sysconfig/ipvsadm //保存配置
4、win10客户机访问测试
win10客户机,网关地址设置为负载调度器的外网IP。
浏览器访问负载调度器的外网IP地址12.0.0.254。
再刷新一下
实验结束
