标签：lvs   nginx   

三台主机：
? 分发器，可以叫调度器（简写为dir）
? 内网：192.168.0.220，外网：172.16.22.220

? rs1
? 内网：192.168.0.221，设置网关为192.168.0.220

? rs2
? 内网：192.168.0.222，设置网关为192.168.0.220

开启远程ssh反向连接

目的是为了远程管理rs1,rs2

dr操作：

vim /etc/ssh/sshd_config

#取消注释

?GatewayPorts yes

service sshd restart

rs1,rs2操作：

ssh -ngfNTR 1122:192.168.0.221:22 root@172.16.22.220 -o ServerAliveInterval=300

ssh -ngfNTR 1222:192.168.0.222:22 root@172.16.22.220 -o ServerAliveInterval=300

[root@test221 ~]# w
?20:38:21 up 11 days, 18 min,? 1 user,? load average: 0.00, 0.01, 0.05
USER ? ? TTY? ? ? FROM ? ? ? ? ? ? LOGIN@ ? IDLE ? JCPU ? PCPU WHAT
root ? ? pts/1? ? gateway? ? ? ? ? 12:07? ? 5.00s? 0.05s? 0.05s -bash
[root@test221 ~]# netstat -antp | grep sshd
tcp? ? ? ? 0? ? ? 0 0.0.0.0:22? ? ? ? ? ? ? 0.0.0.0:* ? ? ? ? ? ? ? LISTEN? ? ? 27731/sshd ? ? ? ? ?
tcp? ? ? ? 0? ? ? 0 192.168.0.221:22? ? ? ? 192.168.0.220:60408 ? ? ESTABLISHED 32072/sshd: root@pt?
tcp6 ? ? ? 0? ? ? 0 :::22 ? ? ? ? ? ? ? ? ? :::*? ? ? ? ? ? ? ? ? ? LISTEN? ? ? 27731/sshd? ?

[root@test222 ~]# w
?20:37:34 up 9 days, 23:42,? 1 user,? load average: 0.00, 0.01, 0.05
USER ? ? TTY? ? ? FROM ? ? ? ? ? ? LOGIN@ ? IDLE ? JCPU ? PCPU WHAT
root ? ? pts/2? ? gateway? ? ? ? ? 12:18? ? 6.00s? 0.02s? 0.02s -bash
[root@test222 ~]# netstat -antp | grep sshd
tcp? ? ? ? 0? ? ? 0 0.0.0.0:22? ? ? ? ? ? ? 0.0.0.0:* ? ? ? ? ? ? ? LISTEN? ? ? 1113/sshd? ? ? ? ? ?
tcp? ? ? ? 0? ? ? 0 192.168.0.222:22? ? ? ? 192.168.0.220:52484 ? ? ESTABLISHED 32179/sshd: root@pt?
tcp6 ? ? ? 0? ? ? 0 :::22 ? ? ? ? ? ? ? ? ? :::*? ? ? ? ? ? ? ? ? ? LISTEN? ? ? 1113/sshd? ? ?

开启防火墙nat转发

dr:

[root@test220 ~]# firewall-cmd --permanent --direct --passthrough ipv4 -t nat POSTROUTING -o eth0 -j MASQUERADE -s 192.168.0.0/24

[root@test220 ~]# firewall-cmd --reload?

启动网卡间核心转发功能

[root@test220 ~]# sysctl -w net.ipv4.ip_forward=1

net.ipv4.ip_forward = 1

[root@test220 ~]# cat /proc/sys/net/ipv4/ip_forward  #验证是否打开

1

安装ipvsadm组件

yum install -y ipvsadm

wlc算法：

#创建脚本，内容如下：

[root@test220 ~]# cat /usr/local/sbin/lvs_nat.sh

#!/bin/bash
#director 服务器上开启路由转发功能，可省略
echo 1 > /proc/sys/net/ipv4/ip_forward
#关闭icmp的重定向
echo 0 > /proc/sys/net/ipv4/conf/all/send_redirects
echo 0 > /proc/sys/net/ipv4/conf/default/send_redirects
#注意区分网卡名字
echo 0 > /proc/sys/net/ipv4/conf/eth0/send_redirects
echo 0 > /proc/sys/net/ipv4/conf/eth1/send_redirects
#director 设置nat防火墙，使用iptables时有效，使用firewall-cmd使用上面的#firewall-cmd脚本
iptables -t nat -F
iptables -t nat -X
iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -j MASQUERADE
#director设置ipvsadm
IPVSADM=‘/usr/sbin/ipvsadm‘
$IPVSADM -C
$IPVSADM -A -t 172.16.22.220:80 -s wlc -p 3
$IPVSADM -a -t 172.16.22.220:80 -r 192.168.0.221:80 -m -w 1
$IPVSADM -a -t 172.16.22.220:80 -r 192.168.0.222:80 -m -w 1
$IPVSADM -L -n

#测试
使用curl -I http://172.16.22.220测试

~ Aiker$ curl -I 172.16.22.220
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Mar 2018 14:38:29 GMT
Content-Type: text/html
Content-Length: 1326
Last-Modified: Wed, 26 Apr 2017 08:03:46 GMT
Connection: keep-alive
Vary: Accept-Encoding
ETag: "59005462-52e"
Accept-Ranges: bytes

~ Aiker$ curl -I 172.16.22.220
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 27 Mar 2018 14:38:31 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.6.34
location: forum.php

rr算法

定义ipvsadm负载均衡集群规则，并查看
此处定义DIP是以-s指定为rr算法进行轮询调度，-m指定模式为lvs-nat，配置命令如下：

[root@test220 ~]# /usr/sbin/ipvsadm -C
[root@test220 ~]# /usr/sbin/ipvsadm -A -t 172.16.22.220:80 -s rr
[root@test220 ~]# /usr/sbin/ipvsadm -a -t 172.16.22.220:80 -r 192.168.0.221:80 -m
[root@test220 ~]# /usr/sbin/ipvsadm -a -t 172.16.22.220:80 -r 192.168.0.222:80 -m

测试

~ Aiker$ curl -I 172.16.22.220
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Mar 2018 14:38:26 GMT
Content-Type: text/html
Content-Length: 1326
Last-Modified: Wed, 26 Apr 2017 08:03:46 GMT
Connection: keep-alive
Vary: Accept-Encoding
ETag: "59005462-52e"
Accept-Ranges: bytes

~ Aiker$ curl -I 172.16.22.220
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 27 Mar 2018 14:38:28 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.6.34
location: forum.php

wrr算法

[root@test220 ~]# cat !$
cat /usr/local/sbin/lvs_nat_wrr.sh
IPVSADM=‘/usr/sbin/ipvsadm‘
$IPVSADM -C
$IPVSADM -A -t 172.16.22.220:80 -s wrr
$IPVSADM -a -t 172.16.22.220:80 -r 192.168.0.221:80 -m -w 1
$IPVSADM -a -t 172.16.22.220:80 -r 192.168.0.222:80 -m -w 3
$IPVSADM -L -n

测试

~ Aiker$ curl -I 172.16.22.220
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Mar 2018 13:34:47 GMT
Content-Type: text/html
Content-Length: 1326
Last-Modified: Wed, 26 Apr 2017 08:03:46 GMT
Connection: keep-alive
Vary: Accept-Encoding
ETag: "59005462-52e"
Accept-Ranges: bytes

~ Aiker$ curl -I 172.16.22.220
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Mar 2018 13:34:48 GMT
Content-Type: text/html
Content-Length: 1326
Last-Modified: Wed, 26 Apr 2017 08:03:46 GMT
Connection: keep-alive
Vary: Accept-Encoding
ETag: "59005462-52e"
Accept-Ranges: bytes

~ Aiker$ curl -I 172.16.22.220
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Mar 2018 13:34:50 GMT
Content-Type: text/html
Content-Length: 1326
Last-Modified: Wed, 26 Apr 2017 08:03:46 GMT
Connection: keep-alive
Vary: Accept-Encoding
ETag: "59005462-52e"
Accept-Ranges: bytes

~ Aiker$ curl -I 172.16.22.220
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 28 Mar 2018 13:34:52 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.6.34
location: forum.php

~ Aiker$ curl -I 172.16.22.220
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Mar 2018 13:35:04 GMT
Content-Type: text/html
Content-Length: 1326
Last-Modified: Wed, 26 Apr 2017 08:03:46 GMT
Connection: keep-alive
Vary: Accept-Encoding
ETag: "59005462-52e"
Accept-Ranges: bytes

LVS NAT模式部署

标签：lvs   nginx   

原文地址：http://blog.51cto.com/m51cto/2093762