标签:模式 pvs host 防火墙 dex install basename 开启路由转发 The
一、LVS-DR:直接路由 LVS默认模式,应用最广泛,通过为请求报文重新封装一个MAC首部进行转发源MAC是DIP所在的接口的MAC,目标MAC是某挑选出的RS的RIP所在接口的MAC地址;源IP/PORT,以及目标IP/PORT均保持不变
(1)Director和各RS都配置有VIP
(2)确保前端路由将目标IP为VIP的请求报文发往Director
(3)RS的RIP可以使用私网地址,也可以是公网地址;RIP与DIP在同一IP网络,RIP的网关不能只想DIP,以确保响应报文不会经由Director
(4)RS和Director要在同一个物理网络
(5)请求报文要经由Director,但响应报文不经由Director,而有RS直接发往Cliebt
(6)不支持端口映射(端口不能修改)
(7)RS可使用大多数OS系统
网卡桥接模式
ens37网关指向路由的网关:172.22.142.159
route add -net 0.0.0.0/0 gw 172.22.142.159
须开启路由转发功能:
vim /etc/sysctl.conf
net.ipv4.ip_forward=1
ens33仅主机模式两个网址192.168.30.46/24、10.0.0.200/24
ifconfig ens33:1 10.0.0.200 netmask 255.255.255.0
ens37桥接模式 172.22.142.159/16
route add -net 10.0.0.0/24 dev ens33
ens33仅主机模式 192.168.30.16/24,网关指向任意ip
配置步骤写为脚本lvs_dr_vs.sh
#!/bin/bash
vip=10.0.0.100
iface=‘ens33:1‘ #将VIP加在ens33网卡上
mask=‘255.255.255.0‘
port=‘80‘ #指定服务端口
rs1=‘192.168.30.26‘ #指明DIP
rs2=‘192.168.30.36‘ #指明DIP
scheduler=‘wrr‘ #访问模式为加权轮询
type=‘-g‘ #工作模式-g表示dr模式
rpm -q ipvsadm &> /dev/null || yum -y install ipvsadm &> /dev/null #装ipvsadm包
case $1 in
start)
ifconfig $iface $vip netmask $mask #broadcast $vip up #添加VIP的ip
iptables -F #清空防火墙规则
ipvsadm -A -t ${vip}:${port} -s $scheduler #添加集群服务
ipvsadm -a -t ${vip}:${port} -r ${rs1} $type -w 1 #在集群中加入受控主机1
ipvsadm -a -t ${vip}:${port} -r ${rs2} $type -w 1 #在集群中加入受控主机2
echo "The VS Server is Ready!"
;;
stop) #停止集群服务并清空规则
ipvsadm -C
ifconfig $iface down
echo "The VS Server is Canceled!"
;;
*)
echo "Usage: $(basename $0) start|stop"
exit 1
;;
esac
查看ipvsadm规则
ipvsadm -Ln
ens33仅主机模式 192.168.30.26
网关gateway指向路由:192.168.30.46
配置步骤写为脚本lvs_dr_rs.sh
#!/bin/bash
vip=10.0.0.100
mask=‘255.255.255.255‘
dev=lo:1
rpm -q httpd &> /dev/null || yum -y install httpd &>/dev/null #安装httpd包
service httpd start &> /dev/null && echo "The httpd Server is Ready!"
echo "<h1>this is real server1</h1>" > /var/www/html/index.html
case $1 in
start)
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore #仅在请求的目标IP配置在本地主机的接收到请求报文的接口上时,才给予响应
echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce #必须避免将接口信息向非本网络进行通告
echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
ifconfig $dev $vip netmask $mask #broadcast $vip up #添加VIP的IP
#route add -host $vip dev $dev
echo "The RS Server is Ready!"
;;
stop)
ifconfig $dev down
echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce
echo "The RS Server is Canceled!"
;;
*)
echo "Usage: $(basename $0) start|stop"
exit 1
;;
esac
ens33仅主机模式 192.168.30.36
网关gateway指向路由:192.168.30.46
执行脚本 bash lvs_dr_rs.sh start
#!/bin/bash
vip=10.0.0.100
mask=‘255.255.255.255‘
dev=lo:1
rpm -q httpd &> /dev/null || yum -y install httpd &>/dev/null
service httpd start &> /dev/null && echo "The httpd Server is Ready!"
echo "<h1>this is real server2</h1>" > /var/www/html/index.html
case $1 in
start)
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
ifconfig $dev $vip netmask $mask #broadcast $vip up
#route add -host $vip dev $dev
echo "The RS Server is Ready!"
;;
stop)
ifconfig $dev down
echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce
echo "The RS Server is Canceled!"
;;
*)
echo "Usage: $(basename $0) start|stop"
exit 1
;;
esac
curl 10.0.0.100
标签:模式 pvs host 防火墙 dex install basename 开启路由转发 The
原文地址:https://blog.51cto.com/14230230/2400376