二、LVS-NAT部署实操
LVS调度器作为web服务器池的网关,LVS两块网卡,分别连接内外网,使用轮询(rr)调度算法
负载均衡器centos7-4 ens33:192.168.109.134 ens36:12.0.0.254
web服务器1centos7-2 (http)192.168.109.132
web服务器2centos7-3 (nginx)192.168.109.133
NFS服务器centos7-1 192.168.109.131
客户端w7:12.0.0.200
注:web服务一台用httpd,一台用nginx
#每台机子关闭防火墙和selinux systemctl stop firewalld systemctl disable firewalld setenforce 0
2.1 NFS服务器配置
NFS服务器centos7-1 192.168.109.131
#下载nfs服务所需的包 yum install nfs-utils.x86_64 rpcbind -y
2.2 web1配置
web服务器1centos7-2 (http)192.168.109.132
#安装http服务,并开启 [root@web1 ~]# yum install -y httpd [root@web1 ~]# systemctl start httpd [root@web1 ~]# systemctl enable httpd Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service. #挂载nfs服务器 [root@web1 ~]# mount 192.168.109.131:/opt/nfs/stevelu /var/www/html/ [root@web1 ~]# cd /var/www/html/ [root@web1 html]# ls index.html [root@web1 html]# cat index.html i am stevelu
2.3 web2配置
web服务器2centos7-3 (nginx)192.168.109.133
安装nginx服务
#先安装epel源,在用yum安装nginx服务 先安装[root@web2 ~]# yum install -y epel-release [root@web2 ~]# yum install -y nginx [root@web2 ~]# systemctl start nginx [root@web2 ~]# systemctl enable nginx Created symlink from /etc/systemd/system/multi-user.target.wants/nginx.service to /usr/lib/systemd/system/nginx.service. #挂载nfs服务器 [root@web2 ~]# mount 192.168.109.131:/opt/nfs/gyq /usr/local/nginx/html
2.4 负载均衡器配置
负载均衡器centos7-4 ens33:192.168.109.134 ens36:12.0.0.254
#设置外网网卡 [root@7-4 network-scripts]# cp ifcfg-ens33 ifcfg-ens36 [root@7-4 network-scripts]# vim ifcfg-ens36 TYPE="Ethernet" PROXY_METHOD="none" BROWSER_ONLY="no" BOOTPROTO=static DEFROUTE="yes" IPV4_FAILURE_FATAL="no" IPV6INIT="yes" IPV6_AUTOCONF="yes" IPV6_DEFROUTE="yes" IPV6_FAILURE_FATAL="no" IPV6_ADDR_GEN_MODE="stable-privacy" NAME="ens36" DEVICE="ens36" ONBOOT="yes" IPADDR=12.0.0.254 NETMASK=255.255.255.0 GATEWAY=12.0.0.2 [root@7-4 network-scripts]# systemctl restart network #重启网卡
#开启IP转发 [root@7-4 ~]# vim /etc/sysctl.conf net.ipv4.ip_forward=1 #加载 [root@7-4 ~]# sysctl -p net.ipv4.ip_forward = 1 #设置防火墙相关规则 [root@7-4 ~]# iptables -F [root@7-4 ~]# iptables -F -t nat [root@7-4 ~]# iptables -t nat -A POSTROUTING -s 192.168.109.0/24 -o ens3 [root@7-4 ~]# iptables -nL -t nat Chain PREROUTING (policy ACCEPT) target prot opt source destination Chain INPUT (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain POSTROUTING (policy ACCEPT) target prot opt source destination SNAT all -- 192.168.109.0/24 0.0.0.0/0 to:12.0.0. [root@7-4 ~]#
#下载ipvsadm工具 [root@7-4 ~]# yum install -y ipvsadm #先保存源配置生成文件,没有这个文件服务起不来 [root@7-4 ~]# ipvsadm-save > /etc/sysconfig/ipvsadm [root@7-4 ~]# systemctl start ipvsadm [root@7-4 ~]# systemctl enable ipvsadm Created symlink from /etc/systemd/system/multi-user.target.wants/ipvsadm.service to /usr/lib/systemd/system/ipvsadm.service. #加载全部模块 [root@7-4 ~]# for i in $(ls /usr/lib/modules/$(uname -r)/kernel/net/netfilter/ipvs|grep -o "^[^.]*");do echo $i; /sbin/modinfo -F filename $i >/dev/null 2>&1 && /sbin/modprobe $i;done ip_vs_dh ip_vs_ftp ip_vs ip_vs_lblc ip_vs_lblcr ip_vs_lc ip_vs_nq ip_vs_pe_sip ip_vs_rr ip_vs_sed ip_vs_sh ip_vs_wlc ip_vs_wrr [root@7-4 ~]# ipvsadm -C [root@7-4 ~]# ipvsadm -A -t 12.0.0.254:80 -s rr -p 10 [root@7-4 ~]# ipvsadm -a -t 12.0.0.254:80 -r 192.168.109.132:80 -m [root@7-4 ~]# ipvsadm -a -t 12.0.0.254:80 -r 192.168.109.133:80 -m [root@7-4 ~]# ipvsadm IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 7-4:http rr persistent 10 -> 192.168.109.132:http Masq 1 0 0 -> 192.168.109.133:http Masq 1 0 0 [root@7-4 ~]# ipvsadm-save > /etc/sysconfig/ipvsadm #也可通过 (ipvsadm-save < 文件名 )导入配置文件 #查看相关状态 [root@7-4 ~]# ipvsadm -ln IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 12.0.0.254:80 rr persistent 10 VIP地址 端口号策略 长连接时间10秒 -> 192.168.109.132:80 Masq 1 0 0 -> 192.168.109.133:80 Masq 1 0 0 节点服务器 nat模式 权重 正在连接 断开连接
2.5 客户机访问
客户端w7:12.0.0.200
客户端设置相应的IP地址和网关
关闭客户端的防火墙
改完后重启网卡
总结
部署LVS步骤:
1.加载ip_vs模块,安装ipvsadm工具
2.开启路由准发
3.新建LVS虚拟服务器并添加节点服务器
4.配置节点服务器
建立测试网站
挂载NFS共享存储
建立测试网页
5.保存规则并测试