LVS实战案例:LVS-DR模式单网段案例
Posted njsummer
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了LVS实战案例:LVS-DR模式单网段案例相关的知识,希望对你有一定的参考价值。
LVS:Linux Virtual Server,负载调度器,Linux内核集成,是章文嵩(花名 正明)博士主导的开源负载均衡项目。该项目在Linux内核中实现了基于IP的数据请求负载均衡调度方案,用户从外部发起访问,Web请求会发送给LVS调度器,调度器根据自己预设的算法决定将该请求发送给后端的某台Web服务器,服务器处理好请求将结果反馈给用户。LVS有多种工作模式:lvs-nat lvs-dr lvs-tun,本文在单网段内实现lvs-dr模式。
1. 架构和主机
整体思路:client发起请求,第一阶段到达路由器eth1;第二阶段从路由器eth0到达LVS;第三阶段LVS将请求按照设定的算法调度到后端的RS上;第四阶段RS1直接将回应的数据包通过lo-VIP发送给路由器eth0;第五阶段返回的回应数据包从路由器eth1传输到client,完成整个的数据传输过程。
这个过程中c通过修改各RS内核参数,来限制arp响应和通告,避免VIP地址冲突问题。
# 五台主机
1 2台RS服务器 :
主机名:RS1-IP18
CentOS 8.4
IP: 192.168.250.18 GW:192.168.250.68
httpd web服务 页面内容 RS1-IP18 IP:192.168.250.18
主机名:RS2-IP28
CentOS 8.4
IP: 192.168.250.28 GW:192.168.250.68
httpd web服务 页面内容 RS2-IP28 IP:192.168.250.28
2 1台LVS服务器 :
主机名: LVS-IP08
CentOS 8.4
lo:VIP:192.168.250.111/32
eth0:DIP:192.168.250.8/24 GW:192.168.250.68
ipvsadm
3 1台充当路由器的主机
主机名: Router-IP68
eth0 IP:192.168.250.68/24
eth1 IP:172.16.0.68/24
4 1台client主机 :
主机名: Client-IP48
CentOS 8.4
eth0 IP:172.16.0.48/24 GW:172.16.0.68
2. 基础环境及网络配置
任务及过程:按照RS两台主机、client终端、充当路由器角色的主机、LVS主机的顺序完成环境及网络配置。
2.1 两台RS主机
2.1.1 第一台RS1 IP192.168.250.18 配置
#### 第一台RS1 IP192.168.250.18 配置
# 验证防火墙、Selinux关闭;修改主机名、同步时间等操作系统优化
[root@CentOS84 ]#hostnamectl set-hostname RS1-IP18
[root@CentOS84 ]#exit
[root@RS1-IP18 ]#systemctl enable --now chrony-service
# 安装Apache httpd,并定义和修改主页
[root@RS1-IP18 ]#systemctl enable --now chronyd.service
# 修改主页内容,让后面测试更直观
[root@RS1-IP18 ]#yum -y install httpd;hostname > /var/www/html/index.html;systemctl enable --now httpd
# 修改主页内容,让后面测试更直观
[root@RS1-IP18 ]#vim /var/www/html/index.html
RS1-IP18 IP:192.168.250.18
[root@RS1-IP18 ]#vim /etc/sysconfig/network-scripts/ifcfg-Profile_1
TYPE=Ethernet
DEVICE=eth0
NAME="eth0"
IPADDR=192.168.250.18
PREFIX=24
GATEWAY=192.168.250.68
DEFROUTE=yes
ONBOOT=yes
# 让网卡配置生效
[root@RS1-IP18 ]#nmcli con reload
[root@RS1-IP18 ]#nmcli con up eth0
[root@RS1-IP18 ]#ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:50:56:a3:e8:6b brd ff:ff:ff:ff:ff:ff
inet 192.168.250.18/24 brd 192.168.250.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
[root@RS1-IP18 ]#ip route
default via 192.168.250.68 dev eth0 proto static metric 100
192.168.250.0/24 dev eth0 proto kernel scope link src 192.168.250.18 metric 100
[root@RS1-IP18 ]#curl 192.168.250.18
RS1-IP18 IP:192.168.250.18
2.1.1 第一台RS2 IP192.168.250.28 配置
#### 第二台RS2 IP192.168.250.28 配置
# 验证防火墙、Selinux关闭;修改主机名、同步时间等操作系统优化
[root@CentOS84 ]#hostnamectl set-hostname RS2-IP28
[root@CentOS84 ]#exit
[root@RS2-IP28 ]#systemctl enable --now chronyd.service
# 安装Apache httpd,并定义和修改主页
[root@RS2-IP28 ]#yum -y install httpd;hostname > /var/www/html/index.html;systemctl enable --now httpd
# 修改主页内容,让后面测试更直观
[root@RS2-IP28 ]#vim /var/www/html/index.html
RS2-IP28 IP:192.168.250.28
# 按照规划修改网卡配置
[root@RS2-IP28 ]#vim /etc/sysconfig/network-scripts/ifcfg-Profile_1
TYPE=Ethernet
DEVICE=eth0
NAME="eth0"
IPADDR=192.168.250.28
PREFIX=24
GATEWAY=192.168.250.68
DEFROUTE=yes
ONBOOT=yes
# 使得网卡配置生效
[root@RS2-IP28 ]#nmcli con reload
[root@RS2-IP28 ]#nmcli con up eth0
# 验证网络信息
[root@RS2-IP28 ]#ip route
default via 192.168.250.68 dev eth0 proto static metric 100
192.168.250.0/24 dev eth0 proto kernel scope link src 192.168.250.28 metric 100
[root@RS2-IP28 ]#ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:50:56:a3:e2:bf brd ff:ff:ff:ff:ff:ff
inet 192.168.250.28/24 brd 192.168.250.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
[root@RS2-IP28 ]#curl 192.168.250.28
RS2-IP28 IP:192.168.250.28
[root@RS2-IP28 ]#
2.2 测试用client 主机
# 验证防火墙、Selinux关闭;修改主机名、同步时间等操作系统优化
[root@CentOS84 ]#hostnamectl set-hostname Client-IP48
[root@CentOS84 ]#exit
[root@Client-IP48 ]#systemctl enable --now chronyd.service
# 修改网卡配置
[root@Client-IP48 ]#vim /etc/sysconfig/network-scripts/ifcfg-Profile_1
TYPE=Ethernet
DEVICE=eth0
NAME="eth0"
IPADDR=172.16.0.48
PREFIX=24
GATEWAY=172.16.0.68
DEFROUTE=yes
ONBOOT=yes
# 使得网卡配置生效
[root@Client-IP48 ]#nmcli connection reload
[root@Client-IP48 ]#nmcli connection up eth0
# 查看网卡地址和路由信息
[root@Client-IP48 ]#ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:50:56:a3:48:a4 brd ff:ff:ff:ff:ff:ff
inet 172.16.0.48/24 brd 172.16.0.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
[root@Client-IP48 ]#ip route
default via 172.16.0.68 dev eth0 proto static metric 100
172.16.0.0/24 dev eth0 proto kernel scope link src 172.16.0.48 metric 100
# 路由角色的主机配置好后测试跨路由通信,确保在部署IPVS配置前网络是互通的
[root@Client-IP48 ]#ping 192.168.250.18
PING 192.168.250.18 (192.168.250.18) 56(84) bytes of data.
64 bytes from 192.168.250.18: icmp_seq=1 ttl=63 time=0.662 ms
64 bytes from 192.168.250.18: icmp_seq=2 ttl=63 time=0.590 ms
64 bytes from 192.168.250.18: icmp_seq=3 ttl=63 time=0.452 ms
^C
--- 192.168.250.18 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2034ms
rtt min/avg/max/mdev = 0.452/0.568/0.662/0.087 ms
[root@Client-IP48 ]#ping 192.168.250.28
PING 192.168.250.28 (192.168.250.28) 56(84) bytes of data.
64 bytes from 192.168.250.28: icmp_seq=1 ttl=63 time=0.576 ms
64 bytes from 192.168.250.28: icmp_seq=2 ttl=63 time=0.541 ms
64 bytes from 192.168.250.28: icmp_seq=3 ttl=63 time=0.785 ms
^C
--- 192.168.250.28 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2106ms
rtt min/avg/max/mdev = 0.541/0.634/0.785/0.107 ms
2.3 路由角色的主机
# 验证防火墙、Selinux关闭;修改主机名、同步时间等操作系统优化
[root@CentOS84 ]#hostnamectl set-hostname Router-IP68
[root@CentOS84 ]#exit
logout
[root@Router-IP68 ]#systemctl enable --now chronyd.service
# 优化完成CentOS配置后确认 ip_forward 已经开启,路由功能才能正常
[root@LVS-IP08 ]#cat /etc/sysctl.conf | grep ip_forward
net.ipv4.ip_forward = 1
# 查看主机的网卡信息
[root@Router-IP68 ]#ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:50:56:a3:ba:51 brd ff:ff:ff:ff:ff:ff
inet 192.168.250.68/24 brd 192.168.250.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
# 默认只有一块网卡,需通过VCSA的虚拟管理中心给此台主机增加一块网卡,加好后会看到一块未配置地址的eth1网卡
[root@Router-IP68 ]#ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet LVS-DR模式单网段实战