第十九周
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了第十九周相关的知识,希望对你有一定的参考价值。
1、简述lvs四种集群特点及使用场景
1、lvs-nat:修改请求报文的目标IP ,多目标IP的DNAT
本质是多目标IP的DNAT,通过将请求报文中的目标地址和目标端口修改为某挑 出的RS的RIP和PORT实现转发 (1)RIP和DIP应在同一个IP网络,且应使用私网地址;RS的网关要指向DIP (2)请求报文和响应报文都必须经由Director转发,Director易于成为系统瓶颈 (3)支持端口映射,可修改请求报文的目标PORT (4)VS必须是Linux系统,RS可以是任意OS系统2、lvs-dr:操纵封装新的MAC地址
Direct Routing,直接路由,LVS默认模式,应用最广泛,通过为请求报 文重新封装一个MAC首部进行转发,源MAC是DIP所在的接口的MAC,目标 MAC是某挑选出的RS的RIP所在接口的MAC地址;源IP/PORT,以及目标 IP/PORT均保持不变 (1) Director和各RS都配置有VIP (2) 确保前端路由器将目标IP为VIP的请求报文发往Director (3)RS的RIP可以使用私网地址,也可以是公网地址;RIP与DIP在同一IP网络; RIP的网关不能指向DIP,以确保响应报文不会经由Director (4)RS和Director要在同一个物理网络 (5)请求报文要经由Director,但响应报文不经由Director,而由RS直接发往 Client (6)不支持端口映射(端口不能修败) (7)RS可使用大多数OS系统3、lvs-tun:在原请求IP报文之外新加一个IP首部
转发方式:不修改请求报文的IP首部(源IP为CIP,目标IP为VIP),而在原IP报文 之外再封装一个IP首部(源IP是DIP,目标IP是RIP),将报文发往挑选出的目标 RS;RS直接响应给客户端(源IP是VIP,目标IP是CIP) (1) DIP, VIP, RIP都应该是公网地址 (2) RS的网关一般不能指向DIP (3) 请求报文要经由Director,但响应不经由Director (4) 不支持端口映射 (5) RS的OS须支持隧道功能4、lvs-fullnat:修改请求报文的源和目标IP
通过同时修改请求报文的源IP地址和目标IP地址进行转发 (1) VIP是公网地址,RIP和DIP是私网地址,且通常不在同一IP网络;因此, RIP的网关一般不会指向DIP (2) RS收到的请求报文源地址是DIP,因此,只需响应给DIP;但Director还 要将其发往Client (3) 请求和响应报文都经由Director (4) 支持端口映射 注意:此类型kernel默认不支持
2、描述LVS-DR工作原理,并配置实现。
原理:
Director Server作为群集的访问入口,但不作为网关使用,后端服务器池中的Real Server与Director Server在同一个物理网络中,发送给客户机的数据包不需要经过Director Server。为了响应对整个群集的访问,DS与RS都需要配置有VIP地址。
路由器开启路由转发功能,一个网卡nat一个桥接;
dip和rip同一网络,
Vip可以公网,dip和rip私网
不通网卡配置不同网段
实验环境:
Client:CIP: 192.168.3.106
router:eth0:192.168.43.107
eth1:192.168.3.107
Lvs: : DIP: 191.168.43.137 VIP:192.168.43.100 gateway:192.168.3.107
Rs1:RIP: 192.168.43.147 VIP: 192.168.43.100 GATEWAY:192.168.3.107
Rs2: RIP:192.168.43.157 VIP: 192.168.43.100 GATEWAY:192.168.3.1071、rs服务器配置:
每台rs上执行,lvs_dr_rs.sh 脚本,准备环境,安装httpd服务,配置vip,改arp规则;
lvs_dr_rs.sh 脚本
[root@rs1~]#cat lvs_dr_rs.sh #!/bin/bash vip=192.168.43.100 mask=‘255.255.255.255‘ dev=lo:1 rpm -q httpd &> /dev/null || yum -y install httpd &>/dev/null service httpd start &> /dev/null && echo "The httpd Server is Ready!" echo "<h1>`hostname`</h1>" > /var/www/html/index.html case $1 in start) echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce ifconfig $dev $vip netmask $mask #broadcast $vip up #route add -host $vip dev $dev echo "The RS Server is Ready!" ;; stop) ifconfig $dev down echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce echo "The RS Server is Canceled!" ;; *) echo "Usage: $(basename $0) start|stop" exit 1 ;; Esac
执行脚本
[root@rs2 ~]#sh /data/lvs_dr_rs.sh start
The httpd Server is Ready!
The RS Server is Ready!
[root@rs1 ~]#sh /data/lvs_dr_rs.sh start
The httpd Server is Ready!
The RS Server is Ready!执行结果:
2、lvs服务器配置:lvs服务器上执行 lvs_dr_vs.sh脚本,完成lvs配置 ,使用dr模式,rr轮训,配置vip地址,添加lvs规则,端口80
lvs_dr_vs.sh 脚本
[root@lvs]#cat lvs_dr_vs.sh #!/bin/bash vip=‘192.168.43.100‘ iface=‘lo:1‘ mask=‘255.255.255.255‘ port=‘80‘ rs1=‘192.168.43.147‘ rs2=‘192.168.43.157‘ scheduler=‘rr‘ type=‘-g‘ rpm -q ipvsadm &> /dev/null || yum -y install ipvsadm &> /dev/null case $1 in start) ifconfig $iface $vip netmask $mask #broadcast $vip up iptables -F ipvsadm -A -t ${vip}:${port} -s $scheduler ipvsadm -a -t ${vip}:${port} -r ${rs1} $type ipvsadm -a -t ${vip}:${port} -r ${rs2} $type echo "The VS Server is Ready!" ;; stop) ipvsadm -C ifconfig $iface down echo "The VS Server is Canceled!" ;; *) echo "Usage: $(basename $0) start|stop" exit 1 ;; Esac [root@lvs ~]#sh /data/lvs_dr_vs.sh start The VS Server is Ready!
结果
3、客户端测试:
[root@centos6 ~]#while true ;do curl 192.168.43.100;sleep 1 ;done
<h1>rs1</h1>
<h1>rs2</h1>
<h1>rs1</h1>
<h1>rs2</h1>
<h1>rs1</h1>
<h1>rs2</h1>
<h1>rs1</h1>
<h1>rs2</h1>
3、实现LVS+Keepalived高可用。
实验环境:
Client:192.168.3.106
Router:192.168.43.107
Keepalived1:192.168.43.117
Keepalived2:192.68.43.127
浮动ip:192.168.43.100
Rs1:192.168.43.147 VIP: 192.168.43.100 GATEWAY:192.168.3.107
Rs2:192.168.43.157 VIP: 192.168.43.100 GATEWAY:192.168.3.107
1、ka1和ka2上配置
安装keepalived服务;
[root@ka1 ~]# yum -y install keepalived
[root@ka2 ~]# yum -y install keepalived
[root@ka1 ~]# systemctl start keepalived
[root@ka2 ~]#systemctl start keepalived
2、配置keepalived,实现ip浮动;
ka1配置:
[root@ka1 ~]# vim /etc/keepalived/keepalived.conf ! Configuration File for keepalived global_defs { notification_email { 913254539@qq.com } notification_email_from keepalived@localhost smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id ka1 vrrp_mcast_group4 224.0.100.100 } vrrp_instance VI_1 { state MASTER interface eth0 virtual_router_id 7 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 123456 } virtual_ipaddress { 192.168.43.100 dev eth0 label eth0:1 } }ka2配置:
[root@ka2 ~]#vim /etc/keepalived/keepalived.conf ! Configuration File for keepalived global_defs { notification_email { 913254539@qq.com } notification_email_from keepalived@localhost smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id ka2 vrrp_mcast_group4 224.0.100.100 } vrrp_instance VI_1 { state BACKUP interface eth0 virtual_router_id 7 priority 80 advert_int 1 authentication { auth_type PASS auth_pass 123456 } virtual_ipaddress { 192.168.43.100 dev eth0 label eth0:1 } }
3、配置keepalived,添加rs配置,配置sorry server;
在源keepalived配置上,添加配置
virtual_server 192.168.43.100 80 { delay_loop 3 lb_algo rr lb_kind DR #persistence_timeout 50 protocol TCP sorry_server 127.0.0.1 80 real_server 192.168.43.147 80 { weight 1 HTTP_GET { url { path / status_code 200 } connect_timeout 1 nb_get_retry 3 delay_before_retry 1 } } real_server 192.168.43.157 80 { weight 1 HTTP_GET { url { path / status_code 200 } connect_timeout 1 nb_get_retry 3 delay_before_retry 1 } } }重启keepalived:
[root@ka1 ~]# systemctl restart keepalived [root@ka2 ~]#systemctl restart keepalived
4、rs1和rs2上配置:
跑脚本,配置VIP,和arp规则,以及安装httpd服务
lvs_dr_rs.sh 脚本:[root@rs1 ~]#cat /data/lvs_dr_rs.sh #!/bin/bash #Author:wangxiaochun #Date:2017-08-13 vip=192.168.43.100 mask=‘255.255.255.0‘ dev=eth0:1 rpm -q httpd &> /dev/null || yum -y install httpd &>/dev/null service httpd start &> /dev/null && echo "The httpd Server is Ready!" echo "<h1>`hostname`</h1>" > /var/www/html/index.html case $1 in start) echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce ifconfig $dev $vip netmask $mask #broadcast $vip up #route add -host $vip dev $dev echo "The RS Server is Ready!" ;; stop) ifconfig $dev down echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce echo "The RS Server is Canceled!" ;; *) echo "Usage: $(basename $0) start|stop" exit 1 ;; esac
5、验证
停止主keepalived,访问不受影响
后台所有rs服务都停之后,sorry server提供服务
以上是关于第十九周的主要内容,如果未能解决你的问题,请参考以下文章