LVS:Linux Virtual Server,负载调度器,Linux内核集成,是章文嵩(花名 正明)博士主导的开源负载均衡项目。该项目在Linux内核中实现了基于IP的数据请求负载均衡调度方案,用户从外部发
LVS:Linux Virtual Server,负载调度器,Linux内核集成,是章文嵩(花名 正明)博士主导的开源负载均衡项目。该项目在Linux内核中实现了基于IP的数据请求负载均衡调度方案,用户从外部发起访问,Web请求会发送给LVS调度器,调度器根据自己预设的算法决定将该请求发送给后端的某台Web服务器,服务器处理好请求将结果反馈给用户。
LVS有多种工作模式:lvs-nat lvs-dr lvs-tun,本文在单网段内实现lvs-dr模式。
1. 架构和主机
整体思路:client发起请求,第一阶段到达路由器eth1;第二阶段从路由器eth0到达LVS;第三阶段LVS将请求按照设定的算法调度到后端的RS上;第四阶段RS1直接将回应的数据包通过lo-VIP发送给路由器eth0;第五阶段返回的回应数据包从路由器eth1传输到client,完成整个的数据传输过程。
这个过程中c通过修改各RS内核参数,来限制arp响应和通告,避免VIP地址冲突问题。
1 2台RS服务器 :
主机名:RS1-IP18
CentOS 8.4
IP: 192.168.250.18 GW:192.168.250.68
httpd web服务 页面内容 RS1-IP18 IP:192.168.250.18
主机名:RS2-IP28
CentOS 8.4
IP: 192.168.250.28 GW:192.168.250.68
httpd web服务 页面内容 RS2-IP28 IP:192.168.250.28
2 1台LVS服务器 :
主机名: LVS-IP08
CentOS 8.4
lo:VIP:192.168.250.111/32
eth0:DIP:192.168.250.8/24 GW:192.168.250.68
ipvsadm
3 1台充当路由器的主机
主机名: Router-IP68
eth0 IP:192.168.250.68/24
eth1 IP:172.16.0.68/24
4 1台client主机 :
主机名: Client-IP48
CentOS 8.4
eth0 IP:172.16.0.48/24 GW:172.16.0.68
2. 基础环境及网络配置
任务及过程:按照RS两台主机、client终端、充当路由器角色的主机、LVS主机的顺序完成环境及网络配置。
2.1 两台RS主机
2.1.1 第一台RS1 IP192.168.250.18 配置
#### 第一台RS1 IP192.168.250.18 配置# 验证防火墙、Selinux关闭;修改主机名、同步时间等操作系统优化
[root@CentOS84 ]#hostnamectl set-hostname RS1-IP18
[root@CentOS84 ]#exit
[root@RS1-IP18 ]#systemctl enable --now chronyd.service
# 安装Apache httpd,并定义和修改主页
# 修改主页内容,让后面测试更直观
[root@RS1-IP18 ]#yum -y install httpd;hostname > /var/www/html/index.html;systemctl enable --now httpd
# 修改主页内容,让后面测试更直观
[root@RS1-IP18 ]#vim /var/www/html/index.html
RS1-IP18 IP:192.168.250.18
[root@RS1-IP18 ]#vim /etc/sysconfig/network-scripts/ifcfg-Profile_1
TYPE=Ethernet
DEVICE=eth0
NAME="eth0"
IPADDR=192.168.250.18
PREFIX=24
GATEWAY=192.168.250.68
DEFROUTE=yes
ONBOOT=yes
# 让网卡配置生效
[root@RS1-IP18 ]#nmcli con reload
[root@RS1-IP18 ]#nmcli con up eth0
[root@RS1-IP18 ]#ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:50:56:a3:e8:6b brd ff:ff:ff:ff:ff:ff
inet 192.168.250.18/24 brd 192.168.250.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
[root@RS1-IP18 ]#ip route
default via 192.168.250.68 dev eth0 proto static metric 100
192.168.250.0/24 dev eth0 proto kernel scope link src 192.168.250.18 metric 100
[root@RS1-IP18 ]#curl 192.168.250.18
RS1-IP18 IP:192.168.250.18
2.1.1 第一台RS2 IP192.168.250.28 配置
#### 第二台RS2 IP192.168.250.28 配置# 验证防火墙、Selinux关闭;修改主机名、同步时间等操作系统优化
[root@CentOS84 ]#hostnamectl set-hostname RS2-IP28
[root@CentOS84 ]#exit
[root@RS2-IP28 ]#systemctl enable --now chronyd.service
# 安装Apache httpd,并定义和修改主页
[root@RS2-IP28 ]#yum -y install httpd;hostname > /var/www/html/index.html;systemctl enable --now httpd
# 修改主页内容,让后面测试更直观
[root@RS2-IP28 ]#vim /var/www/html/index.html
RS2-IP28 IP:192.168.250.28
# 按照规划修改网卡配置
[root@RS2-IP28 ]#vim /etc/sysconfig/network-scripts/ifcfg-Profile_1
TYPE=Ethernet
DEVICE=eth0
NAME="eth0"
IPADDR=192.168.250.28
PREFIX=24
GATEWAY=192.168.250.68
DEFROUTE=yes
ONBOOT=yes
# 使得网卡配置生效
[root@RS2-IP28 ]#nmcli con reload
[root@RS2-IP28 ]#nmcli con up eth0
# 验证网络信息
[root@RS2-IP28 ]#ip route
default via 192.168.250.68 dev eth0 proto static metric 100
192.168.250.0/24 dev eth0 proto kernel scope link src 192.168.250.28 metric 100
[root@RS2-IP28 ]#ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:50:56:a3:e2:bf brd ff:ff:ff:ff:ff:ff
inet 192.168.250.28/24 brd 192.168.250.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
[root@RS2-IP28 ]#curl 192.168.250.28
RS2-IP28 IP:192.168.250.28
[root@RS2-IP28 ]#
2.2 测试用client 主机
# 验证防火墙、Selinux关闭;修改主机名、同步时间等操作系统优化[root@CentOS84 ]#hostnamectl set-hostname Client-IP48
[root@CentOS84 ]#exit
[root@Client-IP48 ]#systemctl enable --now chronyd.service
# 修改网卡配置
[root@Client-IP48 ]#vim /etc/sysconfig/network-scripts/ifcfg-Profile_1
TYPE=Ethernet
DEVICE=eth0
NAME="eth0"
IPADDR=172.16.0.48
PREFIX=24
GATEWAY=172.16.0.68
DEFROUTE=yes
ONBOOT=yes
# 使得网卡配置生效
[root@Client-IP48 ]#nmcli connection reload
[root@Client-IP48 ]#nmcli connection up eth0
# 查看网卡地址和路由信息
[root@Client-IP48 ]#ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:50:56:a3:48:a4 brd ff:ff:ff:ff:ff:ff
inet 172.16.0.48/24 brd 172.16.0.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
[root@Client-IP48 ]#ip route
default via 172.16.0.68 dev eth0 proto static metric 100
172.16.0.0/24 dev eth0 proto kernel scope link src 172.16.0.48 metric 100
# 路由角色的主机配置好后测试跨路由通信,确保在部署IPVS配置前网络是互通的
[root@Client-IP48 ]#ping 192.168.250.18
PING 192.168.250.18 (192.168.250.18) 56(84) bytes of data.
64 bytes from 192.168.250.18: icmp_seq=1 ttl=63 time=0.662 ms
64 bytes from 192.168.250.18: icmp_seq=2 ttl=63 time=0.590 ms
64 bytes from 192.168.250.18: icmp_seq=3 ttl=63 time=0.452 ms
^C
--- 192.168.250.18 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2034ms
rtt min/avg/max/mdev = 0.452/0.568/0.662/0.087 ms
[root@Client-IP48 ]#ping 192.168.250.28
PING 192.168.250.28 (192.168.250.28) 56(84) bytes of data.
64 bytes from 192.168.250.28: icmp_seq=1 ttl=63 time=0.576 ms
64 bytes from 192.168.250.28: icmp_seq=2 ttl=63 time=0.541 ms
64 bytes from 192.168.250.28: icmp_seq=3 ttl=63 time=0.785 ms
^C
--- 192.168.250.28 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2106ms
rtt min/avg/max/mdev = 0.541/0.634/0.785/0.107 ms
2.3 路由角色的主机
# 验证防火墙、Selinux关闭;修改主机名、同步时间等操作系统优化[root@CentOS84 ]#hostnamectl set-hostname Router-IP68
[root@CentOS84 ]#exit
logout
[root@Router-IP68 ]#systemctl enable --now chronyd.service
# 优化完成CentOS配置后确认 ip_forward 已经开启,路由功能才能正常
[root@LVS-IP08 ]#cat /etc/sysctl.conf | grep ip_forward
net.ipv4.ip_forward = 1
# 查看主机的网卡信息
[root@Router-IP68 ]#ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:50:56:a3:ba:51 brd ff:ff:ff:ff:ff:ff
inet 192.168.250.68/24 brd 192.168.250.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
# 默认只有一块网卡,需通过VCSA的虚拟管理中心给此台主机增加一块网卡,加好后会看到一块未配置地址的eth1网卡
[root@Router-IP68 ]#ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:50:56:a3:ba:51 brd ff:ff:ff:ff:ff:ff
inet 192.168.250.68/24 brd 192.168.250.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
5: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:50:56:a3:06:9f brd ff:ff:ff:ff:ff:ff
[root@Router-IP68 ]#
[root@Router-IP68 ]#nmcli connection
NAME UUID TYPE DEVICE
eth0 73df0eff-a623-acec-5c7e-627bb30f85d2 ethernet eth0
# 配置新增加的 eth1 网卡,并按照规划修改好 eth0 网卡的配置
[root@Router-IP68 ]#vim /etc/sysconfig/network-scripts/ifcfg-Profile_1
[root@Router-IP68 ]#cat /etc/sysconfig/network-scripts/ifcfg-Profile_1
TYPE=Ethernet
DEVICE=eth0
NAME="eth0"
IPADDR=192.168.250.68
PREFIX=24
DEFROUTE=yes
ONBOOT=yes
[root@Router-IP68 ]#
[root@Router-IP68 ]#cp /etc/sysconfig/network-scripts/ifcfg-Profile_1 /etc/sysconfig/network-scripts/ifcfg-Profile_2
[root@Router-IP68 ]#vim /etc/sysconfig/network-scripts/ifcfg-Profile_2
[root@Router-IP68 ]#cat /etc/sysconfig/network-scripts/ifcfg-Profile_2
TYPE=Ethernet
DEVICE=eth1
NAME="eth1"
IPADDR=172.16.0.68
PREFIX=24
DEFROUTE=yes
ONBOOT=yes
[root@Router-IP68 ]#
# 使得网卡配置生效
[root@Router-IP68 ]#nmcli con reload eth1
[root@Router-IP68 ]#nmcli con up eth1
[root@Router-IP68 ]#nmcli con reload eth0
[root@Router-IP68 ]#nmcli con up eth0
# 验证网卡配置
[root@Router-IP68 ]#nmcli con
NAME UUID TYPE DEVICE
eth0 73df0eff-a623-acec-5c7e-627bb30f85d2 ethernet eth0
eth1 1f162eb7-8128-c2ab-afbb-c099cbc4b75f ethernet eth1
[root@Router-IP68 ]#ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:50:56:a3:ba:51 brd ff:ff:ff:ff:ff:ff
inet 192.168.250.68/24 brd 192.168.250.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
5: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:50:56:a3:06:9f brd ff:ff:ff:ff:ff:ff
inet 172.16.0.68/24 brd 172.16.0.255 scope global noprefixroute eth1
valid_lft forever preferred_lft forever
# 在client 客户端IP172.16.0.48 上测试与RS1和RS2的通信,路由配置好应该都能通信了,确保网络通了再进行下部IPVS的相关配置。同时在本机上也做如下测试,确保正常通信。
[root@Router-IP68 ]#ping 172.16.0.48
PING 172.16.0.48 (172.16.0.48) 56(84) bytes of data.
64 bytes from 172.16.0.48: icmp_seq=1 ttl=64 time=1.03 ms
64 bytes from 172.16.0.48: icmp_seq=2 ttl=64 time=0.371 ms
64 bytes from 172.16.0.48: icmp_seq=3 ttl=64 time=0.368 ms
^C
--- 172.16.0.48 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2030ms
rtt min/avg/max/mdev = 0.368/0.590/1.032/0.312 ms
[root@Router-IP68 ]#ping 192.168.250.8
PING 192.168.250.8 (192.168.250.8) 56(84) bytes of data.
64 bytes from 192.168.250.8: icmp_seq=1 ttl=64 time=0.946 ms
64 bytes from 192.168.250.8: icmp_seq=2 ttl=64 time=0.294 ms
[root@Router-IP68 ]#ping 192.168.250.18
PING 192.168.250.18 (192.168.250.18) 56(84) bytes of data.
64 bytes from 192.168.250.18: icmp_seq=1 ttl=64 time=0.786 ms
64 bytes from 192.168.250.18: icmp_seq=2 ttl=64 time=0.291 ms
64 bytes from 192.168.250.18: icmp_seq=3 ttl=64 time=0.247 ms
64 bytes from 192.168.250.18: icmp_seq=4 ttl=64 time=0.262 ms
[root@Router-IP68 ]#ping 192.168.250.28
PING 192.168.250.28 (192.168.250.28) 56(84) bytes of data.
64 bytes from 192.168.250.28: icmp_seq=1 ttl=64 time=1.04 ms
64 bytes from 192.168.250.28: icmp_seq=2 ttl=64 time=0.288 ms
64 bytes from 192.168.250.28: icmp_seq=3 ttl=64 time=0.353 ms
64 bytes from 192.168.250.28: icmp_seq=4 ttl=64 time=0.335 ms
[root@Router-IP68 ]#
[root@Router-IP68 ]#
[root@Router-IP68 ]#
# 至此路由角色的主机全部配置完成
2.4 LVS 主机
# 验证防火墙、Selinux关闭;修改主机名、同步时间等操作系统优化[root@CentOS84 ]#hostnamectl set-hostname LVS-IP08
[root@CentOS84 ]#exit
logout
[root@LVS-IP08 ]#systemctl enable --now chronyd.service
# 先安装好LVS的管理工具包 ipvsadm 后面需要修改网卡信息,不能连接外网了,所以要先下载
[root@LVS-IP08 ]#yum -y install ipvsadm
[root@LVS-IP08 ]#
[root@LVS-IP08 ]#vim /etc/sysconfig/network-scripts/ifcfg-Profile_1
TYPE=Ethernet
DEVICE=eth0
NAME="eth0"
IPADDR=192.168.250.8
PREFIX=24
GATEWAY=192.168.250.68
DEFROUTE=yes
ONBOOT=yes
# 使得网卡配置生效
[root@LVS-IP08 ]#nmcli con reload
[root@LVS-IP08 ]#nmcli con up eth0
# 查看路由信息及网卡信息
[root@LVS-IP08 ]#ip route
default via 192.168.250.68 dev eth0 proto static metric 100
192.168.250.0/24 dev eth0 proto kernel scope link src 192.168.250.8 metric 100
[root@LVS-IP08 ]#ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:50:56:a3:9e:ee brd ff:ff:ff:ff:ff:ff
inet 192.168.250.8/24 brd 192.168.250.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
3. IPVS相关的配置
任务及过程:需要完成后端RS主机和LVS服务器于LVS相关的调试。先完成后端RS的全局和环回接口上限制arp响应和通告的级别,并在lo接口上设好VIP地址;再在LVS上去完成在lo接口上设好VIP地址,并配置好ipvs的集群和规则。
3.1 后端RS的IPVS配置
3.1.1 RS1 与IPVS相关的配置
#### RS1 与IPVS相关的配置# 全局和环回接口上限制arp响应和通告的级别
[root@RS1-IP18 ]#echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
[root@RS1-IP18 ]#echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
[root@RS1-IP18 ]#echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
[root@RS1-IP18 ]#echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
[root@RS1-IP18 ]#
# 查看网卡信息
[root@RS1-IP18 ]#ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:50:56:a3:e8:6b brd ff:ff:ff:ff:ff:ff
inet 192.168.250.18/24 brd 192.168.250.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
# lo环回接口上添加增加VIP
[root@RS1-IP18 ]#ifconfig lo:1 192.168.250.111/32
# 查看验证添加后的网卡信息
[root@RS1-IP18 ]#ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet 192.168.250.111/0 scope global lo:1
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:50:56:a3:e8:6b brd ff:ff:ff:ff:ff:ff
inet 192.168.250.18/24 brd 192.168.250.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
3.1.2 RS2 与IPVS相关的配置
#### RS2 与IPVS相关的配置# 全局和环回接口上限制arp响应和通告的级别
[root@RS2-IP28 ]#
[root@RS2-IP28 ]#echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
[root@RS2-IP28 ]#echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
[root@RS2-IP28 ]#echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
[root@RS2-IP28 ]#echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
# 查看网卡信息
[root@RS2-IP28 ]#ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:50:56:a3:e2:bf brd ff:ff:ff:ff:ff:ff
inet 192.168.250.28/24 brd 192.168.250.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
# lo环回接口上添加增加VIP
[root@RS2-IP28 ]#ifconfig lo:1 192.168.250.111/32
# 查看验证添加后的网卡信息
[root@RS2-IP28 ]#ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet 192.168.250.111/0 scope global lo:1
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:50:56:a3:e2:bf brd ff:ff:ff:ff:ff:ff
inet 192.168.250.28/24 brd 192.168.250.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
3.2 LVS主机的IPVS相关配置
# lo环回接口上添加增加VIP[root@LVS-IP08 ]#ifconfig lo:1 192.168.250.111/32
# 查看网卡信息
[root@LVS-IP08 ]#route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.250.68 0.0.0.0 UG 100 0 0 eth0
192.168.250.0 0.0.0.0 255.255.255.0 U 100 0 0 eth0
[root@LVS-IP08 ]#ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet 192.168.250.111/0 scope global lo:1
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:50:56:a3:9e:ee brd ff:ff:ff:ff:ff:ff
inet 192.168.250.8/24 brd 192.168.250.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
#### 配置LVS集群和LVS 规则
#先查看默认信息
[root@LVS-IP08 ]#ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
# 配置集群
[root@LVS-IP08 ]#ipvsadm -A -t 192.168.250.111:80 -s rr
# 验证配置
[root@LVS-IP08 ]#ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.250.111:80 rr
# 添加LVS规则,下面两条都是是有实体RS对应的规则
[root@LVS-IP08 ]#ipvsadm -a -t 192.168.250.111:80 -r 192.168.250.18 -g
[root@LVS-IP08 ]#ipvsadm -a -t 192.168.250.111:80 -r 192.168.250.28 -g
# 添加一条后端没有实体RS对应的规则,也就是192.168.250.38服务器不存在
[root@LVS-IP08 ]#
[root@LVS-IP08 ]#ipvsadm -a -t 192.168.250.111:80 -r 192.168.250.38:8888 -g
[root@LVS-IP08 ]#ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.250.111:80 rr
-> 192.168.250.18:80 Route 1 0 0
-> 192.168.250.28:80 Route 1 0 0
-> 192.168.250.38:80 Route 1 0 0
# 通过上面的信息看到虽然在第三条规则中定义了8888端口,但是默认并不支持,被强制修改成默认80
# 上面的配置完成后在client端看到的实际效果如下,符合设定的逻辑:轮询,无后端RS报错,无后端健康检查
[root@Client-IP48 ]#while :;do curl 192.168.250.111;sleep 1;done
curl: (7) Failed to connect to 192.168.250.111 port 80: No route to host
RS2-IP28 IP:192.168.250.28
RS1-IP18 IP:192.168.250.18
curl: (7) Failed to connect to 192.168.250.111 port 80: No route to host
RS2-IP28 IP:192.168.250.28
RS1-IP18 IP:192.168.250.18
# 删除第三条不正确的规则
[root@LVS-IP08 ]#ipvsadm -d -t 192.168.250.111:80 -r 192.168.250.38
[root@LVS-IP08 ]#
# 再在client端观察输出信息
[root@Client-IP48 ]#while :;do curl 192.168.250.111;sleep 1;done
RS2-IP28 IP:192.168.250.28
RS1-IP18 IP:192.168.250.18
RS2-IP28 IP:192.168.250.28
RS1-IP18 IP:192.168.250.18
# 保存配置,并以服务方式开启启动LVS
[root@LVS-IP08 ]#ipvsadm -Sn > /etc/sysconfig/ipvsadm
[root@LVS-IP08 ]#systemctl enable --now ipvsadm.service
4. 测试访问
基本过程:在Client-IP48启用自动访问命令;在两台RS上观测日志
### 在client终端开启下面的命令,在RS上监看日志输出[root@Client-IP48 ]#while :;do curl 192.168.250.111;sleep 1;done
RS2-IP28 IP:192.168.250.28
RS1-IP18 IP:192.168.250.18
RS2-IP28 IP:192.168.250.28
RS1-IP18 IP:192.168.250.18
RS2-IP28 IP:192.168.250.28
RS1-IP18 IP:192.168.250.18
RS2-IP28 IP:192.168.250.28
RS1-IP18 IP:192.168.250.18
RS2-IP28 IP:192.168.250.28
RS1-IP18 IP:192.168.250.18
RS2-IP28 IP:192.168.250.28
RS1-IP18 IP:192.168.250.18
RS2-IP28 IP:192.168.250.28
RS1-IP18 IP:192.168.250.18
RS2-IP28 IP:192.168.250.28
RS1-IP18 IP:192.168.250.18
RS2-IP28 IP:192.168.250.28
^C
[root@Client-IP48 ]#
# RS1上的日志输出信息
[root@RS1-IP18 ]#tail -f /var/log/httpd/access_log -n0
172.16.0.48 - - [22/Mar/2022:00:28:07 +0800] "GET / HTTP/1.1" 200 28 "-" "curl/7.61.1"
172.16.0.48 - - [22/Mar/2022:00:28:09 +0800] "GET / HTTP/1.1" 200 28 "-" "curl/7.61.1"
172.16.0.48 - - [22/Mar/2022:00:28:11 +0800] "GET / HTTP/1.1" 200 28 "-" "curl/7.61.1"
172.16.0.48 - - [22/Mar/2022:00:28:13 +0800] "GET / HTTP/1.1" 200 28 "-" "curl/7.61.1"
172.16.0.48 - - [22/Mar/2022:00:28:15 +0800] "GET / HTTP/1.1" 200 28 "-" "curl/7.61.1"
172.16.0.48 - - [22/Mar/2022:00:28:17 +0800] "GET / HTTP/1.1" 200 28 "-" "curl/7.61.1"
172.16.0.48 - - [22/Mar/2022:00:28:19 +0800] "GET / HTTP/1.1" 200 28 "-" "curl/7.61.1"
172.16.0.48 - - [22/Mar/2022:00:28:21 +0800] "GET / HTTP/1.1" 200 28 "-" "curl/7.61.1"
# RS2上的日志输出信息
[root@RS2-IP28 ]#tail -f /var/log/httpd/access_log -n0
172.16.0.48 - - [22/Mar/2022:00:28:06 +0800] "GET / HTTP/1.1" 200 27 "-" "curl/7.61.1"
172.16.0.48 - - [22/Mar/2022:00:28:08 +0800] "GET / HTTP/1.1" 200 27 "-" "curl/7.61.1"
172.16.0.48 - - [22/Mar/2022:00:28:10 +0800] "GET / HTTP/1.1" 200 27 "-" "curl/7.61.1"
172.16.0.48 - - [22/Mar/2022:00:28:12 +0800] "GET / HTTP/1.1" 200 27 "-" "curl/7.61.1"
172.16.0.48 - - [22/Mar/2022:00:28:14 +0800] "GET / HTTP/1.1" 200 27 "-" "curl/7.61.1"
172.16.0.48 - - [22/Mar/2022:00:28:16 +0800] "GET / HTTP/1.1" 200 27 "-" "curl/7.61.1"
172.16.0.48 - - [22/Mar/2022:00:28:18 +0800] "GET / HTTP/1.1" 200 27 "-" "curl/7.61.1"
172.16.0.48 - - [22/Mar/2022:00:28:20 +0800] "GET / HTTP/1.1" 200 27 "-" "curl/7.61.1"
172.16.0.48 - - [22/Mar/2022:00:28:22 +0800] "GET / HTTP/1.1" 200 27 "-" "curl/7.61.1"