LVS配置手册
snow chuai汇总、整理、撰写---2020/2/2
最后更新日期---2020/09/27
1. LVS-NAT配置
1) 拓扑
+----------+
| Client |
+-----+----+
eth0|192.168.188.250/24
gw|192.168.188.254
|
eth0|192.168.188.254/24
+----------+
| LVS |
| Router |
| node1 |
+-----+----+
eth1|192.168.10.11/24
|
+------------+ | +------------+
| Backend1 |192.168.10.12|192.168.10.13| Backend2 |
| Web Server +-------------+-------------+ Web Server |
| node2 | | node3 |
+------------+eth0 eth0+------------+
GW:192.168.10.11 GW:192.168.10.11
2) 实现LVS-NAT
[root@node1 ~]# yum install ipvsadm -y
[root@node1 ~]# vim lvs-nat.sh
#! /bin/bash
iptables -F
iptables -t nat -F
iptables -t mangle -F
iptables -t nat -A POSTROUTING -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward
ipvsadm -C
ipvsadm -A -t 192.168.188.254:80 -s rr
ipvsadm -a -t 192.168.188.254:80 -r 192.168.10.12:80 -m
ipvsadm -a -t 192.168.188.254:80 -r 192.168.10.13:80 -m
[root@node1 ~]# chmod 700 lvs-nat.sh
[root@node1 ~]# ./lvs-nat.sh
3) 客户端测试
[root@client ~]# curl 192.168.188.254
node2.1000cc.net
[root@client ~]# curl 192.168.188.254
node3.1000cc.net
|
2. LVS-TUN配置
1) 拓扑
+----------+
| Client |
+-----+----+
eth0|192.168.10.15/24
|
+----------+
| LVS |
| node1 |
+-----+----+
eth1|192.168.10.11/24
vip |192.168.10.250/24
+------------+ | +------------+
| Backend1 |192.168.10.12|192.168.10.13| Backend2 |
| Web Server +-------------+-------------+ Web Server |
| node2 | | node3 |
+------------+eth0 eth0+------------+
2) 实现LVS-TUN(LVS Server上配置)
[root@node1 ~]# yum install ipvsadm -y
[root@node1 ~]# vim lvs-tun.sh
#!/bin/bash
VIP=192.168.10.250
RIP1=192.168.10.12
RIP2=192.168.10.13
/sbin/ipvsadm -C
/sbin/ifconfig eth0:0 $VIP broadcast $VIP netmask 255.255.255.255 up
/sbin/route add -host $VIP dev eth0:0
/sbin/ipvsadm -A -t $VIP:80 -s wlc
/sbin/ipvsadm -a -t $VIP:80 -r $RIP1:80 -i -w 1
/sbin/ipvsadm -a -t $VIP:80 -r $RIP2:80 -i -w 1
[root@node1 ~]# chmod 700 lvs-tun.sh
[root@node1 ~]# ./lvs-tun.sh
3) 实现LVS-TUN(Real Server上配置)
# 配置node2
[root@node2 ~]# vim lvs-real-tun.sh
#!/bin/bash
VIP=192.168.10.250
/sbin/ifconfig tunl0 down
/sbin/ifconfig tunl0 up
echo 1 > /proc/sys/net/ipv4/conf/tunl0/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/tunl0/arp_announce
echo 0 > /proc/sys/net/ipv4/conf/tunl0/rp_filter
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter
/sbin/ifconfig tunl0 $VIP broadcast $VIP netmask 255.255.255.255 up
/sbin/route add -host $VIP dev tunl0
[root@node2 ~]# chmod 700 lvs-real-tun.sh
[root@node2 ~]# ./lvs-real-tun.sh
# 配置node3
[root@node3 ~]# vim lvs-real-tun.sh
#!/bin/bash
VIP=192.168.10.250
/sbin/ifconfig tunl0 down
/sbin/ifconfig tunl0 up
echo 1 > /proc/sys/net/ipv4/conf/tunl0/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/tunl0/arp_announce
echo 0 > /proc/sys/net/ipv4/conf/tunl0/rp_filter
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter
/sbin/ifconfig tunl0 $VIP broadcast $VIP netmask 255.255.255.255 up
/sbin/route add -host $VIP dev tunl0
[root@node3 ~]# chmod 700 lvs-real-tun.sh
[root@node3 ~]# ./lvs-real-tun.sh
4) 客户端测试
[root@client ~]# curl 192.168.10.250
node3.1000cc.net
[root@client ~]# curl 192.168.10.250
node2.1000cc.net
|
3. LVS-DR配置
1) 拓扑
+----------+
| Client |
+-----+----+
eth0|192.168.188.250/24
|
eth0|192.168.188.1/24
+----------+
| Router |
+-----+----+
eth1|192.168.10.1/24
|
eth1 |192.168.10.11/24
+----------+
| LVS |
| node1 |
+-----+----+
vip|192.168.10.250/24
|
+------------+ | +------------+
| Backend1 |192.168.10.12|192.168.10.13| Backend2 |
| Web Server +-------------+-------------+ Web Server |
| node2 | | node3 |
+------------+ eth0 eth0+------------+
2) 实现LVS-DR(LVS Server上配置)
[root@node1 ~]# yum install ipvsadm -y
[root@node1 ~]# vim lvs-dr.sh
#!/bin/bash
VIP=192.168.10.250
RIP1=192.168.10.12
RIP2=192.168.10.13
/sbin/ipvsadm -C
/sbin/ifconfig eth0:0 $VIP broadcast $VIP netmask 255.255.255.255 up
/sbin/route add -host $VIP dev eth0:0
/sbin/ipvsadm -A -t $VIP:80 -s wlc
/sbin/ipvsadm -a -t $VIP:80 -r $RIP1:80 -g -w 1
/sbin/ipvsadm -a -t $VIP:80 -r $RIP2:80 -g -w 1
[root@node1 ~]# chmod 700 lvs-dr.sh
[root@node1 ~]# ./lvs-dr.sh
3) 实现LVS-DR(Real Server上配置)
# 配置node2
[root@node2 ~]# vim lvs-real-dr.sh
#! /bin/bash
VIP=192.168.10.250
ifconfig lo:0 $VIP netmask 255.255.255.255 broadcast $VIP
/sbin/route add -host $VIP dev lo:0
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
[root@node2 ~]# chmod 700 lvs-real-dr.sh
[root@node2 ~]# ./lvs-real-dr.sh
# 配置node3
[root@node3 ~]# vim lvs-real-dr.sh
#! /bin/bash
VIP=192.168.10.250
ifconfig lo:0 $VIP netmask 255.255.255.255 broadcast $VIP
/sbin/route add -host $VIP dev lo:0
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
[root@node3 ~]# chmod 700 lvs-real-dr.sh
[root@node3 ~]# ./lvs-real-dr.sh
4) 客户端测试
[root@client ~]# curl 192.168.10.250
node3.1000cc.net
[root@client ~]# curl 192.168.10.250
node2.1000cc.net
|
如对您有帮助,请随缘打个赏。^-^