• lvs-dr模式


    lvs-dr 模式配置

    环境 IP 服务
    centos8

    eth0  NAT   DIP  192.168.248.202/24

    lo  VIP 192.168.248.240/32

    DR
    centos8

    eth0 NAT 192.168.248.200/24

    lo VIP 192.168.248.240/32

    RS1 httpd
    centos8

    eth0 NAT  192.168.248.201/24

    lo VIP 192.168.248.240/32

    RS2 httpd
    centos8

    192.168.248.129

    Client

    配置RS,两台RS都需要配置

    #临时生效,修改内核参数,关闭通过与应答
    [root@RS1 ~]# echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
    [root@RS1 ~]# echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
    [root@RS1 ~]# echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
    [root@RS1 ~]# echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce 
    [root@RS1 ~]#  ifconfig  lo:1  192.168.248.240/32
    [root@RS1 ~]# route add -host 192.168.248.240 dev lo
    #RS2 临时生效
    [root@RS2 ~]# echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
    [root@RS2 ~]# echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
    [root@RS2 ~]# echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
    [root@RS2 ~]# echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce 
    [root@RS2 ~]#  ifconfig  lo:1  192.168.248.240/32
    [root@RS2 ~]# route add -host 192.168.248.240 dev lo
    
    
    #RS1
    [root@RS1 ~]# yum -y  install httpd
    [root@RS1 ~]# echo RS1 > /var/www/html/index.html
    [root@RS1 ~]# systemctl  start httpd
    
    #RS2
    [root@RS2 ~]# yum -y  install httpd
    [root@RS2 ~]# echo RS2 > /var/www/html/index.html
    [root@RS2 ~]# systemctl  start httpd
    

    DR的配置

    [root@DR ~]  ifconfig  lo:1  192.168.248.240/32
    
    #配置路由信息
    [root@DR ~]# route add -host 192.168.248.240 dev lo
    
    [root@DR ~]# yum -y install ipvsadm
    
    #添加规则
    [root@DR ~]# ipvsadm -At 192.168.248.240:80 -s wrr
    [root@DR ~]# ipvsadm -at 192.168.248.240:80 -r 192.168.248.200 -g
    [root@DR ~]# ipvsadm -at 192.168.248.240:80 -r 192.168.248.201 -g
    

    Client上测试访问

    [root@Client ~]# for i in `seq 5`;do curl 192.168.248.240;done
    RS1
    RS2
    RS1
    RS2
    RS1
    

    实现HTTPS负载均衡集群

    #RS上安装mod_ssl
    [root@RS1 ~]# yum -y install mod_ssl
    [root@RS2 ~]# yum -y install mod_ssl
    
    #这里就不做证书,使用默认的证书,重启服务查看443是否启动
    [root@RS1 ~]# systemctl  restart httpd
    [root@RS2 ~]# systemctl  restart httpd
    
    #443端口已经起来
    [root@RS1 ~]# ss -antl
    State          Recv-Q         Send-Q                 Local Address:Port                  Peer Address:Port         
    LISTEN         0              128                          0.0.0.0:22                         0.0.0.0:*            
    LISTEN         0              128                                *:80                               *:*            
    LISTEN         0              128                             [::]:22                            [::]:*            
    LISTEN         0              128                                *:443 
    

    DR上配置规则

    [root@DR ~]# ipvsadm -At 192.168.248.240:443 -s wrr
    [root@DR ~]# ipvsadm -at 192.168.248.240:443 -r 192.168.248.200 -g
    [root@DR ~]# ipvsadm -at 192.168.248.240:443 -r 192.168.248.201 -g
    

    Client上访问

    [root@Client ~]# for i in `seq 5`;do curl -k https://192.168.248.240;curl http://192.168.248.240 ;done
    RS2
    RS2
    RS1
    RS1
    RS2
    RS2
    RS1
    RS1
    RS2
    RS2
    

    添加防火墙标签

    [root@DR ~]# iptables -t mangle -A PREROUTING -d 192.168.248.240 -p tcp -m multiport --dports 80,443 -j MARK --set-mark 999
    
    [root@DR ~]# ipvsadm -C
    [root@DR ~]# ipvsadm -Af 999 -s wrr
    [root@DR ~]# ipvsadm -af 999 -r 192.168.248.200 -g
    [root@DR ~]# ipvsadm -af 999 -r 192.168.248.201 -g
    

    访问测试

    [root@Client ~]# for i in `seq 5`;do curl -k https://192.168.248.240;curl http://192.168.248.240 ;done
    RS2
    RS1
    RS2
    RS1
    RS2
    RS1
    RS2
    RS1
    RS2
    RS1
    
  • 相关阅读:
    格式化输出数字
    传教士经验
    集合
    替换
    连接
    填充
    取值
    分割
    创建日历和日期列表
    常用日期格式
  • 原文地址:https://www.cnblogs.com/diqiyao/p/14743188.html
Copyright © 2020-2023  润新知