一、lvs三种工作模式
1.NAT模式:通过网络地址转换实现的虚拟服务器。Director Server将用户请求报文的目的地址改成选定的Real Server地址后,转发给Real Server,大并发访问时,Director Server的性能成为瓶颈
2.TUN模式:通过隧道模式实现虚拟服务器。Director Server采用隧道技术将请求发至Real Server后,Real Server直接相应客户端。
3.DR模式:直接使用路由技术是心啊虚拟服务器。通过改写请求报文的MAC地址,将请求发至Real Server,Real Server直接响应客户端。
最常用DR模式,其次nat模式。
二、lvs相关术语
1. DS:调度服务器 Director Server,指的是前端负载均衡器节点。
2. RS:真是服务器 Real Server。后端真实的工作服务器。
3. VIP:向外部直接面向用户请求,作为用户请求的目标的IP地址。
4. DIP:Director Server IP,调度器和真是服务器通讯的IP地址。
5. RIP:Real Server IP,后端真实服务器的IP地址。
6. CIP:Client IP,访问客户端的IP地址。
三、lvs十种调度算法
常用前四种
1.轮询(Round Robin)RR: 将客户端请求平均分发到Real Server。
2.加权轮询(Weighted Round Robin)WRR:根据Real Server 权重值进行轮询的调度。
3.最少连接(Least Connections)LC:选择连接最少的服务器。
4.加权最少连接(Weighted Least Connections)WLC:根据Real Server 权重值,选择连接数最少的服务器。
5.源地址散列(Source Hashing)SH:根据请求的源IP地址,作为散列键(Hash Key)从静态分配的散列表找出对应的服务器。
6.目标地址散列调度(Destination Hashing ) DH:与SH相反的是,DH根据请求的目标IP地址,作为散列键(Hash Key)从静态分配的散列表找出对应的服务器。
7.基于局部性的最少链接(Locality-Based Least Connections)LBLC:主要是针对请求报文的目标IP地址的负载均衡调度,目前主要使用Cache集群系统。LBLC调度算法先根据请求的目标IP地址找出该目标IP地址最近使用的服务器,若该服务器时可以用的且没有超载,将请求发送到该服务器,若服务器不存在,或者该服务器超载且有服务器处于一半的工作负载,则使用“LC最少连接”的原则选出一个可用的服务器,将请求发送到服务器。
8.带复制的基于局部性的最少连接(Locality-Based Least Connections with Replication)LBLCR:算法也是针对目标IP地址的负载均衡,目前也主要用于Cache集群系统。它与LBLC算法不通之处时它要维护从一个目标IP地址到一组服务器的映射,而LBLC算法维护从一个目标IP地址到一台服务器的映射。
9.最短的期望的延迟调度(Shortest Expected Delay) SED:SED基于WLC算法,将请求以最短的期望的延迟方式到服务器,计算当前realserver 的负载情况计算方法:(active+1)*256/weight=overhead。
10.最少队列调度(Never Queue)NQ:如果realserver的连接数等于0就直接分配到该服务器,但是此服务器并不一定是最快的那台,如果所有服务器都是繁忙状态,它采取最短的期望延迟分配请求。
四、部署LVS的NAT模式
方案
| IP地址 | 主机名 | |
| 客户端 | eth0(cip) 192.168.4.100 | vmctl5 |
| 调度器 | eth0(vip) 192.168.4.5 eth1(dip) 192.168.2.5 | vmctl1 |
| 后端服务器1 | eth0(rip) 192.168.2.100 网关配置成 192.168.2.5 | vmctl2 |
| 后端服务器2 | etho(rip) 192.168.2.200 网关配置成 192.168.2.5 | vmctl3 |
使用4台虚拟机,1台作为Director调度器、2台Real Server、1台客户端,结构如下图所示:
ipvsadm相关命令
ipvsadm -A 添加虚拟服务器 ipvsadm -a 添加真实服务器
ipvsadm -E 修改虚拟服务器 ipvsadm -e 修改真实服务器
ipvsadm -D 删除虚拟服务器 ipvsadm -d 删除真是服务器
ipvsadm -C 清空所有 ipvsadm -L 查看LVS规则表
-s [rr|wrr|lc|wlc] 指定集群算法
ipvsadm -a -t|u 192.168.4.5:8080 -r 192.168.2.100 [-g|i|m] [-w 权重] 添加真实服务器-g DR模式,-i 隧道模式,-m NAT模式
ipvsadm -e -t|u 192.168.4.5:8080 -r 192.168.2.100 [-g|i|m] [-w 权重] 修改真实服务器
ipvsadm -d -t|u 192.168.4.5:8080 -r 192.168.2.100 删除真实服务器
ipvsadm -Ln 查看LVS规则表
1、后端服务器1 vmctl2 部署
#1、配置网卡信息
[root@vmctl2 ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
NAME=eth0
DEVICE=TYPE=Ethernet
IPADDR=192.168.2.100
NATMASK=255.255.255.0
ONBOOT=yes
BOOTPROTO=static
GATEWAY=192.168.2.5 #网关配置成调度器的dip
#2、启动tomcat,并访问测试页面
[root@vmctl2 ~]# /mnt/apache-tomcat-8.0.30/bin/startup.sh
[root@vmctl2 ~]# cat /mnt/apache-tomcat-8.0.30/webapps/ipvnat/index.html
192.168.2.100
[root@vmctl2 ~]# curl http://192.168.2.100:8080/ipvnat/index.html
192.168.2.100
[root@vmctl2 ~]# cat /mnt/apache-tomcat-8.0.30/logs/localhost_access_log.2020-06-29.txt
192.168.2.100 - - [29/Jun/2020:04:40:18 -0700] "GET /ipvnat/index.html HTTP/1.1" 200 142、后端服务器2 vmctl3 部署
#配置网卡信息
[root@vmctl3 ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
NAME=eth0
DEVICE=eth0
TYPE=Ethernet
IPADDR=192.168.2.200
NATMASK=255.255.255.0
ONBOOT=yes
BOOTPROTO=static
GATEWAY=192.168.2.5 #网关配置成调度器的dip
#启动tomcat,并测试
[root@vmctl3 ~]# /mnt/apache-tomcat-8.0.30/bin/startup.sh
[root@vmctl3 ~]# cat /mnt/apache-tomcat-8.0.30/webapps/ipvnat/index.html
192.168.2.200
[root@vmctl3 ~]# curl http://192.168.2.200:8080/ipvnat/index.html
192.168.2.200
[root@vmctl3 ~]# cat /mnt/apache-tomcat-8.0.30/logs/localhost_access_log.2020-06-29.txt
192.168.2.200 - - [29/Jun/2020:19:42:44 +0800] "GET /ipvnat/index.html HTTP/1.1" 200 143、调度器 vmctl1 部署
确认调度器的路由转发功能是开启的(如果已开启,可以忽略)
[root@vmctl1 ~]$echo 1 > /proc/sys/net/ipv4/ip_forward
[root@vmctl1 ~]$cat /proc/sys/net/ipv4/ip_forward
1
#修改配置文件,设置永久规则
[root@vmctl1 ~]$echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf
[root@vmctl1 ~]$tail -1 /etc/sysctl.conf
net.ipv4.ip_forward = 1
[root@vmctl1 ~]$
#配置网卡信息
[root@vmctl1 ~]$ls /etc/sysconfig/network-scripts/
ifcfg-eth0 ifdown-ipv6 ifdown-tunnel ifup-isdn ifup-TeamPort
ifcfg-eth1 ifdown-isdn ifup ifup-plip ifup-tunnel
ifcfg-lo ifdown-post ifup-aliases ifup-plusb ifup-wireless
ifdown ifdown-ppp ifup-bnep ifup-post init.ipv6-global
ifdown-bnep ifdown-routes ifup-eth ifup-ppp network-functions
ifdown-eth ifdown-sit ifup-ib ifup-routes network-functions-ipv6
ifdown-ib ifdown-Team ifup-ippp ifup-sit
ifdown-ippp ifdown-TeamPort ifup-ipv6 ifup-Team
#网卡eth0
[root@vmctl1 ~]$cat /etc/sysconfig/network-scripts/ifcfg-eth0
NAME=eth0
DEVICE=eth0
TYPE=Ethernet
IPADDR=192.168.4.5
NATMASK=255.255.255.0
ONBOOT=yes
BOOTPROTO=static
#网卡eth1
[root@vmctl1 ~]$cat /etc/sysconfig/network-scripts/ifcfg-eth1
NAME=eth1
DEVICE=eth1
TYPE=Ethernet
IPADDR=192.168.2.5
NATMASK=255.255.255.0
ONBOOT=yes
BOOTPROTO=static
#安装ipvsadm软件包
[root@vmctl1 ~]$yum -y install ipvsadm
#创建集群服务,采用加权轮询算法 wrr
[root@vmctl1 ~]$ipvsadm -A -t 192.168.4.5:8080 -s wrr
[root@vmctl1 ~]$ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.4.5:8080 wrr
[root@vmctl1 ~]$
#添加真实服务器,参数-m代表nat模式,2,100权重是1, 2.200权重是2
[root@vmctl1 ~]$ipvsadm -a -t 192.168.4.5:8080 -r 192.168.2.100 -w 1 -m
[root@vmctl1 ~]$ipvsadm -a -t 192.168.4.5:8080 -r 192.168.2.200 -w 2 -m
[root@vmctl1 ~]$ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.4.5:8080 wrr
-> 192.168.2.100:8080 Masq 1 0 0
-> 192.168.2.200:8080 Masq 2 0 0
[root@vmctl1 ~]$
#保存永久规则
[root@vmctl1 ~]$ipvsadm-save -n > /etc/sysconfig/ipvsadm
[root@vmctl1 ~]$cat /etc/sysconfig/ipvsadm
-A -t 192.168.4.5:8080 -s wrr
-a -t 192.168.4.5:8080 -r 192.168.2.100:8080 -m -w 1
-a -t 192.168.4.5:8080 -r 192.168.2.200:8080 -m -w 2
[root@vmctl1 ~]$
4、客户端vmctl5,测试
经过测试会发现,后端真是服务器记录的调度器192.168.4.5的地址。
NAT模式下,一个请求的过程:客户端发出请求到调度器,调度器根据配置的算法,把请求分发给后端真实服务器,后端真实服务器处理后把结果返回给调度器,最后调度器再把请求返回给客户端。所以大并发访问时,调度器成为瓶颈。
[root@vmctl5 ~]# curl http://192.168.4.5:8080/ipvnat/index.html
192.168.2.100
[root@vmctl5 ~]# curl http://192.168.4.5:8080/ipvnat/index.html
192.168.2.200
[root@vmctl5 ~]# curl http://192.168.4.5:8080/ipvnat/index.html
192.168.2.200
[root@vmctl5 ~]#
[root@vmctl5 ~]# curl http://192.168.4.5:8080/ipvnat/index.html
192.168.2.100
[root@vmctl5 ~]# curl http://192.168.4.5:8080/ipvnat/index.html
192.168.2.200
[root@vmctl5 ~]# curl http://192.168.4.5:8080/ipvnat/index.html
192.168.2.200
[root@vmctl5 ~]#
#调度器上InActConn列显示真是服务器的访问次数
[root@vmctl1 ~]$ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.4.5:8080 wrr
-> 192.168.2.100:8080 Masq 1 0 2
-> 192.168.2.200:8080 Masq 2 0 4
[root@vmctl1 ~]$
#后端服务器1,上查看访问日志
[root@vmctl2 ~]# cat /mnt/apache-tomcat-8.0.30/logs/localhost_access_log.2020-06-29.txt
192.168.2.100 - - [29/Jun/2020:19:42:18 -0700] "GET /ipvnat/index.html HTTP/1.1" 200 14
192.168.4.100 - - [29/Jun/2020:20:48:51 -0700] "GET /ipvnat/index.html HTTP/1.1" 200 14
192.168.4.100 - - [29/Jun/2020:20:48:56 -0700] "GET /ipvnat/index.html HTTP/1.1" 200 14
[root@vmctl2 ~]#
#后端服务器2,上查看访问日志
[root@vmctl3 ~]# cat /mnt/apache-tomcat-8.0.30/logs/localhost_access_log.2020-06-29.txt
192.168.2.200 - - [29/Jun/2020:19:42:44 +0800] "GET /ipvnat/index.html HTTP/1.1" 200 14
192.168.4.100 - - [29/Jun/2020:20:48:52 +0800] "GET /ipvnat/index.html HTTP/1.1" 200 14
192.168.4.100 - - [29/Jun/2020:20:48:53 +0800] "GET /ipvnat/index.html HTTP/1.1" 200 14
192.168.4.100 - - [29/Jun/2020:20:48:57 +0800] "GET /ipvnat/index.html HTTP/1.1" 200 14
192.168.4.100 - - [29/Jun/2020:20:48:57 +0800] "GET /ipvnat/index.html HTTP/1.1" 200 14
[root@vmctl3 ~]#
5、部署LVS的DR模式
| IP地址 | 主机名 | |
| 客户端 | eth0(cip) 192.168.2.210 | vmctl6 |
| 调度器 | eth0(dip) 192.168.2.160 eth0:0(vip) 192.168.2.150 | vmctl4 |
| 真实服务器1 | eth0(rip) 192.168.2.100 lo:0 192.168.2.150/32 注意掩码是32位 | vmctl2 |
| 真实服务器2 | eth0(rip) 192.168.2.200 lo:0 192.168.2.150/32 注意掩码是32位 | vmctl3 |
说明:vip是对客户端提供服务的IP地址,rip是后端真实服务器的ip地址,dip是调度器和后端服务器通信的ip地址(vip必须配置在虚拟接口)
注意:为了防止冲突,vip必须配置在网卡的虚拟接口。调度器使用dip和rip通信,否则会出现192.168.2.150和192.168.2.150通信。
1、真实服务器1 vmctl2 详细操作如下,
#配置vmctl2的网络信息,记得关闭selinux和firewalld
[root@vmctl2 network-scripts]# cd /etc/sysconfig/network-scripts/
[root@vmctl2 network-scripts]# ls
ifcfg-eth0 ifdown-isdn ifup ifup-plip ifup-tunnel
ifcfg-lo ifdown-post ifup-aliases ifup-plusb ifup-wireless
ifdown ifdown-ppp ifup-bnep ifup-post init.ipv6-global
ifdown-bnep ifdown-routes ifup-eth ifup-ppp network-functions
ifdown-eth ifdown-sit ifup-ib ifup-routes network-functions-ipv6
ifdown-ib ifdown-Team ifup-ippp ifup-sit
ifdown-ippp ifdown-TeamPort ifup-ipv6 ifup-Team
ifdown-ipv6 ifdown-tunnel ifup-isdn ifup-TeamPort
[root@vmctl2 network-scripts]# cp ifcfg-lo{,:0}
[root@vmctl2 network-scripts]# vim ifcfg-lo:0
DEVICE=lo:0
IPADDR=192.168.2.150
NETMASK=255.255.255.255
NETWORK=192.168.2.150
BROADCAST=192.168.2.150
ONBOOT=yes
NAME=lo:0
[root@vmctl2 network-scripts]# vim ifcfg-eth0
NAME=eth0
DEVICE=eth0
TYPE=Ethernet
IPADDR=192.168.2.100
NATMASK=255.255.255.0
ONBOOT=yes
BOOTPROTO=static
注意:lo:0 也配置了和调度器的vip一样的ip地址,默认肯定会出现冲突
下面修改配置文件永久有效,主要目的就是实现访问 192.168.2.150的数据包,只有调度器会响应,其他主机不做任何响应
[root@vmctl2 network-scripts]# vim /etc/sysctl.conf
#添加如下4行内容
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.lo.arp_announce = 2
#当有arp广播问谁是192.168.2.150时,本机忽略该arp广播,不做任何回应
#本机不要向外宣告自己的lo回环地址是192.168.2.150
#重启网络生效
[root@vmctl2 ~]# systemctl restart network
[root@vmctl2 ~]# cat /proc/sys/net/ipv4/conf/all/arp_ignore
1
[root@vmctl2 ~]# cat /proc/sys/net/ipv4/conf/all/arp_announce
2
#查看网卡信息
[root@vmctl2 ~]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.2.100 netmask 255.255.255.0 broadcast 192.168.2.255
inet6 fe80::20c:29ff:fee7:d43 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:e7:0d:43 txqueuelen 1000 (Ethernet)
RX packets 12655 bytes 1135581 (1.0 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 9003 bytes 956550 (934.1 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1 (Local Loopback)
RX packets 928 bytes 74539 (72.7 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 928 bytes 74539 (72.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo:0: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 192.168.2.150 netmask 255.255.255.255
loop txqueuelen 1 (Local Loopback)
#安装tomcat就不写了
[root@vmctl2 ~]# curl http://192.168.2.100:8080/ipvnat/index.html
192.168.2.100
[root@vmctl2 ~]# tail -1 /mnt/apache-tomcat-8.0.30/logs/localhost_access_log.2020-06-29.txt
192.168.2.100 - - [29/Jun/2020:09:23:21 -0700] "GET /ipvnat/index.html HTTP/1.1" 200 14
[root@vmctl2 ~]#2、真实服务器2 vmctl3,详细操作如下,
[root@vmctl3 ~]# cd /etc/sysconfig/network-scripts/
[root@vmctl3 network-scripts]# ls
ifcfg-eth0 ifdown-isdn ifdown-tunnel ifup-isdn ifup-Team
ifcfg-lo ifdown-post ifup ifup-plip ifup-TeamPort
ifdown ifdown-ppp ifup-aliases ifup-plusb ifup-tunnel
ifdown-bnep ifdown-routes ifup-bnep ifup-post ifup-wireless
ifdown-eth ifdown-sit ifup-eth ifup-ppp init.ipv6-global
ifdown-ippp ifdown-Team ifup-ippp ifup-routes network-functions
ifdown-ipv6 ifdown-TeamPort ifup-ipv6 ifup-sit network-functions-ipv6
[root@vmctl3 network-scripts]# cp ifcfg-lo{,:0}
DEVICE=lo:0
IPADDR=192.168.2.150
NETMASK=255.255.255.255
NETWORK=192.168.2.150
BROADCAST=192.168.2.150
ONBOOT=yes
NAME=lo:0
[root@vmctl3 network-scripts]# vim ifcfg-eth0
NAME=eth0
DEVICE=eth0
TYPE=Ethernet
IPADDR=192.168.2.200
NATMASK=255.255.255.0
ONBOOT=yes
BOOTPROTO=static
[root@vmctl3 ~]# vim /etc/sysctl.conf
#添加下面的4行
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.lo.arp_announce = 2
#重启网络
[root@vmctl3 ~]# systemctl restart network
[root@vmctl3 ~]# cat /proc/sys/net/ipv4/conf/all/arp_ignore
1
[root@vmctl3 ~]# cat /proc/sys/net/ipv4/conf/all/arp_announce
2
[root@vmctl3 ~]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.2.200 netmask 255.255.255.0 broadcast 192.168.2.255
inet6 fe80::20c:29ff:fecb:9c00 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:cb:9c:00 txqueuelen 1000 (Ethernet)
RX packets 11836 bytes 1482516 (1.4 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 14151 bytes 1319836 (1.2 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1 (Local Loopback)
RX packets 57 bytes 4761 (4.6 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 57 bytes 4761 (4.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo:0: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 192.168.2.150 netmask 255.255.255.255
loop txqueuelen 1 (Local Loopback)
#安装启动tomcat,写测试页面
[root@vmctl3 ~]# curl http://192.168.2.200:8080/ipvnat/index.html
192.168.2.200
[root@vmctl3 ~]# tail -1 /mnt/apache-tomcat-8.0.30/logs/localhost_access_log.2020-06-29.txt
192.168.2.200 - - [29/Jun/2020:09:41:39 +0800] "GET /ipvnat/index.html HTTP/1.1" 200 14
[root@vmctl3 ~]#
3、调度器vmctl4,详细操作如下,
#配置网络信息
[root@vmctl4 network-scripts]# cd /etc/sysconfig/network-scripts/
[root@vmctl4 network-scripts]# ls
ifcfg-eth0 ifdown-isdn ifdown-tunnel ifup-isdn ifup-Team
ifcfg-lo ifdown-post ifup ifup-plip ifup-TeamPort
ifdown ifdown-ppp ifup-aliases ifup-plusb ifup-tunnel
ifdown-bnep ifdown-routes ifup-bnep ifup-post ifup-wireless
ifdown-eth ifdown-sit ifup-eth ifup-ppp init.ipv6-global
ifdown-ippp ifdown-Team ifup-ippp ifup-routes network-functions
ifdown-ipv6 ifdown-TeamPort ifup-ipv6 ifup-sit network-functions-ipv6
[root@vmctl4 network-scripts]# cp ifcfg-eth0{,:0}
[root@vmctl4 network-scripts]# vim ifcfg-eth0:0
NAME=eth0:0
DEVICE=eth0:0
TYPE=Ethernet
IPADDR=192.168.2.150
NATMASK=255.255.255.0
ONBOOT=yes
BOOTPROTO=static
#重启网络
[root@vmctl4 network-scripts]# systemctl restart network
[root@vmctl4 network-scripts]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.2.160 netmask 255.255.255.0 broadcast 192.168.2.255
inet6 fe80::20c:29ff:fea4:3e43 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:a4:3e:43 txqueuelen 1000 (Ethernet)
RX packets 648 bytes 63967 (62.4 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 331 bytes 49241 (48.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth0:0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.2.150 netmask 255.255.255.0 broadcast 192.168.2.255
ether 00:0c:29:a4:3e:43 txqueuelen 1000 (Ethernet)
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1 (Local Loopback)
RX packets 8 bytes 528 (528.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 8 bytes 528 (528.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
#安装ipvsadm
[root@vmctl4 network-scripts]# yum -y install ipvsadm
#参数-g代表DR模式,采用wrr算法,2.100权重1,2,200权重2
[root@vmctl4 ~]# ipvsadm -A -t 192.168.2.150:8080 -s wrr
[root@vmctl4 ~]# ipvsadm -a -t 192.168.2.150:8080 -r 192.168.2.100 -g -w 1
[root@vmctl4 ~]# ipvsadm -a -t 192.168.2.150:8080 -r 192.168.2.200 -g -w 2
[root@vmctl4 ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.2.150:8080 wrr
-> 192.168.2.100:8080 Route 1 0 0
-> 192.168.2.200:8080 Route 2 0 0
4、使用客户端测试
#客户端测试
[root@vmctl6 ~]# ifconfig eth0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.2.210 netmask 255.255.255.0 broadcast 192.168.2.255
inet6 fe80::20c:29ff:fe9b:e772 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:9b:e7:72 txqueuelen 1000 (Ethernet)
RX packets 240 bytes 26842 (26.2 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 84 bytes 12772 (12.4 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@vmctl6 ~]# curl http://192.168.2.150:8080/ipvnat/index.html
192.168.2.200
[root@vmctl6 ~]# curl http://192.168.2.150:8080/ipvnat/index.html
192.168.2.100
[root@vmctl6 ~]# curl http://192.168.2.150:8080/ipvnat/index.html
192.168.2.200
[root@vmctl6 ~]# curl http://192.168.2.150:8080/ipvnat/index.html
192.168.2.200
[root@vmctl6 ~]#
[root@vmctl6 ~]# curl http://192.168.2.150:8080/ipvnat/index.html
192.168.2.100
[root@vmctl6 ~]# curl http://192.168.2.150:8080/ipvnat/index.html
192.168.2.200
[root@vmctl6 ~]# curl http://192.168.2.150:8080/ipvnat/index.html
192.168.2.200
[root@vmctl6 ~]#
#调度器查看规则表,InActConn列,显示访问次数
[root@vmctl4 ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.2.150:8080 wrr
-> 192.168.2.100:8080 Route 1 0 2
-> 192.168.2.200:8080 Route 2 0 5
[root@vmctl4 ~]#
#真实服务器行查看访问记录日志,记录的是客户端的IP,不是调度器的IP
[root@vmctl2 ~]# cat /mnt/apache-tomcat-8.0.30/logs/localhost_access_log.2020-06-29.txt
192.168.2.100 - - [29/Jun/2020:09:23:21 -0700] "GET /ipvnat/index.html HTTP/1.1" 200 14
192.168.2.210 - - [29/Jun/2020:09:51:42 -0700] "GET /ipvnat/index.html HTTP/1.1" 200 14
192.168.2.210 - - [29/Jun/2020:09:51:54 -0700] "GET /ipvnat/index.html HTTP/1.1" 200 14
[root@vmctl2 ~]#
[root@vmctl3 ~]# cat /mnt/apache-tomcat-8.0.30/logs/localhost_access_log.2020-06-29.txt
192.168.2.200 - - [29/Jun/2020:09:41:39 +0800] "GET /ipvnat/index.html HTTP/1.1" 200 14
192.168.2.210 - - [29/Jun/2020:09:51:35 +0800] "GET /ipvnat/index.html HTTP/1.1" 200 14
192.168.2.210 - - [29/Jun/2020:09:51:38 +0800] "GET /ipvnat/index.html HTTP/1.1" 200 14
192.168.2.210 - - [29/Jun/2020:09:51:40 +0800] "GET /ipvnat/index.html HTTP/1.1" 200 14
192.168.2.210 - - [29/Jun/2020:09:51:51 +0800] "GET /ipvnat/index.html HTTP/1.1" 200 14
192.168.2.210 - - [29/Jun/2020:09:51:52 +0800] "GET /ipvnat/index.html HTTP/1.1" 200 14
[root@vmctl3 ~]# DR模式,一个请求过程:客户端发出请求到调度器,调度器根据算法把请求分发给后端真实服务器,后端真实服务器处理完成后,直接把处理结果返回客户端,调度器只分发请求不做回应。
NAT模式,后端真实服务器记录的是调度器的地址,DR模式,后端真实服务器记录的是客户端的地址,LVS最常用DR模式。
------------------------------------------------------------------------------------------------------------------------------------------------------
扩展知识:默认LVS不带健康检查功能,需要自己写动态监测脚本(参考脚本如下,仅供参考)
[root@vmctl4 ~]#vim check.sh
#!/bin/bash
VIP=192.168.2.150
RIP1=192.168.2.100
RIP2=192.168.2.200
while:
do
for IP in $RIP1 $RIP2
do
curl -s http://$IP:8080/ipvnat/index.html &>/dev/null
web_status=$?
ipvsadm -Ln | grep -q $IP
web_in_lvs=$?
if [ #web_status -ne 0 -a $web_in_lvs -eq 0 ];then
ipvsadm -d -t $VIP -r $IP #web服务挂了,删除这条规则
elif [ $web_status -eq 0 -a $web_in_lvs -ne 0 ];then
ipvsadm -a -t $VIP -r $IP #web服务正常,没有这条规则,就添加
fi
done
sleep 1
done
版权声明:本文为CSDN_xt_peng原创文章,遵循CC 4.0 BY-SA版权协议,转载请附上原文出处链接和本声明。