The Linux Virtual Server is a highly scalable and highly available server built on a cluster of real servers, with the load balancer running on the Linux operating system.
环境拓扑#
转发逻辑#
客户端发送请求包;(CIP -> VIP)
direcotr 接收并修改请求包(CIP -> VIP 变为 CIP -> RIP)
Real Server 处理并回复(RIP -> DIP)
director 接收并修改回复包(RIP -> DIP 变为 VIP -> CIP)
director#
基础配置#
# 1. 启用网卡
ip link set ens3 up
ip link set ens4 up
# 2. 配置网卡
ip addr add 172.16.1.1/24 dev ens3
ip addr add 192.168.1.10/24 dev ens4
ip route add default via 192.168.1.1 dev ens4
# 3.ipv4转发
echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
sysctl -p
配置lvs#
ipvsadm -A -t 192.168.1.10:80 -s rr
ipvsadm -a -t 192.168.1.10:80 -r 172.16.1.11:80 -m
ipvsadm -a -t 192.168.1.10:80 -r 172.16.1.12:80 -m
real server#
real server 01#
ip link set ens3 up
ip addr add 172.16.1.11/24 dev ens3
ip route add default via 172.16.1.1 dev ens3
部署服务
apt-get install -y nginx
echo "<h1>Hello, This is Real01 Node</h1>" > /var/www/html/index.nginx-debian.html
# 启动服务
systemctl start nginx
real server 02#
ip link set ens3 up
ip addr add 172.16.1.12/24 dev ens3
ip route add default via 172.16.1.1 dev ens3
部署服务
apt-get install -y nginx
echo "<h1>Hello, This is Real02 Node</h1>" > /var/www/html/index.nginx-debian.html
# 启动服务
systemctl start nginx
验证#
测试访问,建议使用curl、wget命令;浏览器缓存或TCP连接未超时因素,会导致持续显示同一个real server。
root@debian:~# ipvsadm -L -n
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.1.10:80 rr
-> 172.16.1.11:80 Masq 1 0 0
-> 172.16.1.12:80 Masq 1 0 0
real server访问互联网#
director 增加一条 iptables SNAT 规则;real server 可以访问互联网,安装部署软件。
# IP模式
iptables -t nat -A POSTROUTING --source 172.16.1.0/24 -o ens4 -j SNAT --to-source 192.168.1.10
# MASQUERADE模式
iptables -t nat -A POSTROUTING --source 172.16.1.0/24 -o ens4 -j MASQUERADE
