负载均衡集群LVS
LVS/NATLVS-NAT基于cisco的LocalDirector。VS/NAT不需要在RealServer上做任何设置,其只要能提供一个tcp/ip的协议栈即可,甚至其无论基于什么OS。基于VS/NAT,所有的入站数据包均由Director进行目标地址转换后转发至内部的RealServer,RealServer响应的数据包再由Director转换源地址后发回客户端。
LVS/NAT模式不能与netfilter兼容,因此,不能将LVS/NAT模式的Director运行在netfilter的保护范围之中。现在已经有补丁可以解决此问题,但尚未被整合进ip_vs code。
实验模型
http://s3.运维网.com/wyfs02/M00/57/36/wKioL1SVJVjyZLeBAAEKFpA0KHo048.jpg
实验平台:
1、本次实验在虚拟机vm上完成,使用系统为RHEL 5.8,
2、在director主机上,eth0网卡使用桥接模式,eth1网卡使用仅主机模式;real server全部使用仅主机模式。
实验步骤如下:
这里以web服务为例
1、director配置如下:
##打开路由转发功能
#echo 1>/proc/sys/net/ipv4/ip_forward
# ifconfig eth0 172.16.1.1/24 up
# ifconfig eth1 192.168.0.1/24 up
##添加规则
#ipvsadm-A-t172.16.1.1:80-srr
#ipvsadm-a-t172.16.1.1:80-r 192.168.0.100-m-w1
#ipvsadm-a-t 172.16.1.1:80-r192.168.0.200-m-w 1
2、real server1配置如下:
#ifconfigeth0 192.168.0.100/24up
#route add default gw192.168.0.1 dev eth0
3、real server2配置如下:
#ifconfigeth0 192.168.0.200/24up
#route add default gw192.168.0.1 dev eth0
LVS/NAT服务控制脚本如下:
#!/bin/bash
#
# chkconfig: - 88 12
# description: LVS script for VS/NAT
#
. /etc/rc.d/init.d/functions
#
VIP=172.16.1.1
DIP=192.168.0.1
RIP1=192.168.0.100
RIP2=192.168.0.200
#
case "$1" in
start)
/sbin/ifconfig eth0$VIP netmask 255.255.255.0 up
/sbin/ifconfig eth1$DIP netmask 255.255.255.0 up
# Since this is the Director we must be able to forward packets
echo 1 > /proc/sys/net/ipv4/ip_forward
# Clear all iptables rules.
/sbin/iptables -F
# Reset iptables counters.
/sbin/iptables -Z
# Clear all ipvsadm rules/services.
/sbin/ipvsadm -C
# Add an IP virtual service for VIP 192.168.0.219 port 80
# In this recipe, we will use the round-robin scheduling method.
# In production, however, you should use a weighted, dynamic scheduling method.
/sbin/ipvsadm -A -t $VIP:80 -s rr
# Now direct packets for this VIP to
# the real server IP (RIP) inside the cluster
/sbin/ipvsadm -a -t $VIP:80 -r $RIP1 -m
/sbin/ipvsadm -a -t $VIP:80 -r $RIP2 -m
/bin/touch /var/lock/subsys/ipvsadm.lock
;;
stop)
# Stop forwarding packets
echo 0 > /proc/sys/net/ipv4/ip_forward
# Reset ipvsadm
/sbin/ipvsadm -C
# Bring down the VIP interface
ifconfig eth0down
rm -rf /var/lock/subsys/ipvsadm.lock
;;
status)
[ -e /var/lock/subsys/ipvsadm.lock ] && echo "ipvs is running..." || echo "ipvsadm is stopped..."
;;
*)
echo "Usage: $0 {start|stop}"
;;
esac
页:
[1]