负载均衡：LVS

cxwpf200

负载均衡：LVS-NAT实现：
实验环境：
1 三台RHEL5.4虚拟机，二台作安装好web作为后端Realserver，另一台作为Director，Realserver的网关都指向Director，
2 Director上需要二个网卡，一个公网地址向外提供服务，一个内网地址可以是私有地址与Realserver通信。Director上开启路由转发功能。
3 Realserver ip 192.168.0.55/192.168.0.56，网关192.168.0.100
  Director ip 外网卡：10.0.0.10，内网卡192.168.0.100

配置好Realserver上的ip和网关，开启web服务，主要在Director上配置
ipvsadm -A -t 10.0.0.10:80 -s wlc     ipvsadm -a -t 10.0.0.10：80 -r 192.168.0.55 -m -w 2   
    ipvsadm -a -t 10.0.0.10：80 -r 192.168.0.56 -m -w 5
vim /etc/sysctl
net.ipv4.ip_forward = 1 #开启路由转发
sysctl -p            #重新读取配置文件
用一个客户机直接访问 http://10.0.0.10

LVM-nat的脚本

#!/bin/bash
# case “$1”in
start)
    ipvsadm -A -t 192.168.0.83:80 -s wlc
    ipvsadm -a -t 192.168.0.83:80 -r 192.168.10.6 -m -w 2   
    ipvsadm -a -t 192.168.0.83:80 -r 192.168.10.7 -m -w 5 ;;
stop)
    ipvsadm –C ;;
status)
    ipvadm -Ln ;;
esac
ipvsadm –Ln 查看所有连接 ipvsadm –E 192.168.0.83::80 –s wrr (基于权重，权重大的连接将多)

负载均衡 LVS-DR server
实验环境：
1 三台RHEL5.4虚拟机，二台作安装好web作为后端Realserver，另一台作为Director
2 Director上需要一个网卡，地址都为公网地址，VIP必须是公网地址，RIP可以是私网地址但要与Director通信时要进行解析。所以这里全部使用公网地址，不需要指定网关
Director上开启路由转发功能。
3 Realserver ip 192.168.0.55/192.168.0.56，
  Director ip 192.168.0.100 VIP 192.168.0.200

当客户端发出请求时reserver都会响应，为避免realserver都响应可以：
1 通过防火墙不让arp数据包进来
2 linux内核有二个参数，配置完后避免arp请求


配置过程：
在两个Rserver上各配置vip
ifconfig lo:0 192.168.0.200 broadcast 192.168.0.200 netmask 255.255.255.255 up
在二个Rserver上配置路由信息通过lo:0接口才出去
route add -host 192.168.0.200 dev lo:0
在二个web服务器上做地址隐藏 vim /etc/sysctl.conf
vim /etc/sysctl.conf 地址隐藏
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
sysctl -p 重新读取配置文件
Directory上配置
ifconfig eth0:0 192.168.0.100 broadcast 192.168.0.100 netmask 255.255.255.255 up
ipvsadm -A -t 192.168.0.200:80 -s wlc
ipvsadm -a -t 192.0.200:80 -r 192.168.0.55 -g -w 5
ipvsadm -a -t 192.0.200:80 -r 192.168.0.56 -g -w 8
server ipvsadm save
二个Realserver可以通过一个nfs服务器共享网站资源，是二个Realserver的网站内容同步提供同样的网站内容
配置完成后直接通过：http://192.168.0.200访问网站

Director脚本:
#!/bin/bash
# LVS script for VS/DR
. /etc/rc.d/init.d/functions
VIP=192.168.0.200
RIP1=192.168.0.55
RIP2=192.168.0.56
PORT=80
case "$1" in
start)           
/sbin/ifconfig eth0:1 $VIP broadcast $VIP netmask 255.255.255.255 up
/sbin/route add -host $VIP dev eth0:1
# Since this is the Director we must be able to forward packets
echo 1 > /proc/sys/net/ipv4/ip_forward
# Clear all iptables rules.
/sbin/iptables -F
# Reset iptables counters.
/sbin/iptables -Z
# Clear all ipvsadm rules/services.
/sbin/ipvsadm -C
# Add an IP virtual service for VIP 192.168.0.200 port 80
# In this recipe, we will use the round-robin scheduling method.
# In production, however, you should use a weighted, dynamic scheduling method.
/sbin/ipvsadm -A -t $VIP:80 -s wlc
# Now direct packets for this VIP to
# the real server IP (RIP) inside the cluster
/sbin/ipvsadm -a -t $VIP:80 -r $RIP1 -g -w 1
/sbin/ipvsadm -a -t $VIP:80 -r $RIP2 -g -w 2

/bin/touch /var/lock/subsys/ipvsadm &> /dev/null
;;
stop)
# Stop forwarding packets
echo 0 > /proc/sys/net/ipv4/ip_forward
# Reset ipvsadm
/sbin/ipvsadm -C
# Bring down the VIP interface
/sbin/ifconfig eth0:1 down
/sbin/route del $VIP
/bin/rm -f /var/lock/subsys/ipvsadm
echo "ipvs is stopped..."
;;
status)
if [ ! -e /var/lock/subsys/ipvsadm ]; then
    echo "ipvsadm is stopped ..."
else
    echo "ipvs is running ..."
    ipvsadm -L -n
fi
;;
*)
echo "Usage: $0 {start|stop|status}"
;;
esac


RealServer脚本:
#!/bin/bash
# Script to start LVS DR real server.
# description: LVS DR real server
. /etc/rc.d/init.d/functions
VIP=192.168.0.200
host=`/bin/hostname`
case "$1" in
start)
       # Start LVS-DR real server on this machine.
        /sbin/ifconfig lo down
        /sbin/ifconfig lo up
        echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
        echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
        echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
        echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
        /sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up
        /sbin/route add -host $VIP dev lo:0
;;
stop)
        # Stop LVS-DR real server loopback device(s).
        /sbin/ifconfig lo:0 down
        echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore
        echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce
        echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore
        echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce
;;
status)
        # Status of LVS-DR real server.
        islothere=`/sbin/ifconfig lo:0 | grep $VIP`
        isrothere=`netstat -rn | grep "lo:0" | grep $VIP`
        if [ ! "$islothere" -o ! "isrothere" ];then
            # Either the route or the lo:0 device
            # not found.
            echo "LVS-DR real server Stopped."
        else
            echo "LVS-DR real server Running."
        fi
;;
*)
            # Invalid entry.
            echo "$0: Usage: $0 {start|status|stop}"
            exit 1
;;
esac