[系统运维]lvs 代理三种模式

1.tunnel模式

四台服务器：

DR=192.168.84.130
VIP=192.168.84.199
RIP1=192.168.84.131
RIP2=192.168.84.132
RIP3=192.168.0.102

lvs服务器脚本：

#!/bin/bash
#lvs script(tunnel mode)
DR=192.168.84.130
VIP=192.168.84.199
RIP1=192.168.84.131
RIP2=192.168.84.132
RIP3=192.168.0.102
ifconfig ens33:0  $VIP broadcast $VIP netmask 255.255.255.255 up
route add -host $VIP dev ens33:0
echo "1" > /proc/sys/net/ipv4/ip_forward
/sbin/iptables -F
/sbin/ipvsadm -C
/sbin/ipvsadm -A -t $VIP:80 -s rr
/sbin/ipvsadm -a -t $VIP:80 -r $RIP1:80 -i
/sbin/ipvsadm -a -t $VIP:80 -r $RIP2:80 -i
/sbin/ipvsadm -a -t $VIP:80 -r $RIP3:80 -i
/sbin/ipvsadm
;;
stop)
echo "stop LVS TUN"
echo "0" > /proc/sys/net/ipv4/ip_forward
/sbin/ipvsadm -C
/sbin/ifconfig eth0:0 down
;;
*)
echo :Usage:$0{start|stop}
exit 1
esac

后端真实服务器

#!/bin/bash
#lvs script(dr mode)
VIP=192.168.84.199
case "$1" in
start)
ifconfig tunl0 $VIP broadcast $VIP netmask 255.255.255.255 up
route add -host $VIP dev tunl0
echo "1" > /proc/sys/net/ipv4/conf/tunl0/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/tunl0/arp_announce
echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce
echo "0" >/proc/sys/net/ipv4/conf/tunl0/rp_filter
sysctl -p
;;
stop)
echo "stop LVS TUN"
/sbin/ifconfig tunl0 down
echo "0" > /proc/sys/net/ipv4/conf/tunl0/arp_ignore
echo "0" > /proc/sys/net/ipv4/conf/tunl0/arp_announce
echo "0" > /proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" > /proc/sys/net/ipv4/conf/all/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/tunl0/rp_filter
;;
*)
echo :Usage:$0{start|stop}
exit 1
esac

客户机访问的是DR

2.LVS的NAT模式

DR有两块网卡

DR：192.168.0.102

? ? ? ? ?192.168.84.130

RIP1：192.168.84.131

RIP2：192.168.84.132

lvs服务器脚本：

#!/bin/bash
#describe:lvs NAT模式
F=192.168.0.0/24
DROUT=192.168.0.103
DRIN=192.168.84.130
RIP1=192.168.84.131
RIP2=192.168.84.132
#开启路由转发功能
case "$1" in
start)
echo  1  > /proc/sys/net/ipv4/ip_forward
ipvsadm -A -t $DROUT:80  -s   rr
ipvsadm -a -t $DROUT:80 -r $RIP1:80 -m
ipvsadm -a -t $DROUT:80 -r $RIP2:80 -m
echo "$1成功"
;;
stop)
echo 0 >/proc/sys/net/ipv4/ip_forward
ipvsadm -C
echo "$1成功"
;;
*)
echo "输入有误，请输入 start|stop"
esac

RS脚本

F=192.168.0.0/24
DROUT=192.168.0.102
DRIN=192.168.84.130
RIP1=192.168.84.131
RIP2=192.168.84.132
case "$1" in
start)
route add -net $F gw $DRIN
echo "$1成功"
;;
stop)
route del -net $F
echo "$1成功"
;;
*)
exit
esac

3.LVS 的DR模式

DIP=192.168.84.130
VIP=192.168.84.190
RIP1=192.168.84.131
RIP2=192.168.84.132
?

lvs代理服务器脚本?

#!/bin/bash
#describe:lvs DR模式
DIP=192.168.84.130
VIP=192.168.84.110
RIP1=192.168.84.131
RIP2=192.168.84.132
case $1 in
start)
#添加VIP
ifconfig ens33:0 $VIP  broadcast 192.168.31.255 netmask 255.255.255.0 up
route add -host $VIP dev ens33:0
#设置路由转发
cat /etc/sysctl.conf <<EOF
#开启路由功能
net.ipv4.ip_forward = 1                
#禁止转发重定向报文
net.ipv4.conf.all.send_redirects = 0
#禁止ens33转发重定向报文
net.ipv4.conf.ens33.send_redirects = 0
#禁止转发默认重定向报文
net.ipv4.conf.default.send_redirects = 0
EOF

ipvsadm -C
ipvsadm -A -t  $VIP:80 -s rr
ipvsadm -a -t  $VIP:80 -r $RIP1:80 -g
ipvsadm -a -t  $VIP:80 -r $RIP2:80 -g

#LVS让配置永久生效
ipvsadm-save > /etc/sysconfig/ipvsadm
systemctl enable ipvsadm
systemctl restart ipvsadm
echo "$1成功"
;;
stop)
ifconfig ens33:0 down
sed -ri 's/1/0/g' /etc/sysctl.conf
ipvsadm -C
echo "$1成功"
;;
*)
echo "请输入start/stop"
esac

RS配置

#!/bin/bash
#describe:RS配置DR模式
DIP=192.168.84.130
VIP=192.168.84.190
RIP1=192.168.84.131
RIP2=192.168.84.132
case $1 in
start)
ifconfig lo:0 192.168.84.190/32
#忽略arp响应 ,不允许收
echo 1 >/proc/sys/net/ipv4/conf/all/arp_ignore
#为了让vip发包出去，但允许发
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
echo "$1成功"
;;
stop)
ifconfig lo:0 down
echo 0 >/proc/sys/net/ipv4/conf/all/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce
echo "$1成功"
;;
*)
echo "请输入start/stop"
exit
esac

客户机访问的是VIP