目录
一、NAT地址转换模式
1、实验环境
分析:
客户端的请求经过LVS后负载均衡,分配到指定服务器处理,处理结果返回时还是会经过LVS负载均衡器返回给client端的。?
需要一台win10 虚拟机
一台linux系统服务器作为LVS负载均衡器
二台linux系统服务器作为httpd1和httpd2
数据流向:
client (cip) 请求,通过vmnet1到达负载均衡器lvs的ens36网卡接口,通过建立虚拟主机来进行传输,配置ipvsadm,到达后端真实服务器,通过轮询来分配。(lvs 的ens36地址为client的网关,lvs 的ens33地址为后端真实服务器网关)
httpd1或者httpd2处理完请求以后返回数据,到达负载均衡器LVS的ens33,通过iptables的SNAT规则,将数据转发到ens36。最后到达Client端。
2、实验部署
1、给LVS新增一张类型为vmnet1的网卡
2、配置ens36网卡信息
[root@zwb_lvs ~]# cd /etc/sysconfig/network-scripts/
[root@zwb_lvs network-scripts]# cp ifcfg-ens33 ifcfg-ens36
[root@zwb_lvs network-scripts]# vim ifcfg-ens36
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens36
DEVICE=ens36
ONBOOT=yes
IPADDR=192.168.68.100
PREFIX=24
#GATEWAY=192.168.159.2
#DNS1=114.114.114.114
IPV6_PRIVACY=no
[root@zwb_lvs network-scripts]# systemctl restart network
[root@zwb_lvs network-scripts]# ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.159.159 netmask 255.255.255.0 broadcast 192.168.159.255
inet6 fe80::ce01:2f86:7a80:ce3c prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:66:d9:2f txqueuelen 1000 (Ethernet)
RX packets 24625 bytes 28528244 (27.2 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 7944 bytes 758397 (740.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ens36: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.68.100 netmask 255.255.255.0 broadcast 192.168.68.255
inet6 fe80::a234:2aee:5c0c:10a9 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:66:d9:39 txqueuelen 1000 (Ethernet)
RX packets 3 bytes 276 (276.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 24 bytes 3701 (3.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
##编译安装Nginx
[root@zwb_lvs opt]#yum -y install gcc gcc-c++ pcre-devel zlib-devel make ##环境安装
[root@zwb_lvs opt]#tar zxvf nginx-1.15.9.tar.gz -C ##提前把安装包放到opt下
[root@zwb_lvs opt]# ls
nginx-1.15.9 nginx-1.15.9.tar.gz rh
[root@zwb_lvs opt]# cd nginx-1.15.9/
[root@zwb_lvs nginx-1.15.9]# ./configure \ ##初始化
> --prefix=/usr/local/nginx \
> --user=nginx \
> --group=nginx \
> --with-http_stub_status_module
[root@zwb_lvs nginx-1.15.9]# make && make install ### 编译安装
[root@zwb_lvs nginx-1.15.9]# ln -s /usr/local/nginx/sbin/* /usr/local/sbin/ ##优化环境变量
[root@zwb_lvs nginx-1.15.9]# useradd -M -s /sbin/nologin nginx ##创建程序管理用户
[root@zwb_lvs nginx-1.15.9]# vim /usr/lib/systemd/system/nginx.service ##优化,添加
##nginx.service
[Unit]
Description=nginx
After=network.target
[Service]
Type=forking
PIDFile =/usr/local/nginx/logs/nginx.pid
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/bin/kill -s HUP $MAINPID
ExecStop=/bin/kill -s QUIT $MAINPID
PrivateTmp=true
[Install]
WantedBy=multi-user.target
:wq
[root@zwb_lvs nginx-1.15.9]# chmod 754 /lib/systemd/system/nginx.service ##给与权限
[root@zwb_lvs nginx-1.15.9]# systemctl status nginx.service ####开启nginx服务
● nginx.service - nginx
Loaded: loaded (/usr/lib/systemd/system/nginx.service; disabled; vendor preset: disabled)
Active: inactive (dead)
[root@zwb_lvs nginx-1.15.9]# systemctl start nginx.service
[root@zwb_lvs nginx-1.15.9]# systemctl status nginx.service
● nginx.service - nginx
Loaded: loaded (/usr/lib/systemd/system/nginx.service; disabled; vendor preset: disabled)
Active: active (running) since 一 2022-09-12 14:58:07 CST; 2s ago
Process: 23341 ExecStart=/usr/local/nginx/sbin/nginx (code=exited, status=0/SUCCESS)
....................................
3、配置httpd1和httd2
?①httpd1
[root@zwb-pxe ~]# hostnamectl set-hostname zwb_httpd1 #### 改主机名
[root@zwb-pxe ~]# su
[root@zwb_httpd1 ~]# yum -y install httpd ###安装httpd服务
.......................................
[root@zwb_httpd1 ~]# rpm -q httpd
httpd-2.4.6-97.el7.centos.5.x86_64
[root@zwb_httpd1 ~]# systemctl start httpd ###开启httpd服务
[root@zwb_httpd1 ~]# systemctl status httpd ###查看状态
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled)
Active: active (running) since 四 2022-09-08 01:53:55 CST; 25s ago
.........................................
[root@zwb_httpd1 ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens33 ###修改网卡信息
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens33
UUID=d78d9180-d8c7-4d65-86fb-5364e4cf736b
DEVICE=ens33
ONBOOT=yes
IPV6_PRIVACY=no
DNS1=114.114.114.114
IPADDR=192.168.159.100
PREFIX=24
GATEWAY=192.168.159.159
[root@zwb_httpd1 ~]# cd /var/www/html/
[root@zwb_httpd1 html]# ls
[root@zwb_httpd1 html]# vim index.html ##修改网站主页内容
this is httpd1
②httpd2
[root@zwb ~]# hostnamectl set-hostname zwb_httpd2
[root@zwb ~]# su
[root@zwb_httpd2 ~]# yum -y install httpd
[root@zwb_httpd2 ~]# systemctl start httpd
[root@zwb_httpd2 ~]# systemctl status httpd.service
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled)
Active: active (running) since 四 2022-09-08 01:55:20 CST; 6min ago
..................................
[root@zwb_httpd2 ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens33
DEVICE=ens33
IPV6INIT=yes
BOOTPROTO=none
UUID=1b12a726-f53a-4faf-a198-af9308140a56
ONBOOT=yes
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
NAME=ens33
IPADDR=192.168.159.10
PREFIX=24
GATEWAY=192.168.159.159
[root@zwb_httpd2 ~]# vim /var/www/html/index.html
this is httpd24、配置LVS负载均衡器
#需要提前安装Nginx,之前的博客有手工编译安装nginx.
[root@zwb_lvs etc]# vim /etc/sysctl.conf
........................
net.ipv4.ip_forward=1 ###开启转发功能
[root@zwb_lvs network-scripts]# sysctl -p ####刷新配置
net.ipv4.ip_forward = 1
[root@zwb_lvs network-scripts]# yum -y install iptables-services.x86_64 ####iptables更新
[root@zwb_lvs network-scripts]# iptables -t nat -L ###查看iptables 的NAT表的规则
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
RETURN all -- 192.168.122.0/24 base-address.mcast.net/24
RETURN all -- 192.168.122.0/24 255.255.255.255
MASQUERADE tcp -- 192.168.122.0/24 !192.168.122.0/24 masq ports: 1024-65535
MASQUERADE udp -- 192.168.122.0/24 !192.168.122.0/24 masq ports: 1024-65535
MASQUERADE all -- 192.168.122.0/24 !192.168.122.0/24
[root@zwb_lvs network-scripts]# iptables -F ##清空iptables规则
[root@zwb_lvs network-scripts]# iptables -t nat -A POSTROUTING -s 192.168.159.0/24 -o ens36 -j SNAT --to-source 192.168.68.100
[root@zwb_lvs network-scripts]# systemctl start iptables.service ###开启iptables
[root@zwb_lvs network-scripts]# modprobe ip_vs
[root@zwb_lvs network-scripts]# cat /proc/net/ip_vs
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
[root@zwb_lvs network-scripts]# yum -y install ipvsadm
[root@zwb_lvs network-scripts]# ipvsadm-save > /etc/sysconfig/ipvsadm ##先做这个,不然
###ipvsadm无法启动,加载ipvsadm的规则
[root@zwb_lvs network-scripts]# ipvsadm -C ##清空原有策略
[root@zwb_lvs network-scripts]# ipvsadm -A -t 192.168.68.100:80 -s rr
##-A:添加一个虚拟主机,指定虚拟主机的端口及ip
[root@zwb_lvs network-scripts]# ipvsadm -a -t 192.168.68.100:80 -r 192.168.159.10:80 -m -w 1 ## -a:添加真实服务器,指定真实服务器的端口及ip -m:使用NAT集群模式 -w:权重
[root@zwb_lvs network-scripts]# ipvsadm -a -t 192.168.68.100:80 -r 192.168.159.100:80 -m -w 1
[root@zwb_lvs network-scripts]# ipvsadm ###开启ipvsadm
[root@zwb_lvs network-scripts]# ipvsadm -ln ###查看现有ipvsadm规则
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.68.100:80 rr
-> 192.168.159.10:80 Masq 1 0 0
-> 192.168.159.100:80 Masq 1 0 0
[root@zwb_lvs network-scripts]# ipvsadm-save > /etc/sysconfig/ipvsadm ###保存现有ipvsadm
##规则
[root@zwb_lvs ~]# cat /etc/sysconfig/ipvsadm
-A -t zwb_lvs:http -s rr
-a -t zwb_lvs:http -r 192.168.159.10:http -m -w 1
-a -t zwb_lvs:http -r 192.168.159.100:http -m -w 1
5、开启win10 虚拟机
修改为vmnet1 模式
修改ip
6、验证
刷新
?