一、架构
director:172.28.18.69 vip:172.28.18.70
real server1:172.28.18.71
real server2:172.28.18.78
二、两台real server上安装nginx
配置nginx yum源
[root@localhost ~]# vim /etc/yum.repos.d/nginx.repo [nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/7/$basearch/
gpgcheck=
enabled=
安装
[root@localhost ~]# yum install -y nginx
查看
[root@localhost ~]# whereis nginx
nginx: /usr/sbin/nginx /usr/lib64/nginx /etc/nginx /usr/share/nginx /usr/share/man/man8/nginx..gz
[root@localhost ~]#
配置文件
查看默认根目录页面地址
[root@localhost ~]# vim /etc/nginx/conf.d/default.conf
server {
listen ;
server_name localhost;
#charset koi8-r;
#access_log /var/log/nginx/host.access.log main;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
编辑/usr/share/nginx/html/index.html
加上本机IP地址,在测试负载均衡的时候,才知道分发到了哪台real server上
[root@localhost ~]# vim /usr/share/nginx/html/index.html <!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!-</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p> <p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p> <p><em>Thank you for using nginx.</em></p>
</body>
</html>
保存、退出
启动nginx
[root@localhost conf.d]# nginx -c /etc/nginx/nginx.conf
可以显示IP了,同样172.28.18.78的服务器也安装和配置nginx
三、在172.28.18.69上安装ipvsadm
[root@localhost mysql-5.7.]# yum install -y ipvsadm
已加载插件:fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.tuna.tsinghua.edu.cn
* extras: mirrors.huaweicloud.com
* updates: mirrors.tuna.tsinghua.edu.cn
base | 3.6 kB ::
extras | 3.4 kB ::
updates | 3.4 kB ::
正在解决依赖关系
--> 正在检查事务
---> 软件包 ipvsadm.x86_64.0.1.-.el7 将被 安装
--> 解决依赖关系完成 依赖关系解决 ===========================================================================================================
Package 架构 版本 源 大小
===========================================================================================================
正在安装:
ipvsadm x86_64 1.27-.el7 base k 事务概要
===========================================================================================================
安装 软件包 总下载量: k
安装大小: k
Downloading packages:
ipvsadm-1.27-.el7.x86_64.rpm | kB ::
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
警告:RPM 数据库已被非 yum 程序修改。
** 发现 个已存在的 RPM 数据库问题, 'yum check' 输出如下:
:postfix-2.10.-.el7.x86_64 有缺少的需求 libmysqlclient.so.()(64bit)
:postfix-2.10.-.el7.x86_64 有缺少的需求 libmysqlclient.so.(libmysqlclient_18)(64bit)
正在安装 : ipvsadm-1.27-.el7.x86_64 /
验证中 : ipvsadm-1.27-.el7.x86_64 / 已安装:
ipvsadm.x86_64 :1.27-.el7 完毕!
四、配置虚拟服务器
[root@director ~]# ipvsadm -A -t 172.28.18.70: -s rr
增加一个虚拟服务器 172.28.18.69, -A:增加一个虚拟服务器 -t:tcp协议 -s:分发算法 rr 轮询
五、增加后端实际服务器
[root@director home]# ipvsadm -a -t 172.28.18.70: -r 172.28.18.71: -i -w
[root@director home]# ipvsadm -a -t 172.28.18.70: -r 172.28.18.78: -i -w
-a :增加后端服务器 -t:对应的虚拟服务器IP -r :对应的后端服务器IP -i: lvs-tun模式 -w:权重
六、查看配置规则
[root@director home]# ipvsadm -Ln
IP Virtual Server version 1.2. (size=)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.28.18.70: rr
-> 172.28.18.71: Tunnel
-> 172.28.18.78: Tunnel
七、设置director分发器的虚拟IP到设备em1:0
[root@director home]# ip addr add 172.28.18.70 dev em1:
八、在后端服务器上加载ipip模块
加载ipip模块后,就会有默认的tunl0隧道
1、查看是否有tunl0隧道
[root@localhost conf]# lsmod|grep ipip
[root@localhost conf]#
没有ipip模块,加载ipip模块
[root@localhost conf]# modprobe ipip
再查看,有了
[root@localhost conf]# lsmod|grep ipip
ipip
tunnel4 ipip
ip_tunnel ipip
ip a ,查看tunl0也有了
[root@server- html]# ip a
: lo: <LOOPBACK,UP,LOWER_UP> mtu qdisc noqueue state UNKNOWN group default qlen
link/loopback ::::: brd :::::
inet 127.0.0.1/ scope host lo
valid_lft forever preferred_lft forever
inet6 ::/ scope host
valid_lft forever preferred_lft forever
: em1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu qdisc mq state UP group default qlen
link/ether :b1:1c::be: brd ff:ff:ff:ff:ff:ff
inet 172.28.18.78/ brd 172.28.18.79 scope global noprefixroute em1
valid_lft forever preferred_lft forever
inet6 fe80::e6fb:2cb7::/ scope link noprefixroute
valid_lft forever preferred_lft forever
: em2: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu qdisc mq state DOWN group default qlen
link/ether :b1:1c::be:0a brd ff:ff:ff:ff:ff:ff
inet 192.168.18.103/ brd 192.168.18.255 scope global noprefixroute em2
valid_lft forever preferred_lft forever
inet6 fe80:::91de::a505/ scope link tentative
valid_lft forever preferred_lft forever
: tunl0@NONE: <NOARP> mtu qdisc noop state DOWN group default qlen
link/ipip 0.0.0.0 brd 0.0.0.0
九、在后端服务器上配置虚拟IP绑定tunl0
[root@localhost conf]# ip addr add 172.28.18.70 dev tunl0
十、在后端服务器上配置关闭ARP转发
net.ipv4.conf.tunl0.arp_ignore =
net.ipv4.conf.tunl0.arp_announce =
net.ipv4.conf.all.arp_ignore =
net.ipv4.conf.all.arp_announce =
net.ipv4.conf.tunl0.rp_filter =
net.ipv4.conf.all.rp_filter =
[root@localhost conf]# sysctl -p