LVS BAT模式搭建
更改主机名:
hostnamectl set-hostname centos7-three
bash
准备工作
• 三台机器
• 分发器,也叫调度器(简写为dir)
• 内网:172.16.161.130,外网:172.16.138.128(vmware仅主机模式)
• rs1
• 内网:172.16.161.131,设置网关为 172.16.161.2 route -n 查看网关
• Mac fustion虚拟机默认配置好,无需配置,window下的虚拟机需要编辑配置文件,配置ip
vim /etc/sysconfig/network-scripts/ifcfg-eth0
systemctl restart network
• rs2
• 内网:172.16.161.132,设置网关为 172.16.161.2
• 三台机器上都执行执行
• systemctl stop firewalld; systemc disable firewalld
• 安装iptables yum install -y iptables-service
• systemct enable iptables
• systemctl start iptables
• iptables -F; service iptables save ;查看规则iptables -nvL;
• 关闭selinux setenforce ;永久关闭selinuxvim /etc/selinux/config selinux=disabled
NAT模式搭建
• 在dir上安装ipvsadm
• yum install -y ipvsadm
• 在dir上编写脚本,vim /usr/local/sbin/lvs_nat.sh//内容如下
#! /bin/bash
# director 服务器上开启路由转发功能
echo > /proc/sys/net/ipv4/ip_forward
# 关闭icmp的重定向
echo > /proc/sys/net/ipv4/conf/all/send_redirects
echo > /proc/sys/net/ipv4/conf/default/send_redirects
# 注意区分网卡名
echo > /proc/sys/net/ipv4/conf/ens33/send_redirects
echo > /proc/sys/net/ipv4/conf/ens34/send_redirects
# director 设置nat防火墙
iptables -t nat -F
iptables -t nat -X
#MASQUERADE 让同网段的内网上网
iptables -t nat -A POSTROUTING -s 172.16.161.130/ -j MASQUERADE
# director设置ipvsadm
IPVSADM='/usr/sbin/ipvsadm'
$IPVSADM -C
$IPVSADM -A -t 172.16.138.128: -s rr
$IPVSADM -a -t 172.16.138.128: -r 172.16.161.131: -m -w
$IPVSADM -a -t 172.16.138.128: -r 172.16.161.132: -m -w
sh /usr/local/sbin/lvs_nat.sh 执行一下看是否有错误
NAT 效果测试
• 两台rs上都安装nginx
• 设置两台rs的主页,做一个区分,也就是说直接curl两台rs的ip时,得到不同的结果
• 浏览器里访问192.168.0.,多访问几次看结果差异
[root@CentOS7 ~]# vim /usr/local/nginx/html/index.html
[root@CentOS7 ~]# curl localhost
xiaobo01
[root@CentOS7_two ~]# vim /usr/share/nginx/html/index.html
[root@CentOS7_two ~]# curl localhost
xiaobo02
[root@CentOS7_three conf]# vim /usr/local/nginx/html/index.html
[root@CentOS7_three conf]# curl localhost
xiaobo03
效果:
xiaobo02
[root@localhost ~]# curl 172.16.138.128
xiaobo03
[root@localhost ~]# curl 172.16.138.128
xiaobo02
[root@localhost ~]# curl 172.16.138.128
xiaobo03
[root@localhost ~]# curl 172.16.138.128
xiaobo02
[root@localhost ~]# curl 172.16.138.128
xiaobo03
[root@localhost ~]# curl 172.16.138.128
xiaobo02
[root@localhost ~]# curl 172.16.138.128
xiaobo03
[root@localhost ~]# curl 172.16.138.128
xiaobo02
[root@localhost ~]# curl 172.16.138.128
xiaobo03
[root@localhost ~]# curl 172.16.138.128