DIP:调度器的IP地址
RIP:后台真实服务器(realserver)的IP地址
VIP:就是用于服务提供的虚拟IP
LVS的DR模式比较其NAT模式复杂,也不容易实现,因为这种模式更接近与基于硬件的负载均衡,虽然性能较硬件的负载均衡调度还有差距,但是与NAT和TUN模式性能有了较大的提高,其要求调度器和realserver在同一个网段内(可以使用交换机相连,当然也可以基于IP的网络连接),在这里调度器上仅仅使用一张网卡即可,DIP是否等于VIP都可以,DT模式最大的优势在于对服务质量的大幅提高,同时应采取相关的设置对realserver上ARP做的某些限制。
具体实现过程可以这么来说:
1、客户端发来请求报文到调度器,调度器接到分包不做深入的处理,仅仅把目标MAC地址根据算法修改成realserver pool里的某台真实服务器的MAC地址,同时在缓存一份连接记录(确保此次连接的所有报文都传到同一台realserver上)
2、Realserver接到报文,根据要求做相关的处理,处理结束之后,根据自身网卡绑定的VIP地址,改写报文的源、目标地址,直接把报文回复给客户端,而不再经过调度器,在客观上减轻了调度器的负担。
实验的平台三台VM下linux服务器主机(CentOS 7.5,内核是3.6版本的是默认支持LVS的,所以不需要重新编译内核,可以直接使用),其中一台用作调度器,另外两台用作realserver。
第一:在调度器上的设置:
[root@localhost ~]# yum -y install ipvsadm //安装LVS管理工具
[root@localhost ~]# ifconfig //查看初始的网卡信息(这里仅仅采用一张网卡)
eth0 Link encap:Ethernet HWaddr 00:0C:29:09:22:5D
inet addr:192.168.1.196 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe09:225d/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:17657 errors:0 dropped:0 overruns:0 frame:0
TX packets:17945 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:7404853 (7.0 MiB) TX bytes:10817894 (10.3 MiB)
Interrupt:169 Base address:0x2000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:88 errors:0 dropped:0 overruns:0 frame:0
TX packets:88 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:6797 (6.6 KiB) TX bytes:6797 (6.6 KiB)
[root@localhost ~]# vi /etc/init.d/lvsdr //编写集群管理脚本,当然你也可以自己逐条添加
#!/bin/bash
#description:start LVS of Directorserver DR
VIP=192.168.1.200
RIP1=192.168.1.193
RIP2=192.168.1.195
#./etc/rc.d/init.d/functions
case "$1" in
start)
echo "start LVS of DirectorServer DR"
/sbin/ifconfig eth0:0 $VIP broadcast $VIP netmask 255.255.255.255 up
/sbin/route add -host $VIP dev eth0:0
echo "1">/proc/sys/net/ipv4/ip_forward
/sbin/ipvadm -C
/sbin/ipvsadm -A -t $VIP:80 -s rr //仍然是轮度算法
/sbin/ipvsadm -a -t $VIP:80 -r $RIP1 –g //-g表示采用直接路由模式
/sbin/ipvsadm -a -t $VIP:80 -r $RIP2 -g
/sbin/ipvsadm
;;
stop)
echo "stop LVS of DirectorServer DR"
echo "0" >/proc/sys/net/ipv4/ip_forward
/sbin/ipvsadm -C
/sbin/ifconfig eth0:0 down
;;
*)
echo "Usage:$0{start|stop}"
exit 1
esac
[root@localhost ~]# chmod a+x /etc/init.d/lvsndr //加可执行权限
[root@localhost ~]# /etc/init.d/lvsdr start
start LVS of DirectorServer DR
/etc/init.d/lvsdr: line 13: /sbin/ipvadm: No such file or directory
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.1.200:http rr
-> 192.168.1.195:http Route 1 0 0
-> 192.168.1.193:http Route 1 0 0
[root@localhost ~]# ifconfig //查看变化信息
eth0 Link encap:Ethernet HWaddr 00:0C:29:09:22:5D
inet addr:192.168.1.196 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe09:225d/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:18342 errors:0 dropped:0 overruns:0 frame:0
TX packets:18549 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:7480550 (7.1 MiB) TX bytes:10886441 (10.3 MiB)
Interrupt:169 Base address:0x2000
eth0:0 Link encap:Ethernet HWaddr 00:0C:29:09:22:5D
inet addr:192.168.1.200 Bcast:192.168.1.200 Mask:255.255.255.255
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:169 Base address:0x2000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:88 errors:0 dropped:0 overruns:0 frame:0
TX packets:88 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:6797 (6.6 KiB) TX bytes:6797 (6.6 KiB)
第二:在节点上的设置(由于在两个节点上的设置基本完全相同,故这里只设置节点之一)
在192.168.1.193上
[root@localhost ~]# ifconfig //查看网卡信息
eth0 Link encap:Ethernet HWaddr 00:0C:29:B7:97:5B
inet addr:192.168.1.193 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:feb7:975b/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:48655 errors:0 dropped:0 overruns:0 frame:0
TX packets:39793 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:16204310 (15.4 MiB) TX bytes:6641366 (6.3 MiB)
Interrupt:169 Base address:0x2000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:12600 errors:0 dropped:0 overruns:0 frame:0
TX packets:12600 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:8047060 (7.6 MiB) TX bytes:8047060 (7.6 MiB)
[root@localhost ~]# vi /etc/init.d/lvscdr //编写ARP及VIP绑定脚本(两节点完全相同)
#!/bin/bash
#descrpption :start realserver DR
VIP=192.168.1.200
#./etc/rc.d/init.d/functions
case "$1" in
start)
echo "start LVS of RealServer DR"
/sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up
/sbin/route add -host $VIP dev lo:0
echo "1">/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2">/proc/sys/net/ipv4/conf/all/arp_announce
echo "1">/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2">/proc/sys/net/ipv4/conf/all/arp_announce
;;
stop)
/sbin/ifconfig lo:0 down
echo "0">/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0">/proc/sys/net/ipv4/conf/all/arp_announce
echo "0">/proc/sys/net/ipv4/conf/all/arp_ignore
echo "0">/proc/sys/net/ipv4/conf/all/arp_announce
;;
*)
echo "Usage:$0 {start|stop}"
exit 1
esac
[root@localhost ~]# chmod a+x /etc/init.d/lvscdr
[root@localhost ~]# /etc/init.d/lvscdr start
[root@localhost ~]# ifconfig //查看变化信息
eth0 Link encap:Ethernet HWaddr 00:0C:29:B7:97:5B
inet addr:192.168.1.193 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:feb7:975b/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:48853 errors:0 dropped:0 overruns:0 frame:0
TX packets:39954 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:16225588 (15.4 MiB) TX bytes:6659428 (6.3 MiB)
Interrupt:169 Base address:0x2000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:12600 errors:0 dropped:0 overruns:0"frale:0
$( TX packets:12600 erpors*0 dropped:8 oferruns:0 carrier:0
collishons:0 tXqueuelen:0
0 ` RX bytes:8047060 (7.6 MiB) VX bytes:8047060 (7.6 MiB)
ìo:0" Link encap:Local LoopbacK
! ijet addr:192.16:.1.200 Mcsk:2%5.255.055.255
` UP LOOPBACK RUN
ING MTU*1643¶ Metric:1
第三测试的部分:
为了测试效果明显,所以在rea,server特意设罦网页的䆅容不同,当然这仅仅是为了测试用,在真实的环境中是必须保持网顴内容的完兩相尌的
测试效果
在地址栏釈输入VIP测诅,并临不断的列新页面
M在调约器上观看
[root@localhost ~] (ipvsaɤ聭
Iࡐ Virtual œerѶer versio 1®2.9 (ѳize=4096) Prot耠LocalAddress:Port0Schedul%r цlags
-耾ࠠRemoteAddr%ss:ѐort Ƞ Forward Weight ActiveConn InActConn
TCP 192.168.1.200:http rr
-> 192.168.1.195:http Route 1 0 5
-> 192.168.1.193:http Route 1 0 4
[root@localhost ~]# ipvsadm -lnc
IPVS connection entries
pro expire state source virtual destination
TCP 01:51 FIN_WAIT 192.168.1.188:53751 192.168.1.200:80 192.168.1.193:80
TCP 01:53 FIN_WAIT 192.168.1.188:53760 192.168.1.200:80 192.168.1.195:80
TCP 01:52 FIN_WAIT 192.168.1.188:53755 192.168.1.200:80 192.168.1.193:80
TCP 01:53 FIN_WAIT 192.168.1.188:53756 192.168.1.200:80 192.168.1.195:80
TCP 00:46 FIN_WAIT 192.168.1.188:53746 192.168.1.200:80 192.168.1.195:80
TCP 01:53 FIN_WAIT 192.168.1.188:53759 192.168.1.200:80 192.168.1.193:80
TCP 01:53 FIN_WAIT 192.168.1.188:53757 192.168.1.200:80 192.168.1.193:80
TCP 01:52 FIN_WAIT 192.168.1.188:53754 192.168.1.200:80 192.168.1.195:80
TCP 01:53 FIN_WAIT 192.168.1.188:53758 192.168.1.200:80 192.168.1.195:80