作者:阿芙2011 | 来源:互联网 | 2023-05-19 07:56
一、架构director:172.28.18.69vip:172.28.18.70realserver1:172.28.18.71realserver2:172.28.18.78
一、架构
director:172.28.18.69 vip:172.28.18.70
real server1:172.28.18.71
real server2:172.28.18.78
二、两台real server上安装nginx
配置nginx yum源
[root@localhost ~]# vim /etc/yum.repos.d/nginx.repo
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/7/$basearch/
gpgcheck=0
enabled=1
安装
[root@localhost ~]# yum install -y nginx
查看
[root@localhost ~]# whereis nginx
nginx: /usr/sbin/nginx /usr/lib64/nginx /etc/nginx /usr/share/nginx /usr/share/man/man8/nginx.8.gz
[root@localhost ~]#
配置文件
查看默认根目录页面地址
[root@localhost ~]# vim /etc/nginx/conf.d/default.conf
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log /var/log/nginx/host.access.log main;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
编辑/usr/share/nginx/html/index.html
加上本机IP地址,在测试负载均衡的时候,才知道分发到了哪台real server上
[root@localhost ~]# vim /usr/share/nginx/html/index.html
<head>
head>
Welcome to nginx!-71
If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.
For online documentation and support please refer to
"http://nginx.org/">nginx.org.
Commercial support is available at
"http://nginx.com/">nginx.com.
Thank you for using nginx.
保存、退出
启动nginx
[root@localhost conf.d]# nginx -c /etc/nginx/nginx.conf
可以显示IP了,同样172.28.18.78的服务器也安装和配置nginx
三、在172.28.18.69上安装ipvsadm
[root@localhost mysql-5.7.26]# yum install -y ipvsadm
已加载插件:fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.tuna.tsinghua.edu.cn
* extras: mirrors.huaweicloud.com
* updates: mirrors.tuna.tsinghua.edu.cn
base | 3.6 kB 00:00:00
extras | 3.4 kB 00:00:00
updates | 3.4 kB 00:00:00
正在解决依赖关系
--> 正在检查事务
---> 软件包 ipvsadm.x86_64.0.1.27-7.el7 将被 安装
--> 解决依赖关系完成
依赖关系解决
===========================================================================================================
Package 架构 版本 源 大小
===========================================================================================================
正在安装:
ipvsadm x86_64 1.27-7.el7 base 45 k
事务概要
===========================================================================================================
安装 1 软件包
总下载量:45 k
安装大小:75 k
Downloading packages:
ipvsadm-1.27-7.el7.x86_64.rpm | 45 kB 00:00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
警告:RPM 数据库已被非 yum 程序修改。
** 发现 2 个已存在的 RPM 数据库问题, 'yum check' 输出如下:
2:postfix-2.10.1-7.el7.x86_64 有缺少的需求 libmysqlclient.so.18()(64bit)
2:postfix-2.10.1-7.el7.x86_64 有缺少的需求 libmysqlclient.so.18(libmysqlclient_18)(64bit)
正在安装 : ipvsadm-1.27-7.el7.x86_64 1/1
验证中 : ipvsadm-1.27-7.el7.x86_64 1/1
已安装:
ipvsadm.x86_64 0:1.27-7.el7
完毕!
四、配置虚拟服务器
[root@director ~]# ipvsadm -A -t 172.28.18.70:80 -s rr
增加一个虚拟服务器 172.28.18.69, -A:增加一个虚拟服务器 -t:tcp协议 -s:分发算法 rr 轮询
五、增加后端实际服务器
[root@director home]# ipvsadm -a -t 172.28.18.70:80 -r 172.28.18.71:80 -i -w 1
[root@director home]# ipvsadm -a -t 172.28.18.70:80 -r 172.28.18.78:80 -i -w 1
-a :增加后端服务器 -t:对应的虚拟服务器IP -r :对应的后端服务器IP -i: lvs-tun模式 -w:权重
六、查看配置规则
[root@director home]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.28.18.70:80 rr
-> 172.28.18.71:80 Tunnel 1 0 0
-> 172.28.18.78:80 Tunnel 1 0 0
七、设置director分发器的虚拟IP到设备em1:0
[root@director home]# ip addr add 172.28.18.70 dev em1:0
八、在后端服务器上加载ipip模块
加载ipip模块后,就会有默认的tunl0隧道
1、查看是否有tunl0隧道
[root@localhost conf]# lsmod|grep ipip
[root@localhost conf]#
没有ipip模块,加载ipip模块
[root@localhost conf]# modprobe ipip
再查看,有了
[root@localhost conf]# lsmod|grep ipip
ipip 13465 0
tunnel4 13252 1 ipip
ip_tunnel 25163 1 ipip
ip a ,查看tunl0也有了
[root@server-1 html]# ip a
1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: em1: mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 90:b1:1c:15:be:09 brd ff:ff:ff:ff:ff:ff
inet 172.28.18.78/28 brd 172.28.18.79 scope global noprefixroute em1
valid_lft forever preferred_lft forever
inet6 fe80::e6fb:2cb7:2743:4720/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: em2: mtu 1500 qdisc mq state DOWN group default qlen 1000
link/ether 90:b1:1c:15:be:0a brd ff:ff:ff:ff:ff:ff
inet 192.168.18.103/24 brd 192.168.18.255 scope global noprefixroute em2
valid_lft forever preferred_lft forever
inet6 fe80::3137:91de:1663:a505/64 scope link tentative
valid_lft forever preferred_lft forever
4: tunl0@NONE: mtu 1480 qdisc noop state DOWN group default qlen 1000
link/ipip 0.0.0.0 brd 0.0.0.0
九、在后端服务器上配置虚拟IP绑定tunl0
[root@localhost conf]# ip addr add 172.28.18.70 dev tunl0
十、在后端服务器上配置关闭ARP转发
net.ipv4.conf.tunl0.arp_ignore = 1
net.ipv4.conf.tunl0.arp_announce = 2
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.tunl0.rp_filter = 0
net.ipv4.conf.all.rp_filter = 0
[root@localhost conf]# sysctl -p
京公网安备 11010802041100号