Home > Developer > Web Develop
Nat Mode
#!/bin/bash
#开启director服务器上的路由转发功能:
Echo 1 >/proc/sys/net/ipv4/ip_forward
# Turn off ICMP redirection
echo 0 >/proc/sys/net/ipv4/conf/all/send_redirects
echo 0 >/proc/sys/net/ipv4/conf/default/send_redirects
echo 0 >/proc/sys/net/ipv4/conf/eth0/send_redirects
echo 0 >/proc/sys/net/ipv4/conf/eth1/send_redirects
#director设置nat防火墙
Iptables-t nat-f
Iptables-t Nat-x
Iptables-t nat-a postrouting-s 192.168.21.0/24-j Masquerade
#director设置ipvsadm
Ipvsadm= '/sbin/ipvsadm '
$IPVSADM-C
$IPVSADM-A-T 192.168.31.166:80-s lc-p 300
$IPVSADM-T 192.168.31.166:80-r 192.168.21.100:80-m-W 1
Dr Configuration
Director on vim/usr/local/sbin/lvs_dr.sh
#!/bin/bash
Echo 1 >/proc/sys/net/ipv4/ip_forward
Ipv=/sbin/ipvsadm
vip=192.168.31.110
rs1=192.168.31.100
Rs2=192.168.31.101
Ifconfig eth0:0 $VIP broadcast $VIP netmask 255.255.255.255 up
Route add-host $vip Dev eth0:0
$IPV-C
$IPV-A-T $VIP: 80-s RR
$IPV-A-t $vip: 80-r $rs 1:80-g-W 1
$IPV-A-t $vip: 80-r $rs 2:80-g-W 1
Two RS on: vim/usr/local/sbin/lvs_dr_rs.sh
#!/bin/bash
vip=192.168.31.110
Ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up
Route Add-host $vip lo:0
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
Environment description
Operating system CentOS 6.4 x86_64
dr1-master:172.17.0.211
dr2-backup:172.17.0.212
vip:172.17.0.210
realserver1:172.17.0.213
realserver1:172.17.0.214
1. Installing the CentOS extension source Eple-release
[Email protected] yum.repos.d]# yum-y install epel-releaseyum-y install Epel-release
2. Installing the Ipvs management tool
[Email protected] yum.repos.d]# yum-y install Ipvsadm
3. Install the keepalived on the DR1 and DR2 hosts separately
[Email protected] yum.repos.d]# yum-y install keepalived
4. Configure keepalived
[Email protected] ~]# vim/etc/keepalived/keepalived.conf
! Configuration File for Keepalived
Global_defs {
Notification_email {
[Email protected]
}
Notification_email_from [email protected]
Smtp_server 60.207.246.98
Smtp_connect_timeout 30
router_id Lvs_1
}
Vrrp_instance Vi_1 {
State MASTER
Interface eth0
VIRTUAL_ROUTER_ID 51
Priority 100
Advert_int 1
Authentication {
Auth_type PASS
Auth_pass 1111
}
virtual_ipaddress {
172.17.0.210
}
}
Virtual_server 172.17.0.210 80 {
Delay_loop 6
Lb_algo WRR
Lb_kind DR
Nat_mask 255.255.255.0
Persistence_timeout 50
Protocol TCP
Real_server 172.17.0.213 80 {
Weight1
tcp_check{
Connect_timeout8
Nb_get_retry3
Delay_before_retry3
Connect_port80
}
}
Real_server 172.17.0.214 80 {
Weight1
tcp_check{
Connect_timeout8
Nb_get_retry3
Delay_before_retry3
Connect_port80
}
}
}
5. Configuring the Web server, Realserver1, and REALSERVER2 nodes
Since the use of Dr mode scheduling, Real_server will be the VIP of LVS to directly reply to the client, so need to open the Real_server on the lo on the LVS VIP to establish communication with the client
1) yum–y Install httpd
[Email protected] ~]# yum-y install httpd
2) script realserver.sh on RealServer1 and RealServer2:
vim/etc/init.d/realserver.sh
#add for Chkconfig
#chkconfig: 2345 #234都是文本界面, 5 is the graphical interface x,70 boot sequence number, 30 system shutdown, script
#止顺序号
#description: Realserver ' s script #关于脚本的简短描述
#processname: realserver.sh #第一个进程名, will be used in the rear setting automatically
#!/bin/bash
vip=172.17.0.210
Source/etc/rc.d/init.d/functions
Case "$" in
Start
Ifconfig lo:0 $VIP netmask 255.255.255.255 broadcast $VIP
/sbin/route add-host $VIP Dev lo:0
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
echo "Realserver Start OK"
;;
Stop
Ifconfig lo:0 Down
Route del $VIP >/dev/null 2>&1
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
echo "Realserver stoped"
;;
*)
echo "Usage: $ {start|stop}"
Exit 1
Esac
Exit 0
3)//Add permissions for realserver.sh
[Email protected] ~]# chmod 755/etc/init.d/realserver.sh
[Email protected] ~]# chmod 755/etc/init.d/realserver.sh
4) Start keepalived and realserver.sh scripts
[[email protected] ~]#/etc/init.d/realserver.sh start
[[email protected] ~]#/etc/init.d/realserver.sh start
[[email protected] ~]#/etc/init.d/keepalived start
[[email protected] ~]#/etc/init.d/keepalived start
5) Testing
[Email protected] ~]# ipvsadm-l-N
IP Virtual Server version 1.2.1 (size=4096)
Prot Localaddress:port Scheduler Flags
Remoteaddress:port Forward Weight activeconn inactconn
TCP 172.17.0.210:80 WRR Persistent 50
-172.17.0.213:80 Route 1 0 0
-172.17.0.214:80 Route 3 0 0
[Email protected] ~]#
[Email protected] keepalived]# ipvsadm-l-N
IP Virtual Server version 1.2.1 (size=4096)
Prot Localaddress:port Scheduler Flags
Remoteaddress:port Forward Weight activeconn inactconn
TCP 172.17.0.210:80 WRR Persistent 50
-172.17.0.213:80 Route 1 0 0
-172.17.0.214:80 Route 3 0 0
[Email protected] keepalived]#
Linux LVS+KEEPALIVED+HTTPD Configuration
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
