Lvs dr mode implements web Load Balancing (iptables (DNAT) + lvs (DR) real server using Intranet ip

Source: Internet
Author: User

650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131228/0422026421-0.png "style =" float: none; "title =" 1.png" alt = "182949854.png"/>


2.1.1-web basic configuration web1 configuration [root @ web1 ~] # Fdisk/dev/sdbCommand (m for help): nCommand action e extended p primary partition (1-4) pPartition number (1-4): 1 First cylinder (1-130, default 1): Using default value 1 Last cylinder, + cylinders or + size {K, M, G} (1-130, default 130 ): using default value 130 Command (m for help): wThe partition table has been altered! Calling ioctl () to re-read partition table. Syncing disks. [root @ web1 ~] # Partx/dev/sdb [root @ web1 ~] # Mkdir/www/bbs-pv [root @ web1 ~] # Mkfs. ext4/dev/sdb1 [root @ web1 ~] # E2label/dev/sdb1 web

[Root @ web1 ~] # Vim/etc/fstab650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131228/0422023b6-1.png "style =" float: none; "title =" 2.png" alt = "182949506.png"/>

[Root @ web1 ~] # Mount-a [root @ web1 ~] # Echo "web1">/www/bbs/test.html [root @ web1 ~] # Vim/etc/httpd/conf/httpd. conf

650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131228/04220264b-2.png "style =" float: none; "title =" 3.png" alt = "182949967.png"/>

[Root @ web2 ~] # Service httpd start

650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131228/04220240A-3.png "style =" float: none; "title =" 4.png" alt = "182949514.png"/>

Web2 Network Configuration

650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131228/04220225A-4.png "style =" float: none; "title =" 5.png" alt = "182949826.png"/>

[Root @ web2 ~] # Yum-y install httpd php-mysql [root @ web2 ~] # Mkdir-pv/www/bbs [root @ web2 ~] # Echo "web2">/www/bbs/test.html [root @ web2 ~] # Vim/etc/httpd/conf/httpd. conf

650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131228/0422022094-5.png "style =" float: none; "title =" 6.png" alt = "182950525.png"/>

650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131228/0422023496-6.png "style =" float: none; "title =" 7.png" alt = "182950845.png"/>

[Root @ web2 ~] # Service httpd start [root @ web2 ~] # Chkconfig httpd on

650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131228/0422021564-7.png "style =" float: none; "title =" 8.png" alt = "182950524.png"/>

2.1.2-Director configure ifconfig eth0: 1 172.16.100.80 broadcast 172.16.100.80 netmask 255.255.255.255 uproute add-host 172.16.100.80 dev eth0: 1 echo 1>/proc/sys/net/ipv4/ip_forwardiptables-Fiptables-z1_sadm-c1_sadm-A-t 172.16.100.80: 80-s wlc1_sadm-a-t 172.16.100.80: 80-r 172.16.100.81-g-w 1 ipvsadm-a-t 172.16.100.80: 80-r 172.16.100.82-g-w 12.1.3-Realserver configuration ifconfig lo downifconfig lo up Echo 1>/proc/sys/net/ipv4/conf/lo/arp_ignoreecho 2>/proc/sys/net/ipv4/conf/lo/arp_announceecho 1>/proc/sys/ net/ipv4/conf/all/arp_ignoreecho 2>/proc/sys/net/ipv4/conf/all/arp_announceifconfig lo: 0 172.16.100.80 broadcast 172.16.100.80 netmask 255.255.255.255 uproute add-host 172.16.100.80 dev lo: 02.1.4-cluster service test and modify DNS [root @ ns1 ~] # Sed-I's/^ \ <81 \>/80/'/var/named/innet.100.16.172.in-addr. arpa [root @ ns1 ~] # Sed-I's/\ <81 \> $/80/'/var/named/innet.sanyu.com. zone [root @ ns1 ~] # Service named restart

650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131228/0422023344-8.png "style =" float: none; "title =" 9.png" alt = "182950707.png"/>

Cluster service Intranet Test

650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131228/042202L91-9.png "title =" 10.png" alt = "183034926.png"/>

After refreshing

650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131228/04220223T-10.png "style =" float: none; "title =" 11.png" alt = "182954853.png"/>

650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131228/0422023548-11.png "style =" float: none; "title =" 12.png" alt = "182954716.png"/>

Cluster service public network test and modify firewall rules echo 1>/proc/sys/net/ipv4/ip_forwardiptables-t nat-a prerouting-s 202.111.0.0/16-d 202.111.100.100-p tcp -- dport 80 -j DNAT -- to-destination 172.16.100.80iptables-t nat-a prerouting-s 202.110.0.0/16-d 202.110.100.100-p tcp -- dport 80-j DNAT -- to-destination limit-t nat- a prerouting-s 202.111.0.0/16-d 202.111.100.100-p tcp -- dport 443-j DNAT -- to-destination 172.16.100.43: 443 iptables-t nat-a prerouting-s 202.110.0.0/16-d 202.110.100.100-p tcp -- dport 443-j DNAT -- to-destination 172.16.100.43: 443 iptables-t nat-a prerouting-s 202.111.0.0/16-d 202.111.100.100-p tcp -- dport 53-j DNAT -- to-destination-t nat-a prerouting-s 202.110.0.0/ 16-d 202.110.100.100-p tcp -- dport 53-j DNAT -- to-destination failed-t nat-a prerouting-s 202.111.0.0/16-d 202.111.100.100-p udp -- dport 53-j DNAT -- to-destination 172.16.100.53iptables-t nat-a prerouting-s 202.110.0.0/16-d 202.110.100.100-p udp -- dport 53-j DNAT -- to-destination 172.16.100.53guest1 Network

650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131228/0422025G9-12.png "style =" float: none; "title =" 13.png" alt = "1829542.16.png"/>

Guest2 Network Configuration

650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131228/0422021435-13.png "style =" float: none; "title =" 14.png" alt = "182954936.png"/>

Note: The gateway does not point to the R1 test result.

650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131228/0422025648-14.png "style =" float: none; "title =" 15.png" alt = "182954997.png"/>



Script:

#!/bin/bash## LVS script for VS/DR#. /etc/rc.d/init.d/functions#VIP=172.16.100.80RIP1=172.16.100.81RIP2=172.16.100.82PORT=80#case "$1" instart)            /sbin/ifconfig eth0:1 $VIP broadcast $VIP netmask 255.255.255.255 up  /sbin/route add -host $VIP dev eth0:1# Since this is the Director we must be able to forward packets  echo 1 > /proc/sys/net/ipv4/ip_forward# Clear all iptables rules.  /sbin/iptables -F# Reset iptables counters.  /sbin/iptables -Z# Clear all ipvsadm rules/services.  /sbin/ipvsadm -C# Add an IP virtual service for VIP 192.168.0.219 port 80# In this recipe, we will use the round-robin scheduling method.# In production, however, you should use a weighted, dynamic scheduling method.  /sbin/ipvsadm -A -t $VIP:80 -s wlc# Now direct packets for this VIP to# the real server IP (RIP) inside the cluster  /sbin/ipvsadm -a -t $VIP:80 -r $RIP1 -g -w 1  /sbin/ipvsadm -a -t $VIP:80 -r $RIP2 -g -w 2  /bin/touch /var/lock/subsys/ipvsadm &> /dev/null;;stop)# Stop forwarding packets  echo 0 > /proc/sys/net/ipv4/ip_forward# Reset ipvsadm  /sbin/ipvsadm -C# Bring down the VIP interface  /sbin/ifconfig eth0:1 down  /sbin/route del $VIP      /bin/rm -f /var/lock/subsys/ipvsadm      echo "ipvs is stopped...";;status)  if [ ! -e /var/lock/subsys/ipvsadm ]; then    echo "ipvsadm is stopped ..."  else    echo "ipvs is running ..."    ipvsadm -L -n  fi;;*)  echo "Usage: $0 {start|stop|status}";;esac



This article is from the non-Trojan dream blog, please be sure to keep this source http://wumengsheng.blog.51cto.com/7339300/1304428

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.