一、架構
director:172.28.18.69 vip:172.28.18.70
real server1:172.28.18.71
real server2:172.28.18.78
二、兩台real server上安裝nginx
配置nginx yum源
[root@localhost ~]# vim /etc/yum.repos.d/nginx.repo [nginx] name=nginx repo baseurl=http://nginx.org/packages/centos/7/$basearch/ gpgcheck=0 enabled=1
安裝
[root@localhost ~]# yum install -y nginx
查看
[root@localhost ~]# whereis nginx nginx: /usr/sbin/nginx /usr/lib64/nginx /etc/nginx /usr/share/nginx /usr/share/man/man8/nginx.8.gz [root@localhost ~]#
配置文件
查看默認根目錄頁面地址
[root@localhost ~]# vim /etc/nginx/conf.d/default.conf server { listen 80; server_name localhost; #charset koi8-r; #access_log /var/log/nginx/host.access.log main; location / { root /usr/share/nginx/html; index index.html index.htm; }
編輯/usr/share/nginx/html/index.html
加上本機IP地址,在測試負載均衡的時候,才知道分發到了哪台real server上
[root@localhost ~]# vim /usr/share/nginx/html/index.html <!DOCTYPE html> <html> <head> <title>Welcome to nginx!</title> <style> body { width: 35em; margin: 0 auto; font-family: Tahoma, Verdana, Arial, sans-serif; } </style> </head> <body> <h1>Welcome to nginx!-71</h1> <p>If you see this page, the nginx web server is successfully installed and working. Further configuration is required.</p> <p>For online documentation and support please refer to <a href="http://nginx.org/">nginx.org</a>.<br/> Commercial support is available at <a href="http://nginx.com/">nginx.com</a>.</p> <p><em>Thank you for using nginx.</em></p> </body> </html>
保存、退出
啟動nginx
[root@localhost conf.d]# nginx -c /etc/nginx/nginx.conf
可以顯示IP了,同樣172.28.18.78的服務器也安裝和配置nginx
三、在172.28.18.69上安裝ipvsadm
[root@localhost mysql-5.7.26]# yum install -y ipvsadm 已加載插件:fastestmirror Loading mirror speeds from cached hostfile * base: mirrors.tuna.tsinghua.edu.cn * extras: mirrors.huaweicloud.com * updates: mirrors.tuna.tsinghua.edu.cn base | 3.6 kB 00:00:00 extras | 3.4 kB 00:00:00 updates | 3.4 kB 00:00:00 正在解決依賴關系 --> 正在檢查事務 ---> 軟件包 ipvsadm.x86_64.0.1.27-7.el7 將被 安裝 --> 解決依賴關系完成 依賴關系解決 =========================================================================================================== Package 架構 版本 源 大小 =========================================================================================================== 正在安裝: ipvsadm x86_64 1.27-7.el7 base 45 k 事務概要 =========================================================================================================== 安裝 1 軟件包 總下載量:45 k 安裝大小:75 k Downloading packages: ipvsadm-1.27-7.el7.x86_64.rpm | 45 kB 00:00:00 Running transaction check Running transaction test Transaction test succeeded Running transaction 警告:RPM 數據庫已被非 yum 程序修改。 ** 發現 2 個已存在的 RPM 數據庫問題, 'yum check' 輸出如下: 2:postfix-2.10.1-7.el7.x86_64 有缺少的需求 libmysqlclient.so.18()(64bit) 2:postfix-2.10.1-7.el7.x86_64 有缺少的需求 libmysqlclient.so.18(libmysqlclient_18)(64bit) 正在安裝 : ipvsadm-1.27-7.el7.x86_64 1/1 驗證中 : ipvsadm-1.27-7.el7.x86_64 1/1 已安裝: ipvsadm.x86_64 0:1.27-7.el7 完畢!
四、配置虛擬服務器
[root@director ~]# ipvsadm -A -t 172.28.18.70:80 -s rr
增加一個虛擬服務器 172.28.18.69, -A:增加一個虛擬服務器 -t:tcp協議 -s:分發算法 rr 輪詢
五、增加后端實際服務器
[root@director home]# ipvsadm -a -t 172.28.18.70:80 -r 172.28.18.71:80 -i -w 1 [root@director home]# ipvsadm -a -t 172.28.18.70:80 -r 172.28.18.78:80 -i -w 1
-a :增加后端服務器 -t:對應的虛擬服務器IP -r :對應的后端服務器IP -i: lvs-tun模式 -w:權重
六、查看配置規則
[root@director home]# ipvsadm -Ln IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 172.28.18.70:80 rr -> 172.28.18.71:80 Tunnel 1 0 0 -> 172.28.18.78:80 Tunnel 1 0 0
七、設置director分發器的虛擬IP到設備em1:0
[root@director home]# ip addr add 172.28.18.70 dev em1:0
八、在后端服務器上加載ipip模塊
加載ipip模塊后,就會有默認的tunl0隧道
1、查看是否有tunl0隧道
[root@localhost conf]# lsmod|grep ipip
[root@localhost conf]#
沒有ipip模塊,加載ipip模塊
[root@localhost conf]# modprobe ipip
再查看,有了
[root@localhost conf]# lsmod|grep ipip ipip 13465 0 tunnel4 13252 1 ipip ip_tunnel 25163 1 ipip
ip a ,查看tunl0也有了
[root@server-1 html]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: em1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000 link/ether 90:b1:1c:15:be:09 brd ff:ff:ff:ff:ff:ff inet 172.28.18.78/28 brd 172.28.18.79 scope global noprefixroute em1 valid_lft forever preferred_lft forever inet6 fe80::e6fb:2cb7:2743:4720/64 scope link noprefixroute valid_lft forever preferred_lft forever 3: em2: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN group default qlen 1000 link/ether 90:b1:1c:15:be:0a brd ff:ff:ff:ff:ff:ff inet 192.168.18.103/24 brd 192.168.18.255 scope global noprefixroute em2 valid_lft forever preferred_lft forever inet6 fe80::3137:91de:1663:a505/64 scope link tentative valid_lft forever preferred_lft forever 4: tunl0@NONE: <NOARP> mtu 1480 qdisc noop state DOWN group default qlen 1000 link/ipip 0.0.0.0 brd 0.0.0.0
九、在后端服務器上配置虛擬IP綁定tunl0
[root@localhost conf]# ip addr add 172.28.18.70 dev tunl0
十、在后端服務器上配置關閉ARP轉發
net.ipv4.conf.tunl0.arp_ignore = 1 net.ipv4.conf.tunl0.arp_announce = 2 net.ipv4.conf.all.arp_ignore = 1 net.ipv4.conf.all.arp_announce = 2 net.ipv4.conf.tunl0.rp_filter = 0 net.ipv4.conf.all.rp_filter = 0
[root@localhost conf]# sysctl -p