一、架构
director:172.28.18.69 vip:172.28.18.70
real server1:172.28.18.71
real server2:172.28.18.78
二、两台real server上安装nginx
配置nginx yum源
[root@localhost ~]# vim /etc/yum.repos.d/nginx.repo [nginx] name=nginx repo baseurl=http://nginx.org/packages/centos/7/$basearch/ gpgcheck=0 enabled=1
安装
[root@localhost ~]# yum install -y nginx
查看
[root@localhost ~]# whereis nginx nginx: /usr/sbin/nginx /usr/lib64/nginx /etc/nginx /usr/share/nginx /usr/share/man/man8/nginx.8.gz [root@localhost ~]#
配置文件
查看默认根目录页面地址
[root@localhost ~]# vim /etc/nginx/conf.d/default.conf server { listen 80; server_name localhost; #charset koi8-r; #access_log /var/log/nginx/host.access.log main; location / { root /usr/share/nginx/html; index index.html index.htm; }
编辑/usr/share/nginx/html/index.html
加上本机IP地址,在测试负载均衡的时候,才知道分发到了哪台real server上
[root@localhost ~]# vim /usr/share/nginx/html/index.html <!DOCTYPE html> <html> <head> <title>Welcome to nginx!</title> <style> body { 35em; margin: 0 auto; font-family: Tahoma, Verdana, Arial, sans-serif; } </style> </head> <body> <h1>Welcome to nginx!-71</h1> <p>If you see this page, the nginx web server is successfully installed and working. Further configuration is required.</p> <p>For online documentation and support please refer to <a href="http://nginx.org/">nginx.org</a>.<br/> Commercial support is available at <a href="http://nginx.com/">nginx.com</a>.</p> <p><em>Thank you for using nginx.</em></p> </body> </html>
保存、退出
启动nginx
[root@localhost conf.d]# nginx -c /etc/nginx/nginx.conf
可以显示IP了,同样172.28.18.78的服务器也安装和配置nginx
三、在172.28.18.69上安装ipvsadm
[root@localhost mysql-5.7.26]# yum install -y ipvsadm 已加载插件:fastestmirror Loading mirror speeds from cached hostfile * base: mirrors.tuna.tsinghua.edu.cn * extras: mirrors.huaweicloud.com * updates: mirrors.tuna.tsinghua.edu.cn base | 3.6 kB 00:00:00 extras | 3.4 kB 00:00:00 updates | 3.4 kB 00:00:00 正在解决依赖关系 --> 正在检查事务 ---> 软件包 ipvsadm.x86_64.0.1.27-7.el7 将被 安装 --> 解决依赖关系完成 依赖关系解决 =========================================================================================================== Package 架构 版本 源 大小 =========================================================================================================== 正在安装: ipvsadm x86_64 1.27-7.el7 base 45 k 事务概要 =========================================================================================================== 安装 1 软件包 总下载量:45 k 安装大小:75 k Downloading packages: ipvsadm-1.27-7.el7.x86_64.rpm | 45 kB 00:00:00 Running transaction check Running transaction test Transaction test succeeded Running transaction 警告:RPM 数据库已被非 yum 程序修改。 ** 发现 2 个已存在的 RPM 数据库问题, 'yum check' 输出如下: 2:postfix-2.10.1-7.el7.x86_64 有缺少的需求 libmysqlclient.so.18()(64bit) 2:postfix-2.10.1-7.el7.x86_64 有缺少的需求 libmysqlclient.so.18(libmysqlclient_18)(64bit) 正在安装 : ipvsadm-1.27-7.el7.x86_64 1/1 验证中 : ipvsadm-1.27-7.el7.x86_64 1/1 已安装: ipvsadm.x86_64 0:1.27-7.el7 完毕!
四、配置虚拟服务器
[root@director ~]# ipvsadm -A -t 172.28.18.70:80 -s rr
增加一个虚拟服务器 172.28.18.69, -A:增加一个虚拟服务器 -t:tcp协议 -s:分发算法 rr 轮询
五、增加后端实际服务器
[root@director home]# ipvsadm -a -t 172.28.18.70:80 -r 172.28.18.71:80 -i -w 1 [root@director home]# ipvsadm -a -t 172.28.18.70:80 -r 172.28.18.78:80 -i -w 1
-a :增加后端服务器 -t:对应的虚拟服务器IP -r :对应的后端服务器IP -i: lvs-tun模式 -w:权重
六、查看配置规则
[root@director home]# ipvsadm -Ln IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 172.28.18.70:80 rr -> 172.28.18.71:80 Tunnel 1 0 0 -> 172.28.18.78:80 Tunnel 1 0 0
七、设置director分发器的虚拟IP到设备em1:0
[root@director home]# ip addr add 172.28.18.70 dev em1:0
八、在后端服务器上加载ipip模块
加载ipip模块后,就会有默认的tunl0隧道
1、查看是否有tunl0隧道
[root@localhost conf]# lsmod|grep ipip
[root@localhost conf]#
没有ipip模块,加载ipip模块
[root@localhost conf]# modprobe ipip
再查看,有了
[root@localhost conf]# lsmod|grep ipip ipip 13465 0 tunnel4 13252 1 ipip ip_tunnel 25163 1 ipip
ip a ,查看tunl0也有了
[root@server-1 html]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: em1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000 link/ether 90:b1:1c:15:be:09 brd ff:ff:ff:ff:ff:ff inet 172.28.18.78/28 brd 172.28.18.79 scope global noprefixroute em1 valid_lft forever preferred_lft forever inet6 fe80::e6fb:2cb7:2743:4720/64 scope link noprefixroute valid_lft forever preferred_lft forever 3: em2: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN group default qlen 1000 link/ether 90:b1:1c:15:be:0a brd ff:ff:ff:ff:ff:ff inet 192.168.18.103/24 brd 192.168.18.255 scope global noprefixroute em2 valid_lft forever preferred_lft forever inet6 fe80::3137:91de:1663:a505/64 scope link tentative valid_lft forever preferred_lft forever 4: tunl0@NONE: <NOARP> mtu 1480 qdisc noop state DOWN group default qlen 1000 link/ipip 0.0.0.0 brd 0.0.0.0
九、在后端服务器上配置虚拟IP绑定tunl0
[root@localhost conf]# ip addr add 172.28.18.70 dev tunl0
十、在后端服务器上配置关闭ARP转发
net.ipv4.conf.tunl0.arp_ignore = 1 net.ipv4.conf.tunl0.arp_announce = 2 net.ipv4.conf.all.arp_ignore = 1 net.ipv4.conf.all.arp_announce = 2 net.ipv4.conf.tunl0.rp_filter = 0 net.ipv4.conf.all.rp_filter = 0
[root@localhost conf]# sysctl -p