负载均衡集群设计时的要点:
(1)session保持
session sticky(ip hash)
session cluster
session server
(2)数据共享
共享存储:
NAS:Network Attached Storage,文件服务器,访问接口是文件级别(NFS,SAMBA)
SAN:Storage Area Network,访问接口是块级别;SCSI协议借助于其他网络技术(FC,以太网)
DS:Distributed Storage,访问接口通常是文件级别,接口可是文件系统,也可以API;ceph,内核级分布式存储;
数据同步:
rsync+inotify
数据结构:
结构化数据:存储于SQL数据库中;
半结构化数据:xml,json,存储于文件系统或NoSQL;
非结构化数据:文件系统,DS;
ipvsadm命令的用法:
ipvsadm -A|E -t|u|f service-address [-s scheduler]
[-p [timeout]] [-M netmask] [-b sched-flags]
ipvsadm -D -t|u|f service-address
ipvsadm -C
ipvsadm -R
ipvsadm -S [-n]
ipvsadm -a|e -t|u|f service-address -r server-address
[-g|i|m] [-w weight] [-x upper] [-y lower]
ipvsadm -d -t|u|f service-address -r server-address
ipvsadm -L|l [options]
ipvsadm -Z [-t|u|f service-address]
ipvsadm –set tcp tcpfin udp
ipvsadm -h
管理集群服务:增、改、删、查
ipvsadm -A|E -t|u|f service-address [-s scheduler]
ipvsadm -D -t|u|f service-address
-A:添加
-E:修改
-D:删除
service-address:
-t, tcp, vip:port
-u, udp, vip:port
-f, fwm, MARK
-s scheduler:默认为wlc;
管理集群服务上的RS:
ipvsadm -a|e -t|u|f service-address -r server-address [-g|i|m] [-w weight]
ipvsadm -d -t|u|f service-address -r server-address
-a:添加一个RS
-e:修改一个RS
-d:删除一个RS
-r server-address:
RS的地址
rip[:port]
-g:GATEWAY (默认)
-i: IPIP
-m: MASQUERADE,nat
-w weight,
查看:
ipvsadm -L|l [options]
-n:numeric,数字格式显示地址和端口;
-c:connection,显示ipvs连接;
–stats:统计数据;
–rate:速率
–exact:精确值
清空规则:
ipvsadm -C
保存和重载:
保存:
ipvsadm -S > /PATH/TO/SOME_RULE_FILE
ipvsadm-save > /PATH/TO/SOME_RULE_FILE
重载:
ipvsadm -R < /PATH/FROM/SOME_RULE_FILE
ipvsadm-restore < /PATH/FROM/SOME_RULE_FILE
计数器清零:
ipvsadm -Z [-t|u|f service-address]
-
lvs-nat;
多目标的DNAT:通过将请求报文的目标地址和目标端口修改为挑选出某RS的RIP和PORT来实现;
(1) RIP和DIP应该使用私网地址,RS的网关应该指向DIP(保证响应报文必须经由VS);
(2) 请求和响应报文都要经由director转发;极高负载的场景中,Director可能会成为系统瓶颈;
(3) 支持端口映射;
(4) VS必须为Linux,RS可以是任意的OS;
(5) RS的RIP与Director的DIP必须在同一IP网络;
设计要点:
(1)DIP与RIP要在同一IP网络,RIP的网关要指向DIP;
(2)支持端口映射;
(3)是否用到共享存储取决业务要求;
实验拓扑:
DS两张网卡两个IP地址:1.1.1.130模拟外部网络VIP,192.168.150.137模拟内部网络DIP
RS1地址:192.168.150.138 RIP
RS2地址:192.168.150.139 RIP
DS配置及说明
[root@localhost ~]# ifconfig
eno16777752: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 1.1.1.130 netmask 255.255.255.0 broadcast 1.1.1.255
inet6 fe80::20c:29ff:fe87:41f3 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:87:41:f3 txqueuelen 1000 (Ethernet)
RX packets 121 bytes 15542 (15.1 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 38 bytes 6012 (5.8 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eno33554976: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.150.137 netmask 255.255.255.0 broadcast 192.168.150.255
inet6 fe80::20c:29ff:fe87:41fd prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:87:41:fd txqueuelen 1000 (Ethernet)
RX packets 6811 bytes 5830568 (5.5 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3197 bytes 312274 (304.9 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 0 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@localhost ~]# iptables -nL 查看iptables规则,确保iptables所有规则都为ACCEPT
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
[root@localhost ~]# iptables -F 清空所有iptables规则
[root@localhost ~]# less /etc/sysctl.conf
[root@localhost ~]# vim /etc/sysctl.conf 修改内核参数,开启内核转发功能
[root@localhost ~]# cat /etc/sysctl.conf
# System default settings live in /usr/lib/sysctl.d/00-system.conf.
le
#
# For more information, see sysctl.conf(5) and sysctl.d(5).
net.ipv4.ip_forward = 1
[root@localhost ~]# sysctl -p
net.ipv4.ip_forward = 1
[root@localhost ~]# cat /proc/sys/net/ipv4/i
icmp_echo_ignore_all ip_dynaddr
icmp_echo_ignore_broadcasts ip_early_demux
icmp_errors_use_inbound_ifaddr ip_forward
icmp_ignore_bogus_error_responses ip_forward_use_pmtu
icmp_ratelimit ipfrag_high_thresh
icmp_ratemask ipfrag_low_thresh
igmp_max_memberships ipfrag_max_dist
igmp_max_msf ipfrag_secret_interval
igmp_qrv ipfrag_time
inet_peer_maxttl ip_local_port_range
inet_peer_minttl ip_local_reserved_ports
inet_peer_threshold ip_nonlocal_bind
ip_default_ttl ip_no_pmtu_disc
[root@localhost ~]# cat /proc/sys/net/ipv4/ip_forward
1
[root@localhost ~]# ipvsadm -Ln 查看目前LVS的规则
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
[root@localhost ~]# ipvsadm -A -t 1.1.1.130:80 -s rr 管理集群服务,添加集群主机VIP,调度规则算法,rr为round robin, 轮调,轮询,轮叫
[root@localhost ~]# ipvsadm -a -t 1.1.1.130:80 -r 192.168.150.138:80 -m -w 1 管理集群服务上的RS,添加RS主机,-m为添LVS类型为nat,-w为调度算法加权重,此时权重值无效,因为为rr算法
[root@localhost ~]# ipvsadm -a -t 1.1.1.130:80 -r 192.168.150.139:80 -m -w 2
[root@localhost ~]# ipvsadm -Ln 查看目前LVS的规则,已经存在
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 1.1.1.130:80 rr
-> 192.168.150.138:80 Masq 1 0 0
-> 192.168.150.139:80 Masq 2 0 0
[root@localhost ~]# curl http://1.1.1.130 此时访问VIP时,后台提供http服务的主机已经在轮询
<h1>RS1</h1>
[root@localhost ~]# curl http://1.1.1.130
<h1>RS2</h1>
[root@localhost ~]# curl http://1.1.1.130
<h1>RS1</h1>
[root@localhost ~]# curl http://1.1.1.130
<h1>RS2</h1>
[root@localhost ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 1.1.1.130:80 rr
-> 192.168.150.138:80 Masq 1 0 3
-> 192.168.150.139:80 Masq 2 0 4
[root@localhost ~]# ipvsadm -E -t 1.1.1.130:80 -s wrr -E为修改LVS规则,将调度算法修改为wrr,加权的轮询算法
[root@localhost ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 1.1.1.130:80 wrr
-> 192.168.150.138:80 Masq 1 0 3
-> 192.168.150.139:80 Masq 2 0 3
[root@localhost ~]# curl http://1.1.1.130 此时根据权重,RS2主机访问量会是RS1主机的两倍
<h1>RS2</h1>
[root@localhost ~]# curl http://1.1.1.130
<h1>RS2</h1>
[root@localhost ~]# curl http://1.1.1.130
<h1>RS1</h1>
[root@localhost ~]# curl http://1.1.1.130
<h1>RS2</h1>
[root@localhost ~]# curl http://1.1.1.130
<h1>RS2</h1>
[root@localhost ~]# curl http://1.1.1.130
<h1>RS1</h1>
[root@localhost ~]# curl http://1.1.1.130
<h1>RS2</h1>
[root@localhost ~]# curl http://1.1.1.130
<h1>RS2</h1>
[root@localhost ~]# curl http://1.1.1.130
<h1>RS1</h1>
[root@localhost ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 1.1.1.130:80 wrr
-> 192.168.150.138:80 Masq 1 0 4
-> 192.168.150.139:80 Masq 2 0 9
[END] 2016/11/30 22:52:30
RS配置及说明:
RS1:
[BEGIN] 2016/11/30 21:47:08
[root@localhost ~]# ifconfig
eno33554976: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.150.138 netmask 255.255.255.0 broadcast 192.168.150.255
inet6 fe80::20c:29ff:fe1e:b6ec prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:1e:b6:ec txqueuelen 1000 (Ethernet)
RX packets 200 bytes 21679 (21.1 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 77 bytes 10491 (10.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 0 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@localhost ~]# yum -y install httpd telnet-server
已加载插件:fastestmirror
Repodata is over 2 weeks old. Install yum-cron? Or run: yum makecache fast
base | 3.6 kB 00:00:00
epel | 4.3 kB 00:00:00
extras | 3.4 kB 00:00:00
local | 3.6 kB 00:00:00
updates | 3.4 kB 00:00:00
(1/2): epel/updateinfo | 677 kB 00:00:00
(2/2): epel/primary_db | 4.4 MB 00:00:04
Determining fastest mirrors
* base: mirrors.cn99.com
* extras: mirrors.cn99.com
* updates: mirrors.cn99.com
正在解决依赖关系
–> 正在检查事务
—> 软件包 httpd.x86_64.0.2.4.6-40.el7.centos.4 将被 安装
os.4.x86_64 需要
–> 正在处理依赖关系 /etc/mime.types,它被软件包 httpd-2.4.6-40.el7.centos.4.x86_64 需要
—> 软件包 telnet-server.x86_64.1.0.17-59.el7 将被 安装
–> 正在检查事务
—> 软件包 httpd-tools.x86_64.0.2.4.6-40.el7.centos.4 将被 安装
—> 软件包 mailcap.noarch.0.2.1.41-2.el7 将被 安装
–> 解决依赖关系完成
依赖关系解决
============================================================================================
Package 架构 版本 源 大小
============================================================================================
正在安装:
httpd x86_64 2.4.6-40.el7.centos.4 updates 2.7 M
telnet-server x86_64 1:0.17-59.el7 base 40 k
为依赖而安装:
httpd-tools x86_64 2.4.6-40.el7.centos.4 updates 83 k
mailcap noarch 2.1.41-2.el7 base 31 k
事务概要
============================================================================================
安装 2 软件包 (+2 依赖软件包)
总下载量:2.8 M
安装大小:9.6 M
Downloading packages:
头V3 RSA/SHA256 Signature, 密钥 ID f4a80eb5: NOKEY
httpd-tools-2.4.6-40.el7.centos.4.x86_64.rpm 的公钥尚未安装
(1/4): httpd-tools-2.4.6-40.el7.centos.4.x86_64.rpm | 83 kB 00:00:00
(2/4): httpd-2.4.6-40.el7.centos.4.x86_64.rpm | 2.7 MB 00:00:00
mailcap-2.1.41-2.el7.noarch.rpm 的公钥尚未安装=========== ] 0.0 B/s | 2.8 MB –:–:– ETA
(3/4): mailcap-2.1.41-2.el7.noarch.rpm | 31 kB 00:00:00
(4/4): telnet-server-0.17-59.el7.x86_64.rpm | 40 kB 00:00:00
——————————————————————————————–
总计 1.5 MB/s | 2.8 MB 00:00:01
从 file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 检索密钥
导入 GPG key 0xF4A80EB5:
用户ID : "CentOS-7 Key (CentOS 7 Official Signing Key) <security@centos.org>"
指纹 : 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5
软件包 : centos-release-7-2.1511.el7.centos.2.10.x86_64 (@anaconda)
来自 : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
正在安装 : mailcap-2.1.41-2.el7.noarch 1/4
正在安装 : httpd-tools-2.4.6-40.el7.centos.4.x86_64 2/4
正在安装 : httpd-2.4.6-40.el7.centos.4.x86_64 3/4
正在安装 : 1:telnet-server-0.17-59.el7.x86_64 4/4
验证中 : httpd-tools-2.4.6-40.el7.centos.4.x86_64 1/4
验证中 : 1:telnet-server-0.17-59.el7.x86_64 2/4
验证中 : mailcap-2.1.41-2.el7.noarch 3/4
验证中 : httpd-2.4.6-40.el7.centos.4.x86_64 4/4
已安装:
httpd.x86_64 0:2.4.6-40.el7.centos.4 telnet-server.x86_64 1:0.17-59.el7
作为依赖被安装:
httpd-tools.x86_64 0:2.4.6-40.el7.centos.4 mailcap.noarch 0:2.1.41-2.el7
完毕!
[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-eno33554976 lvs的nat方式,RS的网关必须执行DS的内部ip,此次试验为192.168.150.137
[root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-eno33554976
TYPE=Ethernet
DEFROUTE=yes
PEERDNS=yes
PEERROUTES=yes
IPV4_FAILURE_FATAL=no
IPADDR=192.168.150.138
NETMASK=255.255.255.0
GATEWAY=192.168.150.137
DNS1=192.168.150.2
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_PEERDNS=yes
IPV6_PEERROUTES=yes
IPV6_FAILURE_FATAL=no
NAME=eno33554976
UUID=b457f2cf-086d-48ef-81e7-2baa2a828c90
DEVICE=eno33554976
ONBOOT=yes
[root@localhost ~]# systemctl restart network.service
[root@localhost ~]# ip addr list
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
00
link/ether 00:0c:29:1e:b6:ec brd ff:ff:ff:ff:ff:ff
inet 192.168.150.138/24 brd 192.168.150.255 scope global eno33554976
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe1e:b6ec/64 scope link
valid_lft forever preferred_lft forever
[root@localhost ~]# ip route list
default via 192.168.150.137 dev eno33554976 proto static metric 100
192.168.150.0/24 dev eno33554976 proto kernel scope link src 192.168.150.138 metric 100
[root@localhost ~]# ping 192.168.150.137
PING 192.168.150.137 (192.168.150.137) 56(84) bytes of data.
64 bytes from 192.168.150.137: icmp_seq=1 ttl=64 time=0.772 ms
^C
— 192.168.150.137 ping statistics —
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.772/0.772/0.772/0.000 ms
[root@localhost ~]# vim /var/www/html/index.html
[root@localhost ~]# cat /var/www/html/index.html
<h1>RS1</h1>
[root@localhost ~]# systemctl start httpd.service
[root@localhost ~]# ss -tnl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 :::80 :::*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
[END] 2016/11/30 22:52:35
RS2:
[BEGIN] 2016/11/30 21:47:23
[root@localhost ~]# ifconfig
eno33554976: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.150.139 netmask 255.255.255.0 broadcast 192.168.150.255
inet6 fe80::20c:29ff:fe7c:2ca9 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:7c:2c:a9 txqueuelen 1000 (Ethernet)
RX packets 179 bytes 19733 (19.2 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 76 bytes 9965 (9.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 0 (Local Loopback)
RX packets 4 bytes 352 (352.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 4 bytes 352 (352.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@localhost ~]# yum -y install httpd telnet-server
已加载插件:fastestmirror
Repodata is over 2 weeks old. Install yum-cron? Or run: yum makecache fast
base | 3.6 kB 00:00:00
epel | 4.3 kB 00:00:00
extras | 3.4 kB 00:00:00
local | 3.6 kB 00:00:00
updates | 3.4 kB 00:00:00
(1/2): epel/updateinfo | 677 kB 00:00:01
(2/2): epel/primary_db | 4.4 MB 00:00:05
Determining fastest mirrors
* base: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
正在解决依赖关系
–> 正在检查事务
—> 软件包 httpd.x86_64.0.2.4.6-40.el7.centos.4 将被 安装
os.4.x86_64 需要
–> 正在处理依赖关系 /etc/mime.types,它被软件包 httpd-2.4.6-40.el7.centos.4.x86_64 需要
—> 软件包 telnet-server.x86_64.1.0.17-59.el7 将被 安装
–> 正在检查事务
—> 软件包 httpd-tools.x86_64.0.2.4.6-40.el7.centos.4 将被 安装
—> 软件包 mailcap.noarch.0.2.1.41-2.el7 将被 安装
–> 解决依赖关系完成
依赖关系解决
============================================================================================
Package 架构 版本 源 大小
============================================================================================
正在安装:
httpd x86_64 2.4.6-40.el7.centos.4 updates 2.7 M
telnet-server x86_64 1:0.17-59.el7 base 40 k
为依赖而安装:
httpd-tools x86_64 2.4.6-40.el7.centos.4 updates 83 k
mailcap noarch 2.1.41-2.el7 base 31 k
事务概要
============================================================================================
安装 2 软件包 (+2 依赖软件包)
总下载量:2.8 M
安装大小:9.6 M
Downloading packages:
RSA/SHA256 Signature, 密钥 ID f4a80eb5: NOKEY
httpd-2.4.6-40.el7.centos.4.x86_64.rpm 的公钥尚未安装
(1/4): httpd-2.4.6-40.el7.centos.4.x86_64.rpm | 2.7 MB 00:00:00
(2/4): httpd-tools-2.4.6-40.el7.centos.4.x86_64.rpm | 83 kB 00:00:00
telnet-server-0.17-59.el7.x86_64.rpm 的公钥尚未安装====== ] 0.0 B/s | 2.8 MB –:–:– ETA
(3/4): telnet-server-0.17-59.el7.x86_64.rpm | 40 kB 00:00:00
(4/4): mailcap-2.1.41-2.el7.noarch.rpm | 31 kB 00:00:00
——————————————————————————————–
总计 1.7 MB/s | 2.8 MB 00:00:01
从 file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 检索密钥
导入 GPG key 0xF4A80EB5:
用户ID : "CentOS-7 Key (CentOS 7 Official Signing Key) <security@centos.org>"
指纹 : 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5
软件包 : centos-release-7-2.1511.el7.centos.2.10.x86_64 (@anaconda)
来自 : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
正在安装 : mailcap-2.1.41-2.el7.noarch 1/4
正在安装 : httpd-tools-2.4.6-40.el7.centos.4.x86_64 2/4
正在安装 : httpd-2.4.6-40.el7.centos.4.x86_64 3/4
正在安装 : 1:telnet-server-0.17-59.el7.x86_64 4/4
验证中 : httpd-tools-2.4.6-40.el7.centos.4.x86_64 1/4
验证中 : 1:telnet-server-0.17-59.el7.x86_64 2/4
验证中 : mailcap-2.1.41-2.el7.noarch 3/4
验证中 : httpd-2.4.6-40.el7.centos.4.x86_64 4/4
已安装:
httpd.x86_64 0:2.4.6-40.el7.centos.4 telnet-server.x86_64 1:0.17-59.el7
作为依赖被安装:
httpd-tools.x86_64 0:2.4.6-40.el7.centos.4 mailcap.noarch 0:2.1.41-2.el7
完毕!
[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-eno33554976
[root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-eno33554976
TYPE=Ethernet
DEFROUTE=yes
PEERDNS=yes
PEERROUTES=yes
IPV4_FAILURE_FATAL=no
IPADDR=192.168.150.139
NETMASK=255.255.255.0
GATEWAY=192.168.150.137
DNS1=192.168.150.2
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_PEERDNS=yes
IPV6_PEERROUTES=yes
IPV6_FAILURE_FATAL=no
NAME=eno33554976
UUID=b457f2cf-086d-48ef-81e7-2baa2a828c90
DEVICE=eno33554976
ONBOOT=yes
[root@localhost ~]# systemctl restart network.service
[root@localhost ~]# ip addr list
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
00
link/ether 00:0c:29:7c:2c:a9 brd ff:ff:ff:ff:ff:ff
inet 192.168.150.139/24 brd 192.168.150.255 scope global eno33554976
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe7c:2ca9/64 scope link
valid_lft forever preferred_lft forever
[root@localhost ~]# ip route list
default via 192.168.150.137 dev eno33554976 proto static metric 100
192.168.150.0/24 dev eno33554976 proto kernel scope link src 192.168.150.139 metric 100
[root@localhost ~]# ping 192.168.150.137
PING 192.168.150.137 (192.168.150.137) 56(84) bytes of data.
64 bytes from 192.168.150.137: icmp_seq=1 ttl=64 time=0.516 ms
^C
— 192.168.150.137 ping statistics —
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.516/0.516/0.516/0.000 ms
[root@localhost ~]# vim /var/www/html/index.html
[root@localhost ~]# cat /var/www/html/index.html
<h1>RS2</h1>
[root@localhost ~]# systemctl start httpd.service
[root@localhost ~]# ss -tnl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 :::80 :::*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
[END] 2016/11/30 22:52:38
-
lvs-dr
lvs-dr:direct routing
通过修改请求报文的MAC地址进行转发;IP首部不会发生变化(源IP为CIP,目标IP始终为VIP);
通过为请求报文的重新封装一个MAC首部进行转发,元MAC是DIP所在接口的MAC,目标MAC是挑选出某RS的RIP所在接口的MAC地址;IP首部不会发生变化(CIP<–>VIP)
(1) 确保前端路由器将目标IP为VIP的请求报文一定会发送给Director;
解决方案:
在路由器上静态绑定VIP和Director的MAC地址;
禁止RS响应VIP的ARP请求,禁止RS的VIP进行通告;
(a) arptables;
(b) 修改各RS的内核参数,并把VIP配置在特定的接口上lo实现禁止其响应;
arp_ignore,arp_announce
(2) RS的RIP可以使用私有地址,也可以使用公网地址;
(3) RS跟Director必须在同一物理网络中;
(4) 请求报文必须由Director调度,但响应报文必须不能经由Director;
(5) 不支持端口映射;
(6) 各RS可以使用大多数的OS;
在各主机(Director,RS)均需要配置VIP;因此,要解决地址冲突的问题,目标是让各RS上的VIP不可见,仅用接收目标地址为VIP的报文,同时可作为响应报文的源地址;
(1)在前端的网关接口上静态绑定;
(2)在各RS上使用arptables;
(3)在各RS上修改内核参数,来显示arp响应和通告;
限制响应级别:arp_ignore
0:使用本地任意接口上配置的地址进行响应;
1:仅在请求的目标IP配置在本地主机的接收报文的接口上时才给予响应
2-8
限制通告级别:arp_announce
0:默认,把本机所有接口信息向每个接口通告
1:尽量避免向非本网络通告;
2:总是避免;
设计要点:
(1):各主机一个接口即可,但需要在同一物理网络中;
(2):rip的网管不能指向dip;rip和dip通常应该在同一网络,但此二者未必会与vip在同一网络;
(3):各rs需要先设置内核参数,再设置vip和路由;
Director:
# ifconfig INTERFACE_ALIAS $vip netmask 255.255.255.255 broadcast $vip up
#
定义集群服务及服务上的RS;
RealServer:
内核参数:
# echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
# echo 2 > /proc/sys/net/ipv4/conf/all/arp_annouce
# echo 1 > /proc/sys/net/ipv4/conf/INTERFACE/arp_ignore
# echo 2 > /proc/sys/net/ipv4/conf/INTERFACE/arp_annouce
注意:INTERFACE为你的物理接口;
# ifconfig lo:0 $vip netmask 255.255.255.255 broadcast $vip up
# route add -host $vip dev lo:0
实验拓扑:
DS一张网卡两个地址:192.168.150.137 DIP,192.168.150.131 VIP
RS1地址:192.168.150.138 RIP
RS2地址:192.168.150.139 RIP
DS配置及说明:
[BEGIN] 2016/11/30 23:08:56
[root@localhost ~]# ipvsadm -C
[root@localhost ~]# ping 192.168.150.138
PING 192.168.150.138 (192.168.150.138) 56(84) bytes of data.
64 bytes from 192.168.150.138: icmp_seq=1 ttl=64 time=0.488 ms
^C
— 192.168.150.138 ping statistics —
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.488/0.488/0.488/0.000 ms
[root@localhost ~]# ping 192.168.150.139
PING 192.168.150.139 (192.168.150.139) 56(84) bytes of data.
64 bytes from 192.168.150.139: icmp_seq=1 ttl=64 time=0.676 ms
^C
— 192.168.150.139 ping statistics —
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.676/0.676/0.676/0.000 ms
[root@localhost ~]# ifconfig
eno16777752: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
ether 00:0c:29:87:41:f3 txqueuelen 1000 (Ethernet)
RX packets 284 bytes 36266 (35.4 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 113 bytes 17679 (17.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eno33554976: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.150.137 netmask 255.255.255.0 broadcast 192.168.150.255
inet6 fe80::20c:29ff:fe87:41fd prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:87:41:fd txqueuelen 1000 (Ethernet)
RX packets 8906 bytes 6016519 (5.7 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 4604 bytes 475486 (464.3 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 0 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@localhost ~]# ip addr add 192.168.150.131/24 dev eno33554976 在同一网卡上配置了192.168.150.131作为VIP
[root@localhost ~]# ip addr l
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eno16777752: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN qlen 1000
link/ether 00:0c:29:87:41:f3 brd ff:ff:ff:ff:ff:ff
3: eno33554976: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:87:41:fd brd ff:ff:ff:ff:ff:ff
inet 192.168.150.137/24 brd 192.168.150.255 scope global eno33554976
valid_lft forever preferred_lft forever
inet 192.168.150.131/24 scope global secondary eno33554976
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe87:41fd/64 scope link
valid_lft forever preferred_lft forever
[root@localhost ~]# ip addr del 192.168.150.131/24 dev eno33554976
[root@localhost ~]# ip addr l
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eno16777752: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN qlen 1000
link/ether 00:0c:29:87:41:f3 brd ff:ff:ff:ff:ff:ff
3: eno33554976: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:87:41:fd brd ff:ff:ff:ff:ff:ff
inet 192.168.150.137/24 brd 192.168.150.255 scope global eno33554976
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe87:41fd/64 scope link
valid_lft forever preferred_lft forever
[root@localhost ~]# ifconfig
eno16777752: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
ether 00:0c:29:87:41:f3 txqueuelen 1000 (Ethernet)
RX packets 284 bytes 36266 (35.4 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 113 bytes 17679 (17.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eno33554976: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.150.137 netmask 255.255.255.0 broadcast 192.168.150.255
inet6 fe80::20c:29ff:fe87:41fd prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:87:41:fd txqueuelen 1000 (Ethernet)
RX packets 9364 bytes 6054581 (5.7 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 4855 bytes 504970 (493.1 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eno33554976:0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 VIP地址子网掩码设置为255.255.255.255,并将广播地址设置为本身,禁止广播
inet 192.168.150.131 netmask 255.255.255.255 broadcast 192.168.150.131
ether 00:0c:29:87:41:fd txqueuelen 1000 (Ethernet)
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 0 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@localhost ~]# ipvsadm -C
[root@localhost ~]# ipvsadm -A -t 192.168.150.131 -s rr
Zero port specified for non-persistent service
[root@localhost ~]# ipvsadm -A -t 192.168.150.131:80 -s rr
[root@localhost ~]# ipvsadm -a -t 192.168.150.131:80 -r 192.168.150.138 -g -w 1 -g即指定gateway(默认模式)LVS方式为DR
[root@localhost ~]# ipvsadm -a -t 192.168.150.131:80 -r 192.168.150.139 -g -w 2
[root@localhost ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.150.131:80 rr
-> 192.168.150.138:80 Route 1 0 0
-> 192.168.150.139:80 Route 2 0 0
模拟客户机进行http访问结果:
[root@localhost ~]# curl http://192.168.150.131
<h1>RS1</h1>
[root@localhost ~]# curl http://192.168.150.131
<h1>RS2</h1>
[root@localhost ~]# curl http://192.168.150.131
<h1>RS1</h1>
[root@localhost ~]# curl http://192.168.150.131
<h1>RS2</h1>
此时本网络内的arp表 arp将192.168.150.131指向的mac地址肯定是DS中的mac
arp -a
接口: 192.168.150.1 — 0xb
Internet 地址 物理地址 类型
192.168.150.131 00-0c-29-87-41-fd 动态
192.168.150.137 00-0c-29-87-41-fd 动态
192.168.150.138 00-0c-29-1e-b6-ec 动态
192.168.150.139 00-0c-29-7c-2c-a9 动态
192.168.150.255 ff-ff-ff-ff-ff-ff 静态
224.0.0.2 01-00-5e-00-00-02 静态
224.0.0.22 01-00-5e-00-00-16 静态
224.0.0.252 01-00-5e-00-00-fc 静态
239.255.255.250 01-00-5e-7f-ff-fa 静态
RS的配置及说明:
RS1:
[BEGIN] 2016/11/30 23:10:53
[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-eno33554976 编辑网络,网关无需指向DS
[root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-eno33554976
TYPE=Ethernet
DEFROUTE=yes
PEERDNS=yes
PEERROUTES=yes
IPV4_FAILURE_FATAL=no
IPADDR=192.168.150.138
NETMASK=255.255.255.0
GATEWAY=192.168.150.2
DNS1=192.168.150.2
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_PEERDNS=yes
IPV6_PEERROUTES=yes
IPV6_FAILURE_FATAL=no
NAME=eno33554976
UUID=b457f2cf-086d-48ef-81e7-2baa2a828c90
DEVICE=eno33554976
ONBOOT=yes
[root@localhost ~]# systemctl restart network.service
[root@localhost ~]# ip addr list
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eno33554976: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:1e:b6:ec brd ff:ff:ff:ff:ff:ff
inet 192.168.150.138/24 brd 192.168.150.255 scope global eno33554976
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe1e:b6ec/64 scope link
valid_lft forever preferred_lft forever
[root@localhost ~]# ip route
default via 192.168.150.2 dev eno33554976 proto static metric 100
192.168.150.0/24 dev eno33554976 proto kernel scope link src 192.168.150.138 metric 100
[root@localhost ~]# ls
anaconda-ks.cfg skp.sh
[root@localhost ~]# cat skp.sh 编辑内核修改脚本,关闭内核中的arp响应及通告
#!/bin/bash
#
case $1 in
start)
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
;;
stop)
echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce
;;
esac
[root@localhost ~]# ./skp.sh start
[root@localhost ~]# scp skp.sh root@192.168.150.139:/root 拷贝脚本至RS2并执行
The authenticity of host '192.168.150.139 (192.168.150.139)' can't be established.
ECDSA key fingerprint is 2a:e3:03:52:8c:84:02:59:a2:26:a3:b2:f6:74:6c:3c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.150.139' (ECDSA) to the list of known hosts.
root@192.168.150.139's password:
skp.sh 100% 438 0.4KB/s 00:00
[root@localhost ~]# cat /proc/sys/net/ipv4/conf/lo/arp_announce 内核参数确认
2
[root@localhost ~]# ifconfig lo:0 192.168.150.131 netmask 255.255.255.255 broadcast 192.168.150.131 添加lo网卡的网络地址为VIP地址,并将广播地址设置为自己,静止广播
[root@localhost ~]# route add -host 192.168.150.131 dev lo:0 本地路由条目添加,经由此主机的地址出站报文均通告192.168.150.131
[root@localhost ~]# ifconfig
eno33554976: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.150.138 netmask 255.255.255.0 broadcast 192.168.150.255
inet6 fe80::20c:29ff:fe1e:b6ec prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:1e:b6:ec txqueuelen 1000 (Ethernet)
RX packets 7876 bytes 8797152 (8.3 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3443 bytes 292668 (285.8 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 0 (Local Loopback)
RX packets 8 bytes 704 (704.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 8 bytes 704 (704.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo:0: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 192.168.150.131 netmask 255.255.255.255
loop txqueuelen 0 (Local Loopback)
[root@localhost ~]# iptables -nL
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
[root@localhost ~]# ss -tnl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 :::80 :::*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
[root@localhost ~]# ifconfig
eno33554976: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.150.138 netmask 255.255.255.0 broadcast 192.168.150.255
inet6 fe80::20c:29ff:fe1e:b6ec prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:1e:b6:ec txqueuelen 1000 (Ethernet)
RX packets 8007 bytes 8808139 (8.4 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3519 bytes 301730 (294.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 0 (Local Loopback)
RX packets 8 bytes 704 (704.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 8 bytes 704 (704.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo:0: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 192.168.150.131 netmask 255.255.255.255
loop txqueuelen 0 (Local Loopback)
[END] 2016/12/1 0:03:24
RS2:
[BEGIN] 2016/11/30 23:11:32
[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-eno33554976
[root@localhost ~]#
[root@localhost ~]#
[root@localhost ~]#
[root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-eno33554976
TYPE=Ethernet
DEFROUTE=yes
PEERDNS=yes
PEERROUTES=yes
IPV4_FAILURE_FATAL=no
IPADDR=192.168.150.139
NETMASK=255.255.255.0
GATEWAY=192.168.150.2
DNS1=192.168.150.2
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_PEERDNS=yes
IPV6_PEERROUTES=yes
IPV6_FAILURE_FATAL=no
NAME=eno33554976
UUID=b457f2cf-086d-48ef-81e7-2baa2a828c90
DEVICE=eno33554976
ONBOOT=yes
[root@localhost ~]# systemctl restart network.service
[root@localhost ~]# ip addr list
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eno33554976: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:7c:2c:a9 brd ff:ff:ff:ff:ff:ff
inet 192.168.150.139/24 brd 192.168.150.255 scope global eno33554976
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe7c:2ca9/64 scope link
valid_lft forever preferred_lft forever
[root@localhost ~]# ip route
default via 192.168.150.2 dev eno33554976 proto static metric 100
192.168.150.0/24 dev eno33554976 proto kernel scope link src 192.168.150.139 metric 100
[root@localhost ~]# ls
anaconda-ks.cfg skp.sh
[root@localhost ~]# ./skp.sh start
[root@localhost ~]# cat /proc/sys/net/ipv4/conf/lo/arp_
arp_accept arp_announce arp_filter arp_ignore arp_notify
[root@localhost ~]# cat /proc/sys/net/ipv4/conf/lo/arp_
arp_accept arp_announce arp_filter arp_ignore arp_notify
[root@localhost ~]# cat /proc/sys/net/ipv4/conf/lo/arp_ignore
1
[root@localhost ~]# ifconfig lo:0 192.168.150.131 netmask 255.255.255.255 broadcast 192.168.150.131
[root@localhost ~]# route add -host 192.168.150.131 dev lo:0
[root@localhost ~]# ifconfig
eno33554976: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.150.139 netmask 255.255.255.0 broadcast 192.168.150.255
inet6 fe80::20c:29ff:fe7c:2ca9 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:7c:2c:a9 txqueuelen 1000 (Ethernet)
RX packets 7678 bytes 8904160 (8.4 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3082 bytes 265852 (259.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 0 (Local Loopback)
RX packets 20 bytes 1760 (1.7 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 20 bytes 1760 (1.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo:0: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 192.168.150.131 netmask 255.255.255.255
loop txqueuelen 0 (Local Loopback)
[END] 2016/12/1 0:03:29
原创文章,作者:N23-苏州-void,如若转载,请注明出处:http://www.178linux.com/61777
评论列表(1条)
总结的比较详细,能给出物理拓扑会比较好,另外lvs nat和lvs dr模式分别用在什么场景能说明白会更好~继续加油