Technology sharing

LVS-DR botrus

2024-07-08

한어Русский языкEnglishFrançaisIndonesianSanskrit日本語DeutschPortuguêsΕλληνικάespañolItalianoSuomalainenLatina

LVS-DR botrus

LVS-DR (Director Server Linux Virtualis Servo) modus operandi modus est frequentissimus modus operandi in ambitus productionis.

LVS-DR opus principium

In LVS-DR modo, Director Servo ut accessus introitus botri inservit et porta non adhibetur. Nodus DirectorServer et Verus Servo in retis eiusdem esse oportet, et notitia ad clientem reversa ire non indiget per Directorem Serv. Ut respondeatur accessus ad botrum totius, tam Directore Servo quam Verus Servo configurari debet cum inscriptionibus VIP.

LVS-DR fluxus fasciculus analysis

Quomodo Dr modus operatur

  1. Cliens petitionem mittit ad Directorem Servo, et fasciculus (source IP est CIP, scopum IP est VIP) spatium nuclei attingit
  2. Director Server and Real Servo in eadem retiaculo sunt, et data transmittitur per tabulatum secundarium data pagina.
  3. Spatium nucleus determinat ut scopum IP fasciculi notitiae localis VIP sit. Hoc tempore, IPVS comparat an servitium quod petitur a fasciculo data sit servitium botrus . Modificare fontem MAC electronicae inscriptionis MAC ad Directoris Servo, destinationem MAC electronicam mutare ad MAC electronicam Veri servientis, fons IP oratio et destinatio IP oratio immutata manent, ac deinde fasciculum notitiarum ad Verum Servum mitte.
  4. Si MAC oratio rogationis nuntium ad Real Servum perveniens, MAC oratio propria est, nuntium recipietur. Notitia fasciculus re-encapsulatus est (fons IP oratio VIP est et destinatio IP est CIP), responsumque nuntius mittitur ad retis corporis per lo interface et deinde emissus est.
  5. Verus Servo directe transmittit responsionem nuntium ad clientem

Features of LVS-DR modus

  • Director Servo et Verus Servo in eadem corporis retia esse debent
  • Verus Servo uti potest inscriptionibus privatis vel inscriptionibus publicis.Si inscriptionem retis publici uteris, directe RIP per Internet accedere potes.
  • Omnes nuntii rogationis per Directorem Servum transeunt, sed responsa responsa per Director Servo transire non possunt.
  • Porta Verus Servo non permittitur monstrare Directori Server IP, id est, data fasciculis per Directorem Servo transire non licet.
  • Lo interface in Verus Servo VIP electronicam conformat

LVS recta routing modus exempli

#配置负载调度器
#配置虚拟IP地址VIP
[root@localhost ~]# cd /etc/sysconfig/network-scripts/
[root@localhost network-scripts]# cp ifcfg-ens33 ifcfg-ens33:0
[root@localhost network-scripts]# vi ifcfg-ens33:0
TYPE=Ethernet
BOOTPROTO=static
NAME=ens33:0
DEVICE=ens33:0
ONBOOT=yes
IPADDR=192.168.10.172
NETMASK=255.255.255.0
[root@localhost network-scripts]# systemctl restart network
#调整内核参数,禁止转发重定向报文由于 LVS 负载调度器和各节点需要共用 VIP 地址,应该关闭Linux 内核的重定向
[root@localhost ~]# vi /etc/sysctl.conf
#调整内核参数
net.ipv4.conf.all.send_redirects = 0 #重定向禁止
net.ipv4.conf.default.send_redirects = 0 #默认禁止网卡重定向
net.ipv4.conf.ens33.send_redirects = 0    #指定网卡禁止重定向
[root@localhost ~]# sysctl -p
#配置负载分配策略
[root@localhost ~]#yum -y install ipvsadm
[root@localhost ~]#ipvsadm -v           \查看版本
[root@localhost ~]# setenforce 0
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]#ipvsadm -C
[root@localhost ~]# ipvsadm -A -t 192.168.10.172:80 -s wrr
[root@localhost ~]# ipvsadm -a -t 192.168.10.172:80 -r 192.168.10.102 -g -w 1
[root@localhost ~]# ipvsadm -a -t 192.168.10.172:80 -r 192.168.10.103 -g -w 1
[root@localhost ~]# ipvsadm-save
-A -t localhost.localdomain:http -s rr
-a -t localhost.localdomain:http -r 192.168.10.102:http -g -w 1
-a -t localhost.localdomain:http -r 192.168.10.103:http -g -w 2
[root@localhost ~]# systemctl enable ipvsadm
-g:直接路由模式
#配置web节点服务器
#配置虚拟ip地址VIP
[root@localhost ~]# setenforce 0
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]#cd /etc/sysconfig/network-scripts/
[root@localhost network-scripts]# cp ifcfg-lo ifcfg-lo:0
[root@localhost network-scripts]# vi ifcfg-lo:0
#修改
DEVICE=lo:0
NETMASK=255.255.255.255           子网掩码必须为255.255.255.255
IPADDR=192.168.10.172
ONBOOT=yes
[root@localhost network-scripts]# systemctl restart network
[root@localhost network-scripts]# ifconfig
[root@localhost network-scripts]# cd 
[root@localhost ~]# vi /etc/rc.local
#添加
/sbin/route add -host 192.168.10.172 dev lo:0
[root@localhost ~]# route add -host 192.168.10.172 dev lo:0
#调整内核参数
[root@localhost ~]# vi /etc/sysctl.conf
#添加
net.ipv4.conf.all.arp_ignore = 1 #忽略arp请求
net.ipv4.conf.default.arp_ignore = 1
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.lo.arp_announce = 2
[root@localhost ~]# sysctl -p
#安装httpd创建测试网页
[root@localhost ~]# yum -y install httpd
[root@localhost ~]# yum install nfs-utils
[root@localhost ~]# mount 192.168.10.104:/opt/wwwroot /var/www/html
[root@localhost ~]#vi /var/www/html/index.html

个人简介

潜心研究技术三十余年,精通java、linux、javascript、php、css、等等各种语言,在开源领域有诸多贡献,建立开发者文档站,将一些技术开发中的问题分享出来,以供大家查阅

我的联系方式

邮箱