linux系统构架 - LB集群之LVS的NAT

1.环境说明

三台服务器，一台叫dir，两台叫rs1和rs2 （director 和 real server）

dir外网ip：192.168.192.129  内网ip：192.168.1.114

rs1内网ip：192.168.1.116　　

rs2内网ip：192.168.1.115

2.安装和配置

dir

 yum install -y ipvsadm

rs1 rs2

wget www.lishiming.net/data/attachment/forum/epel-release-6-8_64.noarch.rpm

rpm -ivh epel-release-6-8_64.noarch.rpm

 yum install -y nginx

dir

 vim /usr/local/sbin/lvs_nat.sh

#! /bin/bash
# director 服务器上开启路由转发功能:
echo 1 > /proc/sys/net/ipv4/ip_forward
# 关闭 icmp 的重定向
echo 0 > /proc/sys/net/ipv4/conf/all/send_redirects
echo 0 > /proc/sys/net/ipv4/conf/default/send_redirects
echo 0 > /proc/sys/net/ipv4/conf/eth0/send_redirects
echo 0 > /proc/sys/net/ipv4/conf/eth1/send_redirects
# director 设置 nat 防火墙
iptables -t nat -F
iptables -t nat -X
iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -j MASQUERADE
# director 设置 ipvsadm
IPVSADM='/sbin/ipvsadm'
$IPVSADM -C
$IPVSADM -A -t 192.168.192.129:80 -s rr
$IPVSADM -a -t 192.168.192.129:80 -r 192.168.1.116:80 -m
$IPVSADM -a -t 192.168.192.129:80 -r 192.168.1.115:80 -m

$IPVSADM -A -t 192.168.192.129:80 -s rr  //-A-t 增加director  -s算法 
$IPVSADM -a -t 192.168.192.129:80 -r 192.168.1.116:80 -m  //-a-t增加real_server -r  real_server -m MASQUERADE 用nat必须用-m    -w 1 权重 

iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -j MASQUERADE // 规则 -t针对nat表 -A POSTROUTING链 -s从192.168.1这个网段来的包 -j MASQUERADE伪装

sh /usr/local/sbin/lvs_nat.sh

ipvsadm -ln

rs1，rs2

 vi /etc/sysconfig/network-scripts/ifcfg-eth0

GATEWAY=192.168.11.164

ifdown eth0; ifup eth0

启动rs1的nginx

/etc/init.d/nginx start

rs2默认启动

访问外网ip，第一次请求到了rs2，刷新变成rs1

 （一次1 一次2）

 

curl 192.168.192.129

 

$IPVSADM -A -t 192.168.192.129:80 -s wrr
$IPVSADM -a -t 192.168.192.129:80 -r 192.168.1.116:80 -m  -w 2
$IPVSADM -a -t 192.168.192.129:80 -r 192.168.1.115:80 -m   -w 1

两次1 一次2