Mysql+Mycat+NFS+Rsync+LVS+DNS+IPtables综合实验
1、环境准备
服务器 | IP地址 | 作用 | 系统版本 |
---|---|---|---|
Mysql-master | eth0:10.0.0.58 | 主数据库 | Rocky8.6 |
Mysql-slave1 | eth0:10.0.0.68 | 备数据库 | Rocky8.6 |
Mysql-slave2 | eth0:10.0.0.78 | 备数据库 | Rocky8.6 |
Mycat | eth0:10.0.0.48 | 数据库读写分离 | Rocky8.6 |
nfs-data | eth0:10.0.0.105 | nfs服务器 | Ubuntu2004 |
nfs-backup | eth0:10.0.0.106 | rsync服务器 | Ubuntu2004 |
shopxo1 | eth0:10.0.0.8 tunl0:10.0.0.200 GW:10.0.0.108 | shopxo1网站 | Rocky8.6 |
shopxo2 | eth0:10.0.0.18 tunl0:10.0.0.200 GW:10.0.0.108 | shopxo1备份网站 | Rocky8.6 |
wordpress1 | eth0:10.0.0.28 unl0:10.0.0.201 GW:10.0.0.108 | wordpress网站 | Rocky8.6 |
wordpress1 | eth0:10.0.0.38 unl0:10.0.0.201 GW:10.0.0.108 | wordpress备份网站 | Rocky8.6 |
LVS-shopxo | eth0:10.0.0.88 tunl0:10.0.0.200 GW:10.0.0.108 | LVS负载shopxo | Rocky8.6 |
LVS-wordpress | eth0:10.0.0.98 tunl0:10.0.0.201 GW:10.0.0.108 | LVS负载wordpress | Rocky8.6 |
shopxo1 | eth0:10.0.0.8 | shopxo1网站 | Rocky8.6 |
shopxo2 | eth0:10.0.0.18 | shopxo1备份网站 | Rocky8.6 |
firewalld | eth0:10.0.0.108 eth1:192.168.0.200 eth1:1 192.168.0.201 | 防火墙 | Rocky8.6 |
client Router | eth0:192.168.0.88 eth1: 192.168.10.88 | 客户端路由器 | Ubuntu2004 |
DNS | eth0:192.168.10.100 | 域名解析 | Ubuntu2004 |
client | eth0:192.168.10.11 | 测试访问网站 | Windows10 |
2、搭建Mysql组复制高可用集群
# mysql-master (10.0.0.58):
[root@mysql-master ~]# yum install mysql-server -y
[root@mysql-master ~]# vim /etc/hosts
10.0.0.58 master.wang.org
10.0.0.68 slave1.wang.org
10.0.0.78 slave2.wang.org
[root@mysql-master ~]# scp /etc/hosts root@10.0.0.68:/etc/hosts
[root@mysql-master ~]# scp /etc/hosts root@10.0.0.78:/etc/hosts
[root@mysql-master ~]# vim /etc/my.cnf.d/mysql-server.cnf
[mysqld]
server-id=58
gtid_mode=ON
enforce_gtid_consistency
log-bin
default_authentication_plugin=mysql_native_password
binlog_checksum=NONE
loose-group_replication_group_name="635e795e-bbd7-4692-a956-5f7da3a87c3b"
loose-group_replication_start_on_boot=OFF
loose-group_replication_local_address="10.0.0.58:24901"
loose-group_replication_group_seeds="10.0.0.58:24901,10.0.0.68:24901.10.0.0.78:24901"
loose-group_replication_bootstrap_group=OFF
loose-group_replication_recovery_use_ssl=ON
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
log-error=/var/log/mysql/mysqld.log
pid-file=/run/mysqld/mysqld.pid
[root@mysql-master ~]# scp /etc/my.cnf.d/mysql-server.cnf root@10.0.0.68:/etc/my.cnf.d/
[root@mysql-master ~]# scp /etc/my.cnf.d/mysql-server.cnf root@10.0.0.78:/etc/my.cnf.d/
[root@mysql-master ~]# systemctl restart mysqld.service
[root@mysql-master ~]# mysql
mysql> set sql_log_bin=0;
mysql> create user repluser@'10.0.0.%' identified by '123456';
mysql> grant replication slave on *.* to repluser@'10.0.0.%';
mysql> flush privileges;
mysql> set sql_log_bin=1;
mysql> install plugin group_replication soname 'group_replication.so';
mysql> select * from information_schema.plugins where plugin_name='group_replication'\G
==============================================================
# mysql-slave1 (10.0.0.68):
[root@mysql-slave1 ~]# yum install mysql-server -y
[root@mysql-slave1 ~]# vim /etc/my.cnf.d/mysql-server.cnf
[mysqld]
server-id=68
gtid_mode=ON
enforce_gtid_consistency
log-bin
default_authentication_plugin=mysql_native_password
binlog_checksum=NONE
loose-group_replication_group_name="635e795e-bbd7-4692-a956-5f7da3a87c3b"
loose-group_replication_start_on_boot=OFF
loose-group_replication_local_address="10.0.0.68:24901"
loose-group_replication_group_seeds="10.0.0.58:24901,10.0.0.68:24901.10.0.0.78:24901"
loose-group_replication_bootstrap_group=OFF
loose-group_replication_recovery_use_ssl=ON
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
log-error=/var/log/mysql/mysqld.log
pid-file=/run/mysqld/mysqld.pid
[root@mysql-slave1 ~]# systemctl restart mysqld.service
[root@mysql-slave1 ~]# mysql
mysql> set sql_log_bin=0;
mysql> create user repluser@'10.0.0.%' identified by '123456';
mysql> grant replication slave on *.* to repluser@'10.0.0.%';
mysql> flush privileges;
mysql> set sql_log_bin=1;
mysql> install plugin group_replication soname 'group_replication.so';
==============================================================
# mysql-slave2 (10.0.0.78):
[root@mysql-slave2 ~]# yum install mysql-server -y
[root@mysql-slave2 ~]# vim /etc/my.cnf.d/mysql-server.cnf
[mysqld]
server-id=78
gtid_mode=ON
enforce_gtid_consistency
log-bin
default_authentication_plugin=mysql_native_password
binlog_checksum=NONE
loose-group_replication_group_name="635e795e-bbd7-4692-a956-5f7da3a87c3b"
loose-group_replication_start_on_boot=OFF
loose-group_replication_local_address="10.0.0.78:24901"
loose-group_replication_group_seeds="10.0.0.58:24901,10.0.0.68:24901.10.0.0.78:24901"
loose-group_replication_bootstrap_group=OFF
loose-group_replication_recovery_use_ssl=ON
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
log-error=/var/log/mysql/mysqld.log
pid-file=/run/mysqld/mysqld.pid
[root@mysql-slave2 ~]# systemctl restart mysqld.service
[root@mysql-slave2 ~]# mysql
mysql> set sql_log_bin=0;
mysql> create user repluser@'10.0.0.%' identified by '123456';
mysql> grant replication slave on *.* to repluser@'10.0.0.%';
mysql> flush privileges;
mysql> set sql_log_bin=1;
mysql> install plugin group_replication soname 'group_replication.so';
##mysql-master(10.0.0.58): 启动第一节点
mysql> set global group_replication_bootstrap_group=ON;
mysql> start group_replication;
mysql> set global group_replication_bootstrap_group=OFF;
mysql> select * from performance_schema.replication_group_members;
=================================
## mysql-slave1 (10.0.0.68):
mysql> change master to master_user='repluser',master_password='123456' for channel 'group_replication_recovery';
mysql> start group_replication;
mysql> select * from performance_schema.replication_group_members;
================================
# mysql-slave2 (10.0.0.78):
mysql> change master to master_user='repluser',master_password='123456' for channel 'group_replication_recovery';
mysql> start group_replication;
mysql> select * from performance_schema.replication_group_members;
3、搭建Mycat
# mycat(10.0.0.48):
[root@mycat ~]# yum install -y java
[root@mycat ~]# tar xf Mycat-server-1.6.7.6-release-20220524173810-linux.tar.gz -C /usr/local/
[root@mycat ~]# cd /usr/local/mycat/conf/
[root@mycat conf]# echo 'PATH=/usr/local/mycat/bin:$PATH' > /etc/profile.d/mycat.sh
[root@mycat conf]# . /etc/profile.d/mycat.sh
[root@mycat ~]# vim schema.xml
<?xml version="1.0"?>
<!DOCTYPE mycat:schema SYSTEM "schema.dtd">
<mycat:schema xmlns:mycat="http://io.mycat/">
<schema name="shopxo" checkSQLschema="false" sqlMaxLimit="100" dataNode="dn1">
</schema>
<schema name="wordpress" checkSQLschema="false" sqlMaxLimit="100" dataNode="dn2">
</schema>
<dataNode name="dn1" dataHost="localhost1" database="shopxo" />
<dataNode name="dn2" dataHost="localhost1" database="wordpress" />
<dataHost name="localhost1" maxCon="1000" minCon="10" balance="1"
writeType="0" dbType="mysql" dbDriver="native" switchType="1" slaveThreshold="100">
<heartbeat>select user()</heartbeat>
<writeHost host="host1" url="10.0.0.58:3306" user="wang" password="123456">
<readHost host="host2" url="10.0.0.68:3306" user="wang" password="123456" />
<readHost host="host3" url="10.0.0.78:3306" user="wang" password="123456" />
</writeHost>
</dataHost>
</mycat:schema>
===================================================================
[root@mycat ~]# vim server.xml
...此处省略
<property name="serverPort">3306</property>
...此处省略
<user name="root" defaultAccount="true">
<property name="password">123456</property>
<property name="schemas">shopxo,wordpress</property>
<property name="defaultSchema">shopxo</property>
.......此处省略
<user name="shopxo">
<property name="password">123456</property>
<property name="schemas">shopxo</property>
<property name="defaultSchema">shopxo</property>
....... 此处省略
</user>
<user name="wordpress">
<property name="password">123456</property>
<property name="schemas">wordpress</property>
<property name="defaultSchema">wordpress</property>
</user>
== ====================================================
# 数据库创建用户和数据库(10.0.0.58):
mysql> create database shopxo;
mysql> create database wordpress;
mysql> create user wang@'10.0.0.%' identified by '123456';
mysql> grant all on *.* to wang@'10.0.0.%';
====================================================
[root@mycat conf]# mycat start
4、搭建shopxo
# shopxo1(10.0.0.8):
[root@shopxo1 ~]# wget https://mirrors.tuna.tsinghua.edu.cn/remi/enterprise/remi-release-8.rpm #下载php的清华源
[root@shopxo1 ~]# yum install -y remi-release-8.rpm # 安装清华源
[root@shopxo1 ~]# yum -y install httpd php74 php74-php-fpm php74-php-mysqlnd php74-php-json php74-php-gd php74-php-xml php74-php-pecl-zip php74-php-mbstring
[root@shopxo1 ~]# unzip shopxo-v2.3.0.zip
[root@shopxo1 ~]# mv shopxo-v2.3.0/* /var/www/html
[root@shopxo1 ~]# chown -R apache. /var/www/html
[root@shopxo1 ~]# vim /var/www/html/config/shopxo.sql
:%s/MyISAM/InnoDB/g # 搜索MyISAM替换成InnoDB ENGINE = InnoDB
[root@shopxo1 ~]# systemctl restart httpd
打开浏览器连接数据库,连接Mycat地址10.0.0.48 账号shopxo,密码123456
==========================================================
# shopxo2(10.0.0.18):
[root@shopxo2 ~]# wget https://mirrors.tuna.tsinghua.edu.cn/remi/enterprise/remi-release-8.rpm #下载php的清华源
[root@shopxo2 ~]# yum install -y remi-release-8.rpm # 安装清华源
[root@shopxo2 ~]# yum -y install httpd php74 php74-php-fpm php74-php-mysqlnd php74-php-json php74-php-gd php74-php-xml php74-php-pecl-zip php74-php-mbstring
[root@shopxo2 ~]# unzip shopxo-v2.3.0.zip
[root@shopxo2 ~]# mv shopxo-v2.3.0/* /var/www/html
[root@shopxo2 ~]# chown -R apache. /var/www/html
[root@shopxo2 ~]# vim /var/www/html/config/shopxo.sql
:%s/MyISAM/InnoDB/g # 搜索MyISAM替换成InnoDB ENGINE = InnoDB
[root@shopxo2 ~]# systemctl restart httpd
打开浏览器连接数据库,连接Mycat地址10.0.0.48 账号shopxo,密码123456
5、搭建wordpress
#wordpress1(10.0.0.28):
[root@wordpress1 ~]# yum -y install httpd php php-mysqlnd php-json php74-php-fpm
[root@wordpress1 ~]# tar xf wordpress-6.0.2-zh_CN.tar.gz
[root@wordpress1 ~]# mv wordpress/* /var/www/html
[root@wordpress1 ~]# chown -R apache. /var/www/html
[root@wordpress1 ~]# systemctl restart httpd
打开浏览器连接数据库,连接Mycat地址10.0.0.48 账号wordpress,密码123456
#wordpress2(10.0.0.38):
[root@wordpress2 ~]#yum -y install httpd php php-mysqlnd php-json php74-php-fpm
[root@wordpress2 ~]#tar xf wordpress-6.0.2-zh_CN.tar.gz
[root@wordpress2 ~]#mv wordpress/* /var/www/html/
[root@wordpress2 ~]#chown -R apache. /var/www/html/
[root@wordpress2 ~]# systemctl restart httpd
打开浏览器连接数据库,连接Mycat地址10.0.0.48 账号wordpress,密码123456
6、搭建nfs+rsync
#rsync-backup(10.0.0.106):
[root@rsync-backup ~]#apt install rsync
[root@rsync-backup ~]#vim /etc/rsyncd.conf
uid = root
gid = root
max connections = 0
ignore errors
exclude = lost+found/
log file = /var/log/rsyncd.log
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsyncd.lock
reverse lookup = no
[backup]
path = /data/backup/
comment = backup dir
read only = no
auth users = rsyncuser
secrets file = /etc/rsync.pas
[root@rsync-backup ~]#mkdir -p /data/backup
[root@rsync-backup ~]#echo rsyncuser:123456 > /etc/rsync.pas
[root@rsync-backup ~]#chmod 600 /etc/rsync.pas
[root@rsync-backup ~]#systemctl restart rsync.service
[root@rsync-backup ~]#systemctl status rsync.service
=========================================================================
# rsync-data(10.0.0.105):
[root@rsync-data ~]#apt install -y rsync
[root@rsync-data ~]#tar xf sersync2.5.4_64bit_binary_stable_final.tar.gz -C /usr/local/
[root@rsync-data ~]#cd /usr/local/
[root@rsync-data local]#mv GNU-Linux-x86/ sersync2
[root@rsync-data local]#cd sersync2/
[root@rsync-data sersync2]#vim confxml.xml
<rsync>
<?xml version="1.0" encoding="ISO-8859-1"?>
<head version="2.5">
<host hostip="localhost" port="8008"></host>
<debug start="false"/>
<fileSystem xfs="false"/>
<filter start="false">
<exclude expression="(.*)\.svn"></exclude>
<exclude expression="(.*)\.gz"></exclude>
<exclude expression="^info/*"></exclude>
<exclude expression="^static/*"></exclude>
</filter>
<inotify>
<delete start="true"/>
<createFolder start="true"/>
<createFile start="true"/>
<closeWrite start="true"/>
<moveFrom start="true"/>
<moveTo start="true"/>
<attrib start="true"/>
<modify start="true"/>
</inotify>
<sersync>
<localpath watch="/data/">
<remote ip="10.0.0.106" name="backup"/> #更改为备份服务器的ip地址
<!--<remote ip="192.168.8.39" name="tongbu"/>-->
<!--<remote ip="192.168.8.40" name="tongbu"/>-->
</localpath>
<rsync>
<commonParams params="-artuz"/>
<auth start="true" users="rsyncuser" passwordfile="/etc/rsync.pas"/>
<userDefinedPort start="false" port="874"/><!-- port=874 -->
<timeout start="false" time="100"/><!-- timeout=100 -->
<ssh start="false"/>
</rsync>
<failLog path="/tmp/rsync_fail_log.sh" timeToExecute="60"/><!--default every 60mins execute once-->
<crontab start="false" schedule="600"><!--600mins-->
<crontabfilter start="false">
<exclude expression="*.php"></exclude>
<exclude expression="info/*"></exclude>
</crontabfilter>
</crontab>
<plugin start="false" name="command"/>
</sersync>
<plugin name="command">
<param prefix="/bin/sh" suffix="" ignoreError="true"/> <!--prefix /opt/tongbu/mmm.sh suffix-->
<filter start="false">
<include expression="(.*)\.php"/>
<include expression="(.*)\.sh"/>
</filter>
</plugin>
<plugin name="socket">
<localpath watch="/opt/tongbu">
<deshost ip="192.168.138.20" port="8009"/>
</localpath>
</plugin>
<plugin name="refreshCDN">
<localpath watch="/data0/htdocs/cms.xoyo.com/site/">
<cdninfo domainname="ccms.chinacache.com" port="80" username="xxxx" passwd="xxxx"/>
<sendurl base="http://pic.xoyo.com/cms"/>
<regexurl regex="false" match="cms.xoyo.com/site([/a-zA-Z0-9]*).xoyo.com/images"/>
</localpath>
</plugin>
</head>
[root@rsync-data sersync2]#mkdir -p /data/shopxo
[root@rsync-data sersync2]#mkdir -p /data/wordpress
[root@rsync-data sersync2]#echo 123456 > /etc/rsync.pas
[root@rsync-data sersync2]#chmod 600 /etc/rsync.pas
[root@rsync-data sersync2]#yum install nfs-server
[root@rsync-data sersync2]#vim /etc/exports
/data/shopxo 10.0.0.0/24(rw,all_squash,anonuid=48,anongid=48)
/data/wordpress 10.0.0.0/24(rw,all_squash,anonuid=48,anongid=48)
[root@rsync-data sersync2]#exportfs -r
[root@rsync-data sersync2]#exportfs -v
[root@nfs-data sersync2]#screen
[root@nfs-data sersync2]#./sersync2 -dro ./confxml.xml
7、网站挂载nfs
# shopxo1(10.0.0.8):
[root@shopxo1 ~]# yum install -y nfs-utils
[root@shopxo1 ~]# scp -r /var/www/html/public/static/upload/* 10.0.0.105:/data/shopxo/
================================
#nfs-data(10.0.0.105):
groupadd -g 48 apache
useradd -u 48 -g apache apache
chown -R apache. /data/shopxo/
=================================
# shopxo1(10.0.0.8):
[root@shopxo1 ~]# vim /etc/fstab
10.0.0.105:/data/shopxo /var/www/html/public/static/upload/ nfs _netdev 0 0
[root@shopxo1 ~]# mount -a
[root@shopxo1 ~]# df -h
================================
# shopxo2(10.0.0.18):
[root@shopxo2 ~]# yum install -y nfs-utils
[root@shopxo2 ~]# vim /etc/fstab
10.0.0.105:/data/shopxo /var/www/html/public/static/upload/ nfs _netdev 0 0
[root@shopxo2 ~]# mount -a
# wordpress1 (10.0.0.28):
[root@wordpress1 ~]#yum install -y nfs-utils
[root@wordpress1 ~]# rsync -av /var/www/html/wp-content/* 10.0.0.105:/data/wordpress/
[root@wordpress1 ~]# vim /etc/fstab
10.0.0.105:/data/wordpress /var/www/html/wp-content nfs _netdev 0 0
[root@wordpress1 ~]# mount -a
[root@wordpress1 ~]# df -h
# wordpress2 (10.0.0.38):
[root@wordpress2 ~]#yum install -y nfs-utils
[root@wordpress2 ~]# vim /etc/fstab
10.0.0.105:/data/wordpress /var/www/html/wp-content nfs _netdev 0 0
[root@wordpress2 ~]# mount -a
[root@wordpress2 ~]# df -h
8、搭建LVS
# shopxo1(10.0.0.8):
[root@shopxo1 ~]# ip a a 10.0.0.200/32 dev tunl0
[root@shopxo1 ~]# ip link set up tunl0
[root@shopxo1 ~]# echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
[root@shopxo1 ~]# echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
[root@shopxo1 ~]# echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
[root@shopxo1 ~]# echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
[root@shopxo1 ~]# echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter
[root@shopxo1 ~]# echo 0 > /proc/sys/net/ipv4/conf/tunl0/rp_filter
===================================================================
# shopxo2(10.0.0.18):
[root@shopxo2 ~]# ip a a 10.0.0.200/32 dev tunl0
[root@shopxo2 ~]# ip link set up tunl0
[root@shopxo2 ~]# echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
[root@shopxo2 ~]# echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
[root@shopxo2 ~]# echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
[root@shopxo2 ~]# echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
[root@shopxo2 ~]# echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter
[root@shopxo2 ~]# echo 0 > /proc/sys/net/ipv4/conf/tunl0/rp_filter
====================================================================
# lvs-shopxo (10.0.0.88):
[root@lvs-shopxo ~]# yum install ipvsadm -y
[root@lvs-shopxo ~]# ip a a 10.0.0.200/32 dev tunl0
[root@lvs-shopxo ~]# ip link set up tunl0
[root@lvs-shopxo ~]# lsmod | grep ipip
ipip 16384 0
tunnel4 16384 1 ipip
ip_tunnel 28672 1 ipip
[root@lvs-shopxo ~]# ipvsadm -A -t 10.0.0.200:80 -s wrr
[root@lvs-shopxo ~]# ipvsadm -a -t 10.0.0.200:80 -r 10.0.0.8:80 -i
[root@lvs-shopxo ~]# ipvsadm -a -t 10.0.0.200:80 -r 10.0.0.18:80 -i
# wordpress1 (10.0.0.28):
[root@wordpress1 ~]# ip a a 10.0.0.201 dev tunl0
[root@wordpress1 ~]# ip link set up tunl0
[root@wordpress1 ~]# echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
[root@wordpress1 ~]# echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
[root@wordpress1 ~]# echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
[root@wordpress1 ~]# echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
[root@wordpress1 ~]# echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter
[root@wordpress1 ~]# echo 0 > /proc/sys/net/ipv4/conf/tunl0/rp_filter
======================================================================
# wordpress2 (10.0.0.38):
[root@wordpress2 ~]#ip a a 10.0.0.201 dev tunl0
[root@wordpress2 ~]#ip link set up tunl0
[root@wordpress2 ~]#echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
[root@wordpress2 ~]#echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
[root@wordpress2 ~]#echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
[root@wordpress2 ~]#echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
[root@wordpress2 ~]#echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter
[root@wordpress2 ~]#echo 0 > /proc/sys/net/ipv4/conf/tunl0/rp_filter
========================================================================
# lvs-wordpress (10.0.0.98):
[root@lvs-wordpress ~]# yum install ipvsadm -y
[root@lvs-wordpress ~]# ip a a 10.0.0.201 dev tunl0
[root@lvs-wordpress ~]# ip link set up tunl0
[root@lvs-wordpress ~]# ipvsadm -A -t 10.0.0.201:80 -s wrr
[root@lvs-wordpress ~]# ipvsadm -a -t 10.0.0.201:80 -r 10.0.0.28:80 -i
[root@lvs-wordpress ~]# ipvsadm -a -t 10.0.0.201:80 -r 10.0.0.38:80 -i
[root@lvs-wordpress ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 10.0.0.201:80 wrr
-> 10.0.0.28:80 Tunnel 1 0 0
-> 10.0.0.38:80 Tunnel 1 0 0
9、配置防火墙
# firewalld (10.0.0.108):
[root@firewalld ~]# echo 1 > /proc/sys/net/ipv4/ip_forward
[root@firewalld ~]# iptables -t nat -A PREROUTING -d 192.168.0.200 -p tcp --dport 80 -j DNAT --to-destination 10.0.0.200:80
[root@firewalld ~]# iptables -t nat -A PREROUTING -d 192.168.0.201 -p tcp --dport 80 -j DNAT --to-destination 10.0.0.201:80
[root@firewalld ~]# iptables -t nat -nvL
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
4 240 DNAT tcp -- * * 0.0.0.0/0 192.168.0.200 tcp dpt:80 to:10.0.0.200:80
3 180 DNAT tcp -- * * 0.0.0.0/0 192.168.0.201 tcp dpt:80 to:10.0.0.201:80
10、配置client Router
# client Router(192.168.0.88)
[root@client-router ~]#echo 1 > /proc/sys/net/ipv4/ip_forward
11、配置DNS服务器
# DNS (192.168.10.100):
[root@DNS ~]# apt install -y bind9 bind9-utils
[root@DNS ~]# cd /etc/bind/
[root@DNS bind]# vim /etc/bind/named.conf.options
dnssec-validation no; #取消此行注释
[root@DNS bind]# vim named.conf.default-zones
zone "wang.org" {
type master;
file "/etc/bind/wang.org.zone";
};
[root@DNS bind]# cp db.local wang.org.zone
[root@DNS bind]# vim wang.org.zone
$TTL 604800
@ IN SOA admin admin.wang.org. (
2 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
IN NS admin
admin IN A 192.168.10.100
shopxo IN A 192.168.0.200
wordpress IN A 192.168.0.201
[root@DNS bind]#systemctl restart named.service
[root@DNS bind]#systemctl status bind9.service #查看状态是否报错
[root@DNS bind]#dig @127.1 wordpress.wang.org
12、client测试
windows当做客户端:
1、需改网卡dns:需改dns所在网卡dns和外网dns(我这里是vmnet3 以太网)
2、清除dns缓存
3、ping测试
4、浏览器测试
)
本文来自博客园,作者:大雨转暴雨,转载请注明原文链接:https://www.cnblogs.com/wdy001/p/16685659.html