Mysql+Mycat+NFS+Rsync+LVS+DNS+IPtables综合实验

1、环境准备

image

服务器 IP地址 作用 系统版本
Mysql-master eth0:10.0.0.58 主数据库 Rocky8.6
Mysql-slave1 eth0:10.0.0.68 备数据库 Rocky8.6
Mysql-slave2 eth0:10.0.0.78 备数据库 Rocky8.6
Mycat eth0:10.0.0.48 数据库读写分离 Rocky8.6
nfs-data eth0:10.0.0.105 nfs服务器 Ubuntu2004
nfs-backup eth0:10.0.0.106 rsync服务器 Ubuntu2004
shopxo1 eth0:10.0.0.8 tunl0:10.0.0.200 GW:10.0.0.108 shopxo1网站 Rocky8.6
shopxo2 eth0:10.0.0.18 tunl0:10.0.0.200 GW:10.0.0.108 shopxo1备份网站 Rocky8.6
wordpress1 eth0:10.0.0.28 unl0:10.0.0.201 GW:10.0.0.108 wordpress网站 Rocky8.6
wordpress1 eth0:10.0.0.38 unl0:10.0.0.201 GW:10.0.0.108 wordpress备份网站 Rocky8.6
LVS-shopxo eth0:10.0.0.88 tunl0:10.0.0.200 GW:10.0.0.108 LVS负载shopxo Rocky8.6
LVS-wordpress eth0:10.0.0.98 tunl0:10.0.0.201 GW:10.0.0.108 LVS负载wordpress Rocky8.6
shopxo1 eth0:10.0.0.8 shopxo1网站 Rocky8.6
shopxo2 eth0:10.0.0.18 shopxo1备份网站 Rocky8.6
firewalld eth0:10.0.0.108 eth1:192.168.0.200 eth1:1 192.168.0.201 防火墙 Rocky8.6
client Router eth0:192.168.0.88 eth1: 192.168.10.88 客户端路由器 Ubuntu2004
DNS eth0:192.168.10.100 域名解析 Ubuntu2004
client eth0:192.168.10.11 测试访问网站 Windows10
2、搭建Mysql组复制高可用集群
# mysql-master (10.0.0.58):
[root@mysql-master ~]# yum install mysql-server -y
[root@mysql-master ~]# vim /etc/hosts
10.0.0.58 master.wang.org
10.0.0.68 slave1.wang.org
10.0.0.78 slave2.wang.org
[root@mysql-master ~]# scp /etc/hosts root@10.0.0.68:/etc/hosts
[root@mysql-master ~]# scp /etc/hosts root@10.0.0.78:/etc/hosts
[root@mysql-master ~]# vim /etc/my.cnf.d/mysql-server.cnf
[mysqld]
server-id=58
gtid_mode=ON
enforce_gtid_consistency
log-bin
default_authentication_plugin=mysql_native_password
binlog_checksum=NONE
loose-group_replication_group_name="635e795e-bbd7-4692-a956-5f7da3a87c3b"
loose-group_replication_start_on_boot=OFF
loose-group_replication_local_address="10.0.0.58:24901"
loose-group_replication_group_seeds="10.0.0.58:24901,10.0.0.68:24901.10.0.0.78:24901"
loose-group_replication_bootstrap_group=OFF
loose-group_replication_recovery_use_ssl=ON
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
log-error=/var/log/mysql/mysqld.log
pid-file=/run/mysqld/mysqld.pid

[root@mysql-master ~]# scp /etc/my.cnf.d/mysql-server.cnf root@10.0.0.68:/etc/my.cnf.d/
[root@mysql-master ~]# scp /etc/my.cnf.d/mysql-server.cnf root@10.0.0.78:/etc/my.cnf.d/
[root@mysql-master ~]# systemctl restart mysqld.service
[root@mysql-master ~]# mysql
mysql> set sql_log_bin=0;
mysql> create user repluser@'10.0.0.%' identified by '123456';
mysql> grant replication slave on *.* to repluser@'10.0.0.%';
mysql> flush privileges;
mysql> set sql_log_bin=1;
mysql> install plugin group_replication soname 'group_replication.so';
mysql> select * from information_schema.plugins where plugin_name='group_replication'\G
==============================================================
# mysql-slave1 (10.0.0.68):
[root@mysql-slave1 ~]# yum install mysql-server -y
[root@mysql-slave1 ~]# vim /etc/my.cnf.d/mysql-server.cnf
[mysqld]
server-id=68
gtid_mode=ON
enforce_gtid_consistency
log-bin
default_authentication_plugin=mysql_native_password
binlog_checksum=NONE
loose-group_replication_group_name="635e795e-bbd7-4692-a956-5f7da3a87c3b"
loose-group_replication_start_on_boot=OFF
loose-group_replication_local_address="10.0.0.68:24901"
loose-group_replication_group_seeds="10.0.0.58:24901,10.0.0.68:24901.10.0.0.78:24901"
loose-group_replication_bootstrap_group=OFF
loose-group_replication_recovery_use_ssl=ON
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
log-error=/var/log/mysql/mysqld.log
pid-file=/run/mysqld/mysqld.pid

[root@mysql-slave1 ~]# systemctl restart mysqld.service
[root@mysql-slave1 ~]# mysql
mysql> set sql_log_bin=0;
mysql> create user repluser@'10.0.0.%' identified by '123456';
mysql> grant replication slave on *.* to repluser@'10.0.0.%';
mysql> flush privileges;
mysql> set sql_log_bin=1;
mysql> install plugin group_replication soname 'group_replication.so';


==============================================================
# mysql-slave2 (10.0.0.78):
[root@mysql-slave2 ~]# yum install mysql-server -y
[root@mysql-slave2 ~]# vim /etc/my.cnf.d/mysql-server.cnf
[mysqld]
server-id=78
gtid_mode=ON
enforce_gtid_consistency
log-bin
default_authentication_plugin=mysql_native_password
binlog_checksum=NONE
loose-group_replication_group_name="635e795e-bbd7-4692-a956-5f7da3a87c3b"
loose-group_replication_start_on_boot=OFF
loose-group_replication_local_address="10.0.0.78:24901"
loose-group_replication_group_seeds="10.0.0.58:24901,10.0.0.68:24901.10.0.0.78:24901"
loose-group_replication_bootstrap_group=OFF
loose-group_replication_recovery_use_ssl=ON
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
log-error=/var/log/mysql/mysqld.log
pid-file=/run/mysqld/mysqld.pid

[root@mysql-slave2 ~]# systemctl restart mysqld.service
[root@mysql-slave2 ~]# mysql
mysql> set sql_log_bin=0;
mysql> create user repluser@'10.0.0.%' identified by '123456';
mysql> grant replication slave on *.* to repluser@'10.0.0.%';
mysql> flush privileges;
mysql> set sql_log_bin=1;
mysql> install plugin group_replication soname 'group_replication.so';

image

image

image

##mysql-master(10.0.0.58): 启动第一节点
mysql> set global group_replication_bootstrap_group=ON;
mysql> start group_replication;
mysql> set global group_replication_bootstrap_group=OFF;
mysql> select * from performance_schema.replication_group_members;
=================================
## mysql-slave1 (10.0.0.68): 
mysql> change master to master_user='repluser',master_password='123456' for channel 'group_replication_recovery';
mysql> start group_replication;
mysql> select * from performance_schema.replication_group_members;
================================
# mysql-slave2 (10.0.0.78):
mysql> change master to master_user='repluser',master_password='123456' for channel 'group_replication_recovery';
mysql> start group_replication;
mysql> select * from performance_schema.replication_group_members;

image

3、搭建Mycat
# mycat(10.0.0.48):
[root@mycat ~]# yum install -y java
[root@mycat ~]# tar xf Mycat-server-1.6.7.6-release-20220524173810-linux.tar.gz -C /usr/local/
[root@mycat ~]# cd /usr/local/mycat/conf/
[root@mycat conf]# echo 'PATH=/usr/local/mycat/bin:$PATH' > /etc/profile.d/mycat.sh
[root@mycat conf]# . /etc/profile.d/mycat.sh
[root@mycat ~]# vim schema.xml
<?xml version="1.0"?>
<!DOCTYPE mycat:schema SYSTEM "schema.dtd">
<mycat:schema xmlns:mycat="http://io.mycat/">
    <schema name="shopxo" checkSQLschema="false" sqlMaxLimit="100" dataNode="dn1">
    </schema>
    <schema name="wordpress" checkSQLschema="false" sqlMaxLimit="100" dataNode="dn2">
    </schema>
    <dataNode name="dn1" dataHost="localhost1" database="shopxo" />
    <dataNode name="dn2" dataHost="localhost1" database="wordpress" />
    <dataHost name="localhost1" maxCon="1000" minCon="10" balance="1"
              writeType="0" dbType="mysql" dbDriver="native" switchType="1"  slaveThreshold="100">
        <heartbeat>select user()</heartbeat>
        <writeHost host="host1" url="10.0.0.58:3306" user="wang" password="123456">
         <readHost host="host2" url="10.0.0.68:3306" user="wang" password="123456" />
         <readHost host="host3" url="10.0.0.78:3306" user="wang" password="123456" />
        </writeHost>
    </dataHost>
</mycat:schema>
===================================================================
[root@mycat ~]# vim server.xml
 ...此处省略
 <property name="serverPort">3306</property>
 ...此处省略
  <user name="root" defaultAccount="true">
        <property name="password">123456</property>
        <property name="schemas">shopxo,wordpress</property>
        <property name="defaultSchema">shopxo</property>
 .......此处省略
 <user name="shopxo">
        <property name="password">123456</property>
        <property name="schemas">shopxo</property>
        <property name="defaultSchema">shopxo</property>
 .......   此处省略
    </user>
    <user name="wordpress">
        <property name="password">123456</property>
        <property name="schemas">wordpress</property>
        <property name="defaultSchema">wordpress</property>
    </user>
    
    

== ====================================================   
# 数据库创建用户和数据库(10.0.0.58):
mysql> create database shopxo;
mysql> create database wordpress;
mysql> create user wang@'10.0.0.%' identified by '123456';
mysql> grant all on *.* to wang@'10.0.0.%';


====================================================

[root@mycat conf]# mycat start

image

image

image

image

image

4、搭建shopxo
# shopxo1(10.0.0.8):
[root@shopxo1 ~]# wget https://mirrors.tuna.tsinghua.edu.cn/remi/enterprise/remi-release-8.rpm          #下载php的清华源
[root@shopxo1 ~]# yum install -y remi-release-8.rpm    # 安装清华源
[root@shopxo1 ~]# yum -y install httpd php74 php74-php-fpm php74-php-mysqlnd php74-php-json php74-php-gd php74-php-xml php74-php-pecl-zip php74-php-mbstring
[root@shopxo1 ~]# unzip shopxo-v2.3.0.zip 
[root@shopxo1 ~]# mv shopxo-v2.3.0/* /var/www/html
[root@shopxo1 ~]# chown -R apache. /var/www/html
[root@shopxo1 ~]# vim /var/www/html/config/shopxo.sql
:%s/MyISAM/InnoDB/g     #     搜索MyISAM替换成InnoDB   ENGINE = InnoDB
[root@shopxo1 ~]# systemctl restart httpd
打开浏览器连接数据库,连接Mycat地址10.0.0.48 账号shopxo,密码123456
==========================================================
# shopxo2(10.0.0.18):
[root@shopxo2 ~]# wget https://mirrors.tuna.tsinghua.edu.cn/remi/enterprise/remi-release-8.rpm          #下载php的清华源
[root@shopxo2 ~]# yum install -y remi-release-8.rpm    # 安装清华源
[root@shopxo2 ~]# yum -y install httpd php74 php74-php-fpm php74-php-mysqlnd php74-php-json php74-php-gd php74-php-xml php74-php-pecl-zip php74-php-mbstring
[root@shopxo2 ~]# unzip shopxo-v2.3.0.zip
[root@shopxo2 ~]# mv shopxo-v2.3.0/* /var/www/html
[root@shopxo2 ~]# chown -R apache. /var/www/html
[root@shopxo2 ~]# vim /var/www/html/config/shopxo.sql
:%s/MyISAM/InnoDB/g     #     搜索MyISAM替换成InnoDB   ENGINE = InnoDB
[root@shopxo2 ~]# systemctl restart httpd
打开浏览器连接数据库,连接Mycat地址10.0.0.48 账号shopxo,密码123456
5、搭建wordpress
#wordpress1(10.0.0.28):
[root@wordpress1 ~]# yum -y install httpd php php-mysqlnd php-json php74-php-fpm
[root@wordpress1 ~]# tar xf wordpress-6.0.2-zh_CN.tar.gz
[root@wordpress1 ~]# mv wordpress/* /var/www/html
[root@wordpress1 ~]# chown -R apache. /var/www/html
[root@wordpress1 ~]# systemctl restart httpd
打开浏览器连接数据库,连接Mycat地址10.0.0.48 账号wordpress,密码123456

#wordpress2(10.0.0.38):
[root@wordpress2 ~]#yum -y install httpd php php-mysqlnd php-json php74-php-fpm
[root@wordpress2 ~]#tar xf wordpress-6.0.2-zh_CN.tar.gz
[root@wordpress2 ~]#mv wordpress/* /var/www/html/
[root@wordpress2 ~]#chown -R apache. /var/www/html/
[root@wordpress2 ~]# systemctl restart httpd
打开浏览器连接数据库,连接Mycat地址10.0.0.48 账号wordpress,密码123456

image

image

6、搭建nfs+rsync
#rsync-backup(10.0.0.106):
[root@rsync-backup ~]#apt install rsync
[root@rsync-backup ~]#vim /etc/rsyncd.conf
uid = root
gid = root  
max connections = 0
ignore errors
exclude = lost+found/
log file = /var/log/rsyncd.log
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsyncd.lock
reverse lookup = no
[backup] 
path = /data/backup/  
comment = backup dir
read only = no 
auth users = rsyncuser  
secrets file = /etc/rsync.pas
[root@rsync-backup ~]#mkdir -p /data/backup
[root@rsync-backup ~]#echo rsyncuser:123456 > /etc/rsync.pas
[root@rsync-backup ~]#chmod 600 /etc/rsync.pas
[root@rsync-backup ~]#systemctl restart rsync.service 
[root@rsync-backup ~]#systemctl status rsync.service 
=========================================================================

# rsync-data(10.0.0.105):
[root@rsync-data ~]#apt install -y rsync
[root@rsync-data ~]#tar xf sersync2.5.4_64bit_binary_stable_final.tar.gz -C /usr/local/
[root@rsync-data ~]#cd /usr/local/
[root@rsync-data local]#mv GNU-Linux-x86/ sersync2
[root@rsync-data local]#cd sersync2/
[root@rsync-data sersync2]#vim confxml.xml
    <rsync>
<?xml version="1.0" encoding="ISO-8859-1"?>
<head version="2.5">
    <host hostip="localhost" port="8008"></host>
    <debug start="false"/>
    <fileSystem xfs="false"/>
    <filter start="false">
    <exclude expression="(.*)\.svn"></exclude>
    <exclude expression="(.*)\.gz"></exclude>
    <exclude expression="^info/*"></exclude>
    <exclude expression="^static/*"></exclude>
    </filter>
    <inotify>
    <delete start="true"/>
    <createFolder start="true"/>
    <createFile start="true"/>
    <closeWrite start="true"/>
    <moveFrom start="true"/>
    <moveTo start="true"/>
    <attrib start="true"/>
    <modify start="true"/>
    </inotify>

    <sersync>
    <localpath watch="/data/">
        <remote ip="10.0.0.106" name="backup"/>                    #更改为备份服务器的ip地址
        <!--<remote ip="192.168.8.39" name="tongbu"/>-->
        <!--<remote ip="192.168.8.40" name="tongbu"/>-->
    </localpath>
    <rsync>
        <commonParams params="-artuz"/>
        <auth start="true" users="rsyncuser" passwordfile="/etc/rsync.pas"/>
        <userDefinedPort start="false" port="874"/><!-- port=874 -->
        <timeout start="false" time="100"/><!-- timeout=100 -->
        <ssh start="false"/>
    </rsync>
    <failLog path="/tmp/rsync_fail_log.sh" timeToExecute="60"/><!--default every 60mins execute once-->
    <crontab start="false" schedule="600"><!--600mins-->
        <crontabfilter start="false">
        <exclude expression="*.php"></exclude>
        <exclude expression="info/*"></exclude>
        </crontabfilter>
    </crontab>
    <plugin start="false" name="command"/>
    </sersync>

    <plugin name="command">
    <param prefix="/bin/sh" suffix="" ignoreError="true"/>  <!--prefix /opt/tongbu/mmm.sh suffix-->
    <filter start="false">
        <include expression="(.*)\.php"/>
        <include expression="(.*)\.sh"/>
    </filter>
    </plugin>

    <plugin name="socket">
    <localpath watch="/opt/tongbu">
        <deshost ip="192.168.138.20" port="8009"/>
    </localpath>
    </plugin>
    <plugin name="refreshCDN">
    <localpath watch="/data0/htdocs/cms.xoyo.com/site/">
        <cdninfo domainname="ccms.chinacache.com" port="80" username="xxxx" passwd="xxxx"/>
        <sendurl base="http://pic.xoyo.com/cms"/>
        <regexurl regex="false" match="cms.xoyo.com/site([/a-zA-Z0-9]*).xoyo.com/images"/>
    </localpath>
    </plugin>
</head>

[root@rsync-data sersync2]#mkdir -p /data/shopxo
[root@rsync-data sersync2]#mkdir -p /data/wordpress
[root@rsync-data sersync2]#echo 123456 > /etc/rsync.pas
[root@rsync-data sersync2]#chmod 600 /etc/rsync.pas

[root@rsync-data sersync2]#yum install nfs-server
[root@rsync-data sersync2]#vim /etc/exports
/data/shopxo 10.0.0.0/24(rw,all_squash,anonuid=48,anongid=48)     
/data/wordpress 10.0.0.0/24(rw,all_squash,anonuid=48,anongid=48) 
[root@rsync-data sersync2]#exportfs -r
[root@rsync-data sersync2]#exportfs -v
[root@nfs-data sersync2]#screen                           
[root@nfs-data sersync2]#./sersync2 -dro ./confxml.xml
7、网站挂载nfs
# shopxo1(10.0.0.8):
[root@shopxo1 ~]# yum install -y nfs-utils
[root@shopxo1 ~]# scp -r /var/www/html/public/static/upload/* 10.0.0.105:/data/shopxo/
================================
#nfs-data(10.0.0.105):
groupadd -g 48 apache
useradd -u 48 -g apache apache
chown -R apache. /data/shopxo/
=================================
# shopxo1(10.0.0.8):
[root@shopxo1 ~]# vim /etc/fstab
10.0.0.105:/data/shopxo /var/www/html/public/static/upload/ nfs _netdev  0 0
[root@shopxo1 ~]# mount -a
[root@shopxo1 ~]# df -h
================================
# shopxo2(10.0.0.18):
[root@shopxo2 ~]# yum install -y nfs-utils
[root@shopxo2 ~]# vim /etc/fstab
10.0.0.105:/data/shopxo /var/www/html/public/static/upload/ nfs _netdev  0 0
[root@shopxo2 ~]# mount -a

image

image

# wordpress1 (10.0.0.28):
[root@wordpress1 ~]#yum install -y nfs-utils
[root@wordpress1 ~]# rsync -av /var/www/html/wp-content/* 10.0.0.105:/data/wordpress/
[root@wordpress1 ~]# vim /etc/fstab
10.0.0.105:/data/wordpress /var/www/html/wp-content nfs _netdev 0 0 
[root@wordpress1 ~]# mount -a
[root@wordpress1 ~]# df -h

# wordpress2 (10.0.0.38):
[root@wordpress2 ~]#yum install -y nfs-utils
[root@wordpress2 ~]# vim /etc/fstab
10.0.0.105:/data/wordpress /var/www/html/wp-content nfs _netdev 0 0 
[root@wordpress2 ~]# mount -a
[root@wordpress2 ~]# df -h

image

image

8、搭建LVS
# shopxo1(10.0.0.8):
[root@shopxo1 ~]# ip a a 10.0.0.200/32 dev tunl0
[root@shopxo1 ~]# ip link set up tunl0
[root@shopxo1 ~]# echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
[root@shopxo1 ~]# echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
[root@shopxo1 ~]# echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
[root@shopxo1 ~]# echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce 
[root@shopxo1 ~]# echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter
[root@shopxo1 ~]# echo 0 > /proc/sys/net/ipv4/conf/tunl0/rp_filter
===================================================================
# shopxo2(10.0.0.18):
[root@shopxo2 ~]# ip a a 10.0.0.200/32 dev tunl0
[root@shopxo2 ~]# ip link set up tunl0
[root@shopxo2 ~]# echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
[root@shopxo2 ~]# echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
[root@shopxo2 ~]# echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
[root@shopxo2 ~]# echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce 
[root@shopxo2 ~]# echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter
[root@shopxo2 ~]# echo 0 > /proc/sys/net/ipv4/conf/tunl0/rp_filter
====================================================================
# lvs-shopxo (10.0.0.88):
[root@lvs-shopxo ~]# yum install ipvsadm -y
[root@lvs-shopxo ~]# ip a a 10.0.0.200/32 dev tunl0
[root@lvs-shopxo ~]# ip link set up tunl0
[root@lvs-shopxo ~]# lsmod | grep ipip
ipip                   16384  0
tunnel4                16384  1 ipip
ip_tunnel              28672  1 ipip
[root@lvs-shopxo ~]# ipvsadm -A -t 10.0.0.200:80 -s wrr
[root@lvs-shopxo ~]# ipvsadm -a -t 10.0.0.200:80 -r 10.0.0.8:80 -i
[root@lvs-shopxo ~]# ipvsadm -a -t 10.0.0.200:80 -r 10.0.0.18:80 -i

image

# wordpress1 (10.0.0.28):
[root@wordpress1 ~]# ip a a 10.0.0.201 dev tunl0
[root@wordpress1 ~]# ip link set up tunl0
[root@wordpress1 ~]# echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
[root@wordpress1 ~]# echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
[root@wordpress1 ~]# echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
[root@wordpress1 ~]# echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
[root@wordpress1 ~]# echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter
[root@wordpress1 ~]# echo 0 > /proc/sys/net/ipv4/conf/tunl0/rp_filter
======================================================================
# wordpress2 (10.0.0.38):
[root@wordpress2 ~]#ip a a 10.0.0.201 dev tunl0
[root@wordpress2 ~]#ip link set up tunl0
[root@wordpress2 ~]#echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
[root@wordpress2 ~]#echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
[root@wordpress2 ~]#echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
[root@wordpress2 ~]#echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
[root@wordpress2 ~]#echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter
[root@wordpress2 ~]#echo 0 > /proc/sys/net/ipv4/conf/tunl0/rp_filter
========================================================================
# lvs-wordpress (10.0.0.98):
[root@lvs-wordpress ~]# yum install ipvsadm -y
[root@lvs-wordpress ~]# ip a a 10.0.0.201 dev tunl0
[root@lvs-wordpress ~]# ip link set up tunl0
[root@lvs-wordpress ~]# ipvsadm -A -t 10.0.0.201:80 -s wrr
[root@lvs-wordpress ~]# ipvsadm -a -t 10.0.0.201:80 -r 10.0.0.28:80 -i
[root@lvs-wordpress ~]# ipvsadm -a -t 10.0.0.201:80 -r 10.0.0.38:80 -i
[root@lvs-wordpress ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  10.0.0.201:80 wrr
  -> 10.0.0.28:80                 Tunnel  1      0          0         
  -> 10.0.0.38:80                 Tunnel  1      0          0  

image

image

9、配置防火墙
# firewalld (10.0.0.108):
[root@firewalld ~]# echo 1 > /proc/sys/net/ipv4/ip_forward
[root@firewalld ~]# iptables -t nat -A PREROUTING -d 192.168.0.200 -p tcp --dport 80 -j DNAT --to-destination 10.0.0.200:80
[root@firewalld ~]# iptables -t nat -A PREROUTING -d 192.168.0.201 -p tcp --dport 80 -j DNAT --to-destination 10.0.0.201:80
[root@firewalld ~]# iptables -t nat -nvL
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    4   240 DNAT       tcp  --  *      *       0.0.0.0/0            192.168.0.200        tcp dpt:80 to:10.0.0.200:80
    3   180 DNAT       tcp  --  *      *       0.0.0.0/0            192.168.0.201        tcp dpt:80 to:10.0.0.201:80
10、配置client Router
# client Router(192.168.0.88)
[root@client-router ~]#echo 1 > /proc/sys/net/ipv4/ip_forward

11、配置DNS服务器
# DNS (192.168.10.100):
[root@DNS ~]# apt install -y bind9 bind9-utils
[root@DNS ~]# cd /etc/bind/
[root@DNS bind]# vim /etc/bind/named.conf.options
   dnssec-validation no;    #取消此行注释

[root@DNS bind]# vim named.conf.default-zones 
zone "wang.org" {
    type master;
    file "/etc/bind/wang.org.zone";
};

[root@DNS bind]# cp db.local wang.org.zone
[root@DNS bind]# vim wang.org.zone
$TTL    604800
@   IN  SOA admin admin.wang.org. (
                  2     ; Serial
             604800     ; Refresh
              86400     ; Retry
            2419200     ; Expire
             604800 )   ; Negative Cache TTL
            IN  NS  admin
admin       IN  A   192.168.10.100
shopxo      IN  A   192.168.0.200
wordpress   IN  A   192.168.0.201
[root@DNS bind]#systemctl restart named.service
[root@DNS bind]#systemctl status bind9.service      #查看状态是否报错
[root@DNS bind]#dig @127.1 wordpress.wang.org       

image

image

12、client测试
windows当做客户端:
1、需改网卡dns:需改dns所在网卡dns和外网dns(我这里是vmnet3 以太网)
2、清除dns缓存
3、ping测试
4、浏览器测试

image
)

image

image

image

image

image

posted @ 2022-09-12 10:40  大雨转暴雨  阅读(58)  评论(0编辑  收藏  举报