1.默认的Web服务器会通过虚拟接口回应ARP响应,因此为防止问题,需在网络服务中添加(net.ipv4.conf.lo.arp_ignore = 1,忽略虚拟接口的ARP请求,只响应物理接口ARP请求)
2.默认Web服务器回应时使用lo网卡的地址,会造成ARP缓存混乱,因此需要在Web服务器中添加(net.ipv4.conf.eth0.arp_announce = 2,回应请求时,使用物理接口eth0作为源IP地址回应)
实验环境:
主机IP | 主机名 | 角色 |
192.168.192.159 (NAT) 192.168.100.10 (VM1) | Centos01 | 网关服务器 |
192.168.100.254(VM1) 192.168.100.20 (VM1) | Centos02 | LVS |
192.168.100.30 (VM1) | Centos03 | web1 |
192.168.100.40 (VM1) | Centos04 | web2 |
一,网关服务器
两块网卡,第一块桥接,第二块仅主机模式
1.网络配置配置
1)rm -rf /etc/udev/rules.d/70-persistent-net.rules
2)vim /etc/sysconfig/network-scripts/ifcfg-ens33
TYPE="Ethernet"
PROXY_METHOD="none"
BROWSER_ONLY="no"
BOOTPROTO="dhcp"
DEFROUTE="yes"
NAME="ens33"
DEVICE="ens33"
ONBOOT="yes"
~
3)cp /etc/sysconfig/network-scripts/ifcfg-eth0 /etc/sysconfig/network-scripts/ifcfg-ens37
TYPE="Ethernet"
BOOTPROTO="static"
DEFROUTE="yes"
NAME="ens37"
DEVICE="ens37"
ONBOOT="yes"
IPADDR=192.168.100.10
NETMASK=255.255.255.0
4) systemctl restart network
5)ifconfig
2.开启路由转发
1)vim /etc/sysctl.conf
7 net.ipv4.ip_forward = 1
2)sysctl -p
3.编写防火墙规则
1)systemctl stop iptbles
2)iptables -t nat -I PREROUTING -d 192.168.192.159 -i ens33(公网接口) -p tcp --dport 80 -j DNAT --to-destination 192.168.100.254:80
3) iptables-save >>/etc/sysconfig/iptables && systemctl enable iptables
二,LVS
两块网卡,都为仅主机模式
1.网络参数配置
1)rm -rf /etc/udev/rules.d/70-persistent-net.rules
2)vim /etc/sysconfig/network-scripts/ifcfg-ens33
TYPE="Ethernet"
PROXY_METHOD="none"
BOOTPROTO="static"
DEFROUTE="yes"
NAME="ens33"
DEVICE="ens33"
ONBOOT="yes"
IPADDR=192.168.100.254
NETMASK=255.255.255.0
GATEWAY=192.168.100.10
2)cp /etc/sysconfig/network-scripts/ifcfg-ens33 /etc/sysconfig/network-scripts/ifcfg-ens37
3)vim /etc/sysconfig/network-scripts/ifcfg-ens37
TYPE="Ethernet"
BOOTPROTO="static"
DEFROUTE="yes"
NAME="ens37"
DEVICE="ens37"
ONBOOT="yes"
IPADDR=192.168.100.20
NETMASK=255.255.255.0
GATEWAY=192.168.100.10
4) systemctl restart network
5)ifconfig
6)ip r
2.YUM源配置并安装软件包
1)rm -rf /etc/yum.repos.d/*
2)vim /etc/yum.repos.d/local.repo
[local]
name=local
baseurl=file:///mnt
gpgcheck=0
3)mount /dev/cdrom /mnt
4)yum -y install ipvsadm
3.负载策略编写
1) systemctl stop iptables
2) systemctl stop ipvsadm
3) ipvsadm -A -t 192.168.100.254:80 -s rr
4)ipvsadm -a -t 192.168.100.254:80 -r 192.168.100.30:80 -g -w 1
5)ipvsadm -a -t 192.168.100.254:80 -r 192.168.100.40:80 -g -w 1
6) ipvsadm -S >>/etc/sysconfig/ipvsadm
6) systemctl enable ipvsadm.service //centos7 默认保存ipvsadm规则
三,WEB1节点配置
1.网络参数配置
1)rm -rf /etc/udev/rules.d/70-persistent-net.rules
2)vim /etc/sysconfig/network-scripts/ifcfg-ens37
TYPE="Ethernet"
BOOTPROTO="static"
DEFROUTE="yes"
NAME="ens37"
DEVICE="ens37"
ONBOOT="yes"
IPADDR=192.168.100.30
NETMASK=255.255.255.0
GATEWAY=192.168.100.10
3)cp /etc/sysconfig/network-scripts/ifcfg-lo /etc/sysconfig/network-scripts/ifcfg-lo:0
4)vim /etc/sysconfig/network-scripts/ifcfg-lo:0
DEVICE=lo:0
IPADDR=192.168.100.254
NETMASK=255.255.255.255
ONBOOT=yes
5) systemctl restart network
2.路由添加
1)route add -host 192.168.100.254 dev lo:0 //若没有route命令,安装net-tools
2)echo "route add -host 192.168.100.254 dev lo:0" >>/etc/rc.local
3.内核参数配置
1)vim /etc/sysctl.conf
8 net.ipv4.conf.all.arp_ignore = 1
9 net.ipv4.conf.all.arp_announce = 2
2)sysctl -p
4.YUM源配置并安装软件包
1)rm -rf /etc/yum.repos.d/*
2)vim /etc/yum.repos.d/local.repo
[local]
name=local
baseurl=file:///mnt
gpgcheck=0
3)mount /dev/cdrom /mnt
4)yum -y install httpd
5.测试页面准备
1)echo "Web1" >/var/www/html/index.html
6.启动服务
1) systemctl start httpd
四,WEB2节点配置
1.网络参数配置
1)rm -rf /etc/udev/rules.d/70-persistent-net.rules
2)vim /etc/sysconfig/network-scripts/ifcfg-ens37
DEVICE="eth0"
NM_CONTROLLED="no"
ONBOOT="yes"
BOOTPROTO=static
IPADDR=192.168.100.40
NETMASK=255.255.255.0
GATEWAY=192.168.100.10
3)cp /etc/sysconfig/network-scripts/ifcfg-lo /etc/sysconfig/network-scripts/ifcfg-lo:0
4)vim /etc/sysconfig/network-scripts/ifcfg-lo:0
DEVICE=lo:0
IPADDR=192.168.100.254
NETMASK=255.255.255.255
ONBOOT=yes
5) systemctl restart network
2.路由添加
1)route add -host 192.168.1.254 dev lo:0
2)echo "route add -host 192.168.100.254 dev lo:0" >>/etc/rc.local
3.内核参数配置
1)vim /etc/sysctl.conf
8 net.ipv4.conf.all.arp_ignore = 1
9 net.ipv4.conf.all.arp_announce = 2
2)sysctl -p
4.YUM源配置并安装软件包
1)rm -rf /etc/yum.repos.d/*
2)vim /etc/yum.repos.d/local.repo
[local]
name=local
baseurl=file:///mnt
gpgcheck=0
3)mount /dev/cdrom /mnt
4)yum -y install httpd
5.测试页面准备
1)echo "Web2" >/var/www/html/index.html
6.启动服务
1) systemctl start httpd
五,测试
IE - > http://192.168.192.159