Q: 如何设置LVS,让Director能将来自同一个Client的请求发给同一个RealServer
A: 对于这个问题可以分为两个问题
一:如果Director上配置的服务为简单服务,即客户端只需要访问服务器的一个固定端口,如
http服务(80),te.net(23),可以通过服务的persistence来设置。
以LVS-DR为例:(服务以telnet为例)
Client Client IP: 10.70.101.100
|
|
|
| Virtual IP: eth0:0 IP 10.71.101.230/32
Director Direcotor IP: eth0 IP 10.71.101.220/24
|
-------------|
| |
| RealServer1 Virtual IP: eth0:0 IP 10.71.101.230/32 (hidden arp)
| Real IP: eth0 IP 10.71.101.221/24
|------------|
| RealServer2 Virtual IP: eth0:0 IP 10.71.101.230/32 (hidden arp)
| Real IP: eth0 IP 10.71.101.222/24
|------------|
RealServer3 Virtual IP: eth0:0 IP 10.71.101.230/32 (hidden arp)
Real IP: eth0 IP 10.71.101.223/24
在Director上作的设置:
# ifconfig eth0 10.71.101.220 netmask 255.255.255.0 broadcast 10.71.101.255
# ifconfig eth0:0 10.71.101.230 netmask 255.255.255.255 broadcast 10.71.101.230
# route add -host 10.71.101.230 gw 10.71.101.230
# ipvsadm -A -t 10.71.101.230:23 -s wlc -p 9000
# ipvsadm -a -t 10.71.101.230:23 -r 10.71.101.221 -g -w 1
# ipvsadm -a -t 10.71.101.230:23 -r 10.71.101.222 -g -w 1
# ipvsadm -a -t 10.71.101.230:23 -r 10.71.101.223 -g -w 1
在RealServer1上作的设置(其他的RealServer的配置类似),除了配置telnet服务之外:
# ifconfig eth0 10.71.101.221 netmask 255.255.255.0 broadcast 10.71.101.255
# echo 0 > /proc/sys/net/ipv4/conf/all/hidden
# echo 0 > /proc/sys/net/ipv4/conf/eth0/hidden
# ifconfig eth0:0 10.71.101.230 netmask 255.255.255.255 broadcast 10.71.101.230
# route add -host 10.71.101.230 gw 10.71.101.230
二:如果Director上配置的服务为多个相关服务,客户端要同时访问服务器的多个端口,如
ftp服务,客户要访问服务器的ftp(21)和ftp-data(20)端口,所以要保证一个客户端对
这两个端口的访问被定向到同一个服务器上,需要用lvs的fwmark加persistence设置。
http和https的设置与此类似。
以LVS-DR为例:(服务以ftp(21)和ftp-data(20)为例)
Client Client IP: 10.70.101.100
|
|
|
| Virtual IP: eth0:0 IP 10.71.101.230/32
Director Direcotor IP: eth0 IP 10.71.101.220/24
|
-------------|
| |
| RealServer1 Virtual IP: eth0:0 IP 10.71.101.230/32 (hidden arp)
| Real IP: eth0 IP 10.71.101.221/24
|------------|
| RealServer2 Virtual IP: eth0:0 IP 10.71.101.230/32 (hidden arp)
| Real IP: eth0 IP 10.71.101.222/24
|------------|
RealServer3 Virtual IP: eth0:0 IP 10.71.101.230/32 (hidden arp)
Real IP: eth0 IP 10.71.101.223/24
在Director上作的设置:
# ifconfig eth0 10.71.101.220 netmask 255.255.255.0 broadcast 10.71.101.255
# ifconfig eth0:0 10.71.101.230 netmask 255.255.255.255 broadcast 10.71.101.230
# route add -host 10.71.101.230 gw 10.71.101.230
# iptables -t mangle -A PREROUTING -d 10.71.101.230 --dport 20 -j MARK --set-mark 1
# iptables -t mangle -A PREROUTING -d 10.71.101.230 --dport 21 -j MARK --set-mark 1
# ipvsadm -A -f 1 -s wlc -p 9000
# ipvsadm -a -f 1 -r 10.71.101.221:0 -g -w 1
# ipvsadm -a -f 1 -r 10.71.101.222:0 -g -w 1
# ipvsadm -a -f 1 -r 10.71.101.223:0 -g -w 1
在RealServer1上作的设置(其他的RealServer的配置类似),除了配置telnet服务之外:
# ifconfig eth0 10.71.101.221 netmask 255.255.255.0 broadcast 10.71.101.255
# echo 0 > /proc/sys/net/ipv4/conf/all/hidden
# echo 0 > /proc/sys/net/ipv4/conf/eth0/hidden
# ifconfig eth0:0 10.71.101.230 netmask 255.255.255.255 broadcast 10.71.101.230
# route add -host 10.71.101.230 gw 10.71.101.230