配置RS1:
#修改主机名
[root@localhost ~]# hostnamectl hostname RS1#修改网络
[root@localhost ~]# nmcli c modify ens160 ipv4.method manual ipv4.addresses 172.25.250.9/24 ipv4.gateway 172.25.250.8 connection.autoconnect yes
[root@localhost ~]# nmcli c up ens160#挂载并下载服务
[root@RS1 ~]# mount /dev/sr0 /mnt
mount: /mnt: WARNING: source write-protected, mounted read-only.
[root@RS1 ~]# dnf install nginx -y
Updating Subscription Management repositories.
Unable to read consumer identityThis system is not registered with an entitlement server. You can use "rhc" or "subscription-manager" to register.BaseOS 2.0 MB/s | 2.7 kB 00:00
AppStream 2.2 MB/s | 3.2 kB 00:00
Dependencies resolved.
======================================================================================Package Architecture Version Repository Size
======================================================================================
Installing:nginx x86_64 2:1.20.1-20.el9 app 40 k
Installing dependencies:nginx-core x86_64 2:1.20.1-20.el9 app 574 knginx-filesystem noarch 2:1.20.1-20.el9 app 11 kredhat-logos-httpd noarch 90.4-2.el9 app 18 kTransaction Summary
======================================================================================
Install 4 PackagesTotal size: 643 k
Installed size: 1.8 M
Downloading Packages:
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transactionPreparing : 1/1 Running scriptlet: nginx-filesystem-2:1.20.1-20.el9.noarch 1/4 Installing : nginx-filesystem-2:1.20.1-20.el9.noarch 1/4 Installing : nginx-core-2:1.20.1-20.el9.x86_64 2/4 Installing : redhat-logos-httpd-90.4-2.el9.noarch 3/4 Installing : nginx-2:1.20.1-20.el9.x86_64 4/4 Running scriptlet: nginx-2:1.20.1-20.el9.x86_64 4/4 Verifying : nginx-2:1.20.1-20.el9.x86_64 1/4 Verifying : nginx-core-2:1.20.1-20.el9.x86_64 2/4 Verifying : nginx-filesystem-2:1.20.1-20.el9.noarch 3/4 Verifying : redhat-logos-httpd-90.4-2.el9.noarch 4/4
Installed products updated.Installed:nginx-2:1.20.1-20.el9.x86_64 nginx-core-2:1.20.1-20.el9.x86_64 nginx-filesystem-2:1.20.1-20.el9.noarch redhat-logos-httpd-90.4-2.el9.noarch Complete!#配置nginx服务
[root@RS1 ~]# echo $(hostname -I) > /usr/share/nginx/html/index.html #重启nginx服务
[root@RS1 ~]# systemctl start nginx#测试是否配置成功
[root@RS1 ~]# curl localhost
172.25.250.9
配置RS2:
#修改主机名
[root@localhost ~]# hostnamectl hostname RS2#修改网络
[root@localhost ~]# nmcli c modify ens160 ipv4.method manual ipv4.addresses 172.25.250.19/24 ipv4.gateway 172.25.250.8 connection.autoconnect yes
[root@localhost ~]# nmcli c up ens160#挂载并下载服务
[root@RS2 ~]# mount /dev/sr0 /mnt
mount: /mnt: WARNING: source write-protected, mounted read-only.
[root@RS2 ~]# dnf install nginx -y
Updating Subscription Management repositories.
Unable to read consumer identityThis system is not registered with an entitlement server. You can use "rhc" or "subscription-manager" to register.BaseOS 1.0 MB/s | 2.7 kB 00:00
AppStream 3.0 MB/s | 3.2 kB 00:00
Dependencies resolved.
======================================================================================Package Architecture Version Repository Size
======================================================================================
Installing:nginx x86_64 2:1.20.1-20.el9 app 40 k
Installing dependencies:nginx-core x86_64 2:1.20.1-20.el9 app 574 knginx-filesystem noarch 2:1.20.1-20.el9 app 11 kredhat-logos-httpd noarch 90.4-2.el9 app 18 kTransaction Summary
======================================================================================
Install 4 PackagesTotal size: 643 k
Installed size: 1.8 M
Downloading Packages:
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transactionPreparing : 1/1 Running scriptlet: nginx-filesystem-2:1.20.1-20.el9.noarch 1/4 Installing : nginx-filesystem-2:1.20.1-20.el9.noarch 1/4 Installing : nginx-core-2:1.20.1-20.el9.x86_64 2/4 Installing : redhat-logos-httpd-90.4-2.el9.noarch 3/4 Installing : nginx-2:1.20.1-20.el9.x86_64 4/4 Running scriptlet: nginx-2:1.20.1-20.el9.x86_64 4/4 Verifying : nginx-2:1.20.1-20.el9.x86_64 1/4 Verifying : nginx-core-2:1.20.1-20.el9.x86_64 2/4 Verifying : nginx-filesystem-2:1.20.1-20.el9.noarch 3/4 Verifying : redhat-logos-httpd-90.4-2.el9.noarch 4/4
Installed products updated.Installed:nginx-2:1.20.1-20.el9.x86_64 nginx-core-2:1.20.1-20.el9.x86_64 nginx-filesystem-2:1.20.1-20.el9.noarch redhat-logos-httpd-90.4-2.el9.noarch Complete!#配置nginx服务
[root@RS2 ~]# echo $(hostname -I) > /usr/share/nginx/html/index.html #重启nginx服务
[root@RS2 ~]# systemctl start nginx#测试服务是否配置成功
[root@RS2 ~]# curl localhost
172.25.250.19
配置RS3:
#修改主机名
[root@localhost ~]# hostnamectl hostname RS3#修改网络
[root@localhost ~]# nmcli c modify ens160 ipv4.method manual ipv4.addresses 172.25.250.29/24 ipv4.gateway 172.25.250.8 connection.autoconnect yes
[root@localhost ~]# nmcli c up ens160#挂载并下载服务
[root@RS3 ~]# mount /dev/sr0 /mnt
mount: /mnt: WARNING: source write-protected, mounted read-only.
[root@RS3 ~]# dnf install nginx -y
Updating Subscription Management repositories.
Unable to read consumer identityThis system is not registered with an entitlement server. You can use "rhc" or "subscription-manager" to register.BaseOS 2.1 MB/s | 2.7 kB 00:00
AppStream 2.9 MB/s | 3.2 kB 00:00
Dependencies resolved.
======================================================================================Package Architecture Version Repository Size
======================================================================================
Installing:nginx x86_64 2:1.20.1-20.el9 app 40 k
Installing dependencies:nginx-core x86_64 2:1.20.1-20.el9 app 574 knginx-filesystem noarch 2:1.20.1-20.el9 app 11 kredhat-logos-httpd noarch 90.4-2.el9 app 18 kTransaction Summary
======================================================================================
Install 4 PackagesTotal size: 643 k
Installed size: 1.8 M
Downloading Packages:
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transactionPreparing : 1/1 Running scriptlet: nginx-filesystem-2:1.20.1-20.el9.noarch 1/4 Installing : nginx-filesystem-2:1.20.1-20.el9.noarch 1/4 Installing : nginx-core-2:1.20.1-20.el9.x86_64 2/4 Installing : redhat-logos-httpd-90.4-2.el9.noarch 3/4 Installing : nginx-2:1.20.1-20.el9.x86_64 4/4 Running scriptlet: nginx-2:1.20.1-20.el9.x86_64 4/4 Verifying : nginx-2:1.20.1-20.el9.x86_64 1/4 Verifying : nginx-core-2:1.20.1-20.el9.x86_64 2/4 Verifying : nginx-filesystem-2:1.20.1-20.el9.noarch 3/4 Verifying : redhat-logos-httpd-90.4-2.el9.noarch 4/4
Installed products updated.Installed:nginx-2:1.20.1-20.el9.x86_64 nginx-core-2:1.20.1-20.el9.x86_64 nginx-filesystem-2:1.20.1-20.el9.noarch redhat-logos-httpd-90.4-2.el9.noarch Complete!#配置nginx服务
[root@RS3 ~]# echo $(hostname -I) > /usr/share/nginx/html/index.html #重启服务
[root@RS3 ~]# systemctl start nginx#测试服务是否配置完成
[root@RS3 ~]# curl localhost
172.25.250.29
配置LVS(作为lvs服务器它有两块网卡,但原本的只有一块,我们手动给添加一块仅主机网络模式的网卡)
配置完成后可以看到原来的虚拟机基础上有两块网卡
#修改主机名
[root@localhost ~]# hostnamectl hostname LVS
[root@localhost ~]# ip ad
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host lovalid_lft forever preferred_lft foreverinet6 ::1/128 scope host valid_lft forever preferred_lft forever
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000link/ether 00:0c:29:08:bc:6c brd ff:ff:ff:ff:ff:ffaltname enp3s0inet 172.25.250.167/24 brd 172.25.250.255 scope global dynamic noprefixroute ens160valid_lft 1743sec preferred_lft 1743secinet6 fe80::20c:29ff:fe08:bc6c/64 scope link noprefixroute valid_lft forever preferred_lft forever
3: ens224: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000link/ether 00:0c:29:08:bc:76 brd ff:ff:ff:ff:ff:ffaltname enp19s0inet 192.168.19.130/24 brd 192.168.19.255 scope global dynamic noprefixroute ens224valid_lft 1743sec preferred_lft 1743secinet6 fe80::c5f9:dd5a:6666:23b1/64 scope link noprefixroute valid_lft forever preferred_lft forever#查看网络设备连接名称
[root@localhost ~]# nmcli c show
NAME UUID TYPE DEVICE
ens160 e5cd0010-7a84-3798-88d9-772e68c36b11 ethernet ens160
Wired connection 1 50433d92-0232-301a-993e-563538ddfd64 ethernet ens224
lo fe37a8d1-221a-4584-8fb9-0bde4c40ad9d loopback lo #修改网络设备连接名称
[root@localhost ~]# nmcli c modify 'Wired connection 1' connection.id ens224
[root@localhost ~]# nmcli c show
NAME UUID TYPE DEVICE
ens160 e5cd0010-7a84-3798-88d9-772e68c36b11 ethernet ens160
ens224 50433d92-0232-301a-993e-563538ddfd64 ethernet ens224
lo fe37a8d1-221a-4584-8fb9-0bde4c40ad9d loopback lo #配置NAT模式网卡
[root@localhost ~]# nmcli c modify ens160 ipv4.method manual ipv4.addresses 172.25.250.8/24 ipv4.gateway 172.25.250.2 ipv4.dns 223.5.5.5 connection.autoconnect yes
[root@localhost ~]# nmcli c up ens160#重新连接虚拟机,并挂载
[root@LVS ~]# mount /dev/sr0 /mnt
mount: /mnt: WARNING: source write-protected, mounted read-only.#下载ipvsadm
[root@LVS ~]# dnf install ipvsadm -y
Updating Subscription Management repositories.
Unable to read consumer identityThis system is not registered with an entitlement server. You can use "rhc" or "subscription-manager" to register.BaseOS 1.7 MB/s | 2.7 kB 00:00
AppStream 2.8 MB/s | 3.2 kB 00:00
Dependencies resolved.
======================================================================================Package Architecture Version Repository Size
======================================================================================
Installing:ipvsadm x86_64 1.31-6.el9 app 54 kTransaction Summary
======================================================================================
Install 1 PackageTotal size: 54 k
Installed size: 89 k
Downloading Packages:
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transactionPreparing : 1/1 Installing : ipvsadm-1.31-6.el9.x86_64 1/1 Running scriptlet: ipvsadm-1.31-6.el9.x86_64 1/1 Verifying : ipvsadm-1.31-6.el9.x86_64 1/1
Installed products updated.Installed:ipvsadm-1.31-6.el9.x86_64 Complete!#配置仅主机模式网卡
[root@LVS ~]# nmcli c modify ens224 ipv4.method manual ipv4.addresses 192.168.19.200/24 ipv4.gateway 192.168.19.2 connection.autoconnect yes
[root@LVS ~]# nmcli c up ens224
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/5)
[root@LVS ~]# ip ad
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host lovalid_lft forever preferred_lft foreverinet6 ::1/128 scope host valid_lft forever preferred_lft forever
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000link/ether 00:0c:29:08:bc:6c brd ff:ff:ff:ff:ff:ffaltname enp3s0inet 172.25.250.8/24 brd 172.25.250.255 scope global noprefixroute ens160valid_lft forever preferred_lft foreverinet6 fe80::20c:29ff:fe08:bc6c/64 scope link noprefixroute valid_lft forever preferred_lft forever
3: ens224: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000link/ether 00:0c:29:08:bc:76 brd ff:ff:ff:ff:ff:ffaltname enp19s0inet 192.168.19.200/24 brd 192.168.19.255 scope global noprefixroute ens224valid_lft forever preferred_lft foreverinet6 fe80::c5f9:dd5a:6666:23b1/64 scope link tentative noprefixroute valid_lft forever preferred_lft forever
[root@LVS ~]#
配置客户端(修改网络模式为仅主机模式)
#修改主机名
[root@localhost ~]# hostnamectl hostname client#配置仅主机网卡
[root@localhost ~]# nmcli c modify ens160 ipv4.method manual ipv4.addresses 192.168.19.100/24 ipv4.gateway 192.168.19.2 ipv4.dns 223.5.5.5 connection.autoconnect yes
[root@localhost ~]# nmcli c up ens160[root@client ~]# nmcli d show ens160
GENERAL.DEVICE: ens160
GENERAL.TYPE: ethernet
GENERAL.HWADDR: 00:0C:29:23:8B:26
GENERAL.MTU: 1500
GENERAL.STATE: 100 (connected)
GENERAL.CONNECTION: ens160
GENERAL.CON-PATH: /org/freedesktop/NetworkM>
WIRED-PROPERTIES.CARRIER: on
IP4.ADDRESS[1]: 192.168.19.100/24
IP4.GATEWAY: 192.168.19.2
IP4.ROUTE[1]: dst = 192.168.19.0/24, nh>
IP4.ROUTE[2]: dst = 0.0.0.0/0, nh = 192>
IP4.DNS[1]: 223.5.5.5
IP6.ADDRESS[1]: fe80::20c:29ff:fe23:8b26/>
IP6.GATEWAY: --
IP6.ROUTE[1]: dst = fe80::/64, nh = ::,>
[root@client ~]#
在LVS主机上启动ipvsadm服务(注意防火墙有没有关闭)
#查看防火墙的状态,没有关闭就要把防火墙关掉
[root@LVS ~]# systemctl is-active firewalld
active#关闭防火墙,所有设备都应该关闭防火墙
[root@LVS ~]# systemctl stop firewalld
[root@LVS ~]# setenforce 0
[root@LVS ~]# systemctl is-active firewalld
inactive#启动ipvsadm服务
[root@LVS ~]# ipvsadm-save > /etc/sysconfig/ipvsadm
[root@LVS ~]# systemctl start ipvsadm
在客服端上查看能否访问
[root@client ~]# curl 192.168.19.200
curl: (7) Failed to connect to 192.168.19.200 port 80: No route to host
#访问失败
访问失败:是因为我们没有做 LVS 规则匹配
#配置一条规则
[root@LVS ~]# ipvsadm -A -t 192.168.19.200:80 -s rr#为规则添加RS
[root@LVS ~]# ipvsadm -a -t 192.168.19.200:80 -r 172.25.250.9:80 -m -w 2
[root@LVS ~]# ipvsadm -a -t 192.168.19.200:80 -r 172.25.250.19:80 -m -w 2
[root@LVS ~]# ipvsadm -a -t 192.168.19.200:80 -r 172.25.250.29:80 -m -w 2#查看规则
[root@LVS ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.19.200:80 rr-> 172.25.250.9:80 Masq 2 0 0 -> 172.25.250.19:80 Masq 2 0 0 -> 172.25.250.29:80 Masq 2 0 0 #配置完成后,重启ipvsadm服务
[root@LVS ~]# systemctl restart ipvsadm
规则配置完成后,在用客户端测试,发现没有报错但也没有数据返回
[root@client ~]# curl 192.168.19.200
^C
原因:没有配置内核转发参数net.ipv4.ip_forward=1。
在/etc/sysctl.conf文件中写入内核转发参数,也可以使用vim来编辑
[root@LVS ~]# echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf #配置完成后,用以下命令来生效
[root@LVS ~]# sysctl -p
net.ipv4.ip_forward = 1
此时配置完成后,再去客户端测试
[root@client ~]# curl 192.168.19.200
172.25.250.19
[root@client ~]# curl 192.168.19.200
172.25.250.9
[root@client ~]# curl 192.168.19.200
172.25.250.29
[root@client ~]# curl 192.168.19.200
172.25.250.19
[root@client ~]# curl 192.168.19.200
172.25.250.9
[root@client ~]# curl 192.168.19.200
172.25.250.29
[root@client ~]# curl 192.168.19.200
172.25.250.19
[root@client ~]# curl 192.168.19.200
172.25.250.9
[root@client ~]# curl 192.168.19.200
172.25.250.29
[root@client ~]# curl 192.168.19.200
172.25.250.19
[root@client ~]# curl 192.168.19.200
172.25.250.9
至此,LVS轮回访问三台RS搭建完成
总结:
1、LVS服务器需要有两块网卡,一块用于虚拟IP,便于用户访问;另一块作为后端真实主机的网关。
2、在配置规则时,需要通过 -m 参数来指定是 NAT 模式
3、需要在 LVS 服务器上配置ip转发内核参数
vim /etc/sysctl.conf
net.ipv4.ip_forward=1
——通过FFmpeg命令使用UDP发送TS流)
