KVM multi-network web case (section 2)

highlight: atelier-estuary-light

theme: scrolls-light

@TOC

$image.png\$

server2 [root@server2 ~]# yum install qemu-kvm qemu-kvm-tools libvirt libvirt-client virt-manager virt-install -y server1 “` [root@server1 ~]# qemu-img create -f qcow2 /var/lib/libvirt/images/centos7-bridg

[root@server1 ~]# virt-install –virt-type kvm –name linux37-bridge –ram 1024 –vcpus 2 –cdrom=/usr/local/src/CentOS-7-x86_64-Minimal-1810 .iso –disk path=/var/lib/libvirt/images/centos7-bridge.qcow2 –network bridge=br0 –graphics vnc,listen=0.0.0.0 –noautoconsole ““

$image.png\$

“` [root@server1 ~]# cd /var/lib/libvirt/images/

[root@server1 images]# ll total 3383304 -rw-r–r– 1 root root 1573257216 Sep 3 14:22 centos7-bridge.qcow2 -rw-r–r– 1 root root 1891368960 Sep 2 15: 33 linux37centos7.6.qcow2 -rw-r–r– 1 root root 10737418240 Aug 31 21:28 linux37centos7.6.raw

Backup

[root@server1 images]# cp centos7-bridge.qcow2 centos7-bridge_bak.qcow2

Copy to remote host

[root@server1 images]# scp centos7-bridge_bak.qcow2 192.168.1.102://var/lib/libvirt/images/ **server2** [root@server2 ~]# cd /usr/ local/src/

Upload ISO image file

[root@server2 src]# ll Total usage 940032 -rw-r–r– 1 root root 962592768 August 21 13:00 CentOS-7-x86_64-Minimal-1810.iso

[root@server2 ~]# grep 192.168.* /etc/libvirt/ -R /etc/libvirt/qemu/networks/autostart/default.xml:

/etc/libvirt/qemu/networks/autostart/default.xml:
/etc/libvirt/qemu/networks/default.xml:

/etc/libvirt/qemu/networks/default.xml:
/etc/libvirt/libvirtd.conf:#listen_addr = “192.168.0.1”

[root@server2 ~]# vim /etc/libvirt/qemu/networks/default.xml

default

01918562-70b6-437f-8ed8-9ff3e398c064

[root@server2 ~]# systemctl restart libvirtd [root@server2 ~]# systemctl enable libvirtd ““

$image.png\$

$image.png\$

$image.png\$

$image.png\$

$image.png\$

$image.png\$

$image.png\$

$image.png\$

$image.png\$

$image.png\$

$image.png\$

$image.png\$

server1 and server2

The first two network cards are network card bound, and the third one selects host only.

Add network card

$image.png\$ server1 “` [root@server1 ~]# cd /etc/sysconfig/network-scripts/ [root@server1 network-scripts]# cp /opt/ifcfg-eth0 ifcfg-eth2 [root@server1 network-scripts]# vim ifcfg-eth2 TYPE=Ethernet BOOTPROTO=static NAME=eth2 DEVICE=eth2 ONBOOT=yes BRIDGE=br1

[root@server1 network-scripts]# cp /opt/ifcfg-br0 ifcfg-br1 [root@server1 network-scripts]# vim ifcfg-br1 TYPE=Bridge BOOTPROTO=static NAME=br1 DEVICE=br1 ONBOOT=yes IPADDR=10.20 .1.101 PREFIX=24

Restart the network

[root@server1 network-scripts]# systemctl restart network

Copy to remote host

[root@server1 network-scripts]# scp ifcfg-eth2 ifcfg-br1 192.168.1.102:/etc/sysconfig/network-scripts/ **server2** [root@server2 ~]# cd / etc/sysconfig/network-scripts/

Modify IP address

[root@server2 network-scripts]# vim ifcfg-br1 TYPE=Bridge BOOTPROTO=static NAME=br1 DEVICE=br1 ONBOOT=yes IPADDR=10.20.1.102 PREFIX=24

Restart the network

[root@server2 network-scripts]# systemctl restart network “`

$image.png\$

$image.png\$

$image.png\$

$image.png\$

$image.png\$

$image.png\$

After adding the network card, shut down and then restart

$image.png\$

“` [root@server2 ~]# cd /var/lib/libvirt/images/ [root@server2 images]# cp centos7-bridge_bak.qcow2 centos7-web1.qcow2

[root@server2 images]# virt-install –virt-type kvm –name centos7-web –ram 1024 –vcpus 2 –cdrom=/usr/local/src/CentOS-7-x86_64-Minimal-1810 .iso –disk path=/var/lib/libvirt/images/centos7-web1.qcow2 –network bridge=br0 –graphics vnc,listen=0.0.0.0 –noautoconsole

[root@server2 ~]# virt-manager “`

Add a network card after forced shutdown

$image.png\$

Close irrelevant services Remove the external network card

$image.png\$

$image.png\$

$image.png\$

server1 [root@server1 network-scripts]# telnet 10.20.1.204 80 Trying 10.20.1.204... Connected to 10.20.1.204. Escape character is '^]'. ^C Connection closed by foreign host. [root@server1 network-scripts]# curl 10.20.1.204 10.20.1.204 web1

$image.png\$

Install reverse proxy

$image.png\$

“` [root@192 ~]# vim /etc/haproxy/haproxy.cfg

timeout http-keep-alive 10s timeout check 10s maxconn 3000

————————————————– ———————–

main frontend which proxies to the backends

————————————————– ———————–

Delete all the following content and change it to the following content

listen web-linux37 bind 192.168.1.201:80 mode http server web1 10.20.1.204:80 check inter 3s fall 3 rise 5

Restart haprxoy service

[root@192 ~]# systemctl restart haproxy [root@192 ~]# systemctl enable haproxy

[root@192 ~]# systemctl disable NetworkManager [root@192 ~]# systemctl disable firewalld

Disable SELinux

[root@192 ~]# cat /etc/selinux/config

This file controls the state of SELinux on the system.

SELINUX= can take one of these three values:

enforcing – SELinux security policy is enforced.

permissive – SELinux prints warnings instead of enforcing.

disabled – No SELinux policy is loaded.

SELINUX=disabled

SELINUXTYPE= can take one of three values:

targeted – Targeted processes are protected,

minimum – Modification of targeted policy. Only selected processes are protected.

mls – Multi Level Security protection.

SELINUXTYPE=targeted

[root@192 ~]# reboot “`

$image.png\$

server2 [root@server2 ~]# cd /var/lib/libvirt/images/ [root@server2 images]# scp centos7-web1.qcow2 10.20.1.101:/var/lib/ libvirt/images/ server1 “` [root@server1 ~]# cd /var/lib/libvirt/images/ [root@server1 images]# mv centos7-web1.qcow2 centos7 -web2.qcow2 [root@server1 images]# virt-install –virt-type kvm –name centos7-web2 –ram 1024 –vcpus 2 –cdrom=/usr/local/src/CentOS-7-x86_64 -Minimal-1810.iso –disk path=/var/lib/libvirt/images/centos7-web2.qcow2 –network bridge=br0 –graphics vnc,listen=0.0.0.0 –noautoconsole

[root@server1 images]# virt-manager #Forced shutdown “`

Change to bridged network card

$image.png\$

$image.png\$

$image.png\$

$image.png\$

Browser testing

$image.png\$