node-0001 公网IP(Master节点,且充当SNAT服务器) 159.138.145.188 私网IP 192.168.0.233
node-0002 私网IP 192.168.0.200
node-0003 私网IP 192.168.0.137
1. 购买三台华为云服务器:
node-0001:
node-0002:
node-0003:
2. 搭建SNAT服务器:
(1)点击node-0001--->点击网卡---->关闭源/目的检查
(2)远程至node-0001主机开启路由转发功能
[root@node-0001 ~]# cat /proc/sys/net/ipv4/ip_forward 0 #新建云主机默认不开启
[root@node-0001 ~]# vim /etc/sysctl.conf
......
net.ipv4.ip_forward=1 #在该文件最后添加该行
[root@node-0001 ~]# sysctl -p /etc/sysctl.conf #使上条配置生效
[root@node-0001 ~]# cat /proc/sys/net/ipv4/ip_forward 1
(3)添加iptables的SNAT规则
#将192.168.0.0网段的请求原地址转换为192.168.0.233,否则其他主机无法上网
[root@node-0001 ~]# iptalbes -t nat -A POSTROUTING -s 192.168.0.0/24 -o eth0 -j SNAT --to-source 192.168.0.233
[root@node-0001 ~]# yum -y install iptables-services && services iptables save
#查看是否配置成功
[root@node-0001 ~]# iptables -t nat -nvL POSTROUTING
Chain POSTROUTING (policy ACCEPT 9 packets, 540 bytes)
pkts bytes target prot opt in out source destination
......
9302 561K SNAT all * * -- 192.168.0.0/24 to:192.168.0.233
(4)添加自定义路由
(a)点击控制台,在左边菜单栏选择虚拟私有云
(b)在虚拟私有云列表中,单击需要添加路由的虚拟私有云名称
(c)添加路由信息
(d)查看路由信息设置是否成功
(e)检测node-0002,node-0003是否能够访问外网
[root@node-0002 ~]# ping -c 2 www.baidu.com #node-0003同理
PING www.wshifen.com (103.235.46.39) 56(84) bytes of data.
64 bytes from 103.235.46.39 (103.235.46.39): icmp_seq=1 ttl=47 time=2.47 ms
64 bytes from 103.235.46.39 (103.235.46.39): icmp_seq=2 ttl=47 time=2.54 ms
--- www.wshifen.com ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 2.474/2.510/2.546/0.036 ms
