Create and assign a floating IP
Floating IPs are not automatically allocated to instances by default (they need to be attached to instances manually). A Floating IP (FIP) is an extra public IP address that is associated to an instance. The VM instance itself isn't aware of this FIP and won't be visible in the network interfaces. Connectivity is achieved via NAT rules which manage the routing from the internet to the VM and vice versa. If a VM instance is deleted, the user can reuse the floating IP by attaching it to another instance.
Create a floating IP
- Identify the network
You have to give the network as a paramter, get the list of networks available using the command :
taylor@laptop:~$ openstack network list --external | grep floating
+--------------------------------------+-----------+----------------------------------------------------------------------------+
| ID | Name | Subnets |
+--------------------------------------+-----------+----------------------------------------------------------------------------+
| a6cf8d3b-92bc-4a84-ade6-e5c6715c1797 | ext-floating1 | e49440bc-ef91-45a1-8f79-25b779ff1821 |
+--------------------------------------+-----------+----------------------------------------------------------------------------+
- Create the Floating IP
taylor@laptop:~$ openstack floating ip create ext-floating1
The output will loook like this:
+---------------------+--------------------------------------+
| Field | Value |
+---------------------+--------------------------------------+
| created_at | 2021-03-17T10:00:38Z |
| description | |
| dns_domain | None |
| dns_name | None |
| fixed_ip_address | None |
| floating_ip_address | 195.15.240.213 |
| floating_network_id | a6cf8d3b-92bc-4a84-ade6-e5c6715c1797 |
| id | 8e6074e7-d581-4869-ac8c-c6207bd17299 |
| name | 195.15.240.213 |
| port_details | None |
| port_id | None |
| project_id | ac4fafd60021431585bbb23470119557 |
| qos_policy_id | None |
| revision_number | 0 |
| router_id | None |
| status | DOWN |
| subnet_id | None |
| tags | [] |
| updated_at | 2021-03-17T10:00:38Z |
+---------------------+--------------------------------------+
Your IP is 195.15.240.213 but isn't attach to any instance yet.
- Attach the Floating IP to an instance
Find the name or ID of the instance you want to assign the floating IP to
taylor@laptop:~$ openstack server list
+--------------------------------------+-------------+--------+------------------------+-----------------------------------+----------------------+
| ID | Name | Status | Networks | Image | Flavor |
+--------------------------------------+-------------+--------+------------------------+-----------------------------------+----------------------+
| 0ed1c8c1-cb48-4b37-99a4-b4b5665e056a | my-vm-name3 | ACTIVE | ext-net1=195.15.241.30 | debian-10.8.0-openstack-amd64.raw | a2-ram4-disk20-perf1 |
| 9e7b9a6d-94e8-4c53-86de-55f3d7be84a3 | my-vm-name2 | ACTIVE | mynetwork=10.10.10.137 | debian-10.8.0-openstack-amd64.raw | a2-ram4-disk20-perf1 |
| 654123e5-36fc-4194-8af8-d44ea69e9712 | my-vm-name | ACTIVE | mynetwork=10.10.10.127 | debian-10.8.0-openstack-amd64.raw | a2-ram4-disk20-perf1 |
+--------------------------------------+-------------+--------+------------------------+-----------------------------------+----------------------+
Let's assume we want to attach the FIP to my-vm-name
The Floating IPs are configured in a 1 to 1 NAT with the internal IP of the instance (in this case 10.10.10.127), it is necessary to find the ID of the port/interface corresponding to this internal IP.
To do so, run the following command :
openstack port list --server <ID or VM name>
taylor@laptop:~$ openstack port list --server my-vm-name
+--------------------------------------+------+-------------------+-----------------------------------------------------------------------------+--------+
| ID | Name | MAC Address | Fixed IP Addresses | Status |
+--------------------------------------+------+-------------------+-----------------------------------------------------------------------------+--------+
| 64b0655b-d9a7-4712-9b16-1b505b065b89 | | fa:16:3e:79:b8:3b | ip_address='10.10.10.127', subnet_id='04f0e0a0-66c6-40fb-88f5-402097c0afd0' | ACTIVE |
+--------------------------------------+------+-------------------+-----------------------------------------------------------------------------+--------+
The port ID is 64b0655b-d9a7-4712-9b16-1b505b065b89
You can now assign the floating IP to the my-vm-name port
openstack floating ip set --port <instance port ID> <floating IP>
openstack floating ip set --port 64b0655b-d9a7-4712-9b16-1b505b065b89 195.15.240.213
Common Errors
ResourceNotFound: 404: Client Error for url: https://pub1-api.cloud.infomaniak.ch/network/v2.0/floatingips/8e6074e7-d581-4869-ac8c-c6207bd17299, External network a6cf8d3b-92bc-4a84-ade6-e5c6715c1797 is not rea
chable from subnet 04f0e0a0-66c6-40fb-88f5-402097c0afd0. Therefore, cannot associate Port 64b0655b-d9a7-4712-9b16-1b505b065b89 with a Floating IP.
Your VM is on a Tenant network (Private network) which isn't connected to the Floating IPs network. You must link the two networks with a router first. Here the steps :
- Create a router
openstack router create myrouter
- Set the gateway of the router being the floating IPs network with internet connectivity
openstack router set --external-gateway ext-floating1 myrouter
- Plug your subnet hosting you VM to the router
In our case, our VM my-vm-name is on the subnet mysubnet
taylor@laptop:~$ openstack router add subnet myrouter mysubnet
- Assign the Floating IP
openstack floating ip set --port 64b0655b-d9a7-4712-9b16-1b505b065b89 195.15.240.213
- Verify the NAT association
taylor@laptop:~$ openstack floating ip list
+--------------------------------------+---------------------+------------------+--------------------------------------+--------------------------------------+----------------------------------+
| ID | Floating IP Address | Fixed IP Address | Port | Floating Network | Project |
+--------------------------------------+---------------------+------------------+--------------------------------------+--------------------------------------+----------------------------------+
| 8e6074e7-d581-4869-ac8c-c6207bd17299 | 195.15.240.213 | 10.10.10.127 | 64b0655b-d9a7-4712-9b16-1b505b065b89 | a6cf8d3b-92bc-4a84-ade6-e5c6715c1797 | ac4fafd60021431585bbb23470119557 |
+--------------------------------------+---------------------+------------------+--------------------------------------+--------------------------------------+----------------------------------+
- You should now be able to ssh your VM
taylor@laptop:~$ ssh debian@195.15.240.213
Linux my-vm-name 4.19.0-14-cloud-amd64 #1 SMP Debian 4.19.171-2 (2021-01-30) x86_64
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Thu Mar 18 11:21:47 2021 from 10.8.2.85
debian@my-vm-name:~$
Note: check that your security group allows the SSH connection