Learn how to attach Floating IP addresses to your instances.
Floating IPs are public IP addresses for Public Cloud, used to expose a private instance or a private network service to the public network.
Requirements
- a Public Cloud project in your OVHcloud account
- access to the OVHcloud API or the OpenStack command line environment (Tutorial)
- the OpenStack Command Line Interface tool installed on your working environment (optional)
Understanding the Floating IP service
Floating IP is one of the services delivered by the OpenStack DVR (Distributed Virtual Router) services of the OVHcloud Public Cloud.
Floating IP allows you to create a public IP address and use it for your private network-based VMs for incoming and outgoing traffic. Floating IP addresses can be attached and detached from your VMs at any time.
You can hold Floating IP addresses without attaching them to any service. They remain available for your resources until they are manually deleted.
Target configuration architecture
The goal of this exercise is to create a VM (vm4fip) with a private local network (test-network) only and use a router (router1) to set up a Floating IP.
Next, we will use this Floating IP to connect to the instance (VM) from the outside and check its access to the Internet.
Instructions
Via the OVHcloud Control Panel
Jump to: via OpenStack API | via OVHcloud API
In case of a new instance
Log in to the OVHcloud Control Panel, go to the Public Cloud section, and select the Public Cloud project concerned.
Before creating your instance, make sure you have created a private network with Gateway.
To create a new instance, follow this guide if necessary.
In Step 5, you have the option to choose a mode for your instance: Public mode or Private mode to be used for your instance networking.
By default, the public mode is selected, but since we are creating an instance to which we will attach a Floating IP, we need to create an instance with a private network ONLY.
- Select the
Private modeand click on the drop-down list to select a private network of your choice (the network must have been previously created with a Gateway or linked to a Gateway).If you select a private network that is not linked to a Gateway, the system will automatically create a Gateway of size "S" by default and attach it to your network.
- Check the box next to
Attach a Floating IP to this Instance. - Select
Create a new Floating IP. - Click
Nextto proceed to the final step and decide on a billing method.We recommend choosing hourly billing if there is any doubt regarding the usage period because it is not possible to choose it after the service delivery. You will have the option to switch to a monthly subscription as soon as the instance is available on the “Instances” page.NOTE: If you choose to be billed hourly, you will continue to be billed as long as the instance is not deleted. It does not matter if the instance is not used during this time.
- Click on the
Create an instancebutton to finish creating your new instance. It may take a few minutes until your service is delivered.
In case of an existing instance (created with a private network only).
Please note that the private network must be linked to a gateway. For more information, consult this guide: Creating a private network with Gateway.
In the public cloud section, click on Public IPs in the left-hand menu under Network.
Under the Floating IP tab, click on Add a new IP.
To complete your order:
- Select the
Floating IPs (Public Cloud). - Choose a
regionfor your Floating IPs. The region must be the same as that of the instance you wish to attach the Floating IP.Please note that only regions in which this service is available will be displayed.
- Next, click on the drop-down list to select the
instanceto attach the Floating IP to, then select thenetwork/IP(this will be in the default range selected when creating the private network of the instance).In case your instance is attached to two or more private networks, you will be presented with an equal amount of private IPs to select from, select the private IP of your choice. - Once done, click on
Generate purchase order. It may take a few minutes until your service is delivered.
Detaching a Floating IP
This feature is currently only available via the OpenStack API.
Deleting a Floating IP
In the public cloud section, click on Public IPs in the left-hand menu under Network.
Under the Floating IP tab, click the more options ... button next to the corresponding IP and select Delete.
In the pop-up window, proceed with the deletion of the IP by clicking on Confirm.
Via the OpenStack API
Attaching a Floating IP to an instance
Step 1) Clear a router.
$ openstack router create router1 $ openstack router show router1 -c id -c status +--------+--------------------------------------+ | Field | Value | +--------+--------------------------------------+ | id | d2370b2f-18ba-4a23-886d-35c01ba2a957 | | status | ACTIVE | +--------+--------------------------------------+
Step 2) Create a private network if needed. If you have one already, you can skip this step.
$ openstack network create test-network $ openstack network show test-network -c id -c status +--------+--------------------------------------+ | Field | Value | +--------+--------------------------------------+ | id | a9753f63-889a-43b7-b3ea-258bd5008207 | | status | ACTIVE | +--------+--------------------------------------+
Step 3) Create a subnet for your test-network. If you have one already, you can skip this step.
The subnet should have the DHCP service enabled and a gateway IP configured.
$ openstack subnet create --subnet-range 192.168.0.1/24 --network test-network --dhcp --gateway 192.168.0.1 test-subnet $ openstack subnet show test-subnet -c id -c gateway_ip -c enable_dhcp -c name +-------------+--------------------------------------+ | Field | Value | +-------------+--------------------------------------+ | enable_dhcp | True | | gateway_ip | 192.168.0.1 | | id | c23df163-0d46-4928-91d6-956794c4de16 | | name | test-subnet | +-------------+--------------------------------------+
Step 4) Add subnet to the router1.
$ openstack router add subnet router1 test-subnet
$ openstack router show router1 -c interfaces_info -c name
+-----------------+-----------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+-----------------+-----------------------------------------------------------------------------------------------------------------------------------------+
| interfaces_info | [{"port_id": "ec872f31-cfe5-4326-9aa2-30d2e5c60d20", "ip_address": "192.168.0.1", "subnet_id": "c23df163-0d46-4928-91d6-956794c4de16"}] |
| name | router1 |
+-----------------+-----------------------------------------------------------------------------------------------------------------------------------------+
Step 5) Add a gateway to router1 from the public shared network Ext-Net.
$ openstack router set --external-gateway Ext-Net router1
$ openstack router show router1 -c external_gateway_info -c name
+-----------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+-----------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| external_gateway_info | {"network_id": "b2c02fdc-ffdf-40f6-9722-533bd7058c06", "external_fixed_ips": [{"subnet_id": "0f11270c-1113-4d4f-98de-eba83445d962", "ip_address": "141.94.208.45"}, {"subnet_id": "4aa6cac1-d5cd-4e25-b14b-7573aeabcab1", "ip_address": "2001:41d0:304:400::7dc"}], "enable_snat": true} |
| name | router1 |
+-----------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
Step 6) Create a test-keypair for SSH connection to your VM (do not forget to limit access to the private key file using the chmod command).
$ openstack keypair create --private-key ./test-key.rsa test-key +-------------+-------------------------------------------------+ | Field | Value | +-------------+-------------------------------------------------+ | fingerprint | 02:54:10:33:e4:b0:fb:4b:ec:4b:06:e8:0d:38:90:25 | | name | test-key | | user_id | 0a3ef9fd2ea748e8935accf19d0278a8 | +-------------+-------------------------------------------------+ $ chmod 600 ./test-key.rsa
Step 7) Spawn a VM with the test-network interface only.
This will create a VM named vm4fip with a private interface only. This VM has no access outside test-network.
$ openstack server create --image 'Ubuntu 22.04' --flavor s1-8 --key-name test-key --net test-network vm4fip $ openstack server show vm4fip -c name -c status +--------+--------+ | Field | Value | +--------+--------+ | name | vm4fip | | status | ACTIVE | +--------+--------+
Step 8) Create a Floating IP from Ext-Net network.
$ openstack floating ip create Ext-Net $ openstack floating ip list +--------------------------------------+---------------------+------------------+------+--------------------------------------+----------------------------------+ | ID | Floating IP Address | Fixed IP Address | Port | Floating Network | Project | +--------------------------------------+---------------------+------------------+------+--------------------------------------+----------------------------------+ | 7b646f78-9344-440e-83c1-57c828a03718 | 169.254.10.25 | None | None | b2c02fdc-ffdf-40f6-9722-533bd7058c06 | 25a9e81103504980809e3f7573d93da3 | +--------------------------------------+---------------------+------------------+------+--------------------------------------+----------------------------------+
Step 9) Attach the Floating IP to VM vm4fip.
$ openstack server add floating ip vm4fip 169.254.10.25 $ openstack floating ip list +--------------------------------------+---------------------+------------------+--------------------------------------+--------------------------------------+----------------------------------+ | ID | Floating IP Address | Fixed IP Address | Port | Floating Network | Project | +--------------------------------------+---------------------+------------------+--------------------------------------+--------------------------------------+----------------------------------+ | 7b646f78-9344-440e-83c1-57c828a03718 | 169.254.10.25 | 192.168.0.201 | 1230869c-7116-4ee9-b688-8b6ebc153855 | b2c02fdc-ffdf-40f6-9722-533bd7058c06 | 25a9e81103504980809e3f7573d93da3 | +--------------------------------------+---------------------+------------------+--------------------------------------+--------------------------------------+----------------------------------+
Your VM now pings via the Floating IP:
$ ping 169.254.10.25 PING 169.254.10.25 (169.254.10.25) 56(84) bytes of data. 64 bytes from 169.254.10.25: icmp_seq=1 ttl=52 time=0.641 ms 64 bytes from 169.254.10.25: icmp_seq=2 ttl=52 time=1.06 ms 64 bytes from 169.254.10.25: icmp_seq=3 ttl=52 time=0.744 ms ^C --- 169.254.10.25 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2024ms rtt min/avg/max/mdev = 0.641/0.817/1.067/0.182 ms
You can connect to the vm4fip VM:
$ ssh ubuntu@169.254.10.25 -i ./test-key.rsa Welcome to Ubuntu 22.04 LTS (GNU/Linux 5.15.0-25-generic x86_64) * Documentation: https://help.ubuntu.com * Management: https://landscape.canonical.com * Support: https://ubuntu.com/advantage ubuntu@vm4fip:~$ ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 qdisc fq_codel state UP group default qlen 1000 link/ether fa:16:3e:24:b9:c2 brd ff:ff:ff:ff:ff:ff altname enp0s3 inet 192.168.0.201/24 metric 100 brd 192.168.0.255 scope global dynamic ens3 valid_lft 85929sec preferred_lft 85929sec inet6 fe80::f816:3eff:fe24:b9c2/64 scope link valid_lft forever preferred_lft forever
As you can see, the VM only has a private IP but it is available from the Internet via the Floating IP.
ubuntu@vm4fip:~$ sudo resolvectl dns ens3 1.1.1.1 ubuntu@vm4fip:~$ curl ifconfig.me/ip 169.254.10.25
Adding a DNS to a Floating IP
To add a DNS to a Floating IP, run the following command from the command line.
$ openstack floating ip set --dns-domain <DOMAIN_NAME> <IP_ADDRESS_ID>
Detaching a Floating IP
You can detach a Floating IP from your VM at any time.
$ openstack server remove floating ip vm4fip 169.254.10.25 $ openstack floating ip list +--------------------------------------+---------------------+------------------+------+--------------------------------------+----------------------------------+ | ID | Floating IP Address | Fixed IP Address | Port | Floating Network | Project | +--------------------------------------+---------------------+------------------+------+--------------------------------------+----------------------------------+ | 7b646f78-9344-440e-83c1-57c828a03718 | 169.254.10.25 | None | None | b2c02fdc-ffdf-40f6-9722-533bd7058c06 | 25a9e81103504980809e3f7573d93da3 | +--------------------------------------+---------------------+------------------+------+--------------------------------------+----------------------------------+ $ ping 169.254.10.25 PING 169.254.10.25 (169.254.10.25) 56(84) bytes of data. ^C --- 169.254.10.25 ping statistics --- 2 packets transmitted, 0 received, 100% packet loss, time 1019ms ```
Deleting a Floating IP
To delete a Floating IP, you must do it explicitly:
$ openstack floating ip delete 169.254.10.25 $ openstack floating ip list
Via the OVHcloud API
Attaching a Floating IP to an instance
With the OVHcloud API, you can only attach a Floating IP to an existing instance.
Step 1
To begin, retrieve all the information you will need.
For the project ID, the calls below allow you to retrieve it.
This call retrieves the list of projects:
This call identifies the project via the "description" field:
Step 2
For the instance ID, the call below allows you to retrieve it.
GET /cloud/project/{serviceName}/instance
serviceName: The project ID
region: You can specify the region for quicker results
The creation will take a few moments.
Step 3
Once you have gathered all the information, you can now create a Floating IP and attach it to an instance using the following call.
POST /cloud/project/{serviceName}/region/{regionName}/instance/{instanceId}/floatingIp
Fill in the fields according to the following table.
| Field | Description |
| serviceName | ID of the project |
| regionName | Name of the region in which the instance is located |
| instanceId | ID of the instance |
| name | Define a name for your Gateway |
| ip | The private IP of the instance |
The creation will take a few moments.
Detaching a Floating IP
This feature is currently only available via the OpenStack API.
Deleting a Floating IP
To delete a Floating IP, use the following API calls.
First, retrieve the necessary information.
For the project ID, the calls below allow you to retrieve it.
This call retrieves the list of projects.
This call identifies the project via the "description" field.
For the Floating IP ID, the call below allows you to retrieve it.
-
GET /cloud/project/{serviceName}/region/{regionName}/floatingip
Fill in the fields with the information previously obtained:
serviceName: The project ID
regionName: The name of the region
Once the information has been retrieved, use the following call to delete the Floating IP.
-
DELETE /cloud/project/{serviceName}/region/{regionName}/floatingip/{floatingIpId}
Fill in the fields with the information previously obtained:
serviceName: The project ID
regionName: The name of the region in which the floating is located
floatingIpId: The ID of the Floating IP
Go further
For more information and tutorials, please see our other Public Cloud support guides or explore the guides for other OVHcloud products and services.