Learn how to attach Floating IP addresses to your instances.
Floating IPs are public IP addresses for Public Cloud, used to expose a private instance or a private network service to the public network.
Requirements
- A Public Cloud project in your OVHcloud account
- Access to the OVHcloud API or the OpenStack command line environment (Tutorial)
- The OpenStack Command Line Interface tool installed on your working environment (optional)
Understanding the Floating IP service
Floating IP is one of the services delivered by the OpenStack DVR (Distributed Virtual Router) services of the OVHcloud Public Cloud.
Floating IP allows you to create a public IP address and use it for your private network-based VMs for incoming and outgoing traffic. Floating IP addresses can be attached and detached from your VMs at any time.
You can hold Floating IP addresses without attaching them to any service. They remain available for your resources until they are manually deleted.
Target configuration architecture
The goal of this exercise is to create a VM (vm4fip) with a private local network (test-network) only, and use a router (router1) to set up a Floating IP.
Next, we will use this Floating IP to connect to the instance (VM) from the outside and check its access to the Internet.
Instructions
Via the OpenStack API
Attaching a Floating IP to an instance
Step 1) Clear a router.
$ openstack router create router1
$ openstack router show router1 -c id -c status
+--------+--------------------------------------+
| Field | Value |
+--------+--------------------------------------+
| id | d2370b2f-18ba-4a23-886d-35c01ba2a957 |
| status | ACTIVE |
+--------+--------------------------------------+
Step 2) Create a private network if needed. If you have one already, you can skip this step.
$ openstack network create test-network
$ openstack network show test-network -c id -c status
+--------+--------------------------------------+
| Field | Value |
+--------+--------------------------------------+
| id | a9753f63-889a-43b7-b3ea-258bd5008207 |
| status | ACTIVE |
+--------+--------------------------------------+
Step 3) Create a subnet for your test-network. If you have one already, you can skip this step.
The subnet should have the DHCP service enabled and a gateway IP configured.
$ openstack subnet create --subnet-range 192.168.0.1/24 --network test-network --dhcp --gateway 192.168.0.1 test-subnet
$ openstack subnet show test-subnet -c id -c gateway_ip -c enable_dhcp -c name
+-------------+--------------------------------------+
| Field | Value |
+-------------+--------------------------------------+
| enable_dhcp | True |
| gateway_ip | 192.168.0.1 |
| id | c23df163-0d46-4928-91d6-956794c4de16 |
| name | test-subnet |
+-------------+--------------------------------------+
Step 4) Add subnet to the router1.
$ openstack router add subnet router1 test-subnet
$ openstack router show router1 -c interfaces_info -c name
+-----------------+-----------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+-----------------+-----------------------------------------------------------------------------------------------------------------------------------------+
| interfaces_info | [{"port_id": "ec872f31-cfe5-4326-9aa2-30d2e5c60d20", "ip_address": "192.168.0.1", "subnet_id": "c23df163-0d46-4928-91d6-956794c4de16"}] |
| name | router1 |
+-----------------+-----------------------------------------------------------------------------------------------------------------------------------------+
Step 5) Add a gateway to router1 from the public shared network Ext-Net.
$ openstack router set --external-gateway Ext-Net router1
$ openstack router show router1 -c external_gateway_info -c name
+-----------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+-----------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| external_gateway_info | {"network_id": "b2c02fdc-ffdf-40f6-9722-533bd7058c06", "external_fixed_ips": [{"subnet_id": "0f11270c-1113-4d4f-98de-eba83445d962", "ip_address": "141.94.208.45"}, {"subnet_id": "4aa6cac1-d5cd-4e25-b14b-7573aeabcab1", "ip_address": "2001:41d0:304:400::7dc"}], "enable_snat": true} |
| name | router1 |
+-----------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
Step 6) Create a test-keypair for SSH connection to your VM (do not forget to limit accesses to the private key file using the chmod command).
$ openstack keypair create --private-key ./test-key.rsa test-key
+-------------+-------------------------------------------------+
| Field | Value |
+-------------+-------------------------------------------------+
| fingerprint | 02:54:10:33:e4:b0:fb:4b:ec:4b:06:e8:0d:38:90:25 |
| name | test-key |
| user_id | 0a3ef9fd2ea748e8935accf19d0278a8 |
+-------------+-------------------------------------------------+
$ chmod 600 ./test-key.rsa
Step 7) Spawn a VM with the test-network interface only.
$ openstack server create --image 'Ubuntu 22.04' --flavor s1-8 --key-name test-key --net test-network vm4fip
$ openstack server show vm4fip -c name -c status
+--------+--------+
| Field | Value |
+--------+--------+
| name | vm4fip |
| status | ACTIVE |
+--------+--------+
Step 8) Create a Floating IP from Ext-Net network.
$ openstack floating ip create Ext-Net
$ openstack floating ip list
+--------------------------------------+---------------------+------------------+------+--------------------------------------+----------------------------------+
| ID | Floating IP Address | Fixed IP Address | Port | Floating Network | Project |
+--------------------------------------+---------------------+------------------+------+--------------------------------------+----------------------------------+
| 7b646f78-9344-440e-83c1-57c828a03718 | 169.254.10.25 | None | None | b2c02fdc-ffdf-40f6-9722-533bd7058c06 | 25a9e81103504980809e3f7573d93da3 |
+--------------------------------------+---------------------+------------------+------+--------------------------------------+----------------------------------+
Step 9) Attach the Floating IP to VM vm4fip.
$ openstack server add floating ip vm4fip 169.254.10.25
$ openstack floating ip list
+--------------------------------------+---------------------+------------------+--------------------------------------+--------------------------------------+----------------------------------+
| ID | Floating IP Address | Fixed IP Address | Port | Floating Network | Project |
+--------------------------------------+---------------------+------------------+--------------------------------------+--------------------------------------+----------------------------------+
| 7b646f78-9344-440e-83c1-57c828a03718 | 169.254.10.25 | 192.168.0.201 | 1230869c-7116-4ee9-b688-8b6ebc153855 | b2c02fdc-ffdf-40f6-9722-533bd7058c06 | 25a9e81103504980809e3f7573d93da3 |
+--------------------------------------+---------------------+------------------+--------------------------------------+--------------------------------------+----------------------------------+
Your VM now pings via the Floating IP:
$ ping 169.254.10.25
PING 169.254.10.25 (169.254.10.25) 56(84) bytes of data.
64 bytes from 169.254.10.25: icmp_seq=1 ttl=52 time=0.641 ms
64 bytes from 169.254.10.25: icmp_seq=2 ttl=52 time=1.06 ms
64 bytes from 169.254.10.25: icmp_seq=3 ttl=52 time=0.744 ms
^C
--- 169.254.10.25 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2024ms
rtt min/avg/max/mdev = 0.641/0.817/1.067/0.182 ms
You can connect to the vm4fip VM:
$ ssh ubuntu@169.254.10.25 -i ./test-key.rsa
Welcome to Ubuntu 22.04 LTS (GNU/Linux 5.15.0-25-generic x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
ubuntu@vm4fip:~$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 qdisc fq_codel state UP group default qlen 1000
link/ether fa:16:3e:24:b9:c2 brd ff:ff:ff:ff:ff:ff
altname enp0s3
inet 192.168.0.201/24 metric 100 brd 192.168.0.255 scope global dynamic ens3
valid_lft 85929sec preferred_lft 85929sec
inet6 fe80::f816:3eff:fe24:b9c2/64 scope link
valid_lft forever preferred_lft forever
As you can see, the VM only has a private IP but it is available from the Internet via the Floating IP.
ubuntu@vm4fip:~$ sudo resolvectl dns ens3 1.1.1.1
ubuntu@vm4fip:~$ curl ifconfig.me/ip
169.254.10.25
Detaching a Floating IP
You can detach a Floating IP from your VM at anytime.
$ openstack server remove floating ip vm4fip 169.254.10.25
$ openstack floating ip list
+--------------------------------------+---------------------+------------------+------+--------------------------------------+----------------------------------+
| ID | Floating IP Address | Fixed IP Address | Port | Floating Network | Project |
+--------------------------------------+---------------------+------------------+------+--------------------------------------+----------------------------------+
| 7b646f78-9344-440e-83c1-57c828a03718 | 169.254.10.25 | None | None | b2c02fdc-ffdf-40f6-9722-533bd7058c06 | 25a9e81103504980809e3f7573d93da3 |
+--------------------------------------+---------------------+------------------+------+--------------------------------------+----------------------------------+
$ ping 169.254.10.25
PING 169.254.10.25 (169.254.10.25) 56(84) bytes of data.
^C
--- 169.254.10.25 ping statistics ---
2 packets transmitted, 0 received, 100% packet loss, time 1019ms
```
Deleting a Floating IP
To delete a Floating IP, you must do it explicitly:
$ openstack floating ip delete 169.254.10.25
$ openstack floating ip list
Via the OVHcloud API
Attaching a Floating IP to an instance
With the OVHcloud API, you can only attach a Floating IP to an existing instance.
To begin, retrieve all the information you will need.
For the project ID, the calls below allow you to retrieve it.
- This call retrieves the list of projects.
- This call identifies the project via the "description" field.
For the instance ID, the call below allows you to retrieve it.
- GET /cloud/project/{serviceName}/instance
- Fill in the fields with the information previously obtained:
- serviceName: The project ID
- region: You can specify the region for quicker results
- The creation will take a few moments.
Once you have gathered all the information, you can now create a Floating IP and attach it to an instance using the following call.
- POST /cloud/project/{serviceName}/region/{regionName}/instance/{instanceId}/floatingIp
- Fill in the fields according the following table.
- The "gateway" property field should be left empty because you are attaching a Floating IP to an instance initially created with a private network only and already linked to a Gateway. Please note that for now, the Floating IP will not be created if the instance is linked to a private network that is not attached to a Gateway.
- The creation will take a few moments.
Detaching a Floating IP
This feature is currently only available via the OpenStack API.
Deleting a Floating IP
To delete a Floating IP, use the following API calls.
First, retrieve the necessary information.
For the project ID, the calls below allow you to retrieve it.
- This call retrieves the list of projects.
- This call identifies the project via the "description" field.
For the Floating IP ID, the call below allows you to retrieve it.
- GET /cloud/project/{serviceName}/region/{regionName}/floatingip
- Fill in the fields with the information previously obtained:
-
- serviceName: The project ID
- regionName: The name of the region
Once the information has been retrieved, use the following call to delete the Floating IP.
- DELETE /cloud/project/{serviceName}/region/{regionName}/floatingip/{floatingIpId}
- Fill in the fields with the information previously obtained:
-
- serviceName: The project ID
- regionName: The name of the region in which the floating is located
- floatingIpId: The ID of the Floating IP
Go further
For more information and tutorials, please see our other Public Cloud support guides or explore the guides for other OVHcloud products and services.