Help Center/ Virtual Private Cloud/ API Reference/ Application Examples/ Example 3: Assigning a Virtual IP Address to an ECS for HA
Updated on 2024-10-31 GMT+08:00

Example 3: Assigning a Virtual IP Address to an ECS for HA

Scenarios

Virtual IP addresses are used for high availability as they make active/standby ECS switchover possible. This way if one ECS goes down for some reason, the other one can take over and services continue uninterrupted.

This section describes how to assign a virtual IP address to an ECS for HA by calling APIs.

Prerequisites

  • You have created a VPC and subnet and obtained the VPC ID and subnet ID. For details, see Creating a VPC and Subnet.
  • You have purchased an ECS. For details, see Creating an ECS.
  • If you use a token for authentication, you must obtain the token and add X-Auth-Token to the request header when making an API call. Obtain the token by referring to Authentication.

The token obtained from IAM is valid for only 24 hours. If you want to use a token for authentication, you can cache it to avoid frequent calling.

Procedure

  1. Assign a virtual IP address.
    1. Send POST https://VPC endpoint/v2.0/ports.
    2. Add X-Auth-Token to the request header.
    3. Set the following parameters in the request body. The virtual IP address and the ECS must be in the same subnet.
      {
      	"port": {
      		"network_id": "4779ab1c-7c1a-44b1-a02e-93dfc361b32d",
      		"device_owner": "neutron:VIP_PORT",
      		"name": "vip_port_test"
      	}
      }

      Alternatively, you can assign a specific IP address.

      {
      	"port": {
      		"network_id": "4779ab1c-7c1a-44b1-a02e-93dfc361b32d",
      		"device_owner": "neutron:VIP_PORT",
      		"name": "vip_port_test",
      		"fixed_ips": [
      			{
      				"ip_address": "192.168.0.220"
      			}
      		]
      	}
      }
    4. Check the response message.
      • The request is successful if the following response is displayed.
        {
        	"port": {
        		"id": "a7d98f3c-b42f-460b-96a1-07601e145961",
        		"name": "port-test",
        		"status": "DOWN",
        		"admin_state_up": true,
        		"fixed_ips": [{
        			"subnet_id": "213cb9d-3122-2ac1-1a29-91ffc1231a12",
        			"ip_address": "192.168.0.220"
        		}],
        		"mac_address": "fa:16:3e:01:f7:90",
        		"network_id": "4779ab1c-7c1a-44b1-a02e-93dfc361b32d",
        		"tenant_id": "db82c9e1415a464ea68048baa8acc6b8",
        		"project_id": "db82c9e1415a464ea68048baa8acc6b8",
        		"device_id": "",
        		"device_owner": "neutron:VIP_PORT",
        		"security_groups": ["d0d58aa9-cda9-414c-9c52-6c3daf8534e6"],
        		"extra_dhcp_opts": [],
        		"allowed_address_pairs": [],
        		"binding:vnic_type": "normal",
        		"binding:vif_details": {},
        		"binding:profile": {},
        		"port_security_enabled": true,
        		"created_at": "2018-09-20T01:45:26",
        		"updated_at": "2018-09-20T01:45:26"
        	}
        }
      • For details about the error codes displayed if the request fails, see section Error Codes.
  2. Obtain the NIC information based on the ECS ID.
    1. Send GET https://VPC endpoint/v2.0/ports?device_id={ecs_id}&network_id={network_id}.
    2. Add X-Auth-Token to the request header.
    3. Check the response message.
      • The request is successful if the following response is displayed.
        {
        	"ports": [{
        		"id": "02c72193-efec-42fb-853b-c33f2b802467",
        		"name": "",
        		"status": "ACTIVE",
        		"admin_state_up": true,
        		"fixed_ips": [{
        			"subnet_id": "213cb9d-3122-2ac1-1a29-91ffc1231a12",
        			"ip_address": "192.168.0.75"
        		}],
        		"mac_address": "fa:16:3e:47:5f:c1",
        		"network_id": "4779ab1c-7c1a-44b1-a02e-93dfc361b32d",
        		"tenant_id": "db82c9e1415a464ea68048baa8acc6b8",
        		"project_id": "db82c9e1415a464ea68048baa8acc6b8",
        		"device_id": "ea61f836-b52f-41bf-9d06-685644001d6f",
        		"device_owner": "compute:br-iaas-odin1a",
        		"security_groups": [
        			"e0598d96-9451-4f8a-8de0-b8b4d451d9e7"
        		],
        		"extra_dhcp_opts": [],
        		"allowed_address_pairs": [],
        		"binding:vnic_type": "normal",
        		"binding:vif_details": {
        			"primary_interface": true
        		},
        		"binding:profile": {},
        		"port_security_enabled": true,
        		"created_at": "2020-06-20T08:07:29",
        		"updated_at": "2020-06-20T08:07:29"
        	}]
        }
      • For details about the error codes displayed if the request fails, see section Error Codes.
  3. Bind an ECS to the virtual IP address.
    1. Send PUT https://VPC endpoint/v2.0/ports/{port_id}. port_id indicates the port ID corresponding to the assigned virtual IP address.
    2. Add X-Auth-Token to the request header.
    3. Set the following parameters in the request body. Set the value of ip_address to the NIC IP address of the ECS obtained in 2.
      {
      	"port": {
      		"allowed_address_pairs": [{
      			"ip_address": "192.168.0.75"
      		}]
      	}
      }
    4. Check the response message.
      • The request is successful if the following response is displayed.
        {
        	"port": {
        		"id": "a7d98f3c-b42f-460b-96a1-07601e145961",
        		"name": "port-test",
        		"status": "DOWN",
        		"admin_state_up": true,
        		"fixed_ips": [{
        			"subnet_id": "213cb9d-3122-2ac1-1a29-91ffc1231a12",
        			"ip_address": "192.168.0.220"
        		}],
        		"mac_address": "fa:16:3e:01:f7:90",
        		"network_id": "4779ab1c-7c1a-44b1-a02e-93dfc361b32d",
        		"tenant_id": "db82c9e1415a464ea68048baa8acc6b8",
        		"project_id": "db82c9e1415a464ea68048baa8acc6b8",
        		"device_id": "",
        		"device_owner": "neutron:VIP_PORT",
        		"security_groups": ["d0d58aa9-cda9-414c-9c52-6c3daf8534e6"],
        		"extra_dhcp_opts": [],
        		"allowed_address_pairs": [{
        			"ip_address": "192.168.0.75"
        		}]
        		"binding:vnic_type": "normal",
        		"binding:vif_details": {},
        		"binding:profile": {},
        		"port_security_enabled": true,
        		"created_at": "2018-09-20T01:45:26",
        		"updated_at": "2018-09-20T01:45:26"
        	}
        }
      • For details about the error codes displayed if the request fails, see section Error Codes.
  4. Disable the source/destination check function for the ECS NIC.
    1. Send PUT https://VPC endpoint/v2.0/ports/{port_id}. port_id is the NIC ID obtained in 2.
    2. Add X-Auth-Token to the request header.
    3. Set the following parameters in the request body. Set the value of ip_address to 1.1.1.1/0, the NIC IP address of the ECS.
      {
      	"port": {
      		"allowed_address_pairs": [{
      			"ip_address": "1.1.1.1/0"
      		}]
      	}
      }
    4. Check the response message.
      • The request is successful if the following response is displayed.
        {
        	"port": {
        		"id": "02c72193-efec-42fb-853b-c33f2b802467",
        		"name": "",
        		"status": "ACTIVE",
        		"admin_state_up": true,
        		"fixed_ips": [{
        			"subnet_id": "213cb9d-3122-2ac1-1a29-91ffc1231a12",
        			"ip_address": "192.168.0.75"
        		}],
        		"mac_address": "fa:16:3e:47:5f:c1",
        		"network_id": "4779ab1c-7c1a-44b1-a02e-93dfc361b32d",
        		"tenant_id": "db82c9e1415a464ea68048baa8acc6b8",
        		"project_id": "db82c9e1415a464ea68048baa8acc6b8",
        		"device_id": "ea61f836-b52f-41bf-9d06-685644001d6f",
        		"device_owner": "compute:br-iaas-odin1a",
        		"security_groups": ["e0598d96-9451-4f8a-8de0-b8b4d451d9e7"],
        		"extra_dhcp_opts": [],
        		"allowed_address_pairs": [{
        			"ip_address": "1.1.1.1/0"
        		}],
        		"binding:vnic_type": "normal",
        		"binding:vif_details": {
        			"primary_interface": true
        		},
        		"binding:profile": {},
        		"port_security_enabled": true,
        		"created_at": "2020-06-20T08:07:29",
        		"updated_at": "2020-06-20T08:07:29"
        	}
        }
      • For details about the error codes displayed if the request fails, see section Error Codes.