Example 3: Assigning a Virtual IP Address to an ECS for HA

Scenarios

Virtual IP addresses are used for high availability as they make active/standby ECS switchover possible. This way if one ECS goes down for some reason, the other one can take over and services continue uninterrupted.

This section describes how to assign a virtual IP address to an ECS for HA by calling APIs.

Prerequisites

• You have created a VPC and subnet and obtained the VPC ID and subnet ID. For details, see Creating a VPC and Subnet.
• You have purchased an ECS. For details, see Overview.
• If you use a token for authentication, you must obtain the token and add X-Auth-Token to the request header when making an API call. Obtain the token by referring to Authentication.

Procedure

1. Assign a virtual IP address.
   1. Send POST https://VPC endpoint/v2.0/ports.
   2. Add X-Auth-Token to the request header.
   3. Set the following parameters in the request body. The virtual IP address and the ECS must be in the same subnet.

      {
      	"port": {
      		"network_id": "4779ab1c-7c1a-44b1-a02e-93dfc361b32d",
      		"device_owner": "neutron:VIP_PORT",
      		"name": "vip_port_test"
      	}
      }

      Alternatively, you can assign a specific IP address.

      {
      	"port": {
      		"network_id": "4779ab1c-7c1a-44b1-a02e-93dfc361b32d",
      		"device_owner": "neutron:VIP_PORT",
      		"name": "vip_port_test",
      		"fixed_ips": [
      			{
      				"ip_address": "192.168.0.220"
      			}
      		]
      	}
      }

   4. Check the response message.
      • The request is successful if the following response is displayed.

        {
        	"port": {
        		"id": "a7d98f3c-b42f-460b-96a1-07601e145961",
        		"name": "port-test",
        		"status": "DOWN",
        		"admin_state_up": true,
        		"fixed_ips": [{
        			"subnet_id": "213cb9d-3122-2ac1-1a29-91ffc1231a12",
        			"ip_address": "192.168.0.220"
        		}],
        		"mac_address": "fa:16:3e:01:f7:90",
        		"network_id": "4779ab1c-7c1a-44b1-a02e-93dfc361b32d",
        		"tenant_id": "db82c9e1415a464ea68048baa8acc6b8",
        		"project_id": "db82c9e1415a464ea68048baa8acc6b8",
        		"device_id": "",
        		"device_owner": "neutron:VIP_PORT",
        		"security_groups": ["d0d58aa9-cda9-414c-9c52-6c3daf8534e6"],
        		"extra_dhcp_opts": [],
        		"allowed_address_pairs": [],
        		"binding:vnic_type": "normal",
        		"binding:vif_details": {},
        		"binding:profile": {},
        		"port_security_enabled": true,
        		"created_at": "2018-09-20T01:45:26",
        		"updated_at": "2018-09-20T01:45:26"
        	}
        }

      • For details about the error codes displayed if the request fails, see section Error Codes.
2. Obtain the NIC information based on the ECS ID.
   1. Send GET https://VPC endpoint/v2.0/ports?device_id={ecs_id}&network_id={network_id}.
   2. Add X-Auth-Token to the request header.
   3. Check the response message.
      • The request is successful if the following response is displayed.

        {
        	"ports": [{
        		"id": "02c72193-efec-42fb-853b-c33f2b802467",
        		"name": "",
        		"status": "ACTIVE",
        		"admin_state_up": true,
        		"fixed_ips": [{
        			"subnet_id": "213cb9d-3122-2ac1-1a29-91ffc1231a12",
        			"ip_address": "192.168.0.75"
        		}],
        		"mac_address": "fa:16:3e:47:5f:c1",
        		"network_id": "4779ab1c-7c1a-44b1-a02e-93dfc361b32d",
        		"tenant_id": "db82c9e1415a464ea68048baa8acc6b8",
        		"project_id": "db82c9e1415a464ea68048baa8acc6b8",
        		"device_id": "ea61f836-b52f-41bf-9d06-685644001d6f",
        		"device_owner": "compute:br-iaas-odin1a",
        		"security_groups": [
        			"e0598d96-9451-4f8a-8de0-b8b4d451d9e7"
        		],
        		"extra_dhcp_opts": [],
        		"allowed_address_pairs": [],
        		"binding:vnic_type": "normal",
        		"binding:vif_details": {
        			"primary_interface": true
        		},
        		"binding:profile": {},
        		"port_security_enabled": true,
        		"created_at": "2020-06-20T08:07:29",
        		"updated_at": "2020-06-20T08:07:29"
        	}]
        }

      • For details about the error codes displayed if the request fails, see section Error Codes.
3. Bind an ECS to the virtual IP address.
   1. Send PUT https://VPC endpoint/v2.0/ports/{port_id}. port_id indicates the port ID corresponding to the assigned virtual IP address.
   2. Add X-Auth-Token to the request header.
   3. Set the following parameters in the request body. Set the value of ip_address to the NIC IP address of the ECS obtained in 2.

      {
      	"port": {
      		"allowed_address_pairs": [{
      			"ip_address": "192.168.0.75"
      		}]
      	}
      }

   4. Check the response message.
      • The request is successful if the following response is displayed.

        {
        	"port": {
        		"id": "a7d98f3c-b42f-460b-96a1-07601e145961",
        		"name": "port-test",
        		"status": "DOWN",
        		"admin_state_up": true,
        		"fixed_ips": [{
        			"subnet_id": "213cb9d-3122-2ac1-1a29-91ffc1231a12",
        			"ip_address": "192.168.0.220"
        		}],
        		"mac_address": "fa:16:3e:01:f7:90",
        		"network_id": "4779ab1c-7c1a-44b1-a02e-93dfc361b32d",
        		"tenant_id": "db82c9e1415a464ea68048baa8acc6b8",
        		"project_id": "db82c9e1415a464ea68048baa8acc6b8",
        		"device_id": "",
        		"device_owner": "neutron:VIP_PORT",
        		"security_groups": ["d0d58aa9-cda9-414c-9c52-6c3daf8534e6"],
        		"extra_dhcp_opts": [],
        		"allowed_address_pairs": [{
        			"ip_address": "192.168.0.75"
        		}]
        		"binding:vnic_type": "normal",
        		"binding:vif_details": {},
        		"binding:profile": {},
        		"port_security_enabled": true,
        		"created_at": "2018-09-20T01:45:26",
        		"updated_at": "2018-09-20T01:45:26"
        	}
        }

      • For details about the error codes displayed if the request fails, see section Error Codes.
4. Disable the source/destination check function for the ECS NIC.
   1. Send PUT https://VPC endpoint/v2.0/ports/{port_id}. port_id is the NIC ID obtained in 2.
   2. Add X-Auth-Token to the request header.
   3. Set the following parameters in the request body. Set the value of ip_address to 1.1.1.1/0, the NIC IP address of the ECS.

      {
      	"port": {
      		"allowed_address_pairs": [{
      			"ip_address": "1.1.1.1/0"
      		}]
      	}
      }

   4. Check the response message.
      • The request is successful if the following response is displayed.

        {
        	"port": {
        		"id": "02c72193-efec-42fb-853b-c33f2b802467",
        		"name": "",
        		"status": "ACTIVE",
        		"admin_state_up": true,
        		"fixed_ips": [{
        			"subnet_id": "213cb9d-3122-2ac1-1a29-91ffc1231a12",
        			"ip_address": "192.168.0.75"
        		}],
        		"mac_address": "fa:16:3e:47:5f:c1",
        		"network_id": "4779ab1c-7c1a-44b1-a02e-93dfc361b32d",
        		"tenant_id": "db82c9e1415a464ea68048baa8acc6b8",
        		"project_id": "db82c9e1415a464ea68048baa8acc6b8",
        		"device_id": "ea61f836-b52f-41bf-9d06-685644001d6f",
        		"device_owner": "compute:br-iaas-odin1a",
        		"security_groups": ["e0598d96-9451-4f8a-8de0-b8b4d451d9e7"],
        		"extra_dhcp_opts": [],
        		"allowed_address_pairs": [{
        			"ip_address": "1.1.1.1/0"
        		}],
        		"binding:vnic_type": "normal",
        		"binding:vif_details": {
        			"primary_interface": true
        		},
        		"binding:profile": {},
        		"port_security_enabled": true,
        		"created_at": "2020-06-20T08:07:29",
        		"updated_at": "2020-06-20T08:07:29"
        	}
        }

      • For details about the error codes displayed if the request fails, see section Error Codes.