Updated on 2024-03-05 GMT+08:00

Binding an ECS to a Virtual IP Address

Required Tools

Postman or JMeter

Involved APIs

The following APIs will be called:

No.

Method

URI

Description

1

POST

/v3/auth/tokens

Obtain a token.

2

POST

/v2.0/ports

Create a virtual IP address port.

3

PUT

/v2.0/ports/{port_id}

Bind an ECS to the virtual IP address.

4

GET

/v2/{project_id}/servers/{server_id}/os-interface

Configure the allowed-address-pairs of the ECS NIC bound with the virtual IP address.

Procedure

  1. Obtain a token.

    Method

    POST

    URL

    IAM address: Port number/v3/auth/tokens

    Body (Example)

    {

    "auth":{

    "identity":{

    "methods": ["password"],

    "password":{

    "user":{

    "name": "user_name",

    "domain":{

    "name":"domain_name"

    },

    "password":"user_password"

    }

    }

    },

    "scope":{

    "project":{

    "name":"project_name"

    }

    }

    }

    }

  2. Create a virtual IP address port in the VPC subnet where the ECS resides.

    The virtual IP address port must be in the same subnet as the ECS, and the device_owner parameter must be set to neutron:VIP_PORT.

    Method

    POST

    URL

    VPC address: Port number/v2.0/ports

    Body (Example)

    {

    "port": {

    "network_id": "a54e1b19-ce78-4b7e-b28b-d2d716cdc161",

    "device_owner": "neutron:VIP_PORT",

    "name": "vip_port_test"

    }

    }

    Description

    network_id in the body is the ID of the network where the ECS resides.

  3. Bind an ECS to the virtual IP address.

    Update allowed-address-pairs of the virtual IP address port and specify ip_address to the IP address to be bound to the ECS NIC.

    Method

    PUT

    URL

    VPC address: Port number/v2.0/ports/{port_id}

    Body (Example)

    {

    "port": {

    "allowed_address_pairs": [

    {"ip_address":"192.168.22.221"},

    {"ip_address":"192.168.22.203"}

    ]

    }

    }

    Description

    • In the URL, {port_id} is the ID of the virtual IP address port created in the previous step.
    • ip_address in the body is the IP address to be bound to the ECS NIC.
  4. Configure the allowed-address-pairs of the ECS NIC bound with the virtual IP address.
    1. Obtain information about the ECS NIC bound with the virtual IP address.

      Method

      GET

      URL

      ECS address: Port number/v2/{tenant_id}/servers/{server_id}/os-interface

      Body

      N/A

      Description

      In the URL, {tenant_id} is the project ID, and {server_id} is the ECS ID.

    2. Change the allowed-address-pairs of the ECS NIC to 1.1.1.1/0 to disable the source/destination check.

      Method

      PUT

      URL

      VPC address: Port number/v2.0/ports/{port_id}

      Body

      {

      "port": {

      "allowed_address_pairs": [

      {"ip_address":"1.1.1.1/0"}

      ]

      }

      }

      Description

      In the URL, {port_id} is the ID of the ECS NIC bound with the virtual IP address.