Virtual IP Address Overview
What Is a Virtual IP Address?
A virtual IP address can be shared among multiple ECSs. An ECS can have a private and a virtual IP address, which allows your users to access the ECS through either IP address. You can use either IP address to enable layer 2 and layer 3 communications in a VPC, access a different VPC using peering connections, and access cloud servers through EIPs, Direct Connect connections, and VPN connections.
You can bind a virtual IP address to ECSs deployed in the active/standby pair, and then bind an EIP to the virtual IP address. Virtual IP addresses can work together with Keepalived to ensure high availability and disaster recovery. If the active ECS is faulty, the standby ECS automatically takes over services from the active one.
Networking
Virtual IP addresses are used for high availability and can work together with Keepalived to make active/standby ECS switchover possible. This way if one ECS goes down for some reason, the other one can take over and services continue uninterrupted. ECSs can be configured for HA or as load balancing clusters.
- Networking mode 1: HA
To improve service availability and eliminate single points of failure, you can deploy ECSs in the active/standby pair or deploy one active ECS and multiple standby ECSs. And then, you can bind the same virtual IP address to these ECSs. If the active ECS becomes faulty, a standby ECS takes over services from the active ECS and services continue uninterrupted.
Figure 1 Networking diagram of the HA mode
- As shown in the above figure, bind a virtual IP address to two ECSs in the same subnet.
- Configure Keepalived for the two ECSs to work in the active/standby pair. Follow industry standards for configuring Keepalived. The details are not included here.
- Networking mode 2: HA load balancing cluster
If you want to build a high-availability load balancing cluster, use Keepalived and configure LVS nodes as direct routers.
Figure 2 HA load balancing cluster
- Bind a single virtual IP address to two ECSs.
- Configure the two ECSs as LVS nodes working as direct routers and use Keepalived to configure the nodes in the active/standby pair. The two ECSs will evenly forward requests to different backend servers.
- Configure two more ECSs as backend servers.
- Disable the source/destination check for the two backend servers.
- Check whether the source/destination check is disabled on the active and standby LVS ECSs. For details, see Disabling Source/Destination Check for an ECS NIC.
If you bind an ECS to a virtual IP address on the management console, the source/destination check is automatically disabled. If you bind an ECS to a virtual IP address by calling APIs, you need to manually disable the source/destination check.
Follow industry standards for configuring Keepalived. The details are not included here.
Application Scenarios
- Accessing the virtual IP address through an EIP
If your application has high availability requirements and needs to provide services through the Internet, it is recommended that you bind an EIP to a virtual IP address.
- Using a VPN, Direct Connect, or VPC peering connection to access a virtual IP address
To ensure high availability and access to the Internet, use VPN for security and Direct Connect for stable connectivity. The VPC peering connection is needed so that the VPCs in the same region can communicate with each other.
Notes and Constraints
- Virtual IP addresses are not recommended when multiple NICs in the same subnet are configured on an ECS. Using the virtual IP addresses may cause route conflicts on the ECS, which would lead to communication failures.
- A virtual IP address from a subnet can only be bound to cloud servers from the same subnet.
- If a virtual IP address is used in an active/standby scenario, disable IP forwarding on the standby ECS. For details, see Disabling IP Forwarding on the Standby ECS.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot