Avi Vantage Support for Multiple OpenStack Floating IPs
The L3 API in OpenStack Networking (Neutron) supports multiple floating IP pools. In OpenStack Networking, a floating IP pool is represented as an external network and a floating IP is allocated from a subnet associated with the external network. The external networks for an OpenStack deployment can be a combination of your intranet corporate IT network and an Internet-facing external network. This article details Avi Vantage’s support for multiple OpenStack floating IPs.
Floating IPs to Virtual Service VIP
Avi supports allocating and/or assigning a single floating IP to each VIP of a virtual service. In certain customer environments, more than one floating IP may be associated out-of-band with the VIP. Avi preserves any such out-of-band floating-IP associations to the VIP and also manages the Avi-allocated floating IP to the VIP simultaneously as part of the VIP lifecycle.
Update of the VIP address preserves the out-of-band floating IPs by associating them from the old VIP to the new VIP. Update/deletion of the Avi-allocated floating IP only modifies its association to the VIP, retaining out-of-band floating-IP associations as is. Deleting the VIP will release the out-of-band floating-IP associations.
Configuring Floating IPs to a Virtual Service VIP
Create Avi VS VIP with Avi-allocated Floating IP via the Avi UI
Figure 1. Virtual service creation in the Avi UI's VS editor
Figure 2. Avi UI shows the dual-FIP VS has been created and is 100% healthy
Assess OpenStack Neutron Floating IP Associations
[root@sivacos ~(keystone_admin)]# neutron net-list
+--------------------------------------+------------+------------------------------------------------------+
| id | name | subnets |
+--------------------------------------+------------+------------------------------------------------------+
| 74b6ff07-eb04-44cb-afb9-9f25d03342da | lab-ext | 2f95bbc2-9690-4fa4-935c-0a251153d198 192.168.99.0/24 |
| c71d1f1b-429c-4bc0-8029-587138550126 | public-ext | 15046d5d-d26d-4099-9916-2f18aa7de30e 10.130.128.0/18 |
+--------------------------------------+------------+------------------------------------------------------+
[root@sivacos ~(keystone_admin)]# neutron floatingip-list
+--------------------------------------+------------------+---------------------+--------------------------------------+
| id | fixed_ip_address | floating_ip_address | port_id |
+--------------------------------------+------------------+---------------------+--------------------------------------+
| 5ecceb7d-bf68-4a1a-b383-9566a8f4c5d3 | 10.0.0.8 | 10.130.130.6 | e8b242b6-aa0a-4a22-b120-d21dd2979f21 |
| 1348f055-8e6c-423f-b628-292d43071d6d | | 192.168.99.14 | |
+--------------------------------------+------------------+---------------------+--------------------------------------+
[root@sivacos ~(keystone_admin)]# neutron port-show e8b242b6-aa0a-4a22-b120-d21dd2979f21
+--------------+--------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+--------------+--------------------------------------------------------------------------------------------------------------------------------------------+
| device_id | |
| device_owner | neutron:LOADBALANCER |
| fixed_ips | {"subnet_id": "4e010951-eb90-43af-9bad-e578f1ac2f77", "ip_address": "10.0.0.8"} |
| id | e8b242b6-aa0a-4a22-b120-d21dd2979f21 |
| mac_address | fa:16:3e:61:02:14 |
| name | avi-vip-vsvip-92fc6977-d856-4427-bc52-6f09c2449d20:cluster-24e1c6db-bba4-409c-b86e-1accf4bebac3:cloud-2f391637-05bf-41c7-9c9c-6908c51c0f4d |
| network_id | a6669299-dccb-40a9-a0d2-4608aaea79c0 |
| status | DOWN |
| tenant_id | 9d50abab12cb40c9a20242407e3f38f6 |
...
+--------------+--------------------------------------------------------------------------------------------------------------------------------------------+
Adding a 2nd Floating IP Out-Of-Band
[root@sivacos ~(keystone_admin)]# neutron floatingip-create lab-ext
Created a new floatingip:
+---------------------+--------------------------------------+
| Field | Value |
+---------------------+--------------------------------------+
| fixed_ip_address | |
| floating_ip_address | 192.168.99.14 |
| floating_network_id | 74b6ff07-eb04-44cb-afb9-9f25d03342da |
| id | 1348f055-8e6c-423f-b628-292d43071d6d |
| port_id | |
| router_id | |
| status | DOWN |
| tenant_id | 9d50abab12cb40c9a20242407e3f38f6 |
...
+---------------------+--------------------------------------+
[root@sivacos ~(keystone_admin)]# neutron floatingip-associate --fixed-ip-address 10.0.0.8 1348f055-8e6c-423f-b628-292d43071d6d e8b242b6-aa0a-4a22-b120-d21dd2979f21
Associated floating IP 1348f055-8e6c-423f-b628-292d43071d6d
[root@sivacos ~(keystone_admin)]# neutron floatingip-list
+--------------------------------------+------------------+---------------------+--------------------------------------+
| id | fixed_ip_address | floating_ip_address | port_id |
+--------------------------------------+------------------+---------------------+--------------------------------------+
| 5ecceb7d-bf68-4a1a-b383-9566a8f4c5d3 | 10.0.0.8 | 10.130.130.6 | e8b242b6-aa0a-4a22-b120-d21dd2979f21 |
| 1348f055-8e6c-423f-b628-292d43071d6d | 10.0.0.8 | 192.168.99.14 | e8b242b6-aa0a-4a22-b120-d21dd2979f21 |
+--------------------------------------+------------------+---------------------+--------------------------------------+
Floating IPs to a Cluster IP
Avi supports associating a cluster IP with the Avi Controller cluster. More than one floating IP may be associated out-of-band with that cluster IP. Avi preserves any such out-of-band floating-IP associations to the cluster VIP in the event of a cluster leader change. Update of the cluster IP address preserves the out-of-band floating IPs by associating them from the old VIP to the new VIP. Deleting a cluster IP will release the out-of-band floating-IP associations.
[root@sivacos ~(keystone_admin)]# neutron net-list
+--------------------------------------+------------+------------------------------------------------------+
| id | name | subnets |
+--------------------------------------+------------+------------------------------------------------------+
| 74b6ff07-eb04-44cb-afb9-9f25d03342da | lab-ext | 2f95bbc2-9690-4fa4-935c-0a251153d198 192.168.99.0/24 |
| c71d1f1b-429c-4bc0-8029-587138550126 | public-ext | 15046d5d-d26d-4099-9916-2f18aa7de30e 10.130.128.0/18 |
+--------------------------------------+------------+------------------------------------------------------+
Configure Avi Controller Cluster IP
Figure 3. Avi Controller cluster editor
Add Floating IPs Out-Of-Band via the OpenStack Neutron CLI
[root@sivacos ~(keystone_admin)]# neutron floatingip-list
+--------------------------------------+------------------+---------------------+--------------------------------------+
| id | fixed_ip_address | floating_ip_address | port_id |
+--------------------------------------+------------------+---------------------+--------------------------------------+
| 2f769d13-e463-46c5-befe-7049ab6d9693 | | 10.130.130.10 | |
| 562477b5-dbb4-4bff-b7d2-90455230b36d | | 192.168.99.6 | |
+--------------------------------------+------------------+---------------------+--------------------------------------+
[root@sivacos ~(keystone_admin)]# neutron port-show 90b0a7fc-5376-4ddc-9740-18c508a4d7fc
+-----------------------+------------------------------------------------------------------------------------------------------+
| Field | Value |
+-----------------------+------------------------------------------------------------------------------------------------------+
| device_id | |
| device_owner | neutron:LOADBALANCER |
| fixed_ips | {"subnet_id": "a178c1f1-5cce-4f0a-ac1a-8277e26b085e", "ip_address": "172.24.16.100"} |
| id | 90b0a7fc-5376-4ddc-9740-18c508a4d7fc |
| mac_address | fa:16:3e:79:fb:cf |
| name | AviClusterIp:cluster-e5293381-d3ca-4630-8535-5b4071a78482:cloud-14b49755-c9ff-4e1e-8a42-21a1590e3345 |
| network_id | 27bd1f64-5a50-4189-98db-3265809ac71a |
| tenant_id | a6d878c0f7db40bf91ed1226e720460a |
...
+-----------------------+------------------------------------------------------------------------------------------------------+
[root@sivacos ~(keystone_admin)]# neutron floatingip-associate --fixed-ip-address 172.24.16.100 2f769d13-e463-46c5-befe-7049ab6d9693 90b0a7fc-5376-4ddc-9740-18c508a4d7fc
Associated floating IP 2f769d13-e463-46c5-befe-7049ab6d9693
[root@sivacos ~(keystone_admin)]# neutron floatingip-associate --fixed-ip-address 172.24.16.100 562477b5-dbb4-4bff-b7d2-90455230b36d 90b0a7fc-5376-4ddc-9740-18c508a4d7fc
Associated floating IP 562477b5-dbb4-4bff-b7d2-90455230b36d
[root@sivacos ~(keystone_admin)]# neutron floatingip-list
+--------------------------------------+------------------+---------------------+--------------------------------------+
| id | fixed_ip_address | floating_ip_address | port_id |
+--------------------------------------+------------------+---------------------+--------------------------------------+
| 2f769d13-e463-46c5-befe-7049ab6d9693 | 172.24.16.100 | 10.130.130.10 | 90b0a7fc-5376-4ddc-9740-18c508a4d7fc |
| 562477b5-dbb4-4bff-b7d2-90455230b36d | 172.24.16.100 | 192.168.99.6 | 90b0a7fc-5376-4ddc-9740-18c508a4d7fc |
+--------------------------------------+------------------+---------------------+--------------------------------------+
Updating the Cluster IP
Figure 4. Updating the Avi Controller cluster configuration
[root@sivacos ~(keystone_admin)]# neutron floatingip-list
+--------------------------------------+------------------+---------------------+--------------------------------------+
| id | fixed_ip_address | floating_ip_address | port_id |
+--------------------------------------+------------------+---------------------+--------------------------------------+
| 2f769d13-e463-46c5-befe-7049ab6d9693 | 172.24.16.200 | 10.130.130.10 | 68c54c6a-e305-4c92-90c0-418240ecf7fd |
| 562477b5-dbb4-4bff-b7d2-90455230b36d | 172.24.16.200 | 192.168.99.6 | 68c54c6a-e305-4c92-90c0-418240ecf7fd |
+--------------------------------------+------------------+---------------------+--------------------------------------+
[root@sivacos ~(keystone_admin)]# neutron port-show 68c54c6a-e305-4c92-90c0-418240ecf7fd
+-----------------------+------------------------------------------------------------------------------------------------------+
| Field | Value |
+-----------------------+------------------------------------------------------------------------------------------------------+
| device_id | |
| device_owner | neutron:LOADBALANCER |
| fixed_ips | {"subnet_id": "a178c1f1-5cce-4f0a-ac1a-8277e26b085e", "ip_address": "172.24.16.200"} |
| id | 68c54c6a-e305-4c92-90c0-418240ecf7fd |
| mac_address | fa:16:3e:46:e1:c4 |
| name | AviClusterIp:cluster-e5293381-d3ca-4630-8535-5b4071a78482:cloud-14b49755-c9ff-4e1e-8a42-21a1590e3345 |
| network_id | 27bd1f64-5a50-4189-98db-3265809ac71a |
| tenant_id | a6d878c0f7db40bf91ed1226e720460a |
...
+-----------------------+------------------------------------------------------------------------------------------------------+
Deleting Out-Of-Band Floating IPs
The Free Unused Floating IP Address checkbox in the Cloud configuration Avi UI (corresponding to free_floatingips flag in the Avi CLI) determines if the out-of-band floating IPs are deleted when the VS VIP or the cluster IP is deleted. If enabled, the out-of-band floating IPs are deleted; else, they are just released back to the pool of available floating IPs.
Figure 5. Freeing unused floating IP addresses