Avi Vantage Support for Multiple OpenStack Floating IPs

The L3 API in OpenStack Networking (Neutron) supports multiple floating IP pools. In OpenStack Networking, a floating IP pool is represented as an external network and a floating IP is allocated from a subnet associated with the external network. The external networks for an OpenStack deployment can be a combination of your intranet corporate IT network and an Internet-facing external network. This article details Avi Vantage’s support for multiple OpenStack floating IPs.

Floating IPs to Virtual Service VIP

Avi supports allocating and/or assigning a single floating IP to each VIP of a virtual service. In certain customer environments, more than one floating IP may be associated out-of-band with the VIP. Avi preserves any such out-of-band floating-IP associations to the VIP and also manages the Avi-allocated floating IP to the VIP simultaneously as part of the VIP lifecycle.

Update of the VIP address preserves the out-of-band floating IPs by associating them from the old VIP to the new VIP. Update/deletion of the Avi-allocated floating IP only modifies its association to the VIP, retaining out-of-band floating-IP associations as is. Deleting the VIP will release the out-of-band floating-IP associations.

Configuring Floating IPs to a Virtual Service VIP

Create Avi VS VIP with Avi-allocated Floating IP via the Avi UI

Virtual service creation in the Avi UI
Figure 1. Virtual service creation in the Avi UI's VS editor


Confirmation that the dual-FIP VS has been created and is 100% healthy
Figure 2. Avi UI shows the dual-FIP VS has been created and is 100% healthy

Assess OpenStack Neutron Floating IP Associations


[root@sivacos ~(keystone_admin)]# neutron net-list
+--------------------------------------+------------+------------------------------------------------------+
| id                                   | name       | subnets                                              |
+--------------------------------------+------------+------------------------------------------------------+
| 74b6ff07-eb04-44cb-afb9-9f25d03342da | lab-ext    | 2f95bbc2-9690-4fa4-935c-0a251153d198 192.168.99.0/24 |
| c71d1f1b-429c-4bc0-8029-587138550126 | public-ext | 15046d5d-d26d-4099-9916-2f18aa7de30e 10.130.128.0/18 |
+--------------------------------------+------------+------------------------------------------------------+

[root@sivacos ~(keystone_admin)]# neutron floatingip-list
+--------------------------------------+------------------+---------------------+--------------------------------------+
| id                                   | fixed_ip_address | floating_ip_address | port_id                              |
+--------------------------------------+------------------+---------------------+--------------------------------------+
| 5ecceb7d-bf68-4a1a-b383-9566a8f4c5d3 | 10.0.0.8         | 10.130.130.6        | e8b242b6-aa0a-4a22-b120-d21dd2979f21 |
| 1348f055-8e6c-423f-b628-292d43071d6d |                  | 192.168.99.14       |                                      |
+--------------------------------------+------------------+---------------------+--------------------------------------+

[root@sivacos ~(keystone_admin)]# neutron port-show e8b242b6-aa0a-4a22-b120-d21dd2979f21
+--------------+--------------------------------------------------------------------------------------------------------------------------------------------+
| Field        | Value                                                                                                                                      |
+--------------+--------------------------------------------------------------------------------------------------------------------------------------------+
| device_id    |                                                                                                                                            |
| device_owner | neutron:LOADBALANCER                                                                                                                       |
| fixed_ips    | {"subnet_id": "4e010951-eb90-43af-9bad-e578f1ac2f77", "ip_address": "10.0.0.8"}                                                            |
| id           | e8b242b6-aa0a-4a22-b120-d21dd2979f21                                                                                                       |
| mac_address  | fa:16:3e:61:02:14                                                                                                                          |
| name         | avi-vip-vsvip-92fc6977-d856-4427-bc52-6f09c2449d20:cluster-24e1c6db-bba4-409c-b86e-1accf4bebac3:cloud-2f391637-05bf-41c7-9c9c-6908c51c0f4d |
| network_id   | a6669299-dccb-40a9-a0d2-4608aaea79c0                                                                                                       |
| status       | DOWN                                                                                                                                       |
| tenant_id    | 9d50abab12cb40c9a20242407e3f38f6                                                                                                           |
...
+--------------+--------------------------------------------------------------------------------------------------------------------------------------------+

Adding a 2nd Floating IP Out-Of-Band


[root@sivacos ~(keystone_admin)]# neutron floatingip-create lab-ext
Created a new floatingip:
+---------------------+--------------------------------------+
| Field               | Value                                |
+---------------------+--------------------------------------+
| fixed_ip_address    |                                      |
| floating_ip_address | 192.168.99.14                        |
| floating_network_id | 74b6ff07-eb04-44cb-afb9-9f25d03342da |
| id                  | 1348f055-8e6c-423f-b628-292d43071d6d |
| port_id             |                                      |
| router_id           |                                      |
| status              | DOWN                                 |
| tenant_id           | 9d50abab12cb40c9a20242407e3f38f6     |
...
+---------------------+--------------------------------------+

[root@sivacos ~(keystone_admin)]# neutron floatingip-associate --fixed-ip-address 10.0.0.8 1348f055-8e6c-423f-b628-292d43071d6d e8b242b6-aa0a-4a22-b120-d21dd2979f21
Associated floating IP 1348f055-8e6c-423f-b628-292d43071d6d

[root@sivacos ~(keystone_admin)]# neutron floatingip-list
+--------------------------------------+------------------+---------------------+--------------------------------------+
| id                                   | fixed_ip_address | floating_ip_address | port_id                              |
+--------------------------------------+------------------+---------------------+--------------------------------------+
| 5ecceb7d-bf68-4a1a-b383-9566a8f4c5d3 | 10.0.0.8         | 10.130.130.6        | e8b242b6-aa0a-4a22-b120-d21dd2979f21 |
| 1348f055-8e6c-423f-b628-292d43071d6d | 10.0.0.8         | 192.168.99.14       | e8b242b6-aa0a-4a22-b120-d21dd2979f21 |
+--------------------------------------+------------------+---------------------+--------------------------------------+

Floating IPs to a Cluster IP

Avi supports associating a cluster IP with the Avi Controller cluster. More than one floating IP may be associated out-of-band with that cluster IP. Avi preserves any such out-of-band floating-IP associations to the cluster IP in the event of a cluster leader change. Update of the cluster IP address preserves the out-of-band floating IPs by associating them from the old VIP to the new VIP. Deleting a cluster IP will release the out-of-band floating-IP associations.


[root@sivacos ~(keystone_admin)]# neutron net-list
+--------------------------------------+------------+------------------------------------------------------+
| id                                   | name       | subnets                                              |
+--------------------------------------+------------+------------------------------------------------------+
| 74b6ff07-eb04-44cb-afb9-9f25d03342da | lab-ext    | 2f95bbc2-9690-4fa4-935c-0a251153d198 192.168.99.0/24 |
| c71d1f1b-429c-4bc0-8029-587138550126 | public-ext | 15046d5d-d26d-4099-9916-2f18aa7de30e 10.130.128.0/18 |
+--------------------------------------+------------+------------------------------------------------------+

Configure Avi Controller Cluster IP

Avi Controller cluster editor
Figure 3. Avi Controller cluster editor

Add Floating IPs Out-Of-Band via the OpenStack Neutron CLI


[root@sivacos ~(keystone_admin)]# neutron floatingip-list
+--------------------------------------+------------------+---------------------+--------------------------------------+
| id                                   | fixed_ip_address | floating_ip_address | port_id                              |
+--------------------------------------+------------------+---------------------+--------------------------------------+
| 2f769d13-e463-46c5-befe-7049ab6d9693 |                  | 10.130.130.10       |                                      |
| 562477b5-dbb4-4bff-b7d2-90455230b36d |                  | 192.168.99.6        |                                      |
+--------------------------------------+------------------+---------------------+--------------------------------------+

[root@sivacos ~(keystone_admin)]# neutron port-show 90b0a7fc-5376-4ddc-9740-18c508a4d7fc
+-----------------------+------------------------------------------------------------------------------------------------------+
| Field                 | Value                                                                                                |
+-----------------------+------------------------------------------------------------------------------------------------------+
| device_id             |                                                                                                      |
| device_owner          | neutron:LOADBALANCER                                                                                 |
| fixed_ips             | {"subnet_id": "a178c1f1-5cce-4f0a-ac1a-8277e26b085e", "ip_address": "172.24.16.100"}                 |
| id                    | 90b0a7fc-5376-4ddc-9740-18c508a4d7fc                                                                 |
| mac_address           | fa:16:3e:79:fb:cf                                                                                    |
| name                  | AviClusterIp:cluster-e5293381-d3ca-4630-8535-5b4071a78482:cloud-14b49755-c9ff-4e1e-8a42-21a1590e3345 |
| network_id            | 27bd1f64-5a50-4189-98db-3265809ac71a                                                                 |
| tenant_id             | a6d878c0f7db40bf91ed1226e720460a                                                                     |
...
+-----------------------+------------------------------------------------------------------------------------------------------+

[root@sivacos ~(keystone_admin)]# neutron floatingip-associate --fixed-ip-address 172.24.16.100 2f769d13-e463-46c5-befe-7049ab6d9693 90b0a7fc-5376-4ddc-9740-18c508a4d7fc
Associated floating IP 2f769d13-e463-46c5-befe-7049ab6d9693

[root@sivacos ~(keystone_admin)]# neutron floatingip-associate --fixed-ip-address 172.24.16.100 562477b5-dbb4-4bff-b7d2-90455230b36d 90b0a7fc-5376-4ddc-9740-18c508a4d7fc
Associated floating IP 562477b5-dbb4-4bff-b7d2-90455230b36d

[root@sivacos ~(keystone_admin)]# neutron floatingip-list
+--------------------------------------+------------------+---------------------+--------------------------------------+
| id                                   | fixed_ip_address | floating_ip_address | port_id                              |
+--------------------------------------+------------------+---------------------+--------------------------------------+
| 2f769d13-e463-46c5-befe-7049ab6d9693 | 172.24.16.100    | 10.130.130.10       | 90b0a7fc-5376-4ddc-9740-18c508a4d7fc |
| 562477b5-dbb4-4bff-b7d2-90455230b36d | 172.24.16.100    | 192.168.99.6        | 90b0a7fc-5376-4ddc-9740-18c508a4d7fc |
+--------------------------------------+------------------+---------------------+--------------------------------------+

Updating the Controller Cluster IP

Updating the Avi Controller cluster configuration
Figure 4. Updating the Avi Controller cluster configuration



[root@sivacos ~(keystone_admin)]# neutron floatingip-list
+--------------------------------------+------------------+---------------------+--------------------------------------+
| id                                   | fixed_ip_address | floating_ip_address | port_id                              |
+--------------------------------------+------------------+---------------------+--------------------------------------+
| 2f769d13-e463-46c5-befe-7049ab6d9693 | 172.24.16.200    | 10.130.130.10       | 68c54c6a-e305-4c92-90c0-418240ecf7fd |
| 562477b5-dbb4-4bff-b7d2-90455230b36d | 172.24.16.200    | 192.168.99.6        | 68c54c6a-e305-4c92-90c0-418240ecf7fd |
+--------------------------------------+------------------+---------------------+--------------------------------------+

[root@sivacos ~(keystone_admin)]# neutron port-show 68c54c6a-e305-4c92-90c0-418240ecf7fd
+-----------------------+------------------------------------------------------------------------------------------------------+
| Field                 | Value                                                                                                |
+-----------------------+------------------------------------------------------------------------------------------------------+
| device_id             |                                                                                                      |
| device_owner          | neutron:LOADBALANCER                                                                                 |
| fixed_ips             | {"subnet_id": "a178c1f1-5cce-4f0a-ac1a-8277e26b085e", "ip_address": "172.24.16.200"}                 |
| id                    | 68c54c6a-e305-4c92-90c0-418240ecf7fd                                                                 |
| mac_address           | fa:16:3e:46:e1:c4                                                                                    |
| name                  | AviClusterIp:cluster-e5293381-d3ca-4630-8535-5b4071a78482:cloud-14b49755-c9ff-4e1e-8a42-21a1590e3345 |
| network_id            | 27bd1f64-5a50-4189-98db-3265809ac71a                                                                 |
| tenant_id             | a6d878c0f7db40bf91ed1226e720460a                                                                     |
...
+-----------------------+------------------------------------------------------------------------------------------------------+

Deleting Out-Of-Band Floating IPs

The Free Unused Floating IP Address checkbox in the Cloud configuration Avi UI (corresponding to free_floatingips flag in the Avi CLI) determines if the out-of-band floating IPs are deleted when the VS VIP or the cluster IP is deleted. If enabled, the out-of-band floating IPs are deleted; else, they are just released back to the pool of available floating IPs.

Freeing unused floating IP addresses
Figure 5. Freeing unused floating IP addresses