Overview

When talking about IPs, each instance can have a public/ floating, IP address in addition to its private/fixed IP address. Public addresses are used to communicate with networks outside the cloud, such as the Internet, whereas private addresses are used to communicate amongst instances. An instance's private IP address is automatically assigned when it is launched and remains the same until the instance is specifically terminated.

OpenStack Compute offers a pool of floating IP addresses that the cloud administrator has configured. The floating IP addresses you can allot to a project are specified by its project quota. After a floating IP address has been assigned to a project, you can:

• Associate or connect the floating IP address to a compute instance, where a single instance can only ever receive one floating IP address.

• Dissociate or delete the connection between a floating IP address and a compute instance.

Prerequisites

1. Configured compute instance.

2. SSH connected code editor.

3. Good internet connection

Get Started

a. Associating Floating IP

Follow the below mentioned steps for associating the Floating IP to a compute instance.

Step 1: Login to your account.

Step 2: Navigate to Services and then click on My Services.

Step 3: Click on your project.

Step 4: Navigate to Compute and then click on Instances.

Step 5: Choose your instance and click on the Instance name.

Step 6: Click on Select and choose Associate Floating IP from the drop-down menu.

Step 7: You need to select an IP address from the pool of pre-defined available IP addresses and the port address, then click on Associate button.

b. Disassociating Floating IP

Step 1- Select your desired compute instance, click on the drop-down menu and select Disassociate Floating IP, as shown below.

Step 2- You'll be prompted to disassociate window, select the Floating IP, you want to disassociate from the drop-down menu, and click Disassociate button.

c. Managing Security Group

Security groups permits you to manage the type of traffic that can access your instance. For example, you might use SSH to permit devices from your local network to access your instance. If your instance is a web server, you can enable HTTP or HTTPS access from any IP address, allowing outside users to browse the data on your web server.

Note: The following steps will only be used, if your configured and connected SSH terminal, throws the Network error, as shown in the attached screenshot.

Follow the steps below for troubleshooting the network error:

Step 1- Open the command prompt of your computer, then enter the following command, to check whether the IP address is responding or not.

ping <IP address> 

If you get an error message such as the one in the screenshot below, signifies that host was able to reach the destination, but it did not respond.

For such scenarios, you need to fix the rules/protocols in our compute instance’s security group, which we’ll be doing in steps ahead.

OpenStack provides each cloud administrator the flexibility to either use existing security group or create a new one.

Step 2- In order to resolve the network error, you need to edit the security group, which is connected to your project.

For this, in the left-navigation menu, go to Networks then to Security Groups, select your security group and click on Manage Rules.

Security groups serve as a firewall for connected instances, managing incoming and outgoing traffic at the instance level. To be able to connect to your project instance, you must add rules to a security group.

Step 3- Click on Add Rules button.

Note: The suggested security group permits all traffic on all ports for all protocols. This is due to the fact that each node has its own internal firewall.

Step 4- From the pop-up window, click on the drop-down menu and select SSH Rule, as shown in the image below.

Secure Shell Protocol or SSH is a remote administration protocol that enables users to secure, connect, manage, and alter their remote servers over the internet.

Step 5- In the Remote field, select CIDR.

Classless Inter-Domain Routing or CIDR assigns Internet Protocol (IP) addresses more flexibly by giving networks and individual devices distinctive and granular identification.

Step 6- In CIDR field, you may enter the range of IP addresses you want to communicate with, then click Add Rule.

By default, it allows data transmission and communication to/from all the ports.

Every time your project instance is launched, you can assign a security group to it. All instances to which the security group has been allocated will automatically be updated when rules are added or removed.

You can modify the security group of an instance after instance launch.