What is a Virtual IP?

A Virtual IP (VIP) is a networking pattern which allows an administrator to quickly move and IP address from one server to another with virtually no downtime. Also known as a Floating IP, you use this pattern when you need to switch servers faster than your DNS Time To Live (TTL) allows.

When is a VIP useful?

You use a VIP whenever you need a rapid IP change. The most common use cases include master-slave failover for caching (Redis/Memcache), storage (MySql/Postgres) or search (Solr/Elasticace). Basically any time you need to hot-swap something, you can use a VIP to make you feel more like Indiana Jones.

Swapping IPs like a Boss

The pattern explained

For a longer explanation, head to the Floating IP article, but in short, it works this way:

  1. each box gets a primary IP
  2. each box gets a DNS entry
  3. one secondary IP is reserved for the VIP
  4. the secondary IP is assigned a DNS entry
  5. use AWS tools to move the secondary IP addresses around to different boxes

Step 4 above is the crux. The DNS entry you apply to the VIP should be used by your application. That way no code changes are required when a server swap is performed. From the application's point of view, nothing has changed, but you've just swapped one server for another. You're amazing!

VIP Diagram

DNS entries for the primary IPs, too

Assigning DNS entries for the primary IPs is also helpful because you often need an unchanging name to point to. For example, during a hot swap, you'll want to be able to ssh into each box without worrying that the swap will change the server you're referencing. If you've named the boxes in DNS, you can easily reach them without memorizing IP addresses. Sweet.

Example:

  db.a.codepen.io  10.0.1.10 <-- primary IP
db.b.codepen.io  10.0.1.11 <-- primary IP
db.codepen.io    10.0.1.12 <-- VIP

VIP in practice

Setting up a VIP requires three steps:

1. Add a secondary IP to your "master" instance

Adding a secondary IP is something you can do through the AWS console, but because I want to be able automate this during the stresses of a cutover, I've written a script to help with this process. So all you have to do is this:

  ./assign_private_ip.sh '10.0.1.12' 'i-100ffad8'

If you look at the source, that script uses the AWS CLI to tell the VPC to assign the address 10.0.1.12 to your instance i-100ffad8. You'll obviously swap those values out for your own.

2. Configure your instances for secondary IP

Because you'll be swapping the IP from one box to the next, you'll need to configure your network card to accept IP address when your VPCs DHCP server assigns it. This little snippet makes this possible. Run this on the two instances your IP will be floating between.

  IP_ADDR='10.0.1.12/24'
ETH0='/etc/network/interfaces.d/eth0.cfg'
cat >> $ETH0 <<HERE

iface eth0 inet static
    address $IP_ADDR
HERE

sudo ifdown eth0 && sudo ifup eth0

The script above tells your network interface to accept connections on the secondary IP address. Because it only works if traffic is being routed via the network, it's safe to have on both boxes at the same time.

3. Swap your IPs at will

Now you can use the assign_private_ip.sh script above to switch that VIP from one instance to another any time you like. You can imagine a scenario like this:

  • assign a DNS entry to your VIP
  • do some master/slave prep
  • move the VIP to the slave
  • fix something on master
  • move the VIP back to master

The nice thing here is that your application does not need to change. It just continues to point at the DNS, which points to the VIP and we change the box behind the scenes.

Conclusion

This pattern is powerful, and is the basis for all kinds of cool HA Failover Scenarios. Use it on your network today!