DigitalOcean’s Floating IPs are a way of reserving public IP addresses that are independent of your compute resources. They provide a way to rapidly reroute traffic between your assets without waiting for DNS changes to take effect.
Compute components such as Droplets come with their own IPv4 address that facilitates public access. When you destroy a Droplet, you lose your rights to its IP. That address will go back into the pool that’s available to new Droplet creations.
Floating IPs are yours for as long as you need them. Once you’ve been allocated an IP, it can be attached to any eligible resource or sit dormant in your account for the future. Destroying a Droplet that’s targeted by a floating IP will keep the address available in your account, removing only the Droplet-specific IP allocated at the time of the Droplet’s creation.
Uses for Floating IPs
The Floating IP pattern lets you more closely mimic on-premises networking in the cloud. If you ran your own datacentre, you’d get a block of IP addresses from your ISP that you could assign to a gateway router at the entrypoint to your network. You’d then be free to change the infrastructure behind the router without changing the IP addresses that external users need to know.
Floating IPs offer similar ease of use for the resources in your DigitalOcean account. Pointing your external DNS at a floating IP instead of a specific Droplet IP lets you replace individual Droplets while leaving DNS records alone.
One common use case is failover scenarios in combination with high availability deployments. You can quickly route traffic away from a Droplet that’s experiencing issues by switching the Floating IP to reference another target in your account. You can use the DigitalOcean API to implement automated failovers by switching the target of a Floating IP when your monitoring service detects an outage.
Creating Floating IPs
Floating IPs can be created via the DigitalOcean control panel or the API. You’re initially limited to three floating IPs on your account; requests for more must be initiated through the control panel after you reach the cap.
Addresses which are in active use are currently free of charge. You’ll be billed at $4 per month or $0.00595 per hour if you create Floating IPs but leave them dormant in your account. This charge is applied due to the global shortage of IPv4 addresses. You’ll only be billed after your usage exceeds $1 so you don’t need to worry about brief periods of detachment when creating and reassigning your addresses.
To create a floating IP, login to your control panel account and click the “Networking” link in the left sidebar. Select the “Floating IPs” tab. Use the dropdown menu to choose the Droplet you want traffic to be routed to. Next, press the “Assign Floating IP” button to generate your new address.
Requests made to this IP address will be routed to the selected Droplet. You can change the target by returning to the Floating IPs page, clicking the “More” button next to your IP, and selecting either “Reassign” or “Unassign.” Unassigning the IP will start accruing billing for the unused reservation.
With the API
To create a floating IP with the DigitalOcean API, send a POST request to the api.digitalocean.com/v2/floating_ips endpoint. Refer to the documentation to generate and supply correct access credentials for your account.
The request needs to include a JSON payload identifying the Droplet to target:
You can discover the IDs of all your droplets by making a GET request to the api.digitalocean.com/v2/droplets endpoint.
To change the target of a floating IP you must use the special actions endpoint:
The floating IP needs to be identified by its IPv4 address, as shown in the URL above. Include a JSON payload that selects the assign action and specifies the droplet ID to target:
To unassign an IP, use the same endpoint but substitute unassign as the type field in your JSON payload. You can omit the droplet_id field.
Managing Outbound Traffic
Even with a Floating IP assigned, Droplets will still use their specific IP addresses for outbound traffic. This means external services such as third-party APIs will continue to identify your Droplet via its own IP address, instead of the Floating IP.
You can make outbound traffic use the Floating IP instead by updating the routing table in the Droplet’s networking configuration. Begin by using DigitalOcean’s Metadata API from within the Droplet to discover its anchor IP address. Anchor IPs are IP addresses through which traffic flows when traveling between the Droplet and its Floating IP.
# Returns the Anchor IP of the Droplet this command is executed on
curl -s http://169.254.169.254/metadata/v1/interfaces/public/0/anchor_ipv4/gateway
Next use the ip route command to modify your Droplet’s default route:
# Remove the existing default route (Droplet-specific IP)
ip route del 0/0;
# Set the Anchor IP as the new default route
ip route add default via <anchor IP> dev eth0
Now traffic originating from your Droplet will appear to come from its assigned Floating IP. This is useful when you’re communicating with services that use automatically determined callback URLs to subsequently send confirmation back to your system. The procedure ensures the callback will be sent to the Floating IP that’s currently exposing your Droplet.
Floating IPs are currently restricted to IPv4 addresses. DigitalOcean has not publicly announced any plan to offer IPv6 Floating IPs.
As floating IPs are allocated to specific datacentre regions, they can only target Droplets within the same datacentre. A Floating IP in NYC1 can’t be mapped to a Droplet in AMS1.
Only Droplets can be the targets of your Floating IPs. It’s not possible to reference a Managed Kubernetes Node or any other resource using one. In the case of Kubernetes, a Load Balancer is the closest alternative, letting you route traffic between your Nodes. Load Balancers come with their own public IP address and cannot be used as a Floating IP target either.
All Floating IPs work with a single Droplet at a time – they can’t be mapped to multiple Droplets simultaneously as they have no active routing component. They don’t offer PTR records for reverse DNS either and cannot be used for SMTP traffic.
Floating IPs are a mechanism by which you can switch the targets of publicly-accessible static IP addresses in your DigitalOcean account. The floating IP itself will never change its address but you can dynamically switch the Droplet it points to at any time.
It’s always a good idea to point your DNS records at Floating IPs instead of specific Droplets. As Floating IPs are free while in use, there’s very little reason not to do so when they give you so much more flexibility during times of failure. Even if you’re not all-in on high availability, Floating IPs can help you manage upgrade windows and server reboots by letting you temporarily redirect traffic to a maintenance page or read-only replica on another Droplet.
Article From: HowToGeek