When planning your AWS instance, it is important to keep high availability in mind prior to creating your instance. The decision to create a highly available storage solution using SoftNAS must be made early in order to allow you to prepare your build accordingly. One decision that needs to be made early is whether to use Instance, Elastic or Virtual IPs. Beyond choosing the type of IP address you wish, there are many configuration steps required to prepare for a high availability configuration. For complete coverage of high availability through SoftNAS, go to our High Availability Documentation
Amazon EC2 provides three types of IP addresses:
- Instance IP address: each instance is assigned a dynamic IP address, assigned by DHCP. These are on the internal, private network, assigned by DHCP. They will be different each time a SoftNAS instance is booted.
- Elastic IP address: these are static IP addresses, and is recommended for use with SoftNAS, if not using Virtual IPs. These IP addresses are public-facing, static IP addresses which are "associated" with a particular instance. While associated with an instance, these IP addresses are always the same, so there is a predictable way to address each SoftNAS instance in the environment. Elastic IP addresses are termed "elastic" as they can be dynamically reassigned (moved) from once instance to another.
- Virtual IP addresses: SoftNAS now supports the set up of highly available VPCs with private subnets using virtual IPs. Elastic IP setup is still supported for legacy purposes. However, Virtual IP setup, more secure because it does not require a public facing IP, is our recommended best practice. If setting up SoftNAS SNAP HATM with virtual IPs, there is no need to create Elastic IPs at all. The IPs assigned statically or via DHCP at instance creation time can be retained.
Virtual IPs and High Availability
Setup and maintenance of Virtual IP addresses are covered in our High Availability Documentation. Virtual IP addresses are relatively simple to set up, requiring only that each VPC instance must have an IP in the same CIDR block. A third IP outside this CIDR block will be selected during the HA wizard setup. This will be the IP address you will use to access the highly available share, whichever instance is currently the primary.
There are multiple ways to configure secure administrative access to the SoftNAS SNAP HA™ storage controllers:
- VPN - this is the most secure stand-alone solution, and a recommended minimum best practice for limiting access to the private IPs of each SoftNAS® controller. In this case, use DNS to assign a common name to each controller (e.g., "nas01.localdomain.com", "nas02.localdomain.com"), making routing to each SoftNAS® controller convenient for administrators.
- Admin Desktop - an even more secure approach is to combine VPN access with an Administrator's desktop, (sometimes referred to as a jumpbox) typically running Windows and accessed via RDP. This secure admin desktop adds another layer of authentication, namely Active Directory (or local account) authentication.
Elastic IPs, HA and Dynamic DNS
Elastic IPs were long the go-to method, providing the flexibility to create a high-availability (HA) configuration. With the ability to configure Virtual IPs, more secure because it offers no public IP access point, Elastic IPs are no longer the recommended configuration, but are supported for legacy purposes as they are still widely used. For more information on the SoftNAS High Availability technology via SNAP HATM or SnapReplicate, consult the High Availability Documentation.
As a quick example, consider two SoftNAS instances with replication between them configured as an Active-Passive HA pair in different availability zones in the same region (or across regions, as applicable to local needs). Let's call these SoftNAS instances "A" and "B", where "A" is currently the active, primary NAS.
Assign three elastic IP addresses - one for A, one for B, and one "floating" elastic IP used for failover. Applications and DNS for SoftNAS® would reference the third elastic IP, as shown below.
Elastic IP | Assigned To |
IP 1 | SoftNAS Instance A |
IP 2 | SoftNAS Instance B |
IP 3 | DNS - points to instance A initially |
In this configuration, IP 1 and IP 2 are used to administer and perform replication between SoftNAS instances. DNS points to "A", which is the active SoftNAS instance. In this configuration, replication is configured to flow from "A" to "B", so that "B" is effectively a mirror of "A", always ready for a failover.
In the event of a zone failure, physical disk failure or scheduled downtime / maintenance, IP 3 can be reassigned to "B", which becomes the active instance. When "A" is restored, replication can be reconfigured to flow from "B" to "A".
Note: It can take up to 30 seconds to complete an elastic IP reassignment to a different instance.
Alternatively, use IP 1 and IP 2 (without IP 3) and use dynamic DNS with a short TTL (time to live) and perform failover by simply reassigning the IP 1 or IP 2 via dynamic DNS.
There are many different ways to configure HA and IP addresses - the above represents just a few ways, provided to illustrate the flexibility provided by elastic IP addressing and/or dynamic DNS. For more information see:
Releasing the Address
It is best practice to release the addresses that are no longer being used.
To do so:
- On the Elastic IP addresses page, select the address to be released.
Note: Release the Elastic IP address that is not associated with an instance. - Click Release Address.
- The Release Address message box will ask to confirm the releasing of the address will be displayed. Click Yes.
The selected IP address will be released.