Adding a Listener¶
Function¶
This API is used to add a listener to a load balancer.
Constraints¶
When protocol is set to TCP and protocol_port to 0, the listener works in IP mode (DR mode).
URI¶
POST /v2.0/lbaas/listeners
Request¶
Parameter | Mandatory | Type | Description |
---|---|---|---|
listener | Yes | Object | Specifies the listener. For details, see Table 2. |
Parameter | Mandatory | Type | Description |
---|---|---|---|
tenant_id | No | String | Specifies the ID of the project where the listener is used. The value must be the same as the value of project_id in the token. The value contains a maximum of 255 characters. |
name | No | String | Specifies the listener name. The value contains a maximum of 255 characters. |
description | No | String | Provides supplementary information about the listener. The value contains a maximum of 255 characters. |
protocol | Yes | String | Specifies the protocol used by the listener. The value can be TCP, HTTP, UDP, or TERMINATED_HTTPS. |
protocol_port | Yes | Integer | Specifies the port used by the listener. The port number ranges from 1 to 65535. Note If the protocol used by the listener is UDP, the port number cannot be 4789. |
loadbalancer_id | Yes | String | Specifies the ID of the associated load balancer. |
connection_limit | No | Integer | Specifies the maximum number of connections. The value ranges from -1 to 2147483647. The default value is -1, indicating that there is no restriction on the maximum number of connections. This parameter is reserved. |
admin_state_up | No | Boolean | Specifies the administrative status of the listener. This parameter is reserved, and the default value is true. |
http2_enable | No | Boolean | Specifies whether to use HTTP/2. The value can be true or false.
The default value is false. This parameter is valid only when the protocol used by the listener is set to TERMINATED_HTTPS. |
default_pool_id | No | String | Specifies the ID of the associated backend server group. If a request does not match the forwarding policy, the request is forwarded to the default backend server group for processing. If the value is null, the listener has no default backend server group. This parameter has the following constraints:
The relationships between the protocol used by the listener and the protocol of the backend server group are as follows:
|
default_tls_container_ref | No | String | Specifies the ID of the server certificate used by the listener. This parameter is mandatory when protocol is set to TERMINATED_HTTPS. The default value is null when protocol is not set to TERMINATED_HTTPS. The value contains a maximum of 128 characters. Note This parameter is valid only when protocol is set to TERMINATED_HTTPS. |
client_ca_tls_container_ref | No | String | Specifies the ID of the CA certificate used by the listener. The default value is null. The value contains a maximum of 128 characters. Note This parameter is valid only when protocol is set to TERMINATED_HTTPS. |
sni_container_refs | No | Array | Lists the IDs of SNI certificates (server certificates with domain names) used by the listener. If the parameter value is an empty list, the SNI feature is disabled. The default value is []. Note This parameter is valid only when protocol is set to TERMINATED_HTTPS. |
tls_ciphers_policy | No | String | Specifies the security policy used by the listener. This parameter is valid only when the protocol used by the listener is set to TERMINATED_HTTPS. The value can be tls-1-0-inherit, tls-1-0, tls-1-1, tls-1-2, or tls-1-2-strict, and the default value is tls-1-0. For details of cipher suites for each security policy, see Table 3. |
Security Policy | TLS Version | Cipher Suite |
---|---|---|
tls-1-0-inherit | TLS 1.2 TLS 1.1 TLS 1.0 | ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:AES128-SHA256:AES256-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:AES128-SHA:AES256-SHA:DHE-DSS-AES128-SHA:CAMELLIA128-SHA:EDH-RSA-DES-CBC3-SHA:DES-CBC3-SHA:ECDHE-RSA-RC4-SHA:RC4-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-DSS-CAMELLIA256-SHA:CAMELLIA256-SHA:EDH-DSS-DES-CBC3-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-DSS-CAMELLIA128-SHA |
tls-1-0 | TLS 1.2 TLS 1.1 TLS 1.0 | ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:AES128-SHA256:AES256-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:AES128-SHA:AES256-SHA |
tls-1-1 | TLS 1.2 TLS 1.1 | |
tls-1-2 | TLS 1.2 | |
tls-1-2-strict | TLS 1.2 | ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:AES128-SHA256:AES256-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384 |
Response¶
Parameter | Type | Description |
---|---|---|
id | String | Specifies the listener ID. |
tenant_id | String | Specifies the ID of the project where the listener is used. |
name | String | Specifies the listener name. |
description | String | Provides supplementary information about the listener. |
protocol | String | Specifies the protocol used by the listener. The value can be TCP, HTTP, UDP, or TERMINATED_HTTPS. |
protocol_port | Integer | Specifies the port used by the listener. The port number ranges from 1 to 65535. |
loadbalancers | Array | Specifies the ID of the associated load balancer. For details, see Table 6. |
connection_limit | Integer | Specifies the maximum number of connections. The value ranges from -1 to 2147483647. The default value is -1, indicating that there is no restriction on the maximum number of connections. This parameter is reserved. |
admin_state_up | Boolean | Specifies the administrative status of the listener. This parameter is reserved. The value can be true or false.
|
http2_enable | Boolean | Specifies whether to use HTTP/2. The value can be true or false.
This parameter is valid only when the protocol used by the listener is set to TERMINATED_HTTPS. |
default_pool_id | String | Specifies the ID of the associated backend server group. If a request does not match the forwarding policy, the request is forwarded to the default backend server group for processing. If the value is null, the listener has no default backend server group. |
default_tls_container_ref | String | Specifies the ID of the server certificate used by the listener. For details, see Certificate. This parameter is mandatory when protocol is set to TERMINATED_HTTPS. |
client_ca_tls_container_ref | String | Specifies the ID of the CA certificate used by the listener. For details, see Certificate. |
sni_container_refs | Array | Lists the IDs of SNI certificates (server certificates with domain names) used by the listener. If the parameter value is an empty list, the SNI feature is disabled. |
tags | Array | Tags the listener. |
created_at | String | Specifies the time when the listener was created. The UTC time is in YYYY-MM-DDTHH:MM:SS format. |
updated_at | String | Specifies the time when the listener was updated. The UTC time is in YYYY-MM-DDTHH:MM:SS format. |
tls_ciphers_policy | String | Specifies the security policy used by the listener. This parameter is valid only when the protocol used by the listener is set to TERMINATED_HTTPS. The value can be tls-1-0-inherit, tls-1-0, tls-1-1, tls-1-2, or tls-1-2-strict, and the default value is tls-1-0. For details of cipher suites for each security policy, see Table 3. |
Parameter | Type | Description |
---|---|---|
id | String | Specifies the ID of the associated load balancer. |
Example Request¶
Example request 1: Adding a TCP listener
POST https://{Endpoint}/v2.0/lbaas/listeners { "listener": { "protocol_port": 80, "protocol": "TCP", "loadbalancer_id": "0416b6f1-877f-4a51-987e-978b3f084253", "name": "listener-test", "admin_state_up": true } }
Example request 2: Adding an HTTPS listener
POST https://{Endpoint}/v2.0/lbaas/listeners { "listener": { "protocol_port": 25, "protocol": "TERMINATED_HTTPS", "default_tls_container_ref": "02dcd56799e045bf8b131533cc911dd6", "loadbalancer_id": "0416b6f1-877f-4a51-987e-978b3f084253", "name": "listener-test", "admin_state_up": true } }
Example request 3: Adding a listener with the SNI feature enabled
POST https://{Endpoint}/v2.0/lbaas/listeners { "listener": { "protocol_port": 27, "protocol": "TERMINATED_HTTPS", "loadbalancer_id": "6bb85e33-4953-457a-85a9-336d76125b7b", "name": "listener-test", "admin_state_up": true, "default_tls_container_ref":"02dcd56799e045bf8b131533cc911dd6", "sni_container_refs": ["e15d1b5000474adca383c3cd9ddc06d4", "5882325fd6dd4b95a88d33238d293a0f"] } }
Example Response¶
Example response 1
{ "listener": { "protocol_port": 80, "protocol": "TCP", "description": "", "client_ca_tls_container_ref": null, "default_tls_container_ref": null, "admin_state_up": true, "http2_enable": false, "loadbalancers": [ { "id": "0416b6f1-877f-4a51-987e-978b3f084253" } ], "tenant_id": "145483a5107745e9b3d80f956713e6a3", "sni_container_refs": [], "connection_limit": -1, "default_pool_id": null, "tags": [], "id": "b7f32b52-6f17-4b16-9ec8-063d71b653ce", "name": "listener-test", "tls_ciphers_policy": null, "created_at": "2018-07-25T01:54:13", "updated_at": "2018-07-25T01:54:14" } }
Example response 2
{ "listener": { "protocol_port": 25, "protocol": "TERMINATED_HTTPS", "description": "", "default_tls_container_ref": "02dcd56799e045bf8b131533cc911dd6", "sni_container_refs": [], "loadbalancers": [ { "id": "0416b6f1-877f-4a51-987e-978b3f084253" } ], "tenant_id": "601240b9c5c94059b63d484c92cfe308", "created_at": "2019-01-21T12:38:31", "client_ca_tls_container_ref": null, "connection_limit": -1, "updated_at": "2019-01-21T12:38:31", "http2_enable": false, "admin_state_up": true, "default_pool_id": null, "tls_ciphers_policy": "tls-1-0", "id": "b56634cd-5ba8-460e-b5a2-6de5ba8eaf60", "tags": [], "name": "listener-test" } }
Example response 3
{ "listener": { "protocol_port": 27, "protocol": "TERMINATED_HTTPS", "description": "", "default_tls_container_ref": "02dcd56799e045bf8b131533cc911dd6", "sni_container_refs": [ "5882325fd6dd4b95a88d33238d293a0f", "e15d1b5000474adca383c3cd9ddc06d4" ], "loadbalancers": [ { "id": "6bb85e33-4953-457a-85a9-336d76125b7b" } ], "tenant_id": "601240b9c5c94059b63d484c92cfe308", "project_id": "601240b9c5c94059b63d484c92cfe308", "created_at": "2019-01-21T12:43:55", "client_ca_tls_container_ref": null, "connection_limit": -1, "updated_at": "2019-01-21T12:43:55", "http2_enable": false, "admin_state_up": true, "default_pool_id": null, "": "tls-1-0", "id": "b2cfda5b-52fe-4320-8845-34e8d4dac2c7", "tags": [], "name": "listener-test" } }
Status Code¶
For details, see HTTP Status Codes of Shared Load Balancers.