Enabling Public Network Access
Function
Public network access is supported only when Security Mode and HTTPS Access are enabled for a cluster. When Public IP Address is enabled, a public IP address is automatically assigned, which will enable access to the security cluster from the public network. Additionally, you can configure access control from the public network by IP addresses or IP address ranges.
To enable public network access for Elasticsearch or OpenSearch clusters, a shared load balancer is typically used for load balancing. If your workloads require quicker access, you are advised to use a dedicated load balancer to connect to your clusters. For details about its configuration, see section "Configuring a Dedicated Load Balancer for an Elasticsearch Cluster."
Calling Method
For details, see Calling APIs.
URI
POST /v1.0/{project_id}/clusters/{cluster_id}/public/open
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
project_id |
Yes |
String |
Definition: Project ID. For details about how to obtain the project ID and name, see Obtaining the Project ID and Name. Constraints: N/A Value range: Project ID of the account. Default value: N/A |
cluster_id |
Yes |
String |
Definition: ID of the cluster whose public network access you want to enable. For details about how to obtain the cluster ID, see Obtaining the Cluster ID. Constraints: N/A Value range: Cluster ID. Default value: N/A |
Request Parameters
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
eip |
Yes |
BindPublicReqEip object |
Definition: EIP for public network access. Constraints: N/A Value range: N/A Default value: N/A |
white_list |
No |
String |
Definition: Public network access control whitelist. Constraints: Separate the whitelisted CIDR blocks or IP addresses with commas (,), and make sure each of them is unique. Value range: N/A Default value: N/A |
is_auto_pay |
No |
Integer |
Definition: Whether to enable automatic payment from your Huawei Cloud account. Constraints: This parameter takes effect only for yearly/monthly clusters. Value range:
Default value: 0 |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
band_width |
Yes |
BindPublicReqEipBandWidth object |
Definition: Public network bandwidth. Constraints: N/A Value range: N/A Default value: N/A |
Response Parameters
Status code: 200
Parameter |
Type |
Description |
---|---|---|
action |
String |
Definition: A setting required to enable public network access. Value range: The fixed value is bindZone, indicating that the binding is successful. |
Example Requests
Enable public network access.
POST https://{Endpoint}/v1.0/{project_id}/clusters/4f3deec3-efa8-4598-bf91-560aad1377a3/public/open { "eip" : { "band_width" : { "size" : 5 } }, "white_list" : "127.0.0.1", "is_auto_pay" : 1 }
Example Responses
Status code: 200
Request succeeded.
{ "action" : "bindZone" }
SDK Sample Code
The SDK sample code is as follows.
Java
Enable public network access.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 |
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.css.v1.region.CssRegion; import com.huaweicloud.sdk.css.v1.*; import com.huaweicloud.sdk.css.v1.model.*; public class CreateBindPublicSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); String projectId = "{project_id}"; ICredential auth = new BasicCredentials() .withProjectId(projectId) .withAk(ak) .withSk(sk); CssClient client = CssClient.newBuilder() .withCredential(auth) .withRegion(CssRegion.valueOf("<YOUR REGION>")) .build(); CreateBindPublicRequest request = new CreateBindPublicRequest(); request.withClusterId("{cluster_id}"); BindPublicReq body = new BindPublicReq(); body.withIsAutoPay(1); body.withEip("{\"band_width\":{\"size\":5}}"); request.withBody(body); try { CreateBindPublicResponse response = client.createBindPublic(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } } |
Python
Enable public network access.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 |
# coding: utf-8 import os from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdkcss.v1.region.css_region import CssRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdkcss.v1 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = os.environ["CLOUD_SDK_AK"] sk = os.environ["CLOUD_SDK_SK"] projectId = "{project_id}" credentials = BasicCredentials(ak, sk, projectId) client = CssClient.new_builder() \ .with_credentials(credentials) \ .with_region(CssRegion.value_of("<YOUR REGION>")) \ .build() try: request = CreateBindPublicRequest() request.cluster_id = "{cluster_id}" request.body = BindPublicReq( is_auto_pay=1, eip="{\"band_width\":{\"size\":5}}" ) response = client.create_bind_public(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg) |
Go
Enable public network access.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 |
package main import ( "fmt" "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic" css "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/css/v1" "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/css/v1/model" region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/css/v1/region" ) func main() { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak := os.Getenv("CLOUD_SDK_AK") sk := os.Getenv("CLOUD_SDK_SK") projectId := "{project_id}" auth := basic.NewCredentialsBuilder(). WithAk(ak). WithSk(sk). WithProjectId(projectId). Build() client := css.NewCssClient( css.CssClientBuilder(). WithRegion(region.ValueOf("<YOUR REGION>")). WithCredential(auth). Build()) request := &model.CreateBindPublicRequest{} request.ClusterId = "{cluster_id}" isAutoPayBindPublicReq:= int32(1) var eipEip interface{} = "{\"band_width\":{\"size\":5}}" request.Body = &model.BindPublicReq{ IsAutoPay: &isAutoPayBindPublicReq, Eip: &eipEip, } response, err := client.CreateBindPublic(request) if err == nil { fmt.Printf("%+v\n", response) } else { fmt.Println(err) } } |
More
For SDK sample code of more programming languages, see the Sample Code tab in API Explorer. SDK sample code can be automatically generated.
Status Codes
Status Code |
Description |
---|---|
200 |
Request succeeded. |
400 |
Invalid request. Modify the request before retry. |
409 |
The request could not be completed due to a conflict with the current state of the resource. The resource that the client attempts to create already exists, or the update request fails to be processed because of a conflict. |
412 |
The server did not meet one of the preconditions contained in the request. |
Error Codes
See Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot