Updated on 2024-09-26 GMT+08:00

Adding a Listener

Function

This API is used to add a listener to a load balancer.

Constraints

When adding a listener, note the following:

  • For load balancing at Layer 4, the listener protocol can be TCP, UDP, or TLS.

  • For load balancing at Layer 7, the listener protocol can be HTTP, HTTPS or QUIC.

  • For load balancing both at Layer 4 and Layer 7, the listener protocol can be TCP, UDP, TLS, HTTP, HTTPS, or QUIC.

Calling Method

For details, see Calling APIs.

URI

POST /v3/{project_id}/elb/listeners

Table 1 Path Parameters

Parameter

Mandatory

Type

Description

project_id

Yes

String

Specifies the project ID.

Request Parameters

Table 2 Request header parameters

Parameter

Mandatory

Type

Description

X-Auth-Token

Yes

String

Specifies the token used for IAM authentication.

Table 3 Request body parameters

Parameter

Mandatory

Type

Description

listener

Yes

CreateListenerOption object

Specifies the listener.

Table 4 CreateListenerOption

Parameter

Mandatory

Type

Description

admin_state_up

No

Boolean

Specifies the administrative status of the listener. The value can only be true.

default_pool_id

No

String

Specifies the ID of the default backend server group. If there is no matched forwarding policy, requests will be forwarded to the default backend server for processing.

client_ca_tls_container_ref

No

String

Specifies the ID of the CA certificate used by the listener.

Notes and constraints:

  • This parameter is available only when type is set to client.

  • This parameter is not available if the listener protocol is QUIC.

default_tls_container_ref

No

String

Specifies the ID of the server certificate used by the listener.

Notes and constraints:

This parameter is available only when the listener's protocol is HTTPS, TLS, or QUIC and type is set to server.

description

No

String

Provides supplementary information about the listener.

http2_enable

No

Boolean

Specifies whether to use HTTP/2 if you want the clients to use HTTP/2 to communicate with the load balancer. Request forwarding using HTTP/2 improves the access performance between your application and the load balancer. However, the load balancer still uses HTTP/1.x to forward requests to the backend server.

Notes and constraints:

  • This parameter is available only for HTTPS listeners.

  • For QUIC listeners, it cannot be set and the response is fixed at true.

  • If you configure this parameter for listeners with other protocols, it will not take effect.

insert_headers

No

ListenerInsertHeaders object

Specifies the HTTP header fields that can transmit required information to backend servers. For example, the X-Forwarded-ELB-IP header field can transmit the EIP of the load balancer to backend servers.

loadbalancer_id

Yes

String

Specifies the ID of the load balancer that the listener is added to.

Notes and constraints:

A listener can be added to only one load balancer.

name

No

String

Specifies the listener name.

Notes and constraints: If you leave the listener name empty, you cannot locate it on the listener list and view its details.

project_id

No

String

Specifies the project ID used by the listener.

protocol

Yes

String

Specifies the protocol used by the listener.

The value can be TCP, UDP, HTTP, HTTPS, TERMINATED_HTTPS, QUIC, or TLS.

Notes and constraints:

  • Protocol used by HTTPS listeners added to a shared load balancer can only be set to TERMINATED_HTTPS. If HTTPS is passed, the value will be automatically changed to TERMINATED_HTTPS.

  • Protocol used by HTTPS listeners added to a dedicated load balancer can only be set to HTTPS. If TERMINATED_HTTPS is passed, the value will be automatically changed to HTTPS.

protocol_port

No

Integer

Specifies the port used by the listener.

Notes and constraints:

  • The QUIC listener port cannot be 4789 or the same as the UDP listener port.

  • If this parameter is set to 0, port_ranges is required.

sni_container_refs

No

Array of strings

Specifies the IDs of SNI certificates (server certificates with domain names) used by the listener.

Notes and constraints:

  • The domain names of all SNI certificates must be unique.

  • The total number of domain names of all SNI certificates cannot exceed 50.

sni_match_algo

No

String

Specifies how wildcard domain name matches with the SNI certificates used by the listener.

The value can be:

  • longest_suffix: indicates longest suffix match.

  • wildcard (default): indicates wildcard match.

tags

No

Array of Tag objects

Lists the tags.

tls_ciphers_policy

No

String

Specifies the security policy used by the listener.

The value can be tls-1-0-inherit, tls-1-0, tls-1-1, tls-1-2, tls-1-2-strict, tls-1-2-fs, tls-1-0-with-1-3, tls-1-2-fs-with-1-3, hybrid-policy-1-0, tls-1-2-strict-no-cbc, or tls-1-0 (default).

Notes and constraints:

  • This parameter will take effect only for HTTPS listeners added to a dedicated load balancer.

  • This parameter is not available for QUIC listeners.

  • If both security_policy_id and tls_ciphers_policy are specified, only security_policy_id will take effect.

  • The priority of the encryption suite from high to low is: ecc suite, rsa suite, tls 1.3 suite (supporting both ecc and rsa).

security_policy_id

No

String

Specifies the ID of the custom security policy.

Notes and constraints:

  • This parameter will take effect only for HTTPS listeners added to a dedicated load balancer.

  • This parameter is not available for QUIC listeners.

  • If both security_policy_id and tls_ciphers_policy are specified, only security_policy_id will take effect.

  • The priority of the encryption suite from high to low is: ecc suite, rsa suite, tls 1.3 suite (supporting both ecc and rsa).

enable_member_retry

No

Boolean

Specifies whether to enable health check retries for backend servers.

The value can be:

  • true (default): Health check retries will be enabled.

  • false: Health check retries will be disabled.

Notes and constraints:

  • If a shared load balancer is associated, this parameter is available only when protocol is set to HTTP or TERMINATED_HTTPS.

  • If a dedicated load balancer is associated, this parameter is available only when protocol is set to HTTP, HTTPS, or QUIC.

keepalive_timeout

No

Integer

Specifies the idle timeout duration, in seconds. If there are no requests reaching the load balancer after the idle timeout duration elapses, the load balancer will disconnect the connection with the client and establish a new connection when there is a new request.

Value ranges:

  • For TCP listeners, the value ranges from 10 to 4000, and the default value is 300.

  • For HTTP, HTTPS, and TERMINATED_HTTPS listeners, the value ranges from 0 to 4000, and the default value is 60.

Notes and constraints: For UDP listeners of shared load balancers, this parameter does not take effect.

client_timeout

No

Integer

Specifies the timeout duration for waiting for a response from a client, in seconds. There are two situations:

  • If the client fails to send a request header to the load balancer within the timeout duration, the request will be interrupted.

  • If the interval between two consecutive request bodies reaching the load balancer is greater than the timeout duration, the connection will be disconnected.

The value ranges from 1 to 3600, and the default value is 60.

This parameter is available only for HTTP and HTTPS listeners.

member_timeout

No

Integer

Specifies the timeout duration for waiting for a response from a backend server, in seconds. If the backend server fails to respond after the timeout duration elapses, the load balancer will stop waiting and return HTTP 504 Gateway Timeout to the client.

The value ranges from 1 to 3600, and the default value is 60.

This parameter is available only for HTTP and HTTPS listeners.

ipgroup

No

CreateListenerIpGroupOption object

Specifies the IP address group associated with the listener. The value can be null or an empty JSON structure, indicating that no IP address group is associated with the listener.

ipgroup_id is also required if you want to associate an IP address group with the listener.

transparent_client_ip_enable

No

Boolean

Specifies whether to pass source IP addresses of the clients to backend servers.

Value ranges:

  • TCP or UDP listeners of shared load balancers: The value can be true or false, and the default value is false if this parameter is not passed.

  • HTTP or HTTPS listeners of shared load balancers: The value can only be true, and the default value is true if this parameter is not passed.

  • All listeners of dedicated load balancers: The value can only be true, and the default value is true if this parameter is not passed.

Notes and constraints:

  • This function can only be enabled or disabled for TCP or UDP listeners of shared load balancers.

  • If this function is enabled, the load balancer communicates with backend servers using their real IP addresses. Ensure that security group rules and access control policies are correctly configured.

  • If this function is enabled, a server cannot serve as both a backend server and a client.

  • If this function is enabled, backend server specifications cannot be changed.

proxy_protocol_enable

No

Boolean

Specifies whether to enable the ProxyProtocol option.

Notes and constraints: This parameter is available only for TLS listeners and does not take effect for other types of listeners.

enhance_l7policy_enable

No

Boolean

Specifies whether to enable advanced forwarding. If advanced forwarding is enabled, more flexible forwarding policies and rules are supported.

The value can be:

  • true: Enable advanced forwarding.

  • false (default): Disable advanced forwarding.

Notes and constraints:

  • Advanced forwarding cannot be disabled once it is enabled.

  • action can be set to REDIRECT_TO_URL (requests will be redirected to another URL) or Fixed_RESPONSE (a fixed response body will be returned to clients).

  • Parameters priority, redirect_url_config, and fixed_response_config can be specified in a forwarding policy.

  • type can be set to METHOD, HEADER, QUERY_STRING, or SOURCE_IP for a forwarding rule.

  • If type is set to HOST_NAME for a forwarding rule, the value of the forwarding rule supports wildcard asterisks (*).

  • Parameter conditions can be specified for forwarding rules.

quic_config

No

CreateListenerQuicConfigOption object

Specifies the QUIC configuration for the current listener.

Notes and constraints:

  • This parameter is valid only when protocol is set to HTTPS. For a TCP, UDP, HTTP, or QUIC listener, if this parameter is not left blank, an error will be reported.

  • The client sends a normal HTTP request that contains information indicating that the QUIC protocol is supported. If QUIC upgrade is enabled for the listeners, QUIC port and version information will be added to the response header. When the client sends both HTTPS and QUIC requests to the server, if the QUIC request is successfully sent, QUIC protocol will be used for subsequent communications.

protection_status

No

String

Specifies the protection status.

The value can be:

  • nonProtection (default): The resource is not protected against being modified by accident.

  • consoleProtection: The resource is protected against being modified by accident.

protection_reason

No

String

Specifies why the modification protection function is enabled.

Notes and constraints: This parameter is valid only when protection_status is set to consoleProtection.

gzip_enable

No

Boolean

Specifies whether to enable gzip compression for a load balancer.

The value can be true or false, and the default value is false.

Notes and constraints: This parameter can be configured only for HTTP, HTTPS, and QUIC listeners.

Table 5 ListenerInsertHeaders

Parameter

Mandatory

Type

Description

X-Forwarded-ELB-IP

No

Boolean

Specifies whether to transparently transmit the load balancer EIP to backend servers. If X-Forwarded-ELB-IP is set to true, the load balancer EIP will be stored in the HTTP header and passed to backend servers.

X-Forwarded-Port

No

Boolean

Specifies whether to transparently transmit the listening port of the load balancer to backend servers. If X-Forwarded-Port is set to true, the listening port of the load balancer will be stored in the HTTP header and passed to backend servers.

X-Forwarded-For-Port

No

Boolean

Specifies whether to transparently transmit the source port of the client to backend servers. If X-Forwarded-For-Port is set to true, the source port of the client will be stored in the HTTP header and passed to backend servers.

X-Forwarded-Host

No

Boolean

Specifies whether to rewrite the X-Forwarded-Host header. If X-Forwarded-Host is set to true, X-Forwarded-Host in the request header from the clients can be set to Host in the request header sent from the load balancer to backend servers.

X-Forwarded-Proto

No

Boolean

If X-Forwarded-Proto is set to true, the listener protocol of the load balancer can be transferred to backend servers through the HTTP header of the packet.

X-Real-IP

No

Boolean

If X-Real-IP is set to true, the source IP address of the client can be transferred to backend servers through the HTTP header of the packet.

X-Forwarded-ELB-ID

No

Boolean

If X-Forwarded-ELB-ID is set to true, the load balancer ID can be transferred to backend servers through the HTTP header of the packet.

X-Forwarded-TLS-Certificate-ID

No

Boolean

If X-Forwarded-TLS-Certificate-ID is set to true, the certificate ID of the load balancer can be transferred to backend servers through the HTTP header of the packet.

X-Forwarded-TLS-Protocol

No

Boolean

If X-Forwarded-TLS-Protocol is set to true, the algorithm protocol of the load balancer can be transferred to backend servers through the HTTP header of the packet.

X-Forwarded-TLS-Cipher

No

Boolean

If X-Forwarded-TLS-Cipher is set to true, the algorithm suite of the load balancer can be transferred to backend servers through the HTTP header of the packet.

Table 6 Tag

Parameter

Mandatory

Type

Description

key

No

String

Specifies the tag key.

value

No

String

Specifies the tag value.

Table 7 CreateListenerIpGroupOption

Parameter

Mandatory

Type

Description

ipgroup_id

Yes

String

Specifies the ID of the IP address group associated with the listener.

Notes and constraints:

  • If ip_list is set to an empty array [] and type to whitelist, no IP addresses are allowed to access the listener.

  • If ip_list is set to an empty array [] and type to blacklist, any IP address is allowed to access the listener.

enable_ipgroup

No

Boolean

Specifies whether to enable access control.

The value can be:

  • true (default): Access control will be enabled.

  • false: Access control will be disabled.

type

No

String

Specifies how access to the listener is controlled.

The value can be:

  • white (default): A whitelist will be configured. Only IP addresses in the whitelist can access the listener.

  • black: A blacklist will be configured. IP addresses in the blacklist are not allowed to access the listener.

Table 8 CreateListenerQuicConfigOption

Parameter

Mandatory

Type

Description

quic_listener_id

Yes

String

Specifies the ID of the QUIC listener.

This parameter is mandatory for creation and is optional for update.

The listener specified by quic_listener_id must exist. The listener protocol must be QUIC and cannot be set to null, otherwise, it will conflict with enable_quic_upgrade.

enable_quic_upgrade

No

Boolean

Specifies whether to enable QUIC upgrade.

The value can be:

true: QUIC upgrade is enabled.

false (default): QUIC upgrade is disabled.

HTTPS listeners can be upgraded to QUIC listeners.

Response Parameters

Status code: 201

Table 9 Response body parameters

Parameter

Type

Description

request_id

String

Specifies the request ID.

Note: The value is automatically generated.

listener

Listener object

Specifies the listener.

Table 10 Listener

Parameter

Type

Description

admin_state_up

Boolean

Specifies the administrative status of the listener.

client_ca_tls_container_ref

String

Specifies the ID of the CA certificate used by the listener.

Notes and constraints: This parameter is available only when type is set to client.

connection_limit

Integer

Specifies the maximum number of connections that the load balancer can establish with backend servers.

The default value is -1, indicating that the number of connections is not limited.

This parameter is unsupported. Please do not use it.

created_at

String

Specifies the time when the listener was created, in the format of yyyy-MM-dd''T''HH:mm:ss''Z'', for example, 2021-07-30T12:03:44Z.

default_pool_id

String

Specifies the ID of the default backend server group. If there is no matched forwarding policy, requests are forwarded to the default backend server.

default_tls_container_ref

String

Specifies the ID of the server certificate used by the listener.

description

String

Provides supplementary information about the listener.

http2_enable

Boolean

Specifies whether to use HTTP/2 if you want the clients to use HTTP/2 to communicate with the load balancer. Request forwarding using HTTP/2 improves the access performance between your application and the load balancer. However, the load balancer still uses HTTP/1.x to forward requests to the backend server.

Notes and constraints:

  • This parameter is available only for HTTPS listeners.

  • For QUIC listeners, it cannot be set and the response is fixed at true.

  • If you configure this parameter for listeners with other protocols, it will not take effect.

id

String

Specifies the listener ID.

insert_headers

ListenerInsertHeaders object

Specifies the HTTP header fields that can transmit required information to backend servers. For example, the X-Forwarded-ELB-IP header field can transmit the EIP of the load balancer to backend servers.

loadbalancers

Array of LoadBalancerRef objects

Specifies the ID of the load balancer that the listener is added to.

Notes and constraints: A listener can be added to only one load balancer.

name

String

Specifies the listener name.

Notes and constraints: If you leave the listener name empty, you cannot locate it on the listener list and view its details.

project_id

String

Specifies the project ID used by the listener.

protocol

String

Specifies the protocol used by the listener.

The value can be TCP, UDP, HTTP, HTTPS, TERMINATED_HTTPS, QUIC, or TLS.

Notes and constraints:

  • Protocol used by HTTPS listeners added to a shared load balancer can only be set to TERMINATED_HTTPS. If HTTPS is passed, the value will be automatically changed to TERMINATED_HTTPS.

  • Protocol used by HTTPS listeners added to a dedicated load balancer can only be set to HTTPS. If TERMINATED_HTTPS is passed, the value will be automatically changed to HTTPS.

protocol_port

Integer

Specifies the port used by the listener.

Notes and constraints:

  • The QUIC listener port cannot be 4789 or the same as the UDP listener port.

  • If this parameter is set to 0, port_ranges is required.

sni_container_refs

Array of strings

Specifies the IDs of SNI certificates (server certificates with domain names) used by the listener.

Notes and constraints:

  • The domain names of all SNI certificates must be unique.

  • The total number of domain names of all SNI certificates cannot exceed 50.

sni_match_algo

String

Specifies how wildcard domain name matches with the SNI certificates used by the listener.

The value can be:

  • longest_suffix: indicates longest suffix match.

  • wildcard (default): indicates wildcard match.

tags

Array of Tag objects

Lists the tags.

updated_at

String

Specifies the time when the listener was updated, in the format of yyyy-MM-dd''T''HH:mm:ss''Z'', for example, 2021-07-30T12:03:44Z.

tls_ciphers_policy

String

Specifies the security policy used by the listener.

The value can be tls-1-0-inherit, tls-1-0, tls-1-1, tls-1-2, tls-1-2-strict, tls-1-2-fs, tls-1-0-with-1-3, tls-1-2-fs-with-1-3, hybrid-policy-1-0, tls-1-2-strict-no-cbc, or tls-1-0 (default).

Notes and constraints:

  • This parameter will take effect only for HTTPS listeners added to a dedicated load balancer.

  • This parameter is not available for QUIC listeners.

  • If both security_policy_id and tls_ciphers_policy are specified, only security_policy_id will take effect.

  • The priority of the encryption suite from high to low is: ecc suite, rsa suite, tls 1.3 suite (supporting both ecc and rsa).

security_policy_id

String

Specifies the ID of the custom security policy.

Notes and constraints:

  • This parameter will take effect only for HTTPS listeners added to a dedicated load balancer.

  • This parameter is not available for QUIC listeners.

  • If both security_policy_id and tls_ciphers_policy are specified, only security_policy_id will take effect.

  • The priority of the encryption suite from high to low is: ecc suite, rsa suite, tls 1.3 suite (supporting both ecc and rsa).

enable_member_retry

Boolean

Specifies whether to enable health check retries for backend servers.

The value can be:

  • true (default): Health check retries will be enabled.

  • false: Health check retries will be disabled.

Notes and constraints:

  • If a shared load balancer is associated, this parameter is available only when protocol is set to HTTP or TERMINATED_HTTPS.

  • If a dedicated load balancer is associated, this parameter is available only when protocol is set to HTTP, HTTPS, or QUIC.

keepalive_timeout

Integer

Specifies the idle timeout duration, in seconds. If there are no requests reaching the load balancer after the idle timeout duration elapses, the load balancer will disconnect the connection with the client and establish a new connection when there is a new request.

Value ranges:

  • For TCP listeners, the value ranges from 10 to 4000, and the default value is 300.

  • For HTTP, HTTPS, and TERMINATED_HTTPS listeners, the value ranges from 0 to 4000, and the default value is 60.

Notes and constraints: For UDP listeners of shared load balancers, this parameter does not take effect.

client_timeout

Integer

Specifies the timeout duration for waiting for a response from a client, in seconds. There are two situations:

  • If the client fails to send a request header to the load balancer within the timeout duration, the request will be interrupted.

  • If the interval between two consecutive request bodies reaching the load balancer is greater than the timeout duration, the connection will be disconnected.

The value ranges from 1 to 3600, and the default value is 60.

This parameter is available only for HTTP and HTTPS listeners.

member_timeout

Integer

Specifies the timeout duration for waiting for a response from a backend server, in seconds. If the backend server fails to respond after the timeout duration elapses, the load balancer will stop waiting and return HTTP 504 Gateway Timeout to the client.

The value ranges from 1 to 3600, and the default value is 60.

This parameter is available only for HTTP and HTTPS listeners.

ipgroup

ListenerIpGroup object

Specifies the IP address group associated with the listener.

transparent_client_ip_enable

Boolean

Specifies whether to pass source IP addresses of the clients to backend servers.

Value ranges:

  • TCP or UDP listeners of shared load balancers: The value can be true or false, and the default value is false if this parameter is not passed.

  • HTTP or HTTPS listeners of shared load balancers: The value can only be true, and the default value is true if this parameter is not passed.

  • All listeners of dedicated load balancers: The value can only be true, and the default value is true if this parameter is not passed.

Notes and constraints:

  • This function can only be enabled or disabled for TCP or UDP listeners of shared load balancers.

  • If this function is enabled, the load balancer communicates with backend servers using their real IP addresses. Ensure that security group rules and access control policies are correctly configured.

  • If this function is enabled, a server cannot serve as both a backend server and a client.

  • If this function is enabled, backend server specifications cannot be changed.

proxy_protocol_enable

Boolean

Specifies whether to enable the ProxyProtocol option.

Notes and constraints: This parameter is available only for TLS listeners and does not take effect for other types of listeners.

enhance_l7policy_enable

Boolean

Specifies whether to enable advanced forwarding. If advanced forwarding is enabled, more flexible forwarding policies and rules are supported.

The value can be:

  • true: Enable advanced forwarding.

  • false (default): Disable advanced forwarding.

Notes and constraints:

  • Advanced forwarding cannot be disabled once it is enabled.

  • action can be set to REDIRECT_TO_URL (requests will be redirected to another URL) or Fixed_RESPONSE (a fixed response body will be returned to clients).

  • Parameters priority, redirect_url_config, and fixed_response_config can be specified in a forwarding policy.

  • type can be set to METHOD, HEADER, QUERY_STRING, or SOURCE_IP for a forwarding rule.

  • If type is set to HOST_NAME for a forwarding rule, the value of the forwarding rule supports wildcard asterisks (*).

  • Parameter conditions can be specified for forwarding rules.

quic_config

ListenerQuicConfig object

Specifies the QUIC configuration for the current listener.

Notes and constraints:

  • This parameter is valid only when protocol is set to HTTPS. For a TCP, UDP, HTTP, or QUIC listener, if this parameter is not left blank, an error will be reported.

  • The client sends a normal HTTP request that contains information indicating that the QUIC protocol is supported. If QUIC upgrade is enabled for the listeners, QUIC port and version information will be added to the response header. When the client sends both HTTPS and QUIC requests to the server, if the QUIC request is successfully sent, QUIC protocol will be used for subsequent communications.

protection_status

String

Specifies the protection status.

The value can be:

  • nonProtection (default): The resource is not protected against being modified by accident.

  • consoleProtection: The resource is protected against being modified by accident.

protection_reason

String

Specifies why the modification protection function is enabled.

Notes and constraints: This parameter is valid only when protection_status is set to consoleProtection.

gzip_enable

Boolean

Specifies whether to enable gzip compression for a load balancer.

The value can be true or false, and the default value is false.

Notes and constraints: This parameter can be configured only for HTTP, HTTPS, and QUIC listeners.

Table 11 ListenerInsertHeaders

Parameter

Type

Description

X-Forwarded-ELB-IP

Boolean

Specifies whether to transparently transmit the load balancer EIP to backend servers. If X-Forwarded-ELB-IP is set to true, the load balancer EIP will be stored in the HTTP header and passed to backend servers.

X-Forwarded-Port

Boolean

Specifies whether to transparently transmit the listening port of the load balancer to backend servers. If X-Forwarded-Port is set to true, the listening port of the load balancer will be stored in the HTTP header and passed to backend servers.

X-Forwarded-For-Port

Boolean

Specifies whether to transparently transmit the source port of the client to backend servers. If X-Forwarded-For-Port is set to true, the source port of the client will be stored in the HTTP header and passed to backend servers.

X-Forwarded-Host

Boolean

Specifies whether to rewrite the X-Forwarded-Host header. If X-Forwarded-Host is set to true, X-Forwarded-Host in the request header from the clients can be set to Host in the request header sent from the load balancer to backend servers.

X-Forwarded-Proto

Boolean

If X-Forwarded-Proto is set to true, the listener protocol of the load balancer can be transferred to backend servers through the HTTP header of the packet.

X-Real-IP

Boolean

If X-Real-IP is set to true, the source IP address of the client can be transferred to backend servers through the HTTP header of the packet.

X-Forwarded-ELB-ID

Boolean

If X-Forwarded-ELB-ID is set to true, the load balancer ID can be transferred to backend servers through the HTTP header of the packet.

X-Forwarded-TLS-Certificate-ID

Boolean

If X-Forwarded-TLS-Certificate-ID is set to true, the certificate ID of the load balancer can be transferred to backend servers through the HTTP header of the packet.

X-Forwarded-TLS-Protocol

Boolean

If X-Forwarded-TLS-Protocol is set to true, the algorithm protocol of the load balancer can be transferred to backend servers through the HTTP header of the packet.

X-Forwarded-TLS-Cipher

Boolean

If X-Forwarded-TLS-Cipher is set to true, the algorithm suite of the load balancer can be transferred to backend servers through the HTTP header of the packet.

Table 12 LoadBalancerRef

Parameter

Type

Description

id

String

Specifies the load balancer ID.

Table 13 Tag

Parameter

Type

Description

key

String

Specifies the tag key.

value

String

Specifies the tag value.

Table 14 ListenerIpGroup

Parameter

Type

Description

ipgroup_id

String

Specifies the ID of the IP address group associated with the listener.

Notes and constraints:

  • This parameter is mandatory when you create the IP address group and is optional when you update the IP address group.

  • The specified IP address group must exist, and the value cannot be null.

enable_ipgroup

Boolean

Specifies whether to enable access control.

The value can be:

  • true: Access control will be enabled.

  • false: Access control will be disabled.

type

String

Specifies how access to the listener is controlled.

The value can be:

  • white: A whitelist will be configured. Only IP addresses in the whitelist can access the listener.

  • black: A blacklist will be configured. IP addresses in the blacklist are not allowed to access the listener.

Table 15 ListenerQuicConfig

Parameter

Type

Description

quic_listener_id

String

Specifies the ID of the QUIC listener.

This parameter is mandatory for creation and is optional for update.

The listener specified by quic_listener_id must exist. The listener protocol must be QUIC and cannot be set to null, otherwise, it will conflict with enable_quic_upgrade.

enable_quic_upgrade

Boolean

Specifies whether to enable QUIC upgrade.

The value can be:

true: QUIC upgrade is enabled.

false: QUIC upgrade is disabled.

HTTPS listeners can be upgraded to QUIC listeners.

Example Requests

  • Example 1: Adding a TCP listener

    POST https://{ELB_Endpoint}/v3/99a3fff0d03c428eac3678da6a7d0f24/elb/listeners
    
    {
      "listener" : {
        "protocol_port" : 80,
        "protocol" : "TCP",
        "loadbalancer_id" : "098b2f68-af1c-41a9-8efd-69958722af62",
        "name" : "My listener",
        "admin_state_up" : true,
        "insert_headers" : {
          "X-Forwarded-ELB-IP" : true
        }
      }
    }
  • Example 2: Adding an HTTPS listener

    POST https://{ELB_Endpoint}/v3/99a3fff0d03c428eac3678da6a7d0f24/elb/listeners
    
    {
      "listener" : {
        "protocol_port" : 90,
        "protocol" : "HTTPS",
        "loadbalancer_id" : "098b2f68-af1c-41a9-8efd-69958722af62",
        "name" : "My listener",
        "admin_state_up" : true,
        "ipgroup" : {
          "ipgroup_id" : "0416b6f1-877f-4a51-987e-978b3f083542",
          "type" : "black"
        },
        "security_policy_id" : "8722e0e0-9cc9-4490-9660-8c9a5732fbb0",
        "default_tls_container_ref" : "233a325e5e3e4ce8beeb320aa714cc12"
      }
    }
  • Example 3: Adding an IP listener to a gateway load balancer

    POST https://{ELB_Endpoint}/v3/99a3fff0d03c428eac3678da6a7d0f24/elb/listeners
    
    {
      "listener" : {
        "protocol" : "IP",
        "loadbalancer_id" : "098b2f68-af1c-41a9-8efd-69958722af62",
        "name" : "My IP listener",
        "admin_state_up" : true,
        "ipgroup" : {
          "ipgroup_id" : "0416b6f1-877f-4a51-987e-978b3f083542",
          "type" : "black"
        }
      }
    }

Example Responses

Status code: 201

Normal response to POST requests.

{
  "listener" : {
    "id" : "0b11747a-b139-492f-9692-2df0b1c87193",
    "name" : "My listener",
    "protocol_port" : 80,
    "protocol" : "TCP",
    "description" : null,
    "default_tls_container_ref" : null,
    "admin_state_up" : true,
    "loadbalancers" : [ {
      "id" : "098b2f68-af1c-41a9-8efd-69958722af62"
    } ],
    "client_ca_tls_container_ref" : null,
    "project_id" : "99a3fff0d03c428eac3678da6a7d0f24",
    "sni_container_refs" : [ ],
    "connection_limit" : -1,
    "member_timeout" : null,
    "client_timeout" : null,
    "keepalive_timeout" : null,
    "default_pool_id" : null,
    "ipgroup" : null,
    "tls_ciphers_policy" : "tls-1-0",
    "tags" : [ ],
    "created_at" : "2019-04-02T00:12:32Z",
    "updated_at" : "2019-04-02T00:12:32Z",
    "http2_enable" : false,
    "enable_member_retry" : true,
    "insert_headers" : {
      "X-Forwarded-ELB-IP" : true
    },
    "transparent_client_ip_enable" : false
  },
  "request_id" : "f4c4aca8-df16-42e8-8836-33e4b8e9aa8e"
}

SDK Sample Code

The SDK sample code is as follows.

  • Example 1: Adding a TCP listener

     1
     2
     3
     4
     5
     6
     7
     8
     9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    51
    52
    53
    54
    55
    56
    57
    58
    59
    package com.huaweicloud.sdk.test;
    
    import com.huaweicloud.sdk.core.auth.ICredential;
    import com.huaweicloud.sdk.core.auth.BasicCredentials;
    import com.huaweicloud.sdk.core.exception.ConnectionException;
    import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
    import com.huaweicloud.sdk.core.exception.ServiceResponseException;
    import com.huaweicloud.sdk.elb.v3.region.ElbRegion;
    import com.huaweicloud.sdk.elb.v3.*;
    import com.huaweicloud.sdk.elb.v3.model.*;
    
    
    public class CreateListenerSolution {
    
        public static void main(String[] args) {
            // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
            // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
            String ak = System.getenv("CLOUD_SDK_AK");
            String sk = System.getenv("CLOUD_SDK_SK");
            String projectId = "{project_id}";
    
            ICredential auth = new BasicCredentials()
                    .withProjectId(projectId)
                    .withAk(ak)
                    .withSk(sk);
    
            ElbClient client = ElbClient.newBuilder()
                    .withCredential(auth)
                    .withRegion(ElbRegion.valueOf("<YOUR REGION>"))
                    .build();
            CreateListenerRequest request = new CreateListenerRequest();
            CreateListenerRequestBody body = new CreateListenerRequestBody();
            ListenerInsertHeaders insertHeadersListener = new ListenerInsertHeaders();
            insertHeadersListener.withXForwardedELBIP(true);
            CreateListenerOption listenerbody = new CreateListenerOption();
            listenerbody.withAdminStateUp(true)
                .withInsertHeaders(insertHeadersListener)
                .withLoadbalancerId("098b2f68-af1c-41a9-8efd-69958722af62")
                .withName("My listener")
                .withProtocol("TCP")
                .withProtocolPort(80);
            body.withListener(listenerbody);
            request.withBody(body);
            try {
                CreateListenerResponse response = client.createListener(request);
                System.out.println(response.toString());
            } catch (ConnectionException e) {
                e.printStackTrace();
            } catch (RequestTimeoutException e) {
                e.printStackTrace();
            } catch (ServiceResponseException e) {
                e.printStackTrace();
                System.out.println(e.getHttpStatusCode());
                System.out.println(e.getRequestId());
                System.out.println(e.getErrorCode());
                System.out.println(e.getErrorMsg());
            }
        }
    }
    
  • Example 2: Adding an HTTPS listener

     1
     2
     3
     4
     5
     6
     7
     8
     9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    51
    52
    53
    54
    55
    56
    57
    58
    59
    60
    61
    62
    package com.huaweicloud.sdk.test;
    
    import com.huaweicloud.sdk.core.auth.ICredential;
    import com.huaweicloud.sdk.core.auth.BasicCredentials;
    import com.huaweicloud.sdk.core.exception.ConnectionException;
    import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
    import com.huaweicloud.sdk.core.exception.ServiceResponseException;
    import com.huaweicloud.sdk.elb.v3.region.ElbRegion;
    import com.huaweicloud.sdk.elb.v3.*;
    import com.huaweicloud.sdk.elb.v3.model.*;
    
    
    public class CreateListenerSolution {
    
        public static void main(String[] args) {
            // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
            // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
            String ak = System.getenv("CLOUD_SDK_AK");
            String sk = System.getenv("CLOUD_SDK_SK");
            String projectId = "{project_id}";
    
            ICredential auth = new BasicCredentials()
                    .withProjectId(projectId)
                    .withAk(ak)
                    .withSk(sk);
    
            ElbClient client = ElbClient.newBuilder()
                    .withCredential(auth)
                    .withRegion(ElbRegion.valueOf("<YOUR REGION>"))
                    .build();
            CreateListenerRequest request = new CreateListenerRequest();
            CreateListenerRequestBody body = new CreateListenerRequestBody();
            CreateListenerIpGroupOption ipgroupListener = new CreateListenerIpGroupOption();
            ipgroupListener.withIpgroupId("0416b6f1-877f-4a51-987e-978b3f083542")
                .withType(CreateListenerIpGroupOption.TypeEnum.fromValue("black"));
            CreateListenerOption listenerbody = new CreateListenerOption();
            listenerbody.withAdminStateUp(true)
                .withDefaultTlsContainerRef("233a325e5e3e4ce8beeb320aa714cc12")
                .withLoadbalancerId("098b2f68-af1c-41a9-8efd-69958722af62")
                .withName("My listener")
                .withProtocol("HTTPS")
                .withProtocolPort(90)
                .withSecurityPolicyId("8722e0e0-9cc9-4490-9660-8c9a5732fbb0")
                .withIpgroup(ipgroupListener);
            body.withListener(listenerbody);
            request.withBody(body);
            try {
                CreateListenerResponse response = client.createListener(request);
                System.out.println(response.toString());
            } catch (ConnectionException e) {
                e.printStackTrace();
            } catch (RequestTimeoutException e) {
                e.printStackTrace();
            } catch (ServiceResponseException e) {
                e.printStackTrace();
                System.out.println(e.getHttpStatusCode());
                System.out.println(e.getRequestId());
                System.out.println(e.getErrorCode());
                System.out.println(e.getErrorMsg());
            }
        }
    }
    
  • Example 3: Adding an IP listener to a gateway load balancer

     1
     2
     3
     4
     5
     6
     7
     8
     9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    51
    52
    53
    54
    55
    56
    57
    58
    59
    package com.huaweicloud.sdk.test;
    
    import com.huaweicloud.sdk.core.auth.ICredential;
    import com.huaweicloud.sdk.core.auth.BasicCredentials;
    import com.huaweicloud.sdk.core.exception.ConnectionException;
    import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
    import com.huaweicloud.sdk.core.exception.ServiceResponseException;
    import com.huaweicloud.sdk.elb.v3.region.ElbRegion;
    import com.huaweicloud.sdk.elb.v3.*;
    import com.huaweicloud.sdk.elb.v3.model.*;
    
    
    public class CreateListenerSolution {
    
        public static void main(String[] args) {
            // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
            // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
            String ak = System.getenv("CLOUD_SDK_AK");
            String sk = System.getenv("CLOUD_SDK_SK");
            String projectId = "{project_id}";
    
            ICredential auth = new BasicCredentials()
                    .withProjectId(projectId)
                    .withAk(ak)
                    .withSk(sk);
    
            ElbClient client = ElbClient.newBuilder()
                    .withCredential(auth)
                    .withRegion(ElbRegion.valueOf("<YOUR REGION>"))
                    .build();
            CreateListenerRequest request = new CreateListenerRequest();
            CreateListenerRequestBody body = new CreateListenerRequestBody();
            CreateListenerIpGroupOption ipgroupListener = new CreateListenerIpGroupOption();
            ipgroupListener.withIpgroupId("0416b6f1-877f-4a51-987e-978b3f083542")
                .withType(CreateListenerIpGroupOption.TypeEnum.fromValue("black"));
            CreateListenerOption listenerbody = new CreateListenerOption();
            listenerbody.withAdminStateUp(true)
                .withLoadbalancerId("098b2f68-af1c-41a9-8efd-69958722af62")
                .withName("My IP listener")
                .withProtocol("IP")
                .withIpgroup(ipgroupListener);
            body.withListener(listenerbody);
            request.withBody(body);
            try {
                CreateListenerResponse response = client.createListener(request);
                System.out.println(response.toString());
            } catch (ConnectionException e) {
                e.printStackTrace();
            } catch (RequestTimeoutException e) {
                e.printStackTrace();
            } catch (ServiceResponseException e) {
                e.printStackTrace();
                System.out.println(e.getHttpStatusCode());
                System.out.println(e.getRequestId());
                System.out.println(e.getErrorCode());
                System.out.println(e.getErrorMsg());
            }
        }
    }
    
  • Example 1: Adding a TCP listener

     1
     2
     3
     4
     5
     6
     7
     8
     9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    # coding: utf-8
    
    import os
    from huaweicloudsdkcore.auth.credentials import BasicCredentials
    from huaweicloudsdkelb.v3.region.elb_region import ElbRegion
    from huaweicloudsdkcore.exceptions import exceptions
    from huaweicloudsdkelb.v3 import *
    
    if __name__ == "__main__":
        # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        ak = os.environ["CLOUD_SDK_AK"]
        sk = os.environ["CLOUD_SDK_SK"]
        projectId = "{project_id}"
    
        credentials = BasicCredentials(ak, sk, projectId)
    
        client = ElbClient.new_builder() \
            .with_credentials(credentials) \
            .with_region(ElbRegion.value_of("<YOUR REGION>")) \
            .build()
    
        try:
            request = CreateListenerRequest()
            insertHeadersListener = ListenerInsertHeaders(
                x_forwarded_elb_ip=True
            )
            listenerbody = CreateListenerOption(
                admin_state_up=True,
                insert_headers=insertHeadersListener,
                loadbalancer_id="098b2f68-af1c-41a9-8efd-69958722af62",
                name="My listener",
                protocol="TCP",
                protocol_port=80
            )
            request.body = CreateListenerRequestBody(
                listener=listenerbody
            )
            response = client.create_listener(request)
            print(response)
        except exceptions.ClientRequestException as e:
            print(e.status_code)
            print(e.request_id)
            print(e.error_code)
            print(e.error_msg)
    
  • Example 2: Adding an HTTPS listener

     1
     2
     3
     4
     5
     6
     7
     8
     9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    # coding: utf-8
    
    import os
    from huaweicloudsdkcore.auth.credentials import BasicCredentials
    from huaweicloudsdkelb.v3.region.elb_region import ElbRegion
    from huaweicloudsdkcore.exceptions import exceptions
    from huaweicloudsdkelb.v3 import *
    
    if __name__ == "__main__":
        # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        ak = os.environ["CLOUD_SDK_AK"]
        sk = os.environ["CLOUD_SDK_SK"]
        projectId = "{project_id}"
    
        credentials = BasicCredentials(ak, sk, projectId)
    
        client = ElbClient.new_builder() \
            .with_credentials(credentials) \
            .with_region(ElbRegion.value_of("<YOUR REGION>")) \
            .build()
    
        try:
            request = CreateListenerRequest()
            ipgroupListener = CreateListenerIpGroupOption(
                ipgroup_id="0416b6f1-877f-4a51-987e-978b3f083542",
                type="black"
            )
            listenerbody = CreateListenerOption(
                admin_state_up=True,
                default_tls_container_ref="233a325e5e3e4ce8beeb320aa714cc12",
                loadbalancer_id="098b2f68-af1c-41a9-8efd-69958722af62",
                name="My listener",
                protocol="HTTPS",
                protocol_port=90,
                security_policy_id="8722e0e0-9cc9-4490-9660-8c9a5732fbb0",
                ipgroup=ipgroupListener
            )
            request.body = CreateListenerRequestBody(
                listener=listenerbody
            )
            response = client.create_listener(request)
            print(response)
        except exceptions.ClientRequestException as e:
            print(e.status_code)
            print(e.request_id)
            print(e.error_code)
            print(e.error_msg)
    
  • Example 3: Adding an IP listener to a gateway load balancer

     1
     2
     3
     4
     5
     6
     7
     8
     9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    # coding: utf-8
    
    import os
    from huaweicloudsdkcore.auth.credentials import BasicCredentials
    from huaweicloudsdkelb.v3.region.elb_region import ElbRegion
    from huaweicloudsdkcore.exceptions import exceptions
    from huaweicloudsdkelb.v3 import *
    
    if __name__ == "__main__":
        # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        ak = os.environ["CLOUD_SDK_AK"]
        sk = os.environ["CLOUD_SDK_SK"]
        projectId = "{project_id}"
    
        credentials = BasicCredentials(ak, sk, projectId)
    
        client = ElbClient.new_builder() \
            .with_credentials(credentials) \
            .with_region(ElbRegion.value_of("<YOUR REGION>")) \
            .build()
    
        try:
            request = CreateListenerRequest()
            ipgroupListener = CreateListenerIpGroupOption(
                ipgroup_id="0416b6f1-877f-4a51-987e-978b3f083542",
                type="black"
            )
            listenerbody = CreateListenerOption(
                admin_state_up=True,
                loadbalancer_id="098b2f68-af1c-41a9-8efd-69958722af62",
                name="My IP listener",
                protocol="IP",
                ipgroup=ipgroupListener
            )
            request.body = CreateListenerRequestBody(
                listener=listenerbody
            )
            response = client.create_listener(request)
            print(response)
        except exceptions.ClientRequestException as e:
            print(e.status_code)
            print(e.request_id)
            print(e.error_code)
            print(e.error_msg)
    
  • Example 1: Adding a TCP listener

     1
     2
     3
     4
     5
     6
     7
     8
     9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    51
    52
    53
    54
    55
    package main
    
    import (
    	"fmt"
    	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
        elb "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/elb/v3"
    	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/elb/v3/model"
        region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/elb/v3/region"
    )
    
    func main() {
        // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        ak := os.Getenv("CLOUD_SDK_AK")
        sk := os.Getenv("CLOUD_SDK_SK")
        projectId := "{project_id}"
    
        auth := basic.NewCredentialsBuilder().
            WithAk(ak).
            WithSk(sk).
            WithProjectId(projectId).
            Build()
    
        client := elb.NewElbClient(
            elb.ElbClientBuilder().
                WithRegion(region.ValueOf("<YOUR REGION>")).
                WithCredential(auth).
                Build())
    
        request := &model.CreateListenerRequest{}
    	xForwardedELBIPInsertHeaders:= true
    	insertHeadersListener := &model.ListenerInsertHeaders{
    		XForwardedELBIP: &xForwardedELBIPInsertHeaders,
    	}
    	adminStateUpListener:= true
    	nameListener:= "My listener"
    	protocolPortListener:= int32(80)
    	listenerbody := &model.CreateListenerOption{
    		AdminStateUp: &adminStateUpListener,
    		InsertHeaders: insertHeadersListener,
    		LoadbalancerId: "098b2f68-af1c-41a9-8efd-69958722af62",
    		Name: &nameListener,
    		Protocol: "TCP",
    		ProtocolPort: &protocolPortListener,
    	}
    	request.Body = &model.CreateListenerRequestBody{
    		Listener: listenerbody,
    	}
    	response, err := client.CreateListener(request)
    	if err == nil {
            fmt.Printf("%+v\n", response)
        } else {
            fmt.Println(err)
        }
    }
    
  • Example 2: Adding an HTTPS listener

     1
     2
     3
     4
     5
     6
     7
     8
     9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    51
    52
    53
    54
    55
    56
    57
    58
    59
    60
    package main
    
    import (
    	"fmt"
    	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
        elb "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/elb/v3"
    	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/elb/v3/model"
        region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/elb/v3/region"
    )
    
    func main() {
        // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        ak := os.Getenv("CLOUD_SDK_AK")
        sk := os.Getenv("CLOUD_SDK_SK")
        projectId := "{project_id}"
    
        auth := basic.NewCredentialsBuilder().
            WithAk(ak).
            WithSk(sk).
            WithProjectId(projectId).
            Build()
    
        client := elb.NewElbClient(
            elb.ElbClientBuilder().
                WithRegion(region.ValueOf("<YOUR REGION>")).
                WithCredential(auth).
                Build())
    
        request := &model.CreateListenerRequest{}
    	typeIpgroup:= model.GetCreateListenerIpGroupOptionTypeEnum().BLACK
    	ipgroupListener := &model.CreateListenerIpGroupOption{
    		IpgroupId: "0416b6f1-877f-4a51-987e-978b3f083542",
    		Type: &typeIpgroup,
    	}
    	adminStateUpListener:= true
    	defaultTlsContainerRefListener:= "233a325e5e3e4ce8beeb320aa714cc12"
    	nameListener:= "My listener"
    	protocolPortListener:= int32(90)
    	securityPolicyIdListener:= "8722e0e0-9cc9-4490-9660-8c9a5732fbb0"
    	listenerbody := &model.CreateListenerOption{
    		AdminStateUp: &adminStateUpListener,
    		DefaultTlsContainerRef: &defaultTlsContainerRefListener,
    		LoadbalancerId: "098b2f68-af1c-41a9-8efd-69958722af62",
    		Name: &nameListener,
    		Protocol: "HTTPS",
    		ProtocolPort: &protocolPortListener,
    		SecurityPolicyId: &securityPolicyIdListener,
    		Ipgroup: ipgroupListener,
    	}
    	request.Body = &model.CreateListenerRequestBody{
    		Listener: listenerbody,
    	}
    	response, err := client.CreateListener(request)
    	if err == nil {
            fmt.Printf("%+v\n", response)
        } else {
            fmt.Println(err)
        }
    }
    
  • Example 3: Adding an IP listener to a gateway load balancer

     1
     2
     3
     4
     5
     6
     7
     8
     9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    51
    52
    53
    54
    package main
    
    import (
    	"fmt"
    	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
        elb "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/elb/v3"
    	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/elb/v3/model"
        region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/elb/v3/region"
    )
    
    func main() {
        // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        ak := os.Getenv("CLOUD_SDK_AK")
        sk := os.Getenv("CLOUD_SDK_SK")
        projectId := "{project_id}"
    
        auth := basic.NewCredentialsBuilder().
            WithAk(ak).
            WithSk(sk).
            WithProjectId(projectId).
            Build()
    
        client := elb.NewElbClient(
            elb.ElbClientBuilder().
                WithRegion(region.ValueOf("<YOUR REGION>")).
                WithCredential(auth).
                Build())
    
        request := &model.CreateListenerRequest{}
    	typeIpgroup:= model.GetCreateListenerIpGroupOptionTypeEnum().BLACK
    	ipgroupListener := &model.CreateListenerIpGroupOption{
    		IpgroupId: "0416b6f1-877f-4a51-987e-978b3f083542",
    		Type: &typeIpgroup,
    	}
    	adminStateUpListener:= true
    	nameListener:= "My IP listener"
    	listenerbody := &model.CreateListenerOption{
    		AdminStateUp: &adminStateUpListener,
    		LoadbalancerId: "098b2f68-af1c-41a9-8efd-69958722af62",
    		Name: &nameListener,
    		Protocol: "IP",
    		Ipgroup: ipgroupListener,
    	}
    	request.Body = &model.CreateListenerRequestBody{
    		Listener: listenerbody,
    	}
    	response, err := client.CreateListener(request)
    	if err == nil {
            fmt.Printf("%+v\n", response)
        } else {
            fmt.Println(err)
        }
    }
    

For SDK sample code of more programming languages, see the Sample Code tab in API Explorer. SDK sample code can be automatically generated.

Status Codes

Status Code

Description

201

Normal response to POST requests.

Error Codes

See Error Codes.