Help Center/ Elastic Load Balance/ API Reference/ API (V2)/ Listener/ Adding a Listener
Updated on 2024-01-23 GMT+08:00
View PDF
Share

Adding a Listener

Function

This API is used to add a listener to a load balancer.

Constraints

  • Only users with the ELB administrator permissions can specify the value of connection_limit.
  • The value of protocol can be TCP, HTTP, UDP, or TERMINATED_HTTPS.

URI

POST /v2/{project_id}/elb/listeners

Table 1 Parameter description

Parameter

Mandatory

Type

Description

project_id

Yes

String

Specifies the project ID.

Request

Table 2 Parameter description

Parameter

Mandatory

Type

Description

listener

Yes

Listener object

Specifies the listener. For details, see Table 3.
Table 3 listener parameter description

Parameter

Mandatory

Type

Description

tenant_id

No

String

Specifies the ID of the project where the listener is used.

The value must be the same as the value of project_id in the token.

The value contains a maximum of 255 characters.

name

No

String

Specifies the listener name.

Note: If you leave the listener name empty, you cannot locate it on the listener list and view its details.

The value contains a maximum of 255 characters.

description

No

String

Provides supplementary information about the listener.

The value contains a maximum of 255 characters.

protocol

Yes

String

Specifies the protocol used by the listener.

The value can be TCP, HTTP, UDP, or TERMINATED_HTTPS.

protocol_port

Yes

Integer

Specifies the port used by the listener.

The port number ranges from 1 to 65535.

NOTE:

If the protocol used by the listener is UDP, the port number cannot be 4789.

loadbalancer_id

Yes

String

Specifies the ID of the associated load balancer.

connection_limit

No

Integer

Specifies the maximum number of connections.

The value ranges from -1 to 2147483647. The default value is -1, indicating that there is no restriction on the maximum number of connections.

This parameter is reserved.

admin_state_up

No

Boolean

Specifies the administrative status of the listener.

This parameter is reserved, and the default value is true.

http2_enable

No

Boolean

Specifies whether to use HTTP/2.

The value can be true or false.

  • true: HTTP/2 will be used.
  • false: HTTP/2 will not be used.

The default value is false.

This parameter takes effect only when the protocol used by the listener is set to TERMINATED_HTTPS.

default_pool_id

No

String

Specifies the ID of the associated backend server group.

If a request does not match the forwarding policy, the request is forwarded to the default backend server group for processing. If the value is null, the listener has no default backend server group.

The default_pool_id parameter has the following constraints:
  • Its value cannot be the ID of any backend server group of other listeners.
  • Its value cannot be the ID of any backend server group associated with the forwarding policies set for other listeners.
The relationships between the protocol of the backend server group and the protocol used by the listener are as follows:
  • When the protocol used by the listener is TCP, the protocol of the backend server group must be TCP.
  • When the protocol used by the listener is UDP, the protocol of the backend server group must be UDP.
  • When the protocol used by the listener is HTTP or TERMINATED_HTTPS, the protocol of the backend server group must be HTTP.

default_tls_container_ref

No

String

Specifies the ID of the server certificate used by the listener.

This parameter is mandatory when protocol is set to TERMINATED_HTTPS.

The default value is null when protocol is not set to TERMINATED_HTTPS.

The value contains a maximum of 128 characters.

NOTE:

This parameter takes effect only when the protocol used by the listener is set to TERMINATED_HTTPS.

client_ca_tls_container_ref

No

String

Specifies the ID of the CA certificate used by the listener.

The default value is null.

The value contains a maximum of 128 characters.

NOTE:

This parameter takes effect only when the protocol used by the listener is set to TERMINATED_HTTPS.

sni_container_refs

No

Array

Lists the IDs of SNI certificates (server certificates with domain names) used by the listener.

If the parameter value is an empty list, the SNI feature is disabled.

The default value is [].

NOTE:

This parameter takes effect only when the protocol used by the listener is set to TERMINATED_HTTPS.

insert_headers

No

InsertHeaders object

Specifies whether to insert HTTP extension headers and sent them to backend servers. All headers are synchronized. If this parameter is not set, default values are used.

Information required by backend servers can be written into HTTP headers and passed to backend servers.

For example, you can use the X-Forwarded-ELB-IP header to transmit the load balancer EIP to backend servers. For details, see Table 4.

NOTE:

This parameter takes effect only when the protocol used by the listener is set to HTTP or TERMINATED_HTTPS.

tls_ciphers_policy

No

String

Specifies the security policy used by the listener. This parameter takes effect only when the protocol used by the listener is set to TERMINATED_HTTPS.

The value can be tls-1-0-inherit, tls-1-0, tls-1-1, tls-1-2, or tls-1-2-strict, and the default value is tls-1-0. For details of cipher suites for each security policy, see Table 5.

protection_status

No

String

Specifies whether modification protection is enabled. The value can be one of the following:

  • nonProtection (default) : Modification protection is not enabled.
  • consoleProtection: Modification protection is enabled to avoid that resources are modified by accident on the console.

protection_reason

No

String

Specifies the reason to enable modification protection. This parameter is valid only when protection_status is set to consoleProtection.
Table 4 insert_headers parameter description

Parameter

Mandatory

Type

Description

X-Forwarded-ELB-IP

No

Boolean

Specifies whether to transparently transmit the load balancer EIP to backend servers. After this function is enabled, the load balancer EIP is stored in the HTTP header and passes to backend servers.

The value can be true or false. true: This function is enabled. false: The function is disabled.

The function is disabled by default.

X-Forwarded-Host

No

Boolean

Specifies whether to rewrite the X-Forwarded-Host header. If this function is enabled, X-Forwarded-Host is rewritten based on Host in the request and sent to backend servers.

The value can be true or false. true: This function is enabled. false: The function is disabled.

The function is enabled by default.
Table 5 tls_ciphers_policy parameter description

Security Policy

TLS Version

Cipher Suite

tls-1-0-inherit

TLS 1.2 TLS 1.1 TLS 1.0

ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:AES128-SHA256:AES256-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:AES128-SHA:AES256-SHA:DHE-DSS-AES128-SHA:CAMELLIA128-SHA:EDH-RSA-DES-CBC3-SHA:DES-CBC3-SHA:ECDHE-RSA-RC4-SHA:RC4-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-DSS-CAMELLIA256-SHA:CAMELLIA256-SHA:EDH-DSS-DES-CBC3-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-DSS-CAMELLIA128-SHA

tls-1-0

TLS 1.2 TLS 1.1 TLS 1.0

ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:AES128-SHA256:AES256-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:AES128-SHA:AES256-SHA

tls-1-1

TLS 1.2 TLS 1.1

tls-1-2

TLS 1.2

tls-1-2-strict

TLS 1.2

ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:AES128-SHA256:AES256-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384

Response

Table 6 Response parameters

Parameter

Type

Description

listener

Listener object

Specifies the listener. For details, see Table 7.
Table 7 listener parameter description

Parameter

Type

Description

id

String

Specifies the listener ID.

tenant_id

String

Specifies the ID of the project where the listener is used.

The value contains a maximum of 255 characters.

project_id

String

Specifies the ID of the project to which the listener belongs. This parameter has the same meaning as tenant_id.

name

String

Specifies the listener name.

Note: If you leave the listener name empty, you cannot locate it on the listener list and view its details.

The value contains a maximum of 255 characters.

description

String

Provides supplementary information about the listener.

The value contains a maximum of 255 characters.

protocol

String

Specifies the protocol used by the listener.

The value can be TCP, HTTP, UDP, or TERMINATED_HTTPS.

protocol_port

Integer

Specifies the port used by the listener.

The port number ranges from 1 to 65535.

loadbalancers

Array of Loadbalancers objects

Specifies the ID of the associated load balancer. For details, see Table 8.

connection_limit

Integer

Specifies the maximum number of connections.

The value ranges from -1 to 2147483647. The default value is -1, indicating that there is no restriction on the maximum number of connections.

This parameter is reserved.

admin_state_up

Boolean

Specifies the administrative status of the listener.

This parameter is reserved. The value can be true or false.

  • true: Enabled
  • false: Disabled

http2_enable

Boolean

Specifies whether to use HTTP/2.

The value can be true or false.

  • true: HTTP/2 is used.
  • false: HTTP/2 is not used.

This parameter takes effect only when the protocol used by the listener is set to TERMINATED_HTTPS.

default_pool_id

String

Specifies the ID of the associated backend server group.

If a request does not match the forwarding policy, the request is forwarded to the default backend server group for processing. If the value is null, the listener has no default backend server group.

default_tls_container_ref

String

Specifies the ID of the server certificate used by the listener. For details, see Certificate.

This parameter is mandatory when protocol is set to TERMINATED_HTTPS.

The value contains a maximum of 128 characters.

client_ca_tls_container_ref

String

Specifies the ID of the CA certificate used by the listener.

The value contains a maximum of 128 characters.

For details, see Certificate.

sni_container_refs

Array

Lists the IDs of SNI certificates (server certificates with domain names) used by the listener.

If the parameter value is an empty list, the SNI feature is disabled.

tags

Array

Tags the listener.

created_at

String

Specifies the time when the listener was created. YYYY-MM-DDTHH:MM:SS

updated_at

String

Specifies the time when the listener was updated. YYYY-MM-DDTHH:MM:SS

insert_headers

InsertHeaders object

Specifies whether to insert HTTP extension headers and sent them to backend servers. All headers are synchronized. If this parameter is not set, default values are used.

Information required by backend servers can be written into HTTP headers and passed to backend servers.

For example, you can use the X-Forwarded-ELB-IP header to transmit the load balancer EIP to backend servers. For details, see Table 9.

tls_ciphers_policy

String

Specifies the security policy used by the listener. This parameter takes effect only when the protocol used by the listener is set to TERMINATED_HTTPS.

The value can be tls-1-0-inherit, tls-1-0, tls-1-1, tls-1-2, or tls-1-2-strict, and the default value is tls-1-0. Lists cipher suites used by each security policy. For details, see Table 10.

protection_status

String

String

Specifies whether modification protection is enabled. The value can be one of the following:

  • nonProtection (default) : Modification protection is not enabled.
  • consoleProtection: Modification protection is enabled to avoid that resources are modified by accident on the console.

protection_reason

String

String

Specifies the reason to enable modification protection. This parameter is valid only when protection_status is set to consoleProtection.
Table 8 loadbalancers parameter description

Parameter

Mandatory

Type

Description

id

Yes

String

Specifies the ID of the associated load balancer.
Table 9 insert_headers parameter description

Parameter

Mandatory

Type

Description

X-Forwarded-ELB-IP

No

Boolean

Specifies whether to transparently transmit the load balancer EIP to backend servers. After this function is enabled, the load balancer EIP is stored in the HTTP header and passes to backend servers.

The value can be true or false. true: This function is enabled. false: The function is disabled.

The function is disabled by default.

X-Forwarded-Host

No

Boolean

Specifies whether to rewrite the X-Forwarded-Host header. If this function is enabled, X-Forwarded-Host is rewritten based on Host in the request and sent to backend servers.

The value can be true or false. true: This function is enabled. false: The function is disabled.

The function is enabled by default.
Table 10 tls_ciphers_policy parameter description

Security Policy

TLS Version

Cipher Suite

tls-1-0-inherit

TLS 1.2 TLS 1.1 TLS 1.0

ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:AES128-SHA256:AES256-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:AES128-SHA:AES256-SHA:DHE-DSS-AES128-SHA:CAMELLIA128-SHA:EDH-RSA-DES-CBC3-SHA:DES-CBC3-SHA:ECDHE-RSA-RC4-SHA:RC4-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-DSS-CAMELLIA256-SHA:CAMELLIA256-SHA:EDH-DSS-DES-CBC3-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-DSS-CAMELLIA128-SHA

tls-1-0

TLS 1.2 TLS 1.1 TLS 1.0

ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:AES128-SHA256:AES256-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:AES128-SHA:AES256-SHA

tls-1-1

TLS 1.2 TLS 1.1

tls-1-2

TLS 1.2

tls-1-2-strict

TLS 1.2

ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:AES128-SHA256:AES256-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384

Example Request

  • Example request 1: Adding a TCP listener 
    POST https://{Endpoint}/v2/145483a5107745e9b3d80f956713e6a3/elb/listeners

{
    "listener": {
        "protocol_port": 80,
        "protocol": "TCP",
        "loadbalancer_id": "0416b6f1-877f-4a51-987e-978b3f084253",
        "name": "listener-test",
        "insert_headers":{},
       
        "admin_state_up": true
    }
}
  • Example request 2: Adding a listener with protocol set to TERMINATED_HTTPS 
    POST https://{Endpoint}/v2/601240b9c5c94059b63d484c92cfe308/elb/listeners

{ 
    "listener": { 
        "protocol_port": 25, 
        "protocol": "TERMINATED_HTTPS", 
        "default_tls_container_ref": "02dcd56799e045bf8b131533cc911dd6",
        "loadbalancer_id": "0416b6f1-877f-4a51-987e-978b3f084253", 
        "name": "listener-test",
        "admin_state_up": true
    } 
}

Example Response

  • Example response 1 
    {
    "listener": {
        "protocol_port": 80,
        "protocol": "TCP",
        "description": "",
        "client_ca_tls_container_ref": null,
        "default_tls_container_ref": null,
        "admin_state_up": true,
        "http2_enable": false,
        "loadbalancers": [
            {
                "id": "0416b6f1-877f-4a51-987e-978b3f084253"
            }
        ],
        "tenant_id": "145483a5107745e9b3d80f956713e6a3",
        "project_id": "145483a5107745e9b3d80f956713e6a3",
        "sni_container_refs": [],
        "connection_limit": -1,
        "default_pool_id": null,
        "tags": [],
        "insert_headers":{},
        "id": "b7f32b52-6f17-4b16-9ec8-063d71b653ce",
        "name": "listener-test",
        "created_at": "2018-07-25T01:54:13", 
        "updated_at": "2018-07-25T01:54:14"
     }
}
  • Example response 2 
    {
    "listener": {
        "insert_headers": {},
        "protocol_port": 25,
        "protocol": "TERMINATED_HTTPS",
        "description": "",
        "default_tls_container_ref": "02dcd56799e045bf8b131533cc911dd6",
        "sni_container_refs": [],
        "loadbalancers": [
            {
                "id": "0416b6f1-877f-4a51-987e-978b3f084253"
            }
        ],
        "tenant_id": "601240b9c5c94059b63d484c92cfe308",
        "project_id": "601240b9c5c94059b63d484c92cfe308", 
        "created_at": "2019-01-21T12:38:31",
        "client_ca_tls_container_ref": null,
        "connection_limit": -1,
        "updated_at": "2019-01-21T12:38:31",
        "http2_enable": false,
        "admin_state_up": true,
        "default_pool_id": null,
        "insert_headers":{},
        "id": "b56634cd-5ba8-460e-b5a2-6de5ba8eaf60",
        "tags": [],
        "name": "listener-test"
    }
}
  • Example response 3 
    {
    "listener": {
        "insert_headers": {},
        "protocol_port": 27,
        "protocol": "TERMINATED_HTTPS",
        "description": "",
        "default_tls_container_ref": "02dcd56799e045bf8b131533cc911dd6",
        "sni_container_refs": [
            "5882325fd6dd4b95a88d33238d293a0f",
            "e15d1b5000474adca383c3cd9ddc06d4"
        ],
        "loadbalancers": [
            {
                "id": "6bb85e33-4953-457a-85a9-336d76125b7b"
            }
        ],
        "tenant_id": "601240b9c5c94059b63d484c92cfe308",
        "project_id": "601240b9c5c94059b63d484c92cfe308",
        "created_at": "2019-01-21T12:43:55", 
        "client_ca_tls_container_ref": null,
        "connection_limit": -1,
        "updated_at": "2019-01-21T12:43:55",
        "http2_enable": false,
        "admin_state_up": true,
        "default_pool_id": null,
        "insert_headers":{},
        "id": "b2cfda5b-52fe-4320-8845-34e8d4dac2c7",
        "tags": [],
        "name": "listener-test"
    }
}

Status Code

For details, see Status Codes.

Parent Topic: Listener