a5f0524fd0
ALPN is a TLS extension for application-layer protocol negotiation within the TLS handshake [1]. This patch extends the Listener API to include a new 'alpn_protocols' parameter. With this parameter, users can set an ALPN preference list (descending order of preference). Presently, the amphora provider driver is limited to http/1.0 and http/1.1 ALPN protocol IDs. Support for "h2" (HTTP/2 over TLS) depends on HAProxy 2.0 or newer. [1] https://tools.ietf.org/html/rfc7301 Change-Id: If08a8169498cdfaa75440e8971ba0caff45ac4c4
1765 lines
46 KiB
YAML
1765 lines
46 KiB
YAML
###############################################################################
|
|
# Path fields
|
|
###############################################################################
|
|
path-amphora-id:
|
|
description: |
|
|
The ID of the amphora to query.
|
|
in: path
|
|
required: true
|
|
type: uuid
|
|
path-availability-zone-name:
|
|
description: |
|
|
The name of the availability zone to query.
|
|
in: path
|
|
required: true
|
|
type: string
|
|
path-availability-zone-profile-id:
|
|
description: |
|
|
The ID of the availability zone profile to query.
|
|
in: path
|
|
required: true
|
|
type: uuid
|
|
path-flavor-id:
|
|
description: |
|
|
The ID of the flavor to query.
|
|
in: path
|
|
required: true
|
|
type: uuid
|
|
path-flavorprofile-id:
|
|
description: |
|
|
The ID of the flavor profile to query.
|
|
in: path
|
|
required: true
|
|
type: uuid
|
|
path-healthmonitor-id:
|
|
description: |
|
|
The ID of the health monitor to query.
|
|
in: path
|
|
required: true
|
|
type: uuid
|
|
path-l7policy-id:
|
|
description: |
|
|
The ID of the L7 policy to query.
|
|
in: path
|
|
required: true
|
|
type: uuid
|
|
path-l7rule-id:
|
|
description: |
|
|
The ID of the L7 rule to query.
|
|
in: path
|
|
required: true
|
|
type: uuid
|
|
path-listener-id:
|
|
description: |
|
|
The ID of the listener to query.
|
|
in: path
|
|
required: true
|
|
type: uuid
|
|
path-loadbalancer-id:
|
|
description: |
|
|
The ID of the load balancer to query.
|
|
in: path
|
|
required: true
|
|
type: uuid
|
|
path-member-id:
|
|
description: |
|
|
The ID of the member to query.
|
|
in: path
|
|
required: true
|
|
type: uuid
|
|
path-pool-id:
|
|
description: |
|
|
The ID of the pool to query.
|
|
in: path
|
|
required: true
|
|
type: uuid
|
|
path-project-id:
|
|
description: |
|
|
The ID of the project to query.
|
|
in: path
|
|
required: true
|
|
type: string
|
|
path-provider:
|
|
description: |
|
|
The provider to query.
|
|
in: path
|
|
required: true
|
|
type: string
|
|
###############################################################################
|
|
# Query fields
|
|
###############################################################################
|
|
additive-only:
|
|
description: |
|
|
If ``true`` no members will be deleted during the batch operation.
|
|
in: query
|
|
min_version: 2.11
|
|
required: false
|
|
type: boolean
|
|
cascade-delete:
|
|
description: |
|
|
If ``true`` will delete all child objects of the load balancer.
|
|
in: query
|
|
required: false
|
|
type: boolean
|
|
fields:
|
|
description: |
|
|
The fields that you want the server to return.
|
|
If no ``fields`` query parameter is specified,
|
|
the octavia API returns all attributes allowed by the policy settings.
|
|
By using the ``fields`` parameter, the API returns only the requested set
|
|
of attributes. The ``fields`` parameter can be specified multiple times.
|
|
For example, if you specify ``fields=id&fields=name`` in the request URL,
|
|
only the ``id`` and ``name`` attributes will be returned.
|
|
in: query
|
|
required: false
|
|
type: string
|
|
project_id_query:
|
|
description: |
|
|
The ID of the project to query.
|
|
in: query
|
|
required: false
|
|
type: string
|
|
|
|
###############################################################################
|
|
# Body fields
|
|
###############################################################################
|
|
action:
|
|
description: |
|
|
The action associated with the resource.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
active_connections:
|
|
description: |
|
|
The currently active connections.
|
|
in: body
|
|
required: true
|
|
type: integer
|
|
address:
|
|
description: |
|
|
The IP address of the resource.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
address-member:
|
|
description: |
|
|
The IP address of the backend member server.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
admin_state_up:
|
|
description: |
|
|
The administrative state of the resource, which is
|
|
up (``true``) or down (``false``).
|
|
in: body
|
|
required: true
|
|
type: boolean
|
|
admin_state_up-default-optional:
|
|
description: |
|
|
The administrative state of the resource, which is
|
|
up (``true``) or down (``false``). Default is ``true``.
|
|
in: body
|
|
required: false
|
|
type: boolean
|
|
admin_state_up-optional:
|
|
description: |
|
|
The administrative state of the resource, which is
|
|
up (``true``) or down (``false``).
|
|
in: body
|
|
required: false
|
|
type: boolean
|
|
allowed_cidrs:
|
|
description: |
|
|
A list of IPv4, IPv6 or mix of both CIDRs.
|
|
in: body
|
|
min_version: 2.12
|
|
required: true
|
|
type: array
|
|
allowed_cidrs-optional:
|
|
description: |
|
|
A list of IPv4, IPv6 or mix of both CIDRs. The default is all allowed.
|
|
When a list of CIDRs is provided, the default switches to deny all.
|
|
in: body
|
|
min_version: 2.12
|
|
required: false
|
|
type: array
|
|
alpn_protocols:
|
|
description: |
|
|
A list of ALPN protocols.
|
|
Available protocols: http/1.0, http/1.1, h2
|
|
in: body
|
|
min_version: 2.20
|
|
required: true
|
|
type: array
|
|
alpn_protocols-optional:
|
|
description: |
|
|
A list of ALPN protocols.
|
|
Available protocols: http/1.0, http/1.1, h2
|
|
in: body
|
|
min_version: 2.20
|
|
required: false
|
|
type: array
|
|
amphora-id:
|
|
description: |
|
|
The associated amphora ID.
|
|
in: body
|
|
required: true
|
|
type: uuid
|
|
amphora-role:
|
|
description: |
|
|
The role of the amphora. One of ``STANDALONE``, ``MASTER``, ``BACKUP``.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
amphora-stats:
|
|
description: |
|
|
A list of amphora statistics objects, one per listener.
|
|
in: body
|
|
min_version: 2.3
|
|
required: true
|
|
type: array
|
|
amphora-status:
|
|
description: |
|
|
The status of the amphora. One of: ``BOOTING``, ``ALLOCATED``, ``READY``,
|
|
``PENDING_CREATE``, ``PENDING_DELETE``, ``DELETED``, ``ERROR``.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
api_links:
|
|
description: |
|
|
Links to the resources in question.
|
|
in: body
|
|
required: true
|
|
type: array
|
|
api_version_id:
|
|
description: |
|
|
A common name for the version.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
api_version_status:
|
|
description: |
|
|
The status of this API version. This can be one of:
|
|
|
|
- ``CURRENT``: This is the preferred version of the API to use.
|
|
- ``SUPPORTED``: This is an older, but still supported version of the API.
|
|
- ``DEPRECATED``: A deprecated version of the API that is slated for
|
|
removal.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
availability-zone-capabilities:
|
|
description: |
|
|
The provider availability zone capabilities dictonary object.
|
|
in: body
|
|
required: true
|
|
type: object
|
|
availability-zone-capability-description:
|
|
description: |
|
|
The provider availability zone capability description.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
availability-zone-capability-name:
|
|
description: |
|
|
The provider availability zone capability name.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
availability-zone-data:
|
|
description: |
|
|
The JSON string containing the availability zone metadata.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
availability-zone-data-optional:
|
|
description: |
|
|
The JSON string containing the availability zone metadata.
|
|
in: body
|
|
required: false
|
|
type: string
|
|
availability-zone-name:
|
|
description: |
|
|
An availability zone name.
|
|
in: body
|
|
required: true
|
|
type: object
|
|
availability-zone-name-optional:
|
|
description: |
|
|
An availability zone name.
|
|
in: body
|
|
required: false
|
|
type: object
|
|
availability-zone-profile:
|
|
description: |
|
|
An ``availability zone profile`` object.
|
|
in: body
|
|
required: true
|
|
type: object
|
|
availability-zone-profile-id:
|
|
description: |
|
|
The ID of the availability zone profile.
|
|
in: body
|
|
required: true
|
|
type: uuid
|
|
availability-zone-profiles:
|
|
description: |
|
|
A list of ``availability zone profile`` objects.
|
|
in: body
|
|
required: true
|
|
type: array
|
|
availability-zones:
|
|
description: |
|
|
A list of ``availability zone`` objects.
|
|
in: body
|
|
required: true
|
|
type: array
|
|
availability_zone:
|
|
description: |
|
|
An availability zone object.
|
|
in: body
|
|
required: true
|
|
type: object
|
|
backup:
|
|
description: |
|
|
Is the member a backup? Backup members only receive traffic when all
|
|
non-backup members are down.
|
|
in: body
|
|
min_version: 2.1
|
|
required: true
|
|
type: boolean
|
|
backup-optional:
|
|
description: |
|
|
Is the member a backup? Backup members only receive traffic when all
|
|
non-backup members are down.
|
|
in: body
|
|
min_version: 2.1
|
|
required: false
|
|
type: boolean
|
|
bytes_in:
|
|
description: |
|
|
The total bytes received.
|
|
in: body
|
|
required: true
|
|
type: integer
|
|
bytes_out:
|
|
description: |
|
|
The total bytes sent.
|
|
in: body
|
|
required: true
|
|
type: integer
|
|
ca_tls_container_ref:
|
|
description: |
|
|
The reference of the `key manager service
|
|
<https://docs.openstack.org/castellan/latest/>`__ secret containing a
|
|
PEM format CA certificate bundle for ``tls_enabled`` pools.
|
|
in: body
|
|
min_version: 2.8
|
|
required: true
|
|
type: string
|
|
ca_tls_container_ref-optional:
|
|
description: |
|
|
The reference of the `key manager service
|
|
<https://docs.openstack.org/castellan/latest/>`__ secret containing a
|
|
PEM format CA certificate bundle for ``tls_enabled`` pools.
|
|
in: body
|
|
min_version: 2.8
|
|
required: false
|
|
type: string
|
|
cached-zone:
|
|
description: |
|
|
The availability zone of a compute instance, cached at create time. This
|
|
is not guaranteed to be current. May be an empty-string if the compute
|
|
service does not use zones.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
cert-busy:
|
|
description: |
|
|
Whether the certificate is in the process of being replaced.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
cert-expiration:
|
|
description: |
|
|
The date the certificate for the amphora expires.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
client_authentication:
|
|
description: |
|
|
The TLS client authentication mode. One of the options ``NONE``,
|
|
``OPTIONAL`` or ``MANDATORY``.
|
|
in: body
|
|
min_version: 2.8
|
|
required: true
|
|
type: string
|
|
client_authentication-optional:
|
|
description: |
|
|
The TLS client authentication mode. One of the options ``NONE``,
|
|
``OPTIONAL`` or ``MANDATORY``.
|
|
in: body
|
|
min_version: 2.8
|
|
required: false
|
|
type: string
|
|
client_ca_tls_container_ref:
|
|
description: |
|
|
The ref of the `key manager service
|
|
<https://docs.openstack.org/castellan/latest/>`__ secret containing a
|
|
PEM format client CA certificate bundle for ``TERMINATED_HTTPS``
|
|
listeners.
|
|
in: body
|
|
min_version: 2.8
|
|
required: true
|
|
type: string
|
|
client_ca_tls_container_ref-optional:
|
|
description: |
|
|
The ref of the `key manager service
|
|
<https://docs.openstack.org/castellan/latest/>`__ secret containing a
|
|
PEM format client CA certificate bundle for ``TERMINATED_HTTPS``
|
|
listeners.
|
|
in: body
|
|
min_version: 2.8
|
|
required: false
|
|
type: string
|
|
client_crl_container_ref:
|
|
description: |
|
|
The URI of the `key manager service
|
|
<https://docs.openstack.org/castellan/latest/>`__ secret containing a
|
|
PEM format CA revocation list file for ``TERMINATED_HTTPS`` listeners.
|
|
in: body
|
|
min_version: 2.8
|
|
required: true
|
|
type: string
|
|
client_crl_container_ref-optional:
|
|
description: |
|
|
The URI of the `key manager service
|
|
<https://docs.openstack.org/castellan/latest/>`__ secret containing a
|
|
PEM format CA revocation list file for ``TERMINATED_HTTPS`` listeners.
|
|
in: body
|
|
min_version: 2.8
|
|
required: false
|
|
type: string
|
|
compute-flavor:
|
|
description: |
|
|
The ID of the compute flavor used for the amphora.
|
|
in: body
|
|
min_version: 2.3
|
|
required: true
|
|
type: string
|
|
compute-id:
|
|
description: |
|
|
The ID of the amphora resource in the compute system.
|
|
in: body
|
|
required: true
|
|
type: uuid
|
|
connection_limit:
|
|
description: |
|
|
The maximum number of connections permitted for this listener. Default
|
|
value is -1 which represents infinite connections or a default value
|
|
defined by the provider driver.
|
|
in: body
|
|
required: true
|
|
type: integer
|
|
connection_limit-optional:
|
|
description: |
|
|
The maximum number of connections permitted for this listener. Default
|
|
value is -1 which represents infinite connections or a default value
|
|
defined by the provider driver.
|
|
in: body
|
|
required: false
|
|
type: integer
|
|
created_at:
|
|
description: |
|
|
The UTC date and timestamp when the resource was created.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
crl_container_ref:
|
|
description: |
|
|
The reference of the `key manager service
|
|
<https://docs.openstack.org/castellan/latest/>`__ secret containing a
|
|
PEM format CA revocation list file for ``tls_enabled`` pools.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
crl_container_ref-optional:
|
|
description: |
|
|
The reference of the `key manager service
|
|
<https://docs.openstack.org/castellan/latest/>`__ secret containing a
|
|
PEM format CA revocation list file for ``tls_enabled`` pools.
|
|
in: body
|
|
required: false
|
|
type: string
|
|
default_pool_id:
|
|
description: |
|
|
The ID of the pool used by the listener if no L7 policies match. The pool
|
|
has some restrictions. See :ref:`valid_protocol`.
|
|
in: body
|
|
required: true
|
|
type: uuid
|
|
default_pool_id-optional:
|
|
description: |
|
|
The ID of the pool used by the listener if no L7 policies match. The pool
|
|
has some restrictions. See :ref:`valid_protocol`.
|
|
in: body
|
|
required: false
|
|
type: uuid
|
|
default_tls_container_ref:
|
|
description: |
|
|
The URI of the `key manager service
|
|
<https://docs.openstack.org/castellan/latest/>`__ secret containing a
|
|
PKCS12 format certificate/key bundle for ``TERMINATED_HTTPS`` listeners.
|
|
DEPRECATED: A secret container of type "certificate" containing the
|
|
certificate and key for ``TERMINATED_HTTPS`` listeners.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
default_tls_container_ref-optional:
|
|
description: |
|
|
The URI of the `key manager service
|
|
<https://docs.openstack.org/castellan/latest/>`__ secret containing a
|
|
PKCS12 format certificate/key bundle for ``TERMINATED_HTTPS`` listeners.
|
|
DEPRECATED: A secret container of type "certificate" containing the
|
|
certificate and key for ``TERMINATED_HTTPS`` listeners.
|
|
in: body
|
|
required: false
|
|
type: string
|
|
description:
|
|
description: |
|
|
A human-readable description for the resource.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
description-optional:
|
|
description: |
|
|
A human-readable description for the resource.
|
|
in: body
|
|
required: false
|
|
type: string
|
|
enabled:
|
|
description: |
|
|
If the resource is available for use.
|
|
in: body
|
|
required: true
|
|
type: boolean
|
|
enabled-optional:
|
|
description: |
|
|
If the resource is available for use. The default is True.
|
|
in: body
|
|
required: false
|
|
type: boolean
|
|
flavor:
|
|
description: |
|
|
A flavor object.
|
|
in: body
|
|
required: true
|
|
type: object
|
|
flavor-capabilities:
|
|
description: |
|
|
The provider flavor capabilities dictonary object.
|
|
in: body
|
|
required: true
|
|
type: object
|
|
flavor-capability-description:
|
|
description: |
|
|
The provider flavor capability description.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
flavor-capability-name:
|
|
description: |
|
|
The provider flavor capability name.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
flavor-data:
|
|
description: |
|
|
The JSON string containing the flavor metadata.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
flavor-data-optional:
|
|
description: |
|
|
The JSON string containing the flavor metadata.
|
|
in: body
|
|
required: false
|
|
type: string
|
|
flavor-id:
|
|
description: |
|
|
The ID of the flavor.
|
|
in: body
|
|
required: true
|
|
type: uuid
|
|
flavor-id-optional:
|
|
description: |
|
|
The ID of the flavor.
|
|
in: body
|
|
required: false
|
|
type: uuid
|
|
flavor-profile-id:
|
|
description: |
|
|
The ID of the flavor profile.
|
|
in: body
|
|
required: true
|
|
type: uuid
|
|
flavorprofile:
|
|
description: |
|
|
A ``flavorprofile`` object.
|
|
in: body
|
|
required: true
|
|
type: object
|
|
flavorprofiles:
|
|
description: |
|
|
A list of ``flavorprofile`` objects.
|
|
in: body
|
|
required: true
|
|
type: array
|
|
flavors:
|
|
description: |
|
|
A list of ``flavor`` objects.
|
|
in: body
|
|
required: true
|
|
type: array
|
|
healthmonitor-delay:
|
|
description: |
|
|
The time, in seconds, between sending probes to members.
|
|
in: body
|
|
required: true
|
|
type: integer
|
|
healthmonitor-delay-optional:
|
|
description: |
|
|
The time, in seconds, between sending probes to members.
|
|
in: body
|
|
required: false
|
|
type: integer
|
|
healthmonitor-domain_name:
|
|
description: |
|
|
The domain name, which be injected into the HTTP Host Header to the backend
|
|
server for HTTP health check.
|
|
in: body
|
|
min_version: 2.10
|
|
required: true
|
|
type: string
|
|
healthmonitor-domain_name-optional:
|
|
description: |
|
|
The domain name, which be injected into the HTTP Host Header to the backend
|
|
server for HTTP health check.
|
|
in: body
|
|
min_version: 2.10
|
|
required: false
|
|
type: string
|
|
healthmonitor-expected_codes:
|
|
description: |
|
|
The list of HTTP status codes expected in response from the member to
|
|
declare it healthy. Specify one of the following values:
|
|
|
|
- A single value, such as ``200``
|
|
- A list, such as ``200, 202``
|
|
- A range, such as ``200-204``
|
|
in: body
|
|
required: true
|
|
type: string
|
|
healthmonitor-expected_codes-optional:
|
|
description: |
|
|
The list of HTTP status codes expected in response from the member to
|
|
declare it healthy. Specify one of the following values:
|
|
|
|
- A single value, such as ``200``
|
|
- A list, such as ``200, 202``
|
|
- A range, such as ``200-204``
|
|
|
|
The default is 200.
|
|
in: body
|
|
required: false
|
|
type: string
|
|
healthmonitor-http_method:
|
|
description: |
|
|
The HTTP method that the health monitor uses for requests. One of
|
|
``CONNECT``, ``DELETE``, ``GET``, ``HEAD``, ``OPTIONS``, ``PATCH``,
|
|
``POST``, ``PUT``, or ``TRACE``.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
healthmonitor-http_method-optional:
|
|
description: |
|
|
The HTTP method that the health monitor uses for requests. One of
|
|
``CONNECT``, ``DELETE``, ``GET``, ``HEAD``, ``OPTIONS``, ``PATCH``,
|
|
``POST``, ``PUT``, or ``TRACE``. The default is ``GET``.
|
|
in: body
|
|
required: false
|
|
type: string
|
|
healthmonitor-http_version:
|
|
description: |
|
|
The HTTP version. One of ``1.0`` or ``1.1``. The default is ``1.0``.
|
|
in: body
|
|
min_version: 2.10
|
|
required: true
|
|
type: float
|
|
healthmonitor-http_version-optional:
|
|
description: |
|
|
The HTTP version. One of ``1.0`` or ``1.1``. The default is ``1.0``.
|
|
in: body
|
|
min_version: 2.10
|
|
required: false
|
|
type: float
|
|
healthmonitor-id:
|
|
description: |
|
|
The associated health monitor ID.
|
|
in: body
|
|
required: true
|
|
type: uuid
|
|
healthmonitor-max-retries:
|
|
description: |
|
|
The number of successful checks before changing the ``operating status``
|
|
of the member to ``ONLINE``. A valid value is from ``1`` to ``10``.
|
|
in: body
|
|
required: true
|
|
type: integer
|
|
healthmonitor-max-retries-down:
|
|
description: |
|
|
The number of allowed check failures before changing the ``operating
|
|
status`` of the member to ``ERROR``. A valid value is from ``1`` to ``10``.
|
|
in: body
|
|
required: true
|
|
type: integer
|
|
healthmonitor-max-retries-down-optional:
|
|
description: |
|
|
The number of allowed check failures before changing the ``operating
|
|
status`` of the member to ``ERROR``. A valid value is from ``1`` to ``10``.
|
|
The default is ``3``.
|
|
in: body
|
|
required: false
|
|
type: integer
|
|
healthmonitor-max-retries-optional:
|
|
description: |
|
|
The number of successful checks before changing the ``operating status``
|
|
of the member to ``ONLINE``. A valid value is from ``1`` to ``10``.
|
|
in: body
|
|
required: false
|
|
type: integer
|
|
healthmonitor-status:
|
|
description: |
|
|
The associated health monitor status object.
|
|
in: body
|
|
required: true
|
|
type: object
|
|
healthmonitor-timeout:
|
|
description: |
|
|
The maximum time, in seconds, that a monitor waits to connect before it
|
|
times out. This value must be less than the delay value.
|
|
in: body
|
|
required: true
|
|
type: integer
|
|
healthmonitor-timeout-optional:
|
|
description: |
|
|
The maximum time, in seconds, that a monitor waits to connect before it
|
|
times out. This value must be less than the delay value.
|
|
in: body
|
|
required: false
|
|
type: integer
|
|
healthmonitor-type:
|
|
description: |
|
|
The type of health monitor. One of ``HTTP``, ``HTTPS``, ``PING``, ``TCP``,
|
|
``TLS-HELLO``, or ``UDP-CONNECT``.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
healthmonitor-url_path:
|
|
description: |
|
|
The HTTP URL path of the request sent by the monitor to test the health of
|
|
a backend member. Must be a string that begins with a forward slash
|
|
(``/``).
|
|
in: body
|
|
required: true
|
|
type: string
|
|
healthmonitor-url_path-optional:
|
|
description: |
|
|
The HTTP URL path of the request sent by the monitor to test the health of
|
|
a backend member. Must be a string that begins with a forward slash
|
|
(``/``). The default URL path is ``/``.
|
|
in: body
|
|
required: false
|
|
type: string
|
|
id:
|
|
description: |
|
|
The ID of the resource.
|
|
in: body
|
|
required: true
|
|
type: uuid
|
|
image-id:
|
|
description: |
|
|
The ID of the glance image used for the amphora.
|
|
in: body
|
|
min_version: 2.1
|
|
required: true
|
|
type: uuid
|
|
insert_headers:
|
|
description: |
|
|
A dictionary of optional headers to insert into the request before it is
|
|
sent to the backend ``member``. See :ref:`header_insertions`. Both keys
|
|
and values are always specified as strings.
|
|
in: body
|
|
required: true
|
|
type: object
|
|
insert_headers-optional:
|
|
description: |
|
|
A dictionary of optional headers to insert into the request before it is
|
|
sent to the backend ``member``. See :ref:`header_insertions`. Both keys
|
|
and values are always specified as strings.
|
|
in: body
|
|
required: false
|
|
type: object
|
|
l7policies-optional:
|
|
description: |
|
|
A list of L7 policy objects.
|
|
in: body
|
|
required: false
|
|
type: array
|
|
l7policies-status-object-list:
|
|
description: |
|
|
A list of L7 policy status objects.
|
|
in: body
|
|
required: true
|
|
type: array
|
|
l7policy-action:
|
|
description: |
|
|
The L7 policy action. One of ``REDIRECT_PREFIX``, ``REDIRECT_TO_POOL``,
|
|
``REDIRECT_TO_URL``, or ``REJECT``.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
l7policy-action-optional:
|
|
description: |
|
|
The L7 policy action. One of ``REDIRECT_PREFIX``, ``REDIRECT_TO_POOL``,
|
|
``REDIRECT_TO_URL``, or ``REJECT``.
|
|
in: body
|
|
required: false
|
|
type: string
|
|
l7policy-id:
|
|
description: |
|
|
The ID of the L7 policy.
|
|
in: body
|
|
required: true
|
|
type: uuid
|
|
l7policy-ids:
|
|
description: |
|
|
A list of L7 policy IDs.
|
|
in: body
|
|
required: true
|
|
type: array
|
|
l7policy-position:
|
|
description: |
|
|
The position of this policy on the listener. Positions start at 1.
|
|
in: body
|
|
required: true
|
|
type: integer
|
|
l7policy-position-optional:
|
|
description: |
|
|
The position of this policy on the listener. Positions start at 1.
|
|
in: body
|
|
required: false
|
|
type: integer
|
|
l7policy-redirect-http-code:
|
|
description: |
|
|
Requests matching this policy will be redirected to the specified URL or
|
|
Prefix URL with the HTTP response code. Valid if ``action`` is
|
|
``REDIRECT_TO_URL`` or ``REDIRECT_PREFIX``. Valid options are: 301, 302,
|
|
303, 307, or 308. Default is 302.
|
|
in: body
|
|
min_version: 2.9
|
|
required: true
|
|
type: integer
|
|
l7policy-redirect-http-code-optional:
|
|
description: |
|
|
Requests matching this policy will be redirected to the specified URL or
|
|
Prefix URL with the HTTP response code. Valid if ``action`` is
|
|
``REDIRECT_TO_URL`` or ``REDIRECT_PREFIX``. Valid options are: 301, 302,
|
|
303, 307, or 308. Default is 302.
|
|
in: body
|
|
min_version: 2.9
|
|
required: false
|
|
type: integer
|
|
l7policy-redirect-pool_id:
|
|
description: |
|
|
Requests matching this policy will be redirected to the pool with this ID.
|
|
Only valid if ``action`` is ``REDIRECT_TO_POOL``. The pool has some
|
|
restrictions, See :ref:`valid_protocol`.
|
|
in: body
|
|
required: true
|
|
type: uuid
|
|
l7policy-redirect-pool_id-optional:
|
|
description: |
|
|
Requests matching this policy will be redirected to the pool with this ID.
|
|
Only valid if ``action`` is ``REDIRECT_TO_POOL``. The pool has some
|
|
restrictions, See :ref:`valid_protocol`.
|
|
in: body
|
|
required: false
|
|
type: uuid
|
|
l7policy-redirect-prefix:
|
|
description: |
|
|
Requests matching this policy will be redirected to this Prefix URL.
|
|
Only valid if ``action`` is ``REDIRECT_PREFIX``.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
l7policy-redirect-prefix-optional:
|
|
description: |
|
|
Requests matching this policy will be redirected to this Prefix URL.
|
|
Only valid if ``action`` is ``REDIRECT_PREFIX``.
|
|
in: body
|
|
required: false
|
|
type: string
|
|
l7policy-redirect-url:
|
|
description: |
|
|
Requests matching this policy will be redirected to this URL.
|
|
Only valid if ``action`` is ``REDIRECT_TO_URL``.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
l7policy-redirect-url-optional:
|
|
description: |
|
|
Requests matching this policy will be redirected to this URL.
|
|
Only valid if ``action`` is ``REDIRECT_TO_URL``.
|
|
in: body
|
|
required: false
|
|
type: string
|
|
l7policy-rule-ids:
|
|
description: |
|
|
List of associated L7 rule IDs.
|
|
in: body
|
|
required: true
|
|
type: array
|
|
l7rule-compare_type:
|
|
description: |
|
|
The comparison type for the L7 rule. One of ``CONTAINS``, ``ENDS_WITH``,
|
|
``EQUAL_TO``, ``REGEX``, or ``STARTS_WITH``.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
l7rule-compare_type-optional:
|
|
description: |
|
|
The comparison type for the L7 rule. One of ``CONTAINS``, ``ENDS_WITH``,
|
|
``EQUAL_TO``, ``REGEX``, or ``STARTS_WITH``.
|
|
in: body
|
|
required: false
|
|
type: string
|
|
l7rule-id:
|
|
description: |
|
|
The ID of the L7 rule.
|
|
in: body
|
|
required: true
|
|
type: uuid
|
|
l7rule-invert:
|
|
description: |
|
|
When ``true`` the logic of the rule is inverted. For example, with
|
|
invert ``true``, `equal to` would become `not equal to`.
|
|
in: body
|
|
required: true
|
|
type: boolean
|
|
l7rule-invert-optional:
|
|
description: |
|
|
When ``true`` the logic of the rule is inverted. For example, with
|
|
invert ``true``, `equal to` would become `not equal to`.
|
|
Default is ``false``.
|
|
in: body
|
|
required: false
|
|
type: boolean
|
|
l7rule-key:
|
|
description: |
|
|
The key to use for the comparison. For example, the name of the cookie
|
|
to evaluate.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
l7rule-key-optional:
|
|
description: |
|
|
The key to use for the comparison. For example, the name of the cookie
|
|
to evaluate.
|
|
in: body
|
|
required: false
|
|
type: string
|
|
l7rule-type:
|
|
description: |
|
|
The L7 rule type. One of ``COOKIE``, ``FILE_TYPE``, ``HEADER``,
|
|
``HOST_NAME``, ``PATH``, ``SSL_CONN_HAS_CERT``, ``SSL_VERIFY_RESULT``,
|
|
or ``SSL_DN_FIELD``.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
l7rule-type-optional:
|
|
description: |
|
|
The L7 rule type. One of ``COOKIE``, ``FILE_TYPE``, ``HEADER``,
|
|
``HOST_NAME``, ``PATH``, ``SSL_CONN_HAS_CERT``, ``SSL_VERIFY_RESULT``,
|
|
or ``SSL_DN_FIELD``.
|
|
in: body
|
|
required: false
|
|
type: string
|
|
l7rule-value:
|
|
description: |
|
|
The value to use for the comparison. For example, the file type to compare.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
l7rule-value-optional:
|
|
description: |
|
|
The value to use for the comparison. For example, the file type to compare.
|
|
in: body
|
|
required: false
|
|
type: string
|
|
l7rules-status-object-list:
|
|
description: |
|
|
A list of L7 rule status objects.
|
|
in: body
|
|
required: true
|
|
type: array
|
|
lb-algorithm:
|
|
description: |
|
|
The load balancing algorithm for the pool. One of ``LEAST_CONNECTIONS``,
|
|
``ROUND_ROBIN``, ``SOURCE_IP``, or ``SOURCE_IP_PORT``.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
lb-algorithm-optional:
|
|
description: |
|
|
The load balancing algorithm for the pool. One of ``LEAST_CONNECTIONS``,
|
|
``ROUND_ROBIN``, or ``SOURCE_IP``.
|
|
in: body
|
|
required: false
|
|
type: string
|
|
lb-network-ip:
|
|
description: |
|
|
The management IP of the amphora.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
links:
|
|
description: |
|
|
A list of relative links. Includes the self link for the API.
|
|
in: body
|
|
required: true
|
|
type: array
|
|
listener:
|
|
description: |
|
|
A listener object.
|
|
in: body
|
|
required: true
|
|
type: object
|
|
listener-id:
|
|
description: |
|
|
The ID of the listener.
|
|
in: body
|
|
required: true
|
|
type: uuid
|
|
listener-id-pool-optional:
|
|
description: |
|
|
The ID of the listener for the pool. Either ``listener_id`` or
|
|
``loadbalancer_id`` must be specified. The listener has some restrictions,
|
|
See :ref:`valid_protocol`.
|
|
in: body
|
|
required: false
|
|
type: uuid
|
|
listener-ids:
|
|
description: |
|
|
A list of listener IDs.
|
|
in: body
|
|
required: true
|
|
type: array
|
|
listeners:
|
|
description: |
|
|
The associated listener IDs, if any.
|
|
in: body
|
|
required: true
|
|
type: array
|
|
listeners-optional:
|
|
description: |
|
|
The associated listener IDs, if any.
|
|
in: body
|
|
required: false
|
|
type: array
|
|
listeners-status-object-list:
|
|
description: |
|
|
A list of listener status objects.
|
|
in: body
|
|
required: true
|
|
type: array
|
|
loadbalancer:
|
|
description: |
|
|
A load balancer object.
|
|
in: body
|
|
required: true
|
|
type: object
|
|
loadbalancer-id:
|
|
description: |
|
|
The ID of the load balancer.
|
|
in: body
|
|
required: true
|
|
type: uuid
|
|
loadbalancer-id-pool-optional:
|
|
description: |
|
|
The ID of the load balancer for the pool. Either ``listener_id`` or
|
|
``loadbalancer_id`` must be specified.
|
|
in: body
|
|
required: false
|
|
type: uuid
|
|
loadbalancer-ids:
|
|
description: |
|
|
A list of load balancer IDs.
|
|
in: body
|
|
required: true
|
|
type: array
|
|
loadbalancer-status:
|
|
description: |
|
|
A load balancer status object.
|
|
in: body
|
|
required: true
|
|
type: object
|
|
loadbalancers:
|
|
description: |
|
|
A list of ``loadbalancer`` objects.
|
|
in: body
|
|
required: true
|
|
type: array
|
|
member-id:
|
|
description: |
|
|
The ID of the member.
|
|
in: body
|
|
required: true
|
|
type: uuid
|
|
member-ids:
|
|
description: |
|
|
A list of member IDs.
|
|
in: body
|
|
required: true
|
|
type: array
|
|
members-status-object-list:
|
|
description: |
|
|
A list of members status objects.
|
|
in: body
|
|
required: true
|
|
type: array
|
|
monitor_address:
|
|
description: |
|
|
An alternate IP address used for health monitoring a backend member.
|
|
Default is ``null`` which monitors the member ``address``.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
monitor_address-optional:
|
|
description: |
|
|
An alternate IP address used for health monitoring a backend member.
|
|
Default is ``null`` which monitors the member ``address``.
|
|
in: body
|
|
required: false
|
|
type: string
|
|
monitor_port:
|
|
description: |
|
|
An alternate protocol port used for health monitoring a backend member.
|
|
Default is ``null`` which monitors the member ``protocol_port``.
|
|
in: body
|
|
required: true
|
|
type: integer
|
|
monitor_port-optional:
|
|
description: |
|
|
An alternate protocol port used for health monitoring a backend member.
|
|
Default is ``null`` which monitors the member ``protocol_port``.
|
|
in: body
|
|
required: false
|
|
type: integer
|
|
name:
|
|
description: |
|
|
Human-readable name of the resource.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
name-optional:
|
|
description: |
|
|
Human-readable name of the resource.
|
|
in: body
|
|
required: false
|
|
type: string
|
|
operating_status:
|
|
description: |
|
|
The operating status of the resource. See :ref:`op_status`.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
pool-id:
|
|
description: |
|
|
The ID of the pool.
|
|
in: body
|
|
required: true
|
|
type: uuid
|
|
pool-optional:
|
|
description: |
|
|
A pool object.
|
|
in: body
|
|
required: false
|
|
type: object
|
|
pools-status-list:
|
|
description: |
|
|
The list of pools status objects.
|
|
in: body
|
|
required: true
|
|
type: array
|
|
pools_ids:
|
|
description: |
|
|
The associated pool IDs, if any.
|
|
in: body
|
|
required: true
|
|
type: array
|
|
project_id:
|
|
description: |
|
|
The ID of the project owning this resource.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
project_id-optional:
|
|
description: |
|
|
The ID of the project owning this resource.
|
|
in: body
|
|
required: false
|
|
type: string
|
|
project_id-optional-deprecated:
|
|
description: |
|
|
The ID of the project owning this resource. (deprecated)
|
|
in: body
|
|
required: false
|
|
type: string
|
|
protocol:
|
|
description: |
|
|
The protocol for the resource. One of ``HTTP``, ``HTTPS``, ``TCP``,
|
|
``TERMINATED_HTTPS``, or ``UDP``.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
protocol-pools:
|
|
description: |
|
|
The protocol for the resource. One of ``HTTP``, ``HTTPS``, ``PROXY``,
|
|
``TCP``, or ``UDP``.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
protocol_port:
|
|
description: |
|
|
The protocol port number for the resource.
|
|
in: body
|
|
required: true
|
|
type: integer
|
|
protocol_port-member:
|
|
description: |
|
|
The protocol port number the backend member server is listening on.
|
|
in: body
|
|
required: true
|
|
type: integer
|
|
provider:
|
|
description: |
|
|
Provider name for the load balancer.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
provider-description:
|
|
description: |
|
|
Provider description.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
provider-name:
|
|
description: |
|
|
Provider name.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
provider-name-optional:
|
|
description: |
|
|
Provider name.
|
|
in: body
|
|
required: false
|
|
type: string
|
|
provider-optional:
|
|
description: |
|
|
Provider name for the load balancer. Default is ``octavia``.
|
|
in: body
|
|
required: false
|
|
type: string
|
|
provisioning_status:
|
|
description: |
|
|
The provisioning status of the resource. See :ref:`prov_status`.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
quota-health_monitor:
|
|
description: |
|
|
The configured health monitor quota limit. A setting of ``null`` means it
|
|
is using the deployment default quota. A setting of ``-1``
|
|
means unlimited.
|
|
in: body
|
|
required: true
|
|
type: integer
|
|
quota-health_monitor-optional:
|
|
description: |
|
|
The configured health monitor quota limit. A setting of ``null`` means it
|
|
is using the deployment default quota. A setting of ``-1`` means
|
|
unlimited.
|
|
in: body
|
|
required: false
|
|
type: integer
|
|
quota-l7policy:
|
|
description: |
|
|
The configured l7policy quota limit. A setting of ``null`` means it is
|
|
using the deployment default quota. A setting of ``-1`` means unlimited.
|
|
in: body
|
|
required: true
|
|
type: integer
|
|
quota-l7policy-optional:
|
|
description: |
|
|
The configured l7policy quota limit. A setting of ``null`` means it is
|
|
using the deployment default quota. A setting of ``-1`` means unlimited.
|
|
in: body
|
|
required: false
|
|
type: integer
|
|
quota-l7rule:
|
|
description: |
|
|
The configured l7rule quota limit. A setting of ``null`` means it is
|
|
using the deployment default quota. A setting of ``-1`` means unlimited.
|
|
in: body
|
|
required: true
|
|
type: integer
|
|
quota-l7rule-optional:
|
|
description: |
|
|
The configured l7rule quota limit. A setting of ``null`` means it is
|
|
using the deployment default quota. A setting of ``-1`` means unlimited.
|
|
in: body
|
|
required: false
|
|
type: integer
|
|
quota-listener:
|
|
description: |
|
|
The configured listener quota limit. A setting of ``null`` means it is
|
|
using the deployment default quota. A setting of ``-1`` means unlimited.
|
|
in: body
|
|
required: true
|
|
type: integer
|
|
quota-listener-optional:
|
|
description: |
|
|
The configured listener quota limit. A setting of ``null`` means it is
|
|
using the deployment default quota. A setting of ``-1`` means unlimited.
|
|
in: body
|
|
required: true
|
|
type: integer
|
|
quota-load_balancer:
|
|
description: |
|
|
The configured load balancer quota limit. A setting of ``null`` means it
|
|
is using the deployment default quota. A setting of ``-1`` means
|
|
unlimited.
|
|
in: body
|
|
required: true
|
|
type: integer
|
|
quota-load_balancer-optional:
|
|
description: |
|
|
The configured load balancer quota limit. A setting of ``null`` means it
|
|
is using the deployment default quota. A setting of ``-1`` means
|
|
unlimited.
|
|
in: body
|
|
required: true
|
|
type: integer
|
|
quota-member:
|
|
description: |
|
|
The configured member quota limit. A setting of ``null`` means it is using
|
|
the deployment default quota. A setting of ``-1`` means unlimited.
|
|
in: body
|
|
required: true
|
|
type: integer
|
|
quota-member-optional:
|
|
description: |
|
|
The configured member quota limit. A setting of ``null`` means it is using
|
|
the deployment default quota. A setting of ``-1`` means unlimited.
|
|
in: body
|
|
required: true
|
|
type: integer
|
|
quota-pool:
|
|
description: |
|
|
The configured pool quota limit. A setting of ``null`` means it is using
|
|
the deployment default quota. A setting of ``-1`` means unlimited.
|
|
in: body
|
|
required: true
|
|
type: integer
|
|
quota-pool-optional:
|
|
description: |
|
|
The configured pool quota limit. A setting of ``null`` means it is using
|
|
the deployment default quota. A setting of ``-1`` means unlimited.
|
|
in: body
|
|
required: true
|
|
type: integer
|
|
request_errors:
|
|
description: |
|
|
The total requests that were unable to be fulfilled.
|
|
in: body
|
|
required: true
|
|
type: integer
|
|
session_persistence:
|
|
description: |
|
|
A JSON object specifying the session persistence for the pool or ``null``
|
|
for no session persistence. See :ref:`session_persistence`. Default is
|
|
``null``.
|
|
in: body
|
|
required: true
|
|
type: object
|
|
session_persistence-optional:
|
|
description: |
|
|
A JSON object specifying the session persistence for the pool or ``null``
|
|
for no session persistence. See :ref:`session_persistence`. Default is
|
|
``null``.
|
|
in: body
|
|
required: false
|
|
type: object
|
|
session_persistence_cookie:
|
|
description: |
|
|
The name of the cookie to use for session persistence. Only applicable to
|
|
the ``APP_COOKIE`` session persistence type where it is required.
|
|
in: body
|
|
required: false
|
|
type: string
|
|
session_persistence_granularity:
|
|
description: |
|
|
The netmask used to determine UDP session persistence. Currently only
|
|
valid for UDP pools with session persistence of SOURCE_IP. Default netmask
|
|
is 255.255.255.255, meaning per client full IP.
|
|
in: body
|
|
min_version: 2.2
|
|
required: false
|
|
type: string
|
|
session_persistence_timeout:
|
|
description: |
|
|
The timeout, in seconds, after which a UDP flow may be rescheduled to a
|
|
different member. Currently only applies to UDP pools with session
|
|
persistence of SOURCE_IP. Default is 360.
|
|
in: body
|
|
min_version: 2.2
|
|
required: false
|
|
type: integer
|
|
session_persistence_type:
|
|
description: |
|
|
Session persistence type for the pool. One of ``APP_COOKIE``,
|
|
``HTTP_COOKIE``, or ``SOURCE_IP``.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
sni_container_refs:
|
|
description: |
|
|
A list of URIs to the `key manager service
|
|
<https://docs.openstack.org/barbican/latest/>`__ secrets containing
|
|
PKCS12 format certificate/key bundles for ``TERMINATED_HTTPS`` listeners.
|
|
(DEPRECATED) Secret containers of type "certificate" containing the
|
|
certificates and keys for ``TERMINATED_HTTPS`` listeners.
|
|
in: body
|
|
required: true
|
|
type: array
|
|
sni_container_refs-optional:
|
|
description: |
|
|
A list of URIs to the `key manager service
|
|
<https://docs.openstack.org/barbican/latest/>`__ secrets containing
|
|
PKCS12 format certificate/key bundles for ``TERMINATED_HTTPS`` listeners.
|
|
(DEPRECATED) Secret containers of type "certificate" containing the
|
|
certificates and keys for ``TERMINATED_HTTPS`` listeners.
|
|
in: body
|
|
required: false
|
|
type: array
|
|
stats:
|
|
description: |
|
|
A statistics object.
|
|
in: body
|
|
required: true
|
|
type: object
|
|
statuses:
|
|
description: |
|
|
The status tree of a load balancer object contains all provisioning and
|
|
operating statuses for its children.
|
|
in: body
|
|
required: true
|
|
type: object
|
|
subnet_id:
|
|
description: |
|
|
The subnet ID the member service is accessible from.
|
|
in: body
|
|
required: true
|
|
type: uuid
|
|
subnet_id-optional:
|
|
description: |
|
|
The subnet ID the member service is accessible from.
|
|
in: body
|
|
required: false
|
|
type: uuid
|
|
tags:
|
|
description: |
|
|
A list of simple strings assigned to the resource.
|
|
in: body
|
|
min_version: 2.5
|
|
required: true
|
|
type: list
|
|
tags-optional:
|
|
description: |
|
|
A list of simple strings assigned to the resource.
|
|
in: body
|
|
min_version: 2.5
|
|
required: false
|
|
type: list
|
|
timeout_client_data:
|
|
description: |
|
|
Frontend client inactivity timeout in milliseconds. Default: 50000.
|
|
in: body
|
|
min_version: 2.1
|
|
required: true
|
|
type: integer
|
|
timeout_client_data-optional:
|
|
description: |
|
|
Frontend client inactivity timeout in milliseconds. Default: 50000.
|
|
in: body
|
|
min_version: 2.1
|
|
required: false
|
|
type: integer
|
|
timeout_member_connect:
|
|
description: |
|
|
Backend member connection timeout in milliseconds. Default: 5000.
|
|
in: body
|
|
min_version: 2.1
|
|
required: true
|
|
type: integer
|
|
timeout_member_connect-optional:
|
|
description: |
|
|
Backend member connection timeout in milliseconds. Default: 5000.
|
|
in: body
|
|
min_version: 2.1
|
|
required: false
|
|
type: integer
|
|
timeout_member_data:
|
|
description: |
|
|
Backend member inactivity timeout in milliseconds. Default: 50000.
|
|
in: body
|
|
min_version: 2.1
|
|
required: true
|
|
type: integer
|
|
timeout_member_data-optional:
|
|
description: |
|
|
Backend member inactivity timeout in milliseconds. Default: 50000.
|
|
in: body
|
|
min_version: 2.1
|
|
required: false
|
|
type: integer
|
|
timeout_tcp_inspect:
|
|
description: |
|
|
Time, in milliseconds, to wait for additional TCP packets for content
|
|
inspection. Default: 0.
|
|
in: body
|
|
min_version: 2.1
|
|
required: true
|
|
type: integer
|
|
timeout_tcp_inspect-optional:
|
|
description: |
|
|
Time, in milliseconds, to wait for additional TCP packets for content
|
|
inspection. Default: 0.
|
|
in: body
|
|
min_version: 2.1
|
|
required: false
|
|
type: integer
|
|
tls_ciphers:
|
|
description: |
|
|
List of ciphers in OpenSSL format (colon-separated).
|
|
See https://www.openssl.org/docs/man1.1.1/man1/ciphers.html
|
|
in: body
|
|
min_version: 2.15
|
|
required: true
|
|
type: string
|
|
tls_ciphers-optional:
|
|
description: |
|
|
List of ciphers in OpenSSL format (colon-separated).
|
|
See https://www.openssl.org/docs/man1.1.1/man1/ciphers.html
|
|
in: body
|
|
min_version: 2.15
|
|
required: false
|
|
type: string
|
|
tls_container_ref:
|
|
description: |
|
|
The reference to the `key manager service
|
|
<https://docs.openstack.org/castellan/latest/>`__ secret containing a
|
|
PKCS12 format certificate/key bundle for ``tls_enabled`` pools for
|
|
TLS client authentication to the member servers.
|
|
in: body
|
|
min_version: 2.8
|
|
required: true
|
|
type: string
|
|
tls_container_ref-optional:
|
|
description: |
|
|
The reference to the `key manager service
|
|
<https://docs.openstack.org/castellan/latest/>`__ secret containing a
|
|
PKCS12 format certificate/key bundle for ``tls_enabled`` pools for
|
|
TLS client authentication to the member servers.
|
|
in: body
|
|
min_version: 2.8
|
|
required: false
|
|
type: string
|
|
tls_enabled:
|
|
description: |
|
|
When ``true`` connections to backend member servers will use TLS
|
|
encryption. Default is ``false``.
|
|
in: body
|
|
min_version: 2.8
|
|
required: true
|
|
type: boolean
|
|
tls_enabled-optional:
|
|
description: |
|
|
When ``true`` connections to backend member servers will use TLS
|
|
encryption. Default is ``false``.
|
|
in: body
|
|
min_version: 2.8
|
|
required: false
|
|
type: boolean
|
|
tls_versions:
|
|
description: |
|
|
A list of TLS protocol versions.
|
|
Available versions: SSLv3, TLSv1, TLSv1.1, TLSv1.2, TLSv1.3
|
|
in: body
|
|
min_version: 2.17
|
|
required: true
|
|
type: array
|
|
tls_versions-optional:
|
|
description: |
|
|
A list of TLS protocol versions.
|
|
Available versions: SSLv3, TLSv1, TLSv1.1, TLSv1.2, TLSv1.3
|
|
in: body
|
|
min_version: 2.17
|
|
required: false
|
|
type: array
|
|
total_connections:
|
|
description: |
|
|
The total connections handled.
|
|
in: body
|
|
required: true
|
|
type: integer
|
|
type:
|
|
description: |
|
|
The type associated with the resource.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
updated_at:
|
|
description: |
|
|
The UTC date and timestamp when the resource was last updated.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
vip_address:
|
|
description: |
|
|
The IP address of the Virtual IP (VIP).
|
|
in: body
|
|
required: true
|
|
type: string
|
|
vip_address-optional:
|
|
description: |
|
|
The IP address of the Virtual IP (VIP).
|
|
in: body
|
|
required: false
|
|
type: string
|
|
vip_network_id:
|
|
description: |
|
|
The ID of the network for the Virtual IP (VIP).
|
|
in: body
|
|
required: true
|
|
type: uuid
|
|
vip_network_id-optional:
|
|
description: |
|
|
The ID of the network for the Virtual IP (VIP). One of ``vip_network_id``,
|
|
``vip_port_id``, or ``vip_subnet_id`` must be specified.
|
|
in: body
|
|
required: false
|
|
type: uuid
|
|
vip_port_id:
|
|
description: |
|
|
The ID of the Virtual IP (VIP) port.
|
|
in: body
|
|
required: true
|
|
type: uuid
|
|
vip_port_id-optional:
|
|
description: |
|
|
The ID of the Virtual IP (VIP) port. One of ``vip_network_id``,
|
|
``vip_port_id``, or ``vip_subnet_id`` must be specified.
|
|
in: body
|
|
required: false
|
|
type: uuid
|
|
vip_qos_policy_id:
|
|
description: |
|
|
The ID of the QoS Policy which will apply to the Virtual IP (VIP).
|
|
in: body
|
|
required: true
|
|
type: uuid
|
|
vip_qos_policy_id-optional:
|
|
description: |
|
|
The ID of the QoS Policy which will apply to the Virtual IP (VIP).
|
|
in: body
|
|
required: false
|
|
type: uuid
|
|
vip_subnet_id:
|
|
description: |
|
|
The ID of the subnet for the Virtual IP (VIP).
|
|
in: body
|
|
required: true
|
|
type: uuid
|
|
vip_subnet_id-optional:
|
|
description: |
|
|
The ID of the subnet for the Virtual IP (VIP). One of ``vip_network_id``,
|
|
``vip_port_id``, or ``vip_subnet_id`` must be specified.
|
|
in: body
|
|
required: false
|
|
type: uuid
|
|
vrrp-id:
|
|
description: |
|
|
The vrrp group's ID for the amphora.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
vrrp-interface:
|
|
description: |
|
|
The bound interface name of the vrrp port on the amphora.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
vrrp-ip:
|
|
description: |
|
|
The address of the vrrp port on the amphora.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
vrrp-port-id:
|
|
description: |
|
|
The vrrp port's ID in the networking system.
|
|
in: body
|
|
required: true
|
|
type: uuid
|
|
vrrp-priority:
|
|
description: |
|
|
The priority of the amphora in the vrrp group.
|
|
in: body
|
|
required: true
|
|
type: string
|
|
weight:
|
|
description: |
|
|
The weight of a member determines the portion of requests or connections it
|
|
services compared to the other members of the pool. For example, a member
|
|
with a weight of 10 receives five times as many requests as a member with a
|
|
weight of 2. A value of 0 means the member does not receive new connections
|
|
but continues to service existing connections. A valid value is
|
|
from ``0`` to ``256``. Default is ``1``.
|
|
in: body
|
|
required: true
|
|
type: integer
|
|
weight-optional:
|
|
description: |
|
|
The weight of a member determines the portion of requests or connections it
|
|
services compared to the other members of the pool. For example, a member
|
|
with a weight of 10 receives five times as many requests as a member with a
|
|
weight of 2. A value of 0 means the member does not receive new connections
|
|
but continues to service existing connections. A valid value is
|
|
from ``0`` to ``256``. Default is ``1``.
|
|
in: body
|
|
required: false
|
|
type: integer
|