Load Balancing as a Service (LBaaS) for OpenStack
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 

287 lines
11 KiB

# Copyright (c) 2019 Red Hat, Inc.
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
[driver.amphora]
title=Amphora Provider
link=https://docs.openstack.org/api-ref/load-balancer/v2/index.html
[driver.ovn]
title=OVN Provider
link=https://docs.openstack.org/networking-ovn/latest/admin/loadbalancer.html
# Note: These should be in the order they appear in a create call.
[operation.admin_state_up]
title=admin_state_up
status=mandatory
notes=Enables and disables the listener.
cli=openstack loadbalancer listener create [--enable | --disable] <loadbalancer>
driver.amphora=complete
driver.ovn=complete
[operation.allowed_cidr]
title=allowed_cidr
status=optional
notes=CIDR to allow access to the listener (can be set multiple times).
cli=openstack loadbalancer listener create [--allowed-cidr <allowed_cidr>] <loadbalancer>
driver.amphora=complete
driver.ovn=missing
[operation.client_authentication]
title=client_authentication
status=optional
notes=The TLS client authentication mode.
cli=openstack loadbalancer listener create [--client-authentication {NONE,OPTIONAL,MANDATORY}] <listener>
driver.amphora=complete
driver.ovn=missing
[operation.client_ca_tls_container_ref]
title=client_ca_tls_container_ref
status=optional
notes=The ref of the key manager service secret containing a PEM format client CA certificate bundle for TERMINATED_TLS listeners.
cli=openstack loadbalancer listener create [--client-ca-tls-container-ref <container_ref>] <listener>
driver.amphora=complete
driver.ovn=missing
[operation.client_crl_container_ref]
title=client_crl_container_ref
status=optional
notes=The URI of the key manager service secret containing a PEM format CA revocation list file for TERMINATED_TLS listeners.
cli=openstack loadbalancer listener create [--client-crl-container-ref <client_crl_container_ref>] <listener>
driver.amphora=complete
driver.ovn=missing
[operation.connection_limit]
title=connection_limit
status=optional
notes=The maximum number of connections permitted for this listener.
cli=openstack loadbalancer listener create [--connection-limit <limit>] <listener>
driver.amphora=complete
driver.ovn=missing
[operation.default_tls_container_ref]
title=default_tls_container_ref
status=optional
notes=The URI of the key manager service secret containing a PKCS12 format certificate/key bundle for TERMINATED_TLS listeners.
cli=openstack loadbalancer listener create [--default-tls-container-ref <container_ref>] <listener>
driver.amphora=complete
driver.ovn=missing
[operation.description]
title=description
status=optional
notes=The description of the listener. Provided by the Octavia API service.
cli=openstack loadbalancer listener create [--description <description>] <loadbalancer>
driver.amphora=complete
driver.ovn=complete
[operation.insert_headers.X-Forwarded-For]
title=insert_headers - X-Forwarded-For
status=optional
notes=When “true” a X-Forwarded-For header is inserted into the request to the backend member that specifies the client IP address.
cli=openstack loadbalancer listener create [--insert-headers X-Forwarded-For=true] <loadbalancer>
driver.amphora=complete
driver.ovn=missing
[operation.insert_headers.X-Forwarded-Port]
title=insert_headers - X-Forwarded-Port
status=optional
notes=When “true” a X-Forwarded-Port header is inserted into the request to the backend member that specifies the listener port.
cli=openstack loadbalancer listener create [--insert-headers X-Forwarded-Port=true] <loadbalancer>
driver.amphora=complete
driver.ovn=missing
[operation.insert_headers.X-Forwarded-Proto]
title=insert_headers - X-Forwarded-Proto
status=optional
notes=When “true” a X-Forwarded-Proto header is inserted into the request to the backend member.
cli=openstack loadbalancer listener create [--insert-headers X-Forwarded-Proto=true] <loadbalancer>
driver.amphora=complete
driver.ovn=missing
[operation.insert_headers.X-SSL-Client-Verify]
title=insert_headers - X-SSL-Client-Verify
status=optional
notes=When “true” a X-SSL-Client-Verify header is inserted into the request to the backend member that contains 0 if the client authentication was successful, or an result error number greater than 0 that align to the openssl veryify error codes.
cli=openstack loadbalancer listener create [--insert-headers X-SSL-Client-Verify=true] <loadbalancer>
driver.amphora=complete
driver.ovn=missing
[operation.insert_headers.X-SSL-Client-Has-Cert]
title=insert_headers - X-SSL-Client-Has-Cert
status=optional
notes=When “true” a X-SSL-Client-Has-Cert header is inserted into the request to the backend member that is ‘’true’’ if a client authentication certificate was presented, and ‘’false’’ if not. Does not indicate validity.
cli=openstack loadbalancer listener create [--insert-headers X-SSL-Client-Has-Cert=true] <loadbalancer>
driver.amphora=complete
driver.ovn=missing
[operation.insert_headers.X-SSL-Client-DN]
title=insert_headers - X-SSL-Client-DN
status=optional
notes=When “true” a X-SSL-Client-DN header is inserted into the request to the backend member that contains the full Distinguished Name of the certificate presented by the client.
cli=openstack loadbalancer listener create [--insert-headers X-SSL-Client-DN=true] <loadbalancer>
driver.amphora=complete
driver.ovn=missing
[operation.insert_headers.X-SSL-Client-CN]
title=insert_headers - X-SSL-Client-CN
status=optional
notes=When “true” a X-SSL-Client-CN header is inserted into the request to the backend member that contains the Common Name from the full Distinguished Name of the certificate presented by the client.
cli=openstack loadbalancer listener create [--insert-headers X-SSL-Client-CN=true] <loadbalancer>
driver.amphora=complete
driver.ovn=missing
[operation.insert_headers.X-SSL-Issuer]
title=insert_headers - X-SSL-Issuer
status=optional
notes=When “true” a X-SSL-Issuer header is inserted into the request to the backend member that contains the full Distinguished Name of the client certificate issuer.
cli=openstack loadbalancer listener create [--insert-headers X-SSL-Issuer=true] <loadbalancer>
driver.amphora=complete
driver.ovn=missing
[operation.insert_headers.X-SSL-Client-SHA1]
title=insert_headers - X-SSL-Client-SHA1
status=optional
notes=When “true” a X-SSL-Client-SHA1 header is inserted into the request to the backend member that contains the SHA-1 fingerprint of the certificate presented by the client in hex string format.
cli=openstack loadbalancer listener create [--insert-headers X-SSL-Client-SHA1=true] <loadbalancer>
driver.amphora=complete
driver.ovn=missing
[operation.insert_headers.X-SSL-Client-Not-Before]
title=insert_headers - X-SSL-Client-Not-Before
status=optional
notes=When “true” a X-SSL-Client-Not-Before header is inserted into the request to the backend member that contains the start date presented by the client as a formatted string YYMMDDhhmmss[Z].
cli=openstack loadbalancer listener create [--insert-headers X-SSL-Client-Not-Before=true] <loadbalancer>
driver.amphora=complete
driver.ovn=missing
[operation.insert_headers.X-SSL-Client-Not-After]
title=insert_headers - X-SSL-Client-Not-After
status=optional
notes=When “true” a X-SSL-Client-Not-After header is inserted into the request to the backend member that contains the end date presented by the client as a formatted string YYMMDDhhmmss[Z].
cli=openstack loadbalancer listener create [--insert-headers X-SSL-Client-Not-Aftr=true] <loadbalancer>
driver.amphora=complete
driver.ovn=missing
[operation.name]
title=name
status=optional
notes=The name of the load balancer listener. Provided by the Octavia API service.
cli=openstack loadbalancer listener create [--name <name>] <loadbalancer>
driver.amphora=complete
driver.ovn=complete
[operation.protocol.HTTP]
title=protocol - HTTP
status=optional
notes=HTTP protocol support for the listener.
cli=openstack loadbalancer listener create --protocol HTTP <loadbalancer>
driver.amphora=complete
driver.ovn=missing
[operation.protocol.HTTPS]
title=protocol - HTTPS
status=optional
notes=HTTPS protocol support for the listener.
cli=openstack loadbalancer listener create --protocol HTTPS <loadbalancer>
driver.amphora=complete
driver.ovn=missing
[operation.protocol.TCP]
title=protocol - TCP
status=optional
notes=TCP protocol support for the listener.
cli=openstack loadbalancer listener create --protocol TCP <loadbalancer>
driver.amphora=complete
driver.ovn=complete
[operation.protocol.TERMINATED_HTTPS]
title=protocol - TERMINATED_HTTPS
status=optional
notes=Terminated HTTPS protocol support for the listener.
cli=openstack loadbalancer listener create --protocol TERMINATED_HTTPS <loadbalancer>
driver.amphora=complete
driver.ovn=missing
[operation.protocol.UDP]
title=protocol - UDP
status=optional
notes=UDP protocol support for the listener.
cli=openstack loadbalancer listener create --protocol UDP <loadbalancer>
driver.amphora=complete
driver.ovn=complete
[operation.protocol_port]
title=protocol_port
status=mandatory
notes=The protocol port number for the listener.
cli=openstack loadbalancer listener create --protocol-port <port> <loadbalancer>
driver.amphora=complete
driver.ovn=complete
[operation.sni_container_refs]
title=sni_container_refs
status=optional
notes=A list of URIs to the key manager service secrets containing PKCS12 format certificate/key bundles for TERMINATED_TLS listeners.
cli=openstack loadbalancer listener create [--sni-container-refs [<container_ref> [<container_ref> ...]]] <loadbalancer>
driver.amphora=complete
driver.ovn=missing
[operation.stats]
title=Listener statistics
status=mandatory
notes=The ability to show statistics for a listener.
cli=openstack loadbalancer listener stats show <listener>
driver.amphora=complete
driver.ovn=missing
[operation.tags]
title=tags
status=optional
notes=The tags for the load balancer listener. Provided by the Octavia API service.
cli=openstack loadbalancer listener create [--tags <tag>] <loadbalancer>
driver.amphora=complete
driver.ovn=complete
[operation.timeout_client_data]
title=timeout_client_data
status=optional
notes=Frontend client inactivity timeout in milliseconds.
cli=openstack loadbalancer listener create [--timeout-client-data <timeout>] <loadbalancer>
driver.amphora=complete
driver.ovn=missing
[operation.timeout_member_connect]
title=timeout_member_connect
status=optional
notes=Backend member connection timeout in milliseconds.
cli=openstack loadbalancer listener create [--timeout-member-connect <timeout>] <loadbalancer>
driver.amphora=complete
driver.ovn=missing
[operation.timeout-member-data]
title=timeout-member-data
status=optional
notes=Backend member inactivity timeout in milliseconds.
cli=openstack loadbalancer listener create [--timeout-member-data <timeout>] <loadbalancer>
driver.amphora=complete
driver.ovn=missing
[operation.timeout-tcp-inspect]
title=timeout-tcp-inspect
status=optional
notes=Time, in milliseconds, to wait for additional TCP packets for content inspection.
cli=openstack loadbalancer listener create [--timeout-tcp-inspect <timeout>] <loadbalancer>
driver.amphora=complete
driver.ovn=missing