ALIYUN::SLB::Listener用于创建负载均衡监听(Listener)。
语法
{
"Type": "ALIYUN::SLB::Listener",
"Properties": {
"MasterSlaveServerGroupId": String,
"AclStatus": String,
"Protocol": String,
"AclId": String,
"ServerCertificateId": String,
"HealthCheck": Map,
"RequestTimeout": Integer,
"IdleTimeout": Integer,
"ListenerPort": Integer,
"HttpConfig": Map,
"Bandwidth": Integer,
"AclType": String,
"BackendServerPort": Integer,
"Scheduler": String,
"LoadBalancerId": String,
"CACertificateId": String,
"Persistence": Map,
"VServerGroupId": String
}
}
属性
属性名称 | 类型 | 必须 | 允许更新 | 描述 | 约束 |
---|---|---|---|---|---|
MasterSlaveServerGroupId | String | 否 | 否 | 主备服务器组ID。 | 无 |
AclStatus | String | 否 | 否 | 是否开启访问控制功能。 | 取值:
|
AclId | String | 否 | 否 | 监听绑定的访问策略组ID。 | 当AclStatus参数取值为on时,该参数为必选参数。 |
AclType | String | 否 | 否 | 访问控制类型。 | 取值:
|
Protocol | String | 是 | 否 | IP协议。 | 取值:
|
ListenerPort | Integer | 是 | 否 | 负载均衡实例前端使用的端口。 | 取值范围:1~65,535。 |
Bandwidth | Integer | 是 | 否 | 监听的带宽峰值。 | 取值范围:-1或1~1000。
单位:Mbps。
|
BackendServerPort | Integer | 是 | 否 | 负载均衡实例后端使用的端口。 | 取值范围:1~65,535。 |
LoadBalancerId | String | 是 | 否 | 负载均衡实例的ID。 | 无 |
HealthCheck | Map | 否 | 否 | 健康检查设置。 | 详情请参见HealthCheck属性。 |
Persistence | Map | 否 | 是 | 相关参数的持久化。 | 详情请参见Persistence属性。 |
Scheduler | String | 否 | 否 | 调度算法。 | 取值:
|
CACertificateId | String | 否 | 否 | CA证书ID。 | 只对HTTPS协议有效。 |
ServerCertificateId | String | 否 | 否 | 服务器证书的ID。 | 只对HTTPS协议有效,且必须指定该参数。 |
VServerGroupId | String | 否 | 否 | 虚拟服务器组ID。 | 无 |
RequestTimeout | Integer | 否 | 否 | 指定请求超时时间。 | 取值范围:1~180。
单位:秒。 |
IdleTimeout | Integer | 否 | 否 | 指定连接空闲超时时间。 | 取值范围:1~60。
单位:秒。 |
HttpConfig | Map | 否 | 否 | 用于配置HTTP协议。 | 详情请参见HttpConfig属性。 |
HealthCheck 语法
"HealthCheck": {
"Domain": String,
"Interval": Integer,
"URI": String,
"HttpCode": String,
"HealthyThreshold": Integer,
"Timeout": Integer,
"UnhealthyThreshold": Integer,
"Port": Integer
}
HealthCheck属性
属性名称 | 类型 | 必须 | 允许更新 | 描述 | 约束 |
---|---|---|---|---|---|
Domain | String | 否 | 否 | 用于健康检查的域名。 | 取值:
说明 用户设置此参数为$_ip或空时,负载均衡会使用各后端服务器的私网IP当做健康检查使用的域名。
|
Interval | Integer | 否 | 否 | 进行健康检查的时间间隔。 | 取值范围:1~5。
单位:秒。 |
URI | String | 否 | 否 | 用于健康检查的URI。 | 长度为1~80个字符。必须以正斜线(/)开头,可包含英文字母、数字、短划线(-)、正斜线(/)、英文句点(.)、百分号(%)、问号(?)、井号(#)和and(&)。 |
HttpCode | String | 否 | 否 | 健康检查正常的HTTP状态码。 | 取值:
多个HTTP状态码间用英文逗号(,)分隔。 |
HealthyThreshold | Integer | 否 | 否 | 判定健康检查结果为success的阈值。即,健康检查连续成功多少次后,将后端服务器的健康检查状态由fail改为success。 | 取值范围:1~10。 |
Timeout | Integer | 否 | 否 | 每次健康检查响应的最大超时时间。 |
取值范围:1~50。 单位:秒。 注意 如果Timeout值小于Interval值,则Timeout无效,超时时间为Interval的值。
|
UnhealthyThreshold | Integer | 否 | 否 | 判定健康检查结果为fail的阈值,即健康检查连续失败多少次后,将后端服务器的健康检查状态由success改为fail。 | 取值范围:1~10。 |
Port | Integer | 否 | 否 | 用于健康检查的端口。 | 取值范围:0~65,535。 |
Persistence语法
"Persistence": {
"PersistenceTimeout": Integer,
"CookieTimeout": Integer,
"XForwardedFor": String,
"XForwardedFor_SLBID": String,
"XForwardedFor_proto": String,
"XForwardedFor_SLBIP": String,
"Cookie": String,
"StickySession": String,
"StickySessionType": String
}
Persistence属性
属性名称 | 类型 | 必须 | 允许更新 | 描述 | 约束 |
---|---|---|---|---|---|
StickySession | String | 否 | 是 | 是否开启会话保持。 | 取值:
|
PersistenceTimeout | Integer | 否 | 是 | 连接持久化的超时时间。 | 取值范围:0~1000。
默认值:0。表示关闭。 单位:秒。 |
CookieTimeout | Integer | 否 | 是 | Cookie超时时间。 |
取值范围:1~86,400。 单位:秒。 说明 当StickySession为on且StickySessionType为insert时,该参数必选。
|
XForwardedFor | String | 否 | 是 | 是否开启通过X-Forwarded-For的方式获取来访者真实IP。 | 取值: on。 |
XForwardedFor_proto | String | 否 | 是 | 是否通过X-Forwarded-Proto头字段获取负载均衡实例的监听协议。 | 取值:
|
XForwardedFor_SLBID | String | 否 | 是 | 是否通过SLB-ID头字段获取负载均衡实例ID。 | 取值:
|
XForwardedFor_SLBIP | String | 否 | 是 | 是否通过SLB-IP头字段获取客户端请求的真实IP。 | 取值:
|
Cookie | String | 否 | 是 | 服务器上配置的Cookie。 | 长度为1~200个字符,不能以美元符号($)开头。可包含英文字母和数字,不能包含英文逗号(,)、分号(;)或空格( )。
说明 当StickySession为on且StickySessionType为server时,该参数必选。
|
StickySessionType | String | 否 | 是 | Cookie的处理方式。 | 取值:
说明 当StickySession的值为on时,必须指定该参数。
|
HttpConfig语法
"HttpConfig": {
"ForwardPort": Integer,
"ListenerForward": String
}
HttpConfig属性
属性名称 | 类型 | 必须 | 允许更新 | 描述 | 约束 |
---|---|---|---|---|---|
ForwardPort | Integer | 否 | 否 | HTTP到HTTPS监听转发端口。 | 取值范围:1~65,535。
默认值:443。 |
ListenerForward | String | 否 | 否 | 是否将HTTP启用为HTTPS转发。 | 取值:
|
返回值
Fn::GetAtt
- LoadBalancerId:负载均衡实例的唯一标识。
- ListenerPortsAndProtocol:数组格式,负载均衡实例前端使用的端口和协议。
示例
JSON
格式
{
"ROSTemplateFormatVersion": "2015-09-01",
"Parameters": {
"RequestTimeout": {
"Type": "Number",
"Description": "Specify the request timeout in seconds. Valid value: 1-180 If no response is received from the backend server during the specified timeout period, Server Load Balancer will stop waiting and send an HTTP 504 error to the client.",
"MinValue": 1,
"MaxValue": 180
},
"ListenerPort": {
"Type": "Number",
"Description": "Port for front listener. Range from 1 to 65535.",
"MinValue": 1,
"MaxValue": 65535
},
"VServerGroupId": {
"Type": "String",
"Description": "The id of the VServerGroup which use in listener."
},
"CACertificateId": {
"Type": "String",
"Description": "CA server certificate id, for https listener only."
},
"Scheduler": {
"Type": "String",
"Description": "The scheduler algorithm. Support 'wrr' or 'wlc' only, default is 'wrr'",
"AllowedValues": [
"wrr",
"wlc"
],
"Default": "wrr"
},
"AclId": {
"Type": "String",
"Description": "The ID of the access control list associated with the listener to be created.\nIf the value of the AclStatus parameter is on, this parameter is required."
},
"HealthCheck": {
"Type": "Json",
"Description": "The properties of health checking setting."
},
"IdleTimeout": {
"Type": "Number",
"Description": "Specify the idle connection timeout in seconds. Valid value: 1-60 If no request is received during the specified timeout period, Server Load Balancer will temporarily terminate the connection and restart the connection when the next request comes.",
"MinValue": 1,
"MaxValue": 60
},
"LoadBalancerId": {
"Type": "String",
"Description": "The id of load balancer to create listener."
},
"BackendServerPort": {
"Type": "Number",
"Description": "Backend server can listen on ports from 1 to 65535.",
"MinValue": 1,
"MaxValue": 65535
},
"Persistence": {
"Type": "Json",
"Description": "The properties of persistence."
},
"AclStatus": {
"Type": "String",
"Description": "Indicates whether to enable access control.\nValid values: on | off. Default value: off",
"AllowedValues": [
"on",
"off"
],
"Default": "off"
},
"Bandwidth": {
"Type": "Number",
"Description": "The bandwidth of network, unit in Mbps(Million bits per second). If the specified load balancer with \"LOAD_BALANCE_ID\" is charged by \"paybybandwidth\" and is created in classic network, each Listener's bandwidth must be greater than 0 and the sum of all of its Listeners' bandwidth can't be greater than the bandwidth of the load balancer.",
"MinValue": -1,
"MaxValue": 1000
},
"MasterSlaveServerGroupId": {
"Type": "String",
"Description": "The id of the MasterSlaveServerGroup which use in listener."
},
"ServerCertificateId": {
"Type": "String",
"Description": "Server certificate id, for https listener only, this properties is required."
},
"HttpConfig": {
"Type": "Json",
"Description": "Config for http protocol."
},
"AclType": {
"Type": "String",
"Description": "The access control type:\n* white: Indicates a whitelist. Only requests from IP addresses or CIDR blocks in the selected access control lists are forwarded. This applies to scenarios in which an application only allows access from specific IP addresses.\nEnabling a whitelist poses some risks to your services.\nAfter a whitelist is enabled, only the IP addresses in the list can access the listener.\nIf you enable a whitelist without adding any IP addresses in the list, no requests are forwarded.\n* black: Indicates a blacklist. Requests from IP addresses or CIDR blocks in the selected access control lists are not forwarded (that is, they are blocked). This applies to scenarios in which an application only denies access from specific IP addresses.\nIf you enable a blacklist without adding any IP addresses in the list, all requests are forwarded.\n\nIf the value of the AclStatus parameter is on, this parameter is required.",
"AllowedValues": [
"white",
"black"
]
},
"Protocol": {
"Type": "String",
"Description": "The load balancer transport protocol to use for routing: http, https, tcp, or udp.",
"AllowedValues": [
"http",
"https",
"tcp",
"udp"
]
}
},
"Resources": {
"Listener": {
"Type": "ALIYUN::SLB::Listener",
"Properties": {
"RequestTimeout": {
"Ref": "RequestTimeout"
},
"ListenerPort": {
"Ref": "ListenerPort"
},
"VServerGroupId": {
"Ref": "VServerGroupId"
},
"CACertificateId": {
"Ref": "CACertificateId"
},
"Scheduler": {
"Ref": "Scheduler"
},
"AclId": {
"Ref": "AclId"
},
"HealthCheck": {
"Ref": "HealthCheck"
},
"IdleTimeout": {
"Ref": "IdleTimeout"
},
"LoadBalancerId": {
"Ref": "LoadBalancerId"
},
"BackendServerPort": {
"Ref": "BackendServerPort"
},
"Persistence": {
"Ref": "Persistence"
},
"AclStatus": {
"Ref": "AclStatus"
},
"Bandwidth": {
"Ref": "Bandwidth"
},
"MasterSlaveServerGroupId": {
"Ref": "MasterSlaveServerGroupId"
},
"ServerCertificateId": {
"Ref": "ServerCertificateId"
},
"HttpConfig": {
"Ref": "HttpConfig"
},
"AclType": {
"Ref": "AclType"
},
"Protocol": {
"Ref": "Protocol"
}
}
}
},
"Outputs": {
"ListenerPortsAndProtocol": {
"Description": "The collection of listener.",
"Value": {
"Fn::GetAtt": [
"Listener",
"ListenerPortsAndProtocol"
]
}
},
"LoadBalancerId": {
"Description": "The id of load balancer",
"Value": {
"Fn::GetAtt": [
"Listener",
"LoadBalancerId"
]
}
}
}
}
YAML
格式
ROSTemplateFormatVersion: '2015-09-01'
Parameters:
RequestTimeout:
Type: Number
Description: >-
Specify the request timeout in seconds. Valid value: 1-180 If no response
is received from the backend server during the specified timeout period,
Server Load Balancer will stop waiting and send an HTTP 504 error to the
client.
MinValue: 1
MaxValue: 180
ListenerPort:
Type: Number
Description: Port for front listener. Range from 1 to 65535.
MinValue: 1
MaxValue: 65535
VServerGroupId:
Type: String
Description: The id of the VServerGroup which use in listener.
CACertificateId:
Type: String
Description: 'CA server certificate id, for https listener only.'
Scheduler:
Type: String
Description: 'The scheduler algorithm. Support ''wrr'' or ''wlc'' only, default is ''wrr'''
AllowedValues:
- wrr
- wlc
Default: wrr
AclId:
Type: String
Description: >-
The ID of the access control list associated with the listener to be
created.
If the value of the AclStatus parameter is on, this parameter is required.
HealthCheck:
Type: Json
Description: The properties of health checking setting.
IdleTimeout:
Type: Number
Description: >-
Specify the idle connection timeout in seconds. Valid value: 1-60 If no
request is received during the specified timeout period, Server Load
Balancer will temporarily terminate the connection and restart the
connection when the next request comes.
MinValue: 1
MaxValue: 60
LoadBalancerId:
Type: String
Description: The id of load balancer to create listener.
BackendServerPort:
Type: Number
Description: Backend server can listen on ports from 1 to 65535.
MinValue: 1
MaxValue: 65535
Persistence:
Type: Json
Description: The properties of persistence.
AclStatus:
Type: String
Description: |-
Indicates whether to enable access control.
Valid values: on | off. Default value: off
AllowedValues:
- 'on'
- 'off'
Default: 'off'
Bandwidth:
Type: Number
Description: >-
The bandwidth of network, unit in Mbps(Million bits per second). If the
specified load balancer with "LOAD_BALANCE_ID" is charged by
"paybybandwidth" and is created in classic network, each Listener's
bandwidth must be greater than 0 and the sum of all of its Listeners'
bandwidth can't be greater than the bandwidth of the load balancer.
MinValue: -1
MaxValue: 1000
MasterSlaveServerGroupId:
Type: String
Description: The id of the MasterSlaveServerGroup which use in listener.
ServerCertificateId:
Type: String
Description: >-
Server certificate id, for https listener only, this properties is
required.
HttpConfig:
Type: Json
Description: Config for http protocol.
AclType:
Type: String
Description: >-
The access control type:
* white: Indicates a whitelist. Only requests from IP addresses or CIDR
blocks in the selected access control lists are forwarded. This applies to
scenarios in which an application only allows access from specific IP
addresses.
Enabling a whitelist poses some risks to your services.
After a whitelist is enabled, only the IP addresses in the list can access
the listener.
If you enable a whitelist without adding any IP addresses in the list, no
requests are forwarded.
* black: Indicates a blacklist. Requests from IP addresses or CIDR blocks
in the selected access control lists are not forwarded (that is, they are
blocked). This applies to scenarios in which an application only denies
access from specific IP addresses.
If you enable a blacklist without adding any IP addresses in the list, all
requests are forwarded.
If the value of the AclStatus parameter is on, this parameter is required.
AllowedValues:
- white
- black
Protocol:
Type: String
Description: >-
The load balancer transport protocol to use for routing: http, https, tcp,
or udp.
AllowedValues:
- http
- https
- tcp
- udp
Resources:
Listener:
Type: 'ALIYUN::SLB::Listener'
Properties:
RequestTimeout:
Ref: RequestTimeout
ListenerPort:
Ref: ListenerPort
VServerGroupId:
Ref: VServerGroupId
CACertificateId:
Ref: CACertificateId
Scheduler:
Ref: Scheduler
AclId:
Ref: AclId
HealthCheck:
Ref: HealthCheck
IdleTimeout:
Ref: IdleTimeout
LoadBalancerId:
Ref: LoadBalancerId
BackendServerPort:
Ref: BackendServerPort
Persistence:
Ref: Persistence
AclStatus:
Ref: AclStatus
Bandwidth:
Ref: Bandwidth
MasterSlaveServerGroupId:
Ref: MasterSlaveServerGroupId
ServerCertificateId:
Ref: ServerCertificateId
HttpConfig:
Ref: HttpConfig
AclType:
Ref: AclType
Protocol:
Ref: Protocol
Outputs:
ListenerPortsAndProtocol:
Description: The collection of listener.
Value:
'Fn::GetAtt':
- Listener
- ListenerPortsAndProtocol
LoadBalancerId:
Description: The id of load balancer
Value:
'Fn::GetAtt':
- Listener
- LoadBalancerId
在文档使用中是否遇到以下问题
更多建议
匿名提交