DocsICP FilingConsole
官方文档
首页

CreateIngress

更新时间:
复制 MD 格式
产品详情
我的收藏

Create a routing rule.

Try it now

Try this API in OpenAPI Explorer, no manual signing needed. Successful calls auto-generate SDK code matching your parameters. Download it with built-in credential security for local usage.

Test

RAM authorization

The table below describes the authorization required to call this API. You can define it in a Resource Access Management (RAM) policy. The table's columns are detailed below:

  • Action: The actions can be used in the Action element of RAM permission policy statements to grant permissions to perform the operation.

  • API: The API that you can call to perform the action.

  • Access level: The predefined level of access granted for each API. Valid values: create, list, get, update, and delete.

  • Resource type: The type of the resource that supports authorization to perform the action. It indicates if the action supports resource-level permission. The specified resource must be compatible with the action. Otherwise, the policy will be ineffective.

    • For APIs with resource-level permissions, required resource types are marked with an asterisk (*). Specify the corresponding Alibaba Cloud Resource Name (ARN) in the Resource element of the policy.

    • For APIs without resource-level permissions, it is shown as All Resources. Use an asterisk (*) in the Resource element of the policy.

  • Condition key: The condition keys defined by the service. The key allows for granular control, applying to either actions alone or actions associated with specific resources. In addition to service-specific condition keys, Alibaba Cloud provides a set of common condition keys applicable across all RAM-supported services.

  • Dependent action: The dependent actions required to run the action. To complete the action, the RAM user or the RAM role must have the permissions to perform all dependent actions.

Action

Access level

Resource type

Condition key

Dependent action

sae:CreateIngress

create

*All Resource

*

 None None

Request syntax

POST /pop/v1/sam/ingress/Ingress HTTP/1.1

Request parameters

Parameter

Type

Required

Description

Example
NamespaceId

string

Yes

The ID of the namespace where the application is located. Cross-namespace applications are not supported.

cn-beijing:sae-test
Description

string

No

The name of the routing rule.

ingress-for-sae-test
SlbId

string

No

The ID of the Server Load Balancer (SLB) instance associated with the routing rule.

Note

Server Load Balancer (SLB) includes Classic Load Balancer (CLB) and Application Load Balancer (ALB) instances.

lb-uf6hucc7inlqrtcq5****
ListenerPort

integer

Yes

The listener port for the SLB instance. This port must be available.

80
CertId

string

No

The ID of the CLB certificate.

  • If LoadBalanceType is set to clb, use this parameter to configure the HTTPS listener certificate.

For more information about how to use SSL certificate IDs for CLB, see Manage Certificates (CLB).

188077086902****_176993d****_181437****_108724****
CertIds

string

No

The IDs of the ALB certificates.

  • If LoadBalanceType is set to alb, use this parameter to configure multiple certificates for the HTTPS listener. Separate multiple certificate IDs with a comma (,).

  • Obtain the SSL certificate ID for an ALB instance from the digital certificate service. For example, if you configure 756***-cn-hangzhou, 756*** is the certificate ID obtained from the product page and -cn-hangzhou is a fixed suffix. For more information, see Manage Certificates (ALB).

87***35-cn-hangzhou,812***3-cn-hangzhou
DefaultRule

string

Yes

The default forwarding rule. Requests that do not match any forwarding rule in the Rules parameter are forwarded to the application specified in this rule. The value is a JSON string with the following parameters:

  • appId: The ID of the application.

  • containerPort: The port of the application instance.

Note

This rule serves as a catch-all for traffic that is not handled by other specific forwarding rules.

{"appId":"395b60e4-0550-458d-9c54-a265d036****","containerPort":8080}
Rules

string

Yes

The forwarding rules. These rules route traffic to a specified application based on the domain name and path. The value is a JSON string. Each rule contains the following parameters:

  • appId: The ID of the application.

  • containerPort: The port of the application instance.

  • domain: The domain name.

  • path: The request path.

  • backendProtocol: The protocol used by backend servers. Valid values: http, https, and grpc. Default value: http.

  • rewritePath: The rewritten path.

Note

Only ALB supports path rewriting (RewritePath). CLB does not support this feature.

[{"appId":"395b60e4-0550-458d-9c54-a265d036****","containerPort":8080,"domain":"www.sae.site","path":"/path1"},{"appId":"666403ce-d25b-47cf-87fe-497565d2****","containerPort":8080,"domain":"sae.site","path":"/sys/(.*)/(.*)/aaa","backendProtocol":"http"}]
LoadBalanceType

string

No

The type of the Server Load Balancer (SLB) instance. This parameter cannot be changed after the routing rule is created. Valid values:

  • clb: Classic Load Balancer (CLB), formerly known as SLB.

  • alb: Application Load Balancer (ALB).

clb
ListenerProtocol

string

No

The request forwarding protocol. Valid values:

  • HTTP: for applications that do not require encryption.

  • HTTPS: suitable for applications that require encrypted data transmission.

HTTP
SecurityPolicyId

string

No

The ID of the security policy instance.

sp-bp1bpn0kn9****
RequestTimeout

integer

No

The request timeout, in seconds. Valid values: 1 to 180. If a backend server does not respond within the timeout period, the load balancer stops waiting and returns an HTTP 504 error to the client.

3
IdleTimeout

integer

No

The connection idle timeout, in seconds. Valid values: 1 to 60. If no request is received within the timeout period, the load balancer temporarily closes the connection. The connection is re-established when the next request is received.

15
EnableXForwardedFor

boolean

No

Specifies whether to use the X-Forwarded-For header to retrieve the IP address of the client.

true
EnableXForwardedForClientSrcPort

boolean

No

Specifies whether to use the X-Forwarded-Port header to retrieve the source port of the client.

true
EnableXForwardedForProto

boolean

No

Specifies whether to use the X-Forwarded-Proto header to retrieve the listener protocol of the load balancer instance.

true
EnableXForwardedForSlbId

boolean

No

Specifies whether to use the SLB-ID header to retrieve the ID of the load balancer instance.

true
EnableXForwardedForSlbPort

boolean

No

Specifies whether to use the X-Forwarded-Port header to retrieve the listener port of the load balancer instance.

true
AddressType

string

No

The address type. Valid values:

  • Internet: A public address.

  • Intranet: A private address.

Internet
LoadBalancerEdition

string

No

The edition of the Application Load Balancer (ALB) instance. Different editions have different features and billing policies. Valid values:

  • Standard: Standard edition.

  • StandardWithWaf: WAF-enhanced edition.

Standard
ZoneMappings

string

No

A JSON string that contains the mappings between availability zones and VSwitches. If the current region supports two or more availability zones, you must specify at least two. A ZoneMapping consists of the following parameters:

  • VSwitchId: a string that specifies the ID of the VSwitch that corresponds to the availability zone. Each availability zone can have only one VSwitch and one subnet.

  • ZoneId: a string that specifies the ID of the availability zone for the load balancer instance.

[{"VSwitchId":"vsw-wz9klui6icc08p6******","ZoneId":"cn-shenzhen-c"},{"VSwitchId":"vsw-wz9frrmoeuki2wp******","ZoneId":"cn-shenzhen-e"}]
CorsConfig

string

No

Specifies the Cross-Origin Resource Sharing (CORS) configuration.

{"Enable":"true"}
EnableGzip

boolean

No

Specifies whether to enable Gzip for data compression.

true

Response elements

Element

Type

Description

Example

object

The data returned.

RequestId

string

The ID of the request.

91F93257-7A4A-4BD3-9A7E-2F6EAE6D****
Message

string

The returned message.

  • If the request is successful, success is returned.

  • If the request fails, an error code is returned.

success
TraceId

string

The trace ID that is used to query the details of the request.

0a98a02315955564772843261e****
Data

object

The returned results.

IngressId

integer

The ID of the routing rule.

87
ErrorCode

string

The error code.

  • This parameter is not returned if the request is successful.

  • This parameter is returned if the request fails. For more information, see the Error codes section in this topic.

Code

string

The HTTP status code. Valid values:

  • 2xx: The request is successful.

  • 3xx: The request is redirected.

  • 4xx: A request error occurs.

  • 5xx: A server error occurs.

200
Success

boolean

Indicates whether the routing rule was created. Valid values:

  • true: The routing rule was created.

  • false: The routing rule failed to be created.

true

Examples

Success response

JSON format

{
  "RequestId": "91F93257-7A4A-4BD3-9A7E-2F6EAE6D****",
  "Message": "success",
  "TraceId": "0a98a02315955564772843261e****",
  "Data": {
    "IngressId": 87
  },
  "ErrorCode": "",
  "Code": "200",
  "Success": true
}

Error codes

HTTP status code

Error code

Error message

Description
400 InvalidParameter.NotEmpty You must specify the parameter %s.
400 InvalidParameter.Obviously The specified parameter is invalid {%s}.
400 InvalidParameter.WithMessage The parameter is invalid {%s}: %s
400 Slb.NotFound The SLB instance does not exist: slbId [%s]
400 Exceed.IngressRule The number of Ingress related rules must be less than or equal to 40.
400 SlbListenerPort.NotAvailable The SLB listening port is unavailable: slbId [%s], port [%s]
400 SSLCert.NotFound The specified SSL certificate cannot be found.
404 InvalidResponse.Api The response of API %s is empty.

See Error Codes for a complete list.

Release notes

See Release Notes for a complete list.