SetLoadBalancerTCPListenerAttribute

更新时间:
复制 MD 格式

Modify the TCP listener configuration.

Operation description

Try it now

Try this API in OpenAPI Explorer, no manual signing needed. Successful calls auto-generate SDK code matching your parameters. Download it with built-in credential security for local usage.

Test

RAM authorization

The table below describes the authorization required to call this API. You can define it in a Resource Access Management (RAM) policy. The table's columns are detailed below:

  • Action: The actions can be used in the Action element of RAM permission policy statements to grant permissions to perform the operation.

  • API: The API that you can call to perform the action.

  • Access level: The predefined level of access granted for each API. Valid values: create, list, get, update, and delete.

  • Resource type: The type of the resource that supports authorization to perform the action. It indicates if the action supports resource-level permission. The specified resource must be compatible with the action. Otherwise, the policy will be ineffective.

    • For APIs with resource-level permissions, required resource types are marked with an asterisk (*). Specify the corresponding Alibaba Cloud Resource Name (ARN) in the Resource element of the policy.

    • For APIs without resource-level permissions, it is shown as All Resources. Use an asterisk (*) in the Resource element of the policy.

  • Condition key: The condition keys defined by the service. The key allows for granular control, applying to either actions alone or actions associated with specific resources. In addition to service-specific condition keys, Alibaba Cloud provides a set of common condition keys applicable across all RAM-supported services.

  • Dependent action: The dependent actions required to run the action. To complete the action, the RAM user or the RAM role must have the permissions to perform all dependent actions.

Action

Access level

Resource type

Condition key

Dependent action

slb:SetLoadBalancerTCPListenerAttribute

update

*acl

acs:slb:{#regionId}:{#accountId}:acl/{#aclId}

*loadbalancer

acs:slb:{#regionId}:{#accountId}:loadbalancer/{#loadbalancerId}

  • slb:tag
  • slb:tag
  • slb:tag
None

Request parameters

Parameter

Type

Required

Description

Example

RegionId

string

No

The ID of the region where the Classic Load Balancer (CLB) instance is deployed.

You can find the region ID in the Regions and Availability Zones list or by calling the DescribeRegions operation.

cn-hangzhou

LoadBalancerId

string

Yes

The ID of the Classic Load Balancer (CLB) instance.

lb-bp1ygod3yctvg1y****

ListenerPort

integer

Yes

The frontend port used by the CLB instance.

Valid values: 1 to 65535.

80

Bandwidth

integer

No

The peak bandwidth of the listener, in Mbps. Valid values: -1 or 1 to 5120.

  • -1: For pay-by-traffic Internet-facing CLB instances, a value of -1 specifies an unlimited peak bandwidth.

  • 1 to 5120: For pay-by-bandwidth Internet-facing CLB instances, you can specify a peak bandwidth for each listener. The sum of the peak bandwidths of all listeners cannot exceed the bandwidth of the CLB instance.

43

Scheduler

string

No

The scheduling algorithm. Valid values:

  • wrr: Weighted Round Robin. Backend servers with higher weights receive more requests.

  • rr: Round Robin. Requests are distributed to backend servers in turn.

  • sch: Source IP Hashing. Requests from the same source IP address are routed to the same backend server.

  • tch: Four-tuple Hashing. Requests from the same flow, defined by the source IP address, destination IP address, source port, and destination port, are routed to the same backend server.

Note
  • The sch and tch consistent hashing algorithms are supported only by performance-guaranteed instances.

  • You cannot change a scheduling algorithm from wrr or rr to a consistent hashing algorithm, nor can you switch between different consistent hashing algorithms.

wrr

PersistenceTimeout

integer

No

The session persistence timeout period, in seconds. Valid values: 0 to 3600.

Default value: 0. A value of 0 disables session persistence.

0

EstablishedTimeout

integer

No

The connection timeout period, in seconds. Valid values: 10 to 900.

500

HealthyThreshold

integer

No

The number of consecutive successful health checks required to change a backend server's health status from fail to success.

Valid values: 2 to 10.

4

UnhealthyThreshold

integer

No

The number of consecutive failed health checks required to change a backend server's health status from success to fail.

Valid values: 2 to 10.

4

HealthCheckConnectTimeout

integer

No

The timeout period for a health check response. Unit: seconds. Valid values: 1 to 300.

If a backend server does not respond within the specified timeout period, the health check fails.

Note

If this timeout is shorter than the HealthCheckInterval, the HealthCheckInterval value is used instead.

100

HealthCheckConnectPort

integer

No

The port used for health checks. Valid values: 1 to 65535.

If this parameter is not specified, the port specified by BackendServerPort is used.

8080

HealthCheckInterval

integer

No

The interval between consecutive health checks, in seconds.

Valid values: 1 to 50.

5

HealthCheckDomain

string

No

The domain name for health checks. This parameter is valid only when HealthCheckType is set to http.

  • $_ip: the private IP address of a backend server. If you set the value to $_ip or do not specify this parameter, the CLB instance uses the private IP address of each backend server as the domain name for health checks.

  • domain: a domain name that is 1 to 80 characters in length and can contain letters, digits, periods (.), and hyphens (-).

192.168.XX.XX

HealthCheckURI

string

No

The URI for health checks. This parameter is valid only when HealthCheckType is set to http.

The URI must be 1 to 80 characters in length and start with a forward slash (/). The URI cannot be a single forward slash. It can contain letters, digits, and the following characters: - / . % ? # &.

If you do not configure this parameter, TCP health checks are performed.

/test/index.html

HealthCheckHttpCode

string

No

The HTTP status codes that indicate a successful health check. This parameter is valid only when HealthCheckType is set to http. Separate multiple codes with a comma.

Valid values: http_2xx, http_3xx, http_4xx, and http_5xx.

http_2xx

HealthCheckType

string

No

The health check protocol. Valid values: tcp and http.

tcp

SynProxy

string

No

Specifies whether to enable SynProxy for SYN flood protection. Valid values:

  • enable: enables SynProxy.

  • disable: disables SynProxy.

We recommend that you do not change the value of this parameter. This setting is managed by the CLB service.

enable

VServerGroup

string

No

Specifies whether to use a virtual server group. Valid values:

  • on: uses a virtual server group.

  • off: does not use a virtual server group.

Note

Only one of VServerGroup or MasterSlaveServerGroup can be set to on.

on

VServerGroupId

string

No

The ID of the virtual server group.

rsp-cige6j5****

MasterSlaveServerGroupId

string

No

The ID of the primary/secondary server group.

Note

You can specify either VServerGroupId or MasterSlaveServerGroupId.

rsp-cige****

MasterSlaveServerGroup

string

No

Specifies whether to use a primary/secondary server group. Valid values:

  • on: uses a primary/secondary server group.

  • off: does not use a primary/secondary server group.

Only one of VServerGroup or MasterSlaveServerGroup can be set to on.

on

AclId

string

No

The ID of the access control list (ACL) associated with the listener.

This parameter is required if AclStatus is set to on.

12333

AclType

string

No

The type of the ACL. Valid values:

  • white: a whitelist. The listener forwards only requests from the IP addresses or CIDR blocks in the ACL. Whitelists are suitable for scenarios in which you want to allow access only from specific IP addresses. Using a whitelist poses security risks. If you set AclType to white and the ACL contains no IP addresses, the listener forwards all requests.

    If whitelist access is enabled but no IP addresses are added to the access control group, the load balancer listener forwards all requests.

  • black: a blacklist. The listener blocks all requests from the IP addresses or CIDR blocks in the ACL. Blacklists are suitable for scenarios in which you want to deny access from specific IP addresses. If you set AclType to black and the ACL contains no IP addresses, the listener forwards all requests.

    If blacklist access is enabled but no IP addresses are added to the access control policy group, the load balancer listener forwards all requests.

Note

This parameter takes effect only when AclStatus is set to on.

white

AclStatus

string

No

Specifies whether to enable access control. Valid values:

  • on: enables access control.

  • off: disables access control.

off

Description

string

No

The description of the listener.

The description must be 1 to 256 characters in length and can contain letters, digits, hyphens (-), forward slashes (/), periods (.), and underscores (_).

tcp_80

ConnectionDrain

string

No

Specifies whether to enable connection draining. Valid values:

  • on: enables connection draining.

  • off: disables connection draining.

off

ConnectionDrainTimeout

integer

No

The timeout for connection draining, in seconds. This parameter is required if ConnectionDrain is set to on.

Valid values: 10 to 900.

300

ProxyProtocolV2Enabled

boolean

No

Specifies whether to use Proxy Protocol v2 to forward client source IP addresses to backend servers. Valid values:

  • true: yes.

  • false: no.

false

HealthCheckSwitch

string

No

Specifies whether to enable health checks. Valid values:

  • on: enables health checks.

  • off: disables health checks.

on

Response elements

Element

Type

Description

Example

object

RequestId

string

The request ID.

CEF72CEB-54B6-4AE8-B225-F876FF7BA984

Examples

Success response

JSON format

{
  "RequestId": "CEF72CEB-54B6-4AE8-B225-F876FF7BA984"
}

Error codes

HTTP status code

Error code

Error message

Description

400 InvalidParameterValue.SpecNotSupport The loadBalancer of shared spec does not support the parameter value, %s.
400 OperationNotSupport.Acl The cloud box instance does not support acl.
400 InvalidParameterValue.RegionNotSupport The region does not support the parameter value, %s.
400 IpVersionConflict The ip version of this LoadBalancer and the Acl is conflict.
400 InvalidParameterValue.ZoneNotSupport The zone does not support the parameter value, %s.
400 InvalidParameter.ZoneNotSupport The zone does not support the parameter %s.
400 OperationFailed.ServerGroupInUse The VServerGroup or MasterSlaveServerGroup can not be close for this listener.
400 InvalidParam.VServerGroupId The specified VServerGroupId is invalid.
400 MissingParam.HealthCheckConnectPort The parameter HealthCheckConnectPort is required.
400 InvalidParam.ListenerPort The specified ListenerPort is invalid.
400 InvalidParam.StartPort The specified StartPort is invalid.
400 InvalidParamSize.PortRange The size of param PortRange is invalid.
400 InvalidParam.EndPort The specified EndPort is invalid.
400 InvalidParam.PortRange The specified PortRange is invalid.
400 Duplicated.AclEntry %s. %s
400 ResourceNotFound.VServerGroup %s.
400 IllegalParam.FailoverStrategy The parameter FailoverStrategy is illegal.
400 IllegalParam.FailoverThreshold The parameter FailoverThreshold is illegal.
400 MasterSlaveServerConflict The servers are conflict for MasterSlaveGroup.
400 MissingParam.VServerGroupId The parameter VServerGroupId is missing.
400 OperationDenied.HealthCheckClosedForMasterSlaveMode The operation is denied because of HealthCheckClosedForMasterSlaveMode.
400 InvalidParam.HealthCheck The param of HealthCheck is illegal.
400 OperationDenied.MasterSlaveGroupLogEnabled The operation is denied because of MasterSlaveGroupLogEnabled.
400 OperationDenied.NotSupportAcl The operation is denied because The single Tunnel or any Tunnel loadbalancer does not support config AccessControlList.
400 OperationDenied.FullNatModeNotAllowed The operation is not allowed because of FullNatModeNotAllowed.
400 OperationDenied.OnlyIpv4SlbSupport The operation is not allowed because of OnlyIpv4SlbSupport.
400 SpecNotSupportParameter The instance with share spec does not support FullNatEnabled parameter.
400 Abs.VServerGroupIdAndMasterSlaveServerGroupId.MissMatch Virtual service group ID or master slave server group ID is missing. Please check the input parameters.
400 AclListenerOverLimit This acl has reached the limit of binding to listeners.
400 QuotaLimitExceeds.AclAttachedToListener The number of Acl bound listeners has reached the quota limit
400 QuotaLimitExceeds.TotalAclEntry The number of Acl entries has reached the quota limit.
400 QuotaLimitExceeds.AclListenerOverLimit This acl has reached the limit of binding to listeners.
400 DryRunOperation Request validation has been passed with DryRun flag set. Request validation has been passed with DryRun flag set.

See Error Codes for a complete list.

Release notes

See Release Notes for a complete list.