CustomPolicyLbVirtualServer

Virtual server acts as a facade to an application, receives all client connections over a specified protocol and distributes them among the backend servers. This custom type allows for more complex settings than the simplified PolicyLbVirtualServer types. This object allows for complex configurations for PolicyLbVirtualServers of all types. All HTTP specific inputs will be rejected when combined with TPC or UDP protocols.


Properties

integer
_create_time Optional

Timestamp of resource creation


string
_create_user Optional

ID of the user who created this resource


integer
_last_modified_time Optional

Timestamp of last modification


string
_last_modified_user Optional

ID of the user who last modified this resource


array of ResourceLink
_links Optional

The server will populate this field when returing the resource. Ignored on PUT and POST.


string
_protection Optional

Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.


integer
_revision Optional

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other’s changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.


string
_schema Optional

Schema for this resource


_self Optional

Link to this resource


boolean
_system_owned Optional

Indicates system owned resource


boolean
access_log_enabled Optional

If access log is enabled, all HTTP requests sent to an L7 virtual server are logged to the access log file. Both successful requests (backend server returns 2xx) and unsuccessful requests (backend server returns 4xx or 5xx) are logged to access log, if enabled.


string
app_protocol Optional

As the custom type allows for more complex settings than the simplified PolicyLbVirtualServer types, also specify the desired protocol for receiving all client connections.

Possible values are: TCPUDPHTTPHTTPS


children Optional

subtree for this type within policy tree containing nested elements.


array of string
client_ssl_certificate_ids Optional

Client-side SSL profile binding allows multiple certificates, for different hostnames, to be bound to the same virtual server. The setting is used when load balancer acts as an SSL server and terminating the client SSL connection


string
client_ssl_settings Optional

Security settings representing various security settings when the VirtualServer acts as an SSL server - BASE_SECURE_111317 - MODERATE_SECURE_111317 - HIGH_SECURE_111317

Possible values are: BASE_SECURE_111317MODERATE_SECURE_111317HIGH_SECURE_111317


string
default_client_ssl_certificate_id Optional

The setting is used when load balancer acts as an SSL server and terminating the client SSL connection. A default certificate should be specified which will be used if the server does not host multiple hostnames on the same IP address or if the client does not support SNI extension.


string
description Optional

Description of this resource


string
display_name Optional

Defaults to ID if not set


string
id Optional

Unique identifier of this resource


boolean
insert_client_ip_header Optional

Backend web servers typically log each request they handle along with the requesting client IP address. These logs are used for debugging, analytics and other such purposes. If the deployment topology requires enabling SNAT on the load balancer, then server will see the client as the SNAT IP which defeats the purpose of logging. To work around this issue, load balancer can be configured to insert XFF HTTP header with the original client IP address. Backend servers can then be configured to log the IP address in XFF header instead of the source IP address of the connection. If XFF header is not present in the incoming request, load balancer inserts a new XFF header with the client IP address.


string
ip_address Optional

Configures the IP address of the PolicyLbVirtualServer where it receives all client connections and distributes them among the backend servers.


string
lb_persistence_profile Optional

Path to optional object that enables persistence on a virtual server allowing related client connections to be sent to the same backend server. Persistence is disabled by default.


boolean
marked_for_delete Optional

Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.


string
parent_path Optional

Path of its parent


string
path Optional

Absolute path of this object


array of string
ports Optional

Ports contains a list of at least one port or port range such as “80”, “1234-1236”. Each port element in the list should be a single port or a single port range.


string
relative_path Optional

Path relative from its parent


string
resource_type Optional

The type of this resource.


string
router_path Optional

Path to router type object that PolicyLbVirtualServer connects to. The only supported router object is Network.


array of string
server_auth_ca_certificate_ids Optional

To support client authentication (load balancer acting as a client authenticating to the backend server), server_ssl_certificate_id can be specified. When supplied, the backend server certificate must be signed by one of the trusted Certificate Authorities (CAs), also referred to as root CAs, whose self signed certificates are specified. This setting is only applicable for L7 protocols and will be rejected in combination with TCP or UDP.


string
server_ssl_settings Optional

Indicates whether to enable server side SSL. Server side SSL will be enabled when a specific security setting is selected. The selected security setting or profile represents various configurations related to SSL when the VirtualServer acts as a client connecting over SSL to the backend server. This setting is only applicable for L7 protocols and will be rejected in combination with TCP or UDP. - BASE_SECURE_111317 - MODERATE_SECURE_111317 - HIGH_SECURE_111317 - DISABLED

Possible values are: BASE_SECURE_111317MODERATE_SECURE_111317HIGH_SECURE_111317DISABLED


array of Tag
tags Optional

Opaque identifiers meaningful to the API user


string
traffic_source Optional
Not available

JSON Example

{
    "_create_time": 0,
    "_create_user": "string",
    "_last_modified_time": 0,
    "_last_modified_user": "string",
    "_links": [
        {
            "action": "string",
            "href": "string",
            "rel": "string"
        }
    ],
    "_protection": "string",
    "_revision": 0,
    "_schema": "string",
    "_self": {
        "action": "string",
        "href": "string",
        "rel": "string"
    },
    "_system_owned": false,
    "access_log_enabled": false,
    "app_protocol": "string",
    "children": [
        {
            "_create_time": 0,
            "_create_user": "string",
            "_last_modified_time": 0,
            "_last_modified_user": "string",
            "_links": [
                {
                    "action": "string",
                    "href": "string",
                    "rel": "string"
                }
            ],
            "_protection": "string",
            "_revision": 0,
            "_schema": "string",
            "_self": {
                "action": "string",
                "href": "string",
                "rel": "string"
            },
            "_system_owned": false,
            "description": "string",
            "display_name": "string",
            "id": "string",
            "marked_for_delete": false,
            "resource_type": "string",
            "tags": [
                {
                    "scope": "string",
                    "tag": "string"
                }
            ]
        }
    ],
    "client_ssl_certificate_ids": [
        "string"
    ],
    "client_ssl_settings": "string",
    "default_client_ssl_certificate_id": "string",
    "description": "string",
    "display_name": "string",
    "id": "string",
    "insert_client_ip_header": false,
    "ip_address": "string",
    "lb_persistence_profile": "string",
    "marked_for_delete": false,
    "parent_path": "string",
    "path": "string",
    "ports": [
        "string"
    ],
    "relative_path": "string",
    "resource_type": "string",
    "router_path": "string",
    "server_auth_ca_certificate_ids": [
        "string"
    ],
    "server_ssl_settings": "string",
    "tags": [
        {
            "scope": "string",
            "tag": "string"
        }
    ],
    "traffic_source": "string"
}
Feedback

Was this page helpful?