Jump to: navigation, search

Difference between revisions of "Neutron/LBaaS/API"

< Neutron‎ | LBaaS
m (ThierryCarrez moved page Quantum/LBaaS/API to Neutron/LBaaS/API)
 
(8 intermediate revisions by 2 users not shown)
Line 1: Line 1:
__NOTOC__
+
= OpenStack LBaaS API 1.0 =
<!-- #acl [[YoucefLaribi]]:read,write,delete,revert,admin [[UmaGoring]]:read,write,delete,revert,admin All:read -->
 
= [[OpenStack]] Quantum LBaaS API 1.0 =
 
<<[[TableOfContents]]()>>
 
 
 
 
== Overview ==
 
== Overview ==
 
=== Intended Audience ===
 
=== Intended Audience ===
 
Intended Audience
 
Intended Audience
  
This guide is for software developers who create applications by using the LBaaS API v1.0. To use this information, you should have a general understanding of the [[OpenStack]] LBaaS network service, the [[OpenStack]] Quantum service, and the integration between the two. You should also have access to a plugin that implements the LBaaS API v2.0.
+
This guide is for software developers who create applications by using the LBaaS API v1.0. To use this information, you should have a general understanding of the [[OpenStack]] LBaaS service, the [[OpenStack]] Quantum service, and the integration between the two.
  
 
You should also be familiar with:
 
You should also be familiar with:
Line 14: Line 10:
 
* ReSTful web services
 
* ReSTful web services
 
* HTTP/1.1
 
* HTTP/1.1
* JSON and XML data serialization formats
+
* JSON serialization format
  
 
=== Document Change History ===
 
=== Document Change History ===
Line 21: Line 17:
 
| '''Revision Date'''  
 
| '''Revision Date'''  
 
|-
 
|-
| Oct,25 2012  
+
| Oct, 25 2012  
 
|}
 
|}
  
Line 29: Line 25:
 
| '''Resource'''  
 
| '''Resource'''  
 
|-
 
|-
|
+
| tbd
 
|}
 
|}
  
Line 37: Line 33:
 
Th capabilities provided by the LBaaS service are:
 
Th capabilities provided by the LBaaS service are:
  
* --- To be continued ---
+
  <tbd>
 
 
=== Glossary ===
 
{| border="1" cellpadding="2" cellspacing="0"
 
| '''Term'''
 
|-
 
 
|}
 
  
 
=== High-Level Task Flow ===
 
=== High-Level Task Flow ===
The high-level task flow for LBaaS configuration is as follows:
+
The high-level task flow for using LBaaS API to configure load balancing is as follows:
 
 
# The tenant creates a vip.
 
# etc.
 
 
 
===The Plugin ===
 
  
<tbd>
+
* The tenant creates a pool, which is initially empty
 +
* The tenant create one or several members in the pool
 +
* The tenant create one or several health monitors
 +
* The tenant associates the health monitors with the pool
 +
* The tenant creates a vip with the pool
  
 
=== Concepts ===
 
=== Concepts ===
Line 60: Line 48:
  
 
==== VIP ====
 
==== VIP ====
A vip is a load balancing configuration object that specifies the virtual IP address and port on which traffic is received, as well as other details such as the load balancing method, protocol, etc. This is the primary entity of configuration in the API.
+
A VIP is the primary load balancing configuration object that specifies the virtual IP address and port on which client traffic is received, as well as other details such as the load balancing method to be use, protocol, etc. This entity is sometimes known in LB products under the name of a "virtual server", a "vserver" or a "listener".
  
 
==== Pool ====
 
==== Pool ====
A pool is a group of members to which the traffic is load-balanced. The LBaaS service chooses a member of the pool according to the load balancing method to handle the new requests or connections received on the vip address. In the Core LBaaS service, there is only one pool for a vip.
+
A load balancing pool is a logical set of devices, such as web servers, that you group together to receive and process traffic. The loadbalancing function chooses a member of the pool according to the configured load balancing method to handle the new requests or connections received on the VIP address. There is only one pool for a VIP.
  
==== Member ====
+
==== Pool Member ====
A member is a back-end physical or virtual device providing a service on a specified IP and port. A member belongs to one pool.
+
A pool member represents the application running on backend server.
  
 
==== Health Monitoring ====
 
==== Health Monitoring ====
A health monitor is used to determine whether or not back-end members of a vip are usable for processing a request. There are different types of health monitors supported. A pool can have several health monitors bound to it.
+
A health monitor is used to determine whether or not back-end members of the VIP's pool are usable for processing a request. A pool can have several health monitors associated with it. There are different types of health monitors supported by the [[OpenStack]] LBaaS service:
 
 
The following types of health monitors are available for use:
 
  
* PING
+
* PING: used to ping the members using ICMP.
* TCP
+
* TCP: used to connect to the members using TCP.
* HTTP
+
* HTTP: used to send an HTTP request to the member.
* HTTPS
+
* HTTPS: used to send a secure HTTP request to the member.
  
 
==== Session Persistence ====
 
==== Session Persistence ====
Session persistence is a feature of the load balancing service. It attempts to force subsequent connections or requests in the same session to be redirected to the same node as long as it is online. The [[OpenStack]] LBaaS service supports two types of persistence:
+
Session persistence is a feature of the load balancing service. It attempts to force connections or requests in the same session to be processed by the same member as long as it is ative. The [[OpenStack]] LBaaS service supports three types of persistence:
  
* SOURCE_IP: With this persistence mode, all connections originating from the same source IP address, will be handled by the same
+
* SOURCE_IP: With this persistence mode, all connections originating from the same source IP address, will be handled by the same member of the pool.
              member of the pool.
+
* HTTP_COOKIE: With this persistence mode, the loadbalancer will create a cookie on the first request from a client. Subsequent requests containing the same cookie value will be handled by the same member of the pool.
* HTTP_COOKIE: With this persistence mode, the loadbalancer will create a cookie on the first request from a client. Subsequent
+
* APP_COOKIE: With this persistence mode, the loadbalancer will rely on a cookie established by the backend application. All requests carrying the same cookie value will be handled by the same member of the pool.
                requests containing the same cookie value will be handled by the same member of the pool.  
 
* APP_COOKIE: With this persistence mode, the loadbalancer will rely on a cookie established by the backend application. All requests
 
              carrying the same cookie value will be handled by the same member of the pool.
 
  
 
==== Connection Limits ====
 
==== Connection Limits ====
To control incoming traffic on the VIP address as well as traffic for a specific member of a pool, you can set a connection limit beyond which the load balancer will refuse client requests or connections. This can be used to thwart DoS attacks and to allow each member to continue to work within its limits.
+
To control incoming traffic on the VIP address as well as traffic for a specific member of a pool, you can set a connection limit beyond which the load balancing function will refuse client requests or connections. This can be used to thwart DoS attacks and to allow each member to continue to work within its limits.
  
 
For HTTP and HTTPS protocols, since several HTTP requests can be multiplexed on the same TCP connection, the connection limit value is interpreted as the maximum number of requests allowed.
 
For HTTP and HTTPS protocols, since several HTTP requests can be multiplexed on the same TCP connection, the connection limit value is interpreted as the maximum number of requests allowed.
Line 97: Line 80:
  
 
=== Authentication and Authorization ===
 
=== Authentication and Authorization ===
The LBaaS API v1.0 uses the Keystone Identity Service as the default authentication service. When Keystone is enabled, users that submit requests to the LBaaS service must provide an authentication token in X-Auth-Token request header. You obtain the token by authenticating to the Keystone endpoint. For more information about Keystone, see the [[OpenStack]] Identity Developer Guide.
+
The LBaaS API v1.0 uses the Keystone Identity Service as the default authentication service. When Keystone is enabled, users that submit requests to the LBaaS service must provide an authentication token in '''X-Auth-Token''' request header. You obtain the token by authenticating to the Keystone endpoint. For more information about Keystone, see the OpenStack Identity Developer Guide.
 
 
When Keystone is enabled, the tenant_id attribute is not required in create requests because the tenant ID is derived from the authentication token.
 
  
 
The default authorization settings allow only administrative users to create resources on behalf of a different tenant.
 
The default authorization settings allow only administrative users to create resources on behalf of a different tenant.
Line 114: Line 95:
  
 
=== Request/Response Types ===
 
=== Request/Response Types ===
The LBaaS API v1.0 supports the JSON data serialization format.
+
The LBaaS API v1.0 supports the JSON data serialization format.This means that for requests that contain a body, the Content-Type header must be set to the MIME type value "application/json". Also, clients must accept JSON serialized responses by specifying the Accept header with the MIME type value "application/json" or adding ".json" extension to the resource name.
 +
 
 +
Example:
 +
 
 +
 
 +
<pre><nowiki>#!highlight javascript numbers=disable
 +
GET /v1.0/vips.json
 +
</nowiki></pre>
  
Example 3.1. Request/Response with Headers: JSON
+
or
  
The format for both the request and the response can be specified using the Content-Type header, the Accept header or adding the .json extension to the request URI.
+
 
 +
<pre><nowiki>#!highlight javascript numbers=disable
 +
GET /v1.0/vips
 +
Accept: application/json
 +
</nowiki></pre>
  
 
=== Filtering and Column Selection ===
 
=== Filtering and Column Selection ===
Line 125: Line 117:
 
For example, the following request returns all networks named foobar:
 
For example, the following request returns all networks named foobar:
  
GET /v1.0/vips?name=foobar When you specify multiple filters, the LBaaS API v1.0 returns only objects that meet all filtering criteria. The operation applies an AND condition among the filters.
 
  
* Note
+
<pre><nowiki>#!highlight javascript numbers=disable
 +
GET /v1.0/vips?name=foobar
 +
</nowiki></pre>
 +
 
 +
When you specify multiple filters, the LBaaS API v1.0 returns only objects that meet all filtering criteria. The operation applies an AND condition among the filters.
 +
 
 +
 
 +
<pre><nowiki>#!wiki caution
 +
Note
  
 
LBaaS does not offer an OR mechanism for filters.
 
LBaaS does not offer an OR mechanism for filters.
 +
</nowiki></pre>
  
 
Alternatively, you can issue a distinct request for each filter and build a response set from the received responses on the client-side.
 
Alternatively, you can issue a distinct request for each filter and build a response set from the received responses on the client-side.
Line 139: Line 139:
 
For example, the following request returns only id,name,network_id,address and port for each vip:
 
For example, the following request returns only id,name,network_id,address and port for each vip:
  
GET /v1.0/vips.json?fields=id&fields=name&fields=network_id&fields=address&fields=port
+
 
 +
<pre><nowiki>#!highlight javascript numbers=disable
 +
GET /v1.0/vips.json?fields=id&fields=name&fields=network_id&fields=address&fields=port
 +
</nowiki></pre>
  
 
=== Synchronous versus Asynchronous Plugin Behavior ===
 
=== Synchronous versus Asynchronous Plugin Behavior ===
Line 148: Line 151:
 
For example, if a client issues an HTTP PUT request to add a member to a pool, there is no guarantee that the member can receive traffic when the HTTP call returns. However, it is guaranteed that a subsequent HTTP GET request to view the members on the pool returns a list that would contain the added member.
 
For example, if a client issues an HTTP PUT request to add a member to a pool, there is no guarantee that the member can receive traffic when the HTTP call returns. However, it is guaranteed that a subsequent HTTP GET request to view the members on the pool returns a list that would contain the added member.
  
You can use the status attribute of the vip, the pool and the member to determine whether the LBaaS plugin has successfully completed the configuration of the resource.
+
You can use the status attribute of the VIP, the pool, the member or the health monitor to determine whether the LBaaS plugin has successfully completed the configuration of the resource.
  
 
=== Bulk Create Operations ===
 
=== Bulk Create Operations ===
Line 155: Line 158:
 
Bulk operations are always performed atomically, meaning that either all or none of the objects in the request body are created. If a particular plugin does not support atomic operations, the LBaaS API v1.0 emulates the atomic behavior so that users can expect the same behavior regardless of the particular plugin running in the background.
 
Bulk operations are always performed atomically, meaning that either all or none of the objects in the request body are created. If a particular plugin does not support atomic operations, the LBaaS API v1.0 emulates the atomic behavior so that users can expect the same behavior regardless of the particular plugin running in the background.
  
LBaaS might be deployed without support for bulk operations and when the client attempts a bulk create operation, a 400 Bad Request error is returned.
+
The LBaaS service might be deployed without support for bulk operations and when the client attempts a bulk create operation, a 400 Bad Request error is returned.
  
For information about how to submit bulk requests to the LBaaS API v1.0, see the section called “Bulk Create Vips”.
+
For information about how to submit bulk requests to the LBaaS API v1.0, see the section called “Bulk Create Members” section.
  
 
=== Quotas ===
 
=== Quotas ===
Line 178: Line 181:
 
To query extensions individually by unique alias, issue a GET request on the /v1.0/extensions/alias_name URI. Use this method to easily determine if an extension is available.  If the extension is not available, a 404 Not Found response is returned.
 
To query extensions individually by unique alias, issue a GET request on the /v1.0/extensions/alias_name URI. Use this method to easily determine if an extension is available.  If the extension is not available, a 404 Not Found response is returned.
  
You can extend existing core API resources with new actions or extra attributes. Also, you can add new resources as extensions. Extensions usually have tags that prevent conflicts with other extensions that define attributes or resources with the same names, and with core resources and attributes. Because an extension might not be supported by all plugins, the availability of an extension varies with deployments and the specific plugin in use.
+
You can extend existing core API resources with new actions or extra attributes. Also, you can add new resources as extensions. Extensions usually have tags that prevent conflicts with other extensions that define attributes or resources with the same names, and with core resources and attributes. Because an extension might not be supported by all plugins, the availability of an extension varies with deployments and the specific plugin in use. So, make sure that your extension is available on the deployed LBaaS service before making use of its extra features.
  
 
=== Faults ===
 
=== Faults ===
Line 207: Line 210:
 
| Service unavailable  
 
| Service unavailable  
 
|}
 
|}
 
The response body of the error provides more detailed information on the error.
 
  
 
Users submitting requests to the LBaaS API v1.0 might also receive the following errors:
 
Users submitting requests to the LBaaS API v1.0 might also receive the following errors:
Line 215: Line 216:
  
 
403 Forbidden - If the user cannot access a specific resource or perform the requested operation.
 
403 Forbidden - If the user cannot access a specific resource or perform the requested operation.
 +
 +
The response body will contain richer information about the cause of the error. An error response follows the format illustrated by the following example:
 +
 +
 +
<pre><nowiki>#!highlight javascript numbers=disable
 +
409 Conflict
 +
Content-type: application/json
 +
Content-lentgh:78
 +
 +
{
 +
  "errorcode": 409,
 +
  "errormessage": "pool is already used by an existing VIP"
 +
}
 +
</nowiki></pre>
 +
  
 
== Chapter 3. API Operations ==
 
== Chapter 3. API Operations ==
Line 251: Line 267:
 
|}
 
|}
  
'''Normal Response Code(s)''': 200
+
'''Normal Response Code(s)''': 202
  
'''Error Response Code''': 401 (unauthorized)
+
'''Error Response Code(s)''': 401 (Unauthorized), 500 (Internal server error), 503 (Service Unavailable)
  
'''Error Response body''':
+
This operation returns the list of all vips associated with your tenant account. If If you have an admin role, then this request returns all the vips of all tenants.
  
 +
This operation does not require a request body.
  
<pre><nowiki>#!highlight javascript numbers=disable
+
This operation returns a response body. It returns a (potentially empty) list, each element in the list is a VIP that can contain the following attributes:
{
 
  "error" : {
 
              "error_code" : 401,
 
              "error_message" : "The keystone token provided in the request header is invalid"
 
          }
 
}
 
</nowiki></pre>
 
 
 
'''Error Response Code''': 500 (internal Service Error)
 
  
'''Error Response body''':
+
* id
 
+
* tenant_id
 
+
* name
<pre><nowiki>#!highlight javascript numbers=disable
+
* description
{
 
  "error" : {
 
              "error_code" : 500,
 
              "error_message" : "The LBaaS service has experience an internal error. Please contact support"
 
          }
 
}
 
</nowiki></pre>
 
 
 
'''Error Response Code''': 503 (Service Unavailable)
 
 
 
'''Error Response body''':
 
 
 
 
 
<pre><nowiki>#!highlight javascript numbers=disable
 
{
 
  "error" : {
 
              "error_code" : 503,
 
              "error_message" : "The LBaaS service has currently unavailable. Please try later"
 
          }
 
}
 
</nowiki></pre>
 
 
 
This operation returns the list of all vips associated with your tenant account. If If you have an admin role, then this request returns all the vips of all tenants.
 
 
 
This operation does not require a request body.
 
 
 
This operation returns a response body. It returns a (potentially empty) list, each element in the list is a vip that can contain the following attributes:
 
 
 
* id
 
* tenant_id
 
* name
 
 
* network_id
 
* network_id
 
* address
 
* address
Line 315: Line 292:
 
* status
 
* status
  
'''Example . List vips''' JSON Request:
+
'''Example . List vips'''
 +
 
 +
JSON Request:
  
  
Line 339: Line 318:
 
           "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
 
           "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
 
           "name": "web_vip",
 
           "name": "web_vip",
 +
          "description": "lb config for the web tier",
 
           "network_id": "96a4386a-f8c3-42ed-afce-d7954eee77b3",
 
           "network_id": "96a4386a-f8c3-42ed-afce-d7954eee77b3",
 
           "address" : "10.30.176.47",
 
           "address" : "10.30.176.47",
Line 377: Line 357:
 
|}
 
|}
  
'''Normal Response Code(s)''': 200
+
'''Normal Response Code(s)''': 202
  
'''Error Response Code''': 401
+
'''Error Response Code(s)''': 401 (Unauthorized), 404 (Not Found), 409 (Conflict), 413 (Over limit), 500 (Internal server error), 503 (Service Unavailable)
 +
 
 +
This operation returns a vip object associated with your tenant account.
  
'''Error Response body''':
+
This operation does not require a request body.
  
 +
This operation returns a response body. The returned element is a VIP that can contain the following attributes:
  
<pre><nowiki>#!highlight javascript numbers=disable
+
* id
{
+
* tenant_id
  "error" : {
+
* name
              "error_code" : 401,
+
* description
              "error_message" : "The keystone token provided in the request header is invalid"
+
* network_id
          }
+
* address
}
+
* port
</nowiki></pre>
+
* lb_method
 +
* protocol
 +
* pool_id
 +
* session_persistence
 +
* connection_limit
 +
* admin_state_up
 +
* status
  
'''Error Response Code''': 401
+
'''Example . Retrieve a VIP details: '''
  
'''Error Response body''':
+
JSON Request:
  
  
 
<pre><nowiki>#!highlight javascript numbers=disable
 
<pre><nowiki>#!highlight javascript numbers=disable
{
+
GET /v1.0/vips/36e08a3e-a78f-4b40-a229-1e7e23eee1ab
  "error" : {
+
Host: lbaas-service.cloudX.com:8651
              "error_code" : 401,
+
Accept: application/json
              "error_message" : "You are not authorized to access vip 36e08a3e-a78f-4b40-a229-1e7e23eee1ab"
+
X-Auth-Token:887665443383838
          }
 
}
 
 
</nowiki></pre>
 
</nowiki></pre>
  
'''Error Response Code''': 404
+
JSON Response:
  
'''Error Response body''':
 
  
 +
<pre><nowiki>#!highlight javascript numbers=disable
 +
200 OK
 +
Content-Type: application/json
 +
Content-Length: 156
  
<pre><nowiki>#!highlight javascript numbers=disable
 
 
{
 
{
  "error" : {
+
    "vip": {
              "error_code" : 404,
+
          "id": "36e08a3e-a78f-4b40-a229-1e7e23eee1ab",
              "error_message" : "No vip with id 36e08a3e-a78f-4b40-a229-1e7e23eee1ab was found."
+
          "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
           }
+
          "name": "db_vip",
 +
          "description": "lb config for the MYSQL db tier",
 +
          "network_id": "9cedb85d-0759-4898-8a4b-fa5a5ea10086",
 +
          "address" : "10.30.176.47",
 +
           "protocol": "TCP",
 +
          "port": 3306,
 +
          "lb_method": "LEAST_CONNECTIONS",
 +
          "pool_id" : "41efe233-7591-43c5-9cf7-923964759f9e",
 +
          "session_persistence" : {"type" : "SOURCE_IP"},
 +
          "connection_limit" : 2000,
 +
          "admin_state_up": true,
 +
          "status": "INACTIVE"
 +
        }
 
}
 
}
 
</nowiki></pre>
 
</nowiki></pre>
  
'''Error Response Code''': 500
+
==== Create a VIP ====
 
+
{| border="1" cellpadding="2" cellspacing="0"
'''Error Response body''':
+
| Verb
 
+
| URI
 +
| Description
 +
|-
 +
| POST
 +
| /v1.0/vips
 +
|}
  
<pre><nowiki>#!highlight javascript numbers=disable
+
'''Normal Response Code(s)''': 202
{
 
  "error" : {
 
              "error_code" : 500,
 
              "error_message" : "The LBaaS service has experience an internal error. Please contact support"
 
          }
 
}
 
</nowiki></pre>
 
  
'''Error Response Code''': 503
+
'''Error Response Code(s)''': 401 (Unauthorized), 404 (Not Found), 409 (Conflict), 413 (Over limit), 500 (Internal server error), 503 (Service Unavailable)
  
'''Error Response body''':
+
This operation provisions a new vip based on the configuration defined in the request object. Once the request is validated and progress has started on the provisioning process, a response object will be returned. The object will contain a unique identifier and the status of provisioning the vip.
  
 +
The status of the vip in the response can take one of the following values: ACTIVE, PENDING_CREATE or ERROR.
  
<pre><nowiki>#!highlight javascript numbers=disable
+
If the status returned is set to "PENDING_CREATE", then using the identifier of the vip, the caller can check on the progress of the provisioning operation by performing a GET on vips/''vip_id''. When the status of the vip returned changes to "ACTIVE", then the vip has been successfully provisioned and is now operational for traffic handling.
{
 
  "error" : {
 
              "error_code" : 503,
 
              "error_message" : "The LBaaS service has currently unavailable. Please try later"
 
          }
 
}
 
</nowiki></pre>
 
  
This operation returns a vip object associated with your tenant account.
+
The caller of this operation must specify at least the following attributes of the vip:
  
This operation does not require a request body.
+
* name
 
+
* tenant_id: only if a user has an admin role can he specify a tenant_id different from her's.
This operation returns a response body. The returned element is a vip that can contain the following attributes:
+
* network_id: The network on which to allocate the vip's address. A tenant can only create vips on networks authorized by policy (e.g. her own networks or shared/provider networks).
 +
* protocol: the protocol of the vip address.
 +
* port: the port on which to listen for client traffic that is associated with the vip address.
 +
* pool_id: the id of the pool that contains the real servers to which traffic is load balanced.
  
* id
+
Some attributes will receive default values if not specified in the request:
* tenant_id
+
 
* name
+
* lb_method: the default method is ROUND_ROBIN
* network_id
+
* admin_state_up: The default configuration state for a vip is UP, so the default value for this attribute is true.
* address
 
* port
 
* lb_method
 
* protocol
 
* pool_id
 
* session_persistence
 
* connection_limit
 
* admin_state_up
 
* status
 
  
'''Example . Retrieve a vip details: '''
+
If the request cannot be fulfilled due to insufficient or invalid data, an HTTP 400 (Bad Request) error response will be returned with information regarding the nature of the failure in the body of the response. Failures in the validation process are non-recoverable and require the caller to correct the cause of the failure and POST the request again.
  
JSON Request:
+
Users may configure all documented features of the vip at creation time by simply providing the additional elements or attributes in the request. This document provides an overview of all the features the load balancing service supports.
  
 +
Users with an admin role can create vips for other tenants by specifying a tenant_id attribute different than their own.
  
<pre><nowiki>#!highlight javascript numbers=disable
+
'''Example 4.6. Create a vip (Required Attributes) Request: JSON '''
GET /v1.0/vips/36e08a3e-a78f-4b40-a229-1e7e23eee1ab
+
 
 +
'''Example . create a vip with a shared address''' JSON Request:
 +
 
 +
 
 +
<pre><nowiki>#!highlight javascript numbers=disable
 +
POST /v1.0/vips
 
Host: lbaas-service.cloudX.com:8651
 
Host: lbaas-service.cloudX.com:8651
 +
Content-Type: application/json
 
Accept: application/json
 
Accept: application/json
 
X-Auth-Token:887665443383838
 
X-Auth-Token:887665443383838
 +
Content-Length: 463
 +
 +
{
 +
  "vips":[
 +
        {
 +
          "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
 +
          "name": "web_vip",
 +
          "network_id": "96a4386a-f8c3-42ed-afce-d7954eee77b3",
 +
          "protocol": "HTTP",
 +
          "port": 80,
 +
          "pool_id" : "cfc6589d-f949-4c66-99d2-c2da56ef3764"
 +
        }
 +
      ]
 +
}
 
</nowiki></pre>
 
</nowiki></pre>
  
Line 485: Line 493:
  
 
<pre><nowiki>#!highlight javascript numbers=disable
 
<pre><nowiki>#!highlight javascript numbers=disable
200 OK
+
202 Accepted
 
Content-Type: application/json
 
Content-Type: application/json
Content-Length: 156
+
Content-Length: 213
  
 
{
 
{
    "vip": {
+
  "vips":[
           "id": "36e08a3e-a78f-4b40-a229-1e7e23eee1ab",
+
        {
 +
           "id": "02b1fef7-16f5-4917-bf19-c40a9af805ed",
 
           "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
 
           "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
           "name": "db_vip",
+
           "name": "web_vip",
           "network_id": "9cedb85d-0759-4898-8a4b-fa5a5ea10086",
+
           "network_id": "96a4386a-f8c3-42ed-afce-d7954eee77b3",
 
           "address" : "10.30.176.47",
 
           "address" : "10.30.176.47",
           "protocol": "TCP",
+
           "protocol": "HTTPS",
           "port": 3306,
+
           "port": 443,
           "lb_method": "LEAST_CONNECTIONS",
+
           "lb_method": "ROUND_ROBIN",
           "pool_id" : "41efe233-7591-43c5-9cf7-923964759f9e",
+
           "pool_id" : "cfc6589d-f949-4c66-99d2-c2da56ef3764",
          "session_persistence" : {"type" : "SOURCE_IP"},
 
          "connection_limit" : 2000,
 
 
           "admin_state_up": true,
 
           "admin_state_up": true,
           "status": "INACTIVE"
+
           "status": "PENDING_CREATE"
 
         }
 
         }
 +
      ]
 
}
 
}
 
</nowiki></pre>
 
</nowiki></pre>
  
==== Create a VIP ====
+
A user can supply an address field if she owns the network on which the vip will be created. If an address is not specified in the payload, then the LBaaS service will allocate one from the network ID.
{| border="1" cellpadding="2" cellspacing="0"
+
 
| Verb
+
Once an address is allocated to the user, the user can create other vip objects using the same address but with different ports.
| URI
+
 
| Description
+
'''Example . create a vip with an address shared with another vip''' JSON Request:
|-
 
| POST
 
| /v1.0/vips
 
|}
 
  
'''Normal Response Code(s)''': 202
 
  
'''Error Response Code(s)''': 401 (Unauthorized), 404 (Not Found), 409 (Conflict), 413 (Over limit), 500 (Internal server error), 503 (Service Unavailable)
+
<pre><nowiki>#!highlight javascript numbers=disable
 +
POST /v1.0/vips
 +
Host: lbaas-service.cloudX.com:8651
 +
Content-Type: application/json
 +
Accept: application/json
 +
X-Auth-Token:887665443383838
 +
Content-Length: 234
  
This operation provisions a new vip based on the configuration defined in the request object. Once the request is validated and progress has started on the provisioning process, a response object will be returned. The object will contain a unique identifier and the status of provisioning the vip.
+
{
 +
  "vips":[
 +
        {
 +
          "name": "ssl_vip",
 +
          "network_id": "96a4386a-f8c3-42ed-afce-d7954eee77b3",
 +
          "address" : "10.30.176.47",
 +
          "protocol": "HTTPS",
 +
          "port": 443,
 +
          "pool_id" : "91c20e53-96cd-4476-8efc-627f398773bb"
 +
        }
 +
      ]
 +
}
 +
</nowiki></pre>
  
The status of the vip in the response can take one of the following values: ACTIVE, PENDING_CREATE or ERROR.
+
JSON Response:
  
If the status returned is set to "PENDING_CREATE", then using the identifier of the vip, the caller can check on the progress of the provisioning operation by performing a GET on vips/''vip_id''. When the status of the vip returned changes to "ACTIVE", then the vip has been successfully provisioned and is now operational for traffic handling.
 
  
The caller of this operation must specify at least the following attributes of the vip:
+
<pre><nowiki>#!highlight javascript numbers=disable
 +
202 Accepted
 +
Content-Type: application/json
 +
Content-Length: 282
  
* name
+
{
* tenant_id: only if a user has an admin role can he specify a tenant_id different from her's.
+
  "vips":[
* network_id: The network on which to allocate the vip's address. A tenant can only create vips on networks authorized by policy (e.g. her own networks or shared/provider networks).
+
        {
* protocol: the protocol of the vip address.
+
          "id": "02b1fef7-16f5-4917-bf19-c40a9af805ed",
* port: the port on which to listen for client traffic that is associated with the vip address.
+
          "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
* pool_id: the id of the pool that contains the real servers to which traffic is load balanced.
+
          "name": "ssl_vip",
 
+
          "network_id": "96a4386a-f8c3-42ed-afce-d7954eee77b3",
Some attributes will receive default values if not specified in the request:
+
          "address" : "10.30.176.47",
 
+
          "protocol": "HTTPS",
* lb_method: the default method is ROUND_ROBIN
+
          "port": 443,
* admin_state_up: The default configuration state for a vip is UP, so the default value for this attribute is true.
+
          "lb_method": "ROUND_ROBIN",
 +
          "pool_id" : "91c20e53-96cd-4476-8efc-627f398773bb",
 +
          "admin_state_up": true,
 +
          "status": "PENDING_CREATE"
 +
        }
 +
      ]
 +
}
 +
</nowiki></pre>
  
If the request cannot be fulfilled due to insufficient or invalid data, an HTTP 400 (Bad Request) error response will be returned with information regarding the nature of the failure in the body of the response. Failures in the validation process are non-recoverable and require the caller to correct the cause of the failure and POST the request again.
+
==== Update a VIP ====
 +
{| border="1" cellpadding="2" cellspacing="0"
 +
| '''Verb'''
 +
| '''URI'''
 +
| '''Description'''
 +
|-
 +
| PUT
 +
| /1.0/vips/''vip_id''
 +
|}
  
Users may configure all documented features of the vip at creation time by simply providing the additional elements or attributes in the request. This document provides an overview of all the features the load balancing service supports.
+
'''Normal Response Code(s)''': 202
  
Users with an admin role can create vips for other tenants by specifying a tenant_id attribute different than their own.
+
'''Error Response Code(s)''': loadbalancerFault (400, 500), serviceUnavailable (503), unauthorized (401), badRequest (400), overLimit (413)
  
'''Example 4.6. Create a vip (Required Attributes) Request: JSON '''
+
This operation updates the attributes of the specified vip. Upon successful validation of the request, the service will return a 202 (Accepted) response code. A caller should check that the vip status has changed to ACTIVE to confirm that the update has taken effect. If the vip status is "PENDING_UPDATE" then the caller can poll the vip with its ID (using a GET operation) to wait for the changes to be applied.
  
'''Example . create a vip with a shared address''' JSON Request:
+
This operation allows the caller to change one or more of the following attributes:
 +
 
 +
* name
 +
* description
 +
* pool_id
 +
* lb_method
 +
* session_persistence
 +
* connection_limit
 +
* admin_state_up
 +
 
 +
This operation returns the updated vip object. The status of the vip in the response can take one of the following values: ACTIVE, PENDING_UPDATE or ERROR.
 +
 
 +
 
 +
<pre><nowiki>#!wiki caution
 +
Note
 +
 
 +
The load balancer's ID, status, network_id, address, port and protocol are immutable attributes and cannot be modified once a vip is created. Supplying an unsupported attribute will result in a 400 (badRequest) fault.
 +
</nowiki></pre>
 +
 
 +
'''Example . updating a vip ''' JSON Request:
  
  
 
<pre><nowiki>#!highlight javascript numbers=disable
 
<pre><nowiki>#!highlight javascript numbers=disable
POST /v1.0/vips
+
PUT /v1.0/vips/02b1fef7-16f5-4917-bf19-c40a9af805ed
 
Host: lbaas-service.cloudX.com:8651
 
Host: lbaas-service.cloudX.com:8651
 
Content-Type: application/json
 
Content-Type: application/json
 
Accept: application/json
 
Accept: application/json
 
X-Auth-Token:887665443383838
 
X-Auth-Token:887665443383838
Content-Length: 463
+
Content-Length: 75
  
 
{
 
{
   "vips":[
+
   "vip": {
        {
+
           "name": "ssl_vip_1",
          "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
+
           "description": "this VIP is used for secure web connections",
           "name": "web_vip",
+
           "lb_method": "LEAST_CONNECTIONS",
           "network_id": "96a4386a-f8c3-42ed-afce-d7954eee77b3",
+
           "session_persistence": { "type": "HTTP_COOKIE" }
           "protocol": "HTTP",
 
           "port": 80,
 
          "pool_id" : "cfc6589d-f949-4c66-99d2-c2da56ef3764"
 
 
         }
 
         }
      ]
 
 
}
 
}
 
</nowiki></pre>
 
</nowiki></pre>
Line 581: Line 634:
 
202 Accepted
 
202 Accepted
 
Content-Type: application/json
 
Content-Type: application/json
Content-Length: 213
+
Content-Length: 282
  
 
{
 
{
   "vips":[
+
   "vip": {
        {
 
 
           "id": "02b1fef7-16f5-4917-bf19-c40a9af805ed",
 
           "id": "02b1fef7-16f5-4917-bf19-c40a9af805ed",
 
           "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
 
           "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
           "name": "web_vip",
+
           "name": "ssl_vip_1",
 
           "network_id": "96a4386a-f8c3-42ed-afce-d7954eee77b3",
 
           "network_id": "96a4386a-f8c3-42ed-afce-d7954eee77b3",
 
           "address" : "10.30.176.47",
 
           "address" : "10.30.176.47",
 
           "protocol": "HTTPS",
 
           "protocol": "HTTPS",
 
           "port": 443,
 
           "port": 443,
           "lb_method": "ROUND_ROBIN",
+
           "lb_method": "LEAST_CONNECTIONS",
 
           "pool_id" : "cfc6589d-f949-4c66-99d2-c2da56ef3764",
 
           "pool_id" : "cfc6589d-f949-4c66-99d2-c2da56ef3764",
 +
          "session_persistence": { "type": "HTTP_COOKIE" },
 
           "admin_state_up": true,
 
           "admin_state_up": true,
           "status": "PENDING_CREATE"
+
           "status": "PENDING_UPDATE"
 
         }
 
         }
      ]
 
 
}
 
}
 
</nowiki></pre>
 
</nowiki></pre>
  
A user can supply an address field if she owns the network on which the vip will be created. If an address is not specified in the payload, then the LBaaS service will allocate one from the network ID.
+
'''Table 4.1. vip Statuses'''
 
+
{| border="1" cellpadding="2" cellspacing="0"
Once an address is allocated to the user, the user can create other vip objects using the same address but with different ports.
+
| '''Name'''
 
+
|-
'''Example . create a vip with an address shared with another vip''' JSON Request:
+
| ACTIVE
 +
|-
 +
| PENDING_CREATE
 +
|-
 +
| PENDING_UPDATE
 +
|-
 +
| PENDING_DELETE
 +
|-
 +
| INACTIVE
 +
|-
 +
| ERROR
 +
|}
 +
 
 +
==== Remove a VIP ====
 +
{| border="1" cellpadding="2" cellspacing="0"
 +
| '''Verb'''
 +
| '''URI'''
 +
| '''Description'''
 +
|-
 +
| DELETE
 +
| /v1.0/vips/''vip_id''
 +
| Remove a VIP from the account.  
 +
|}
 +
 
 +
'''Normal Response Code(s)''': 202
  
 +
'''Error Response Code(s)''': loadbalancerFault (400, 500), serviceUnavailable (503), unauthorized (401), badRequest (400), overLimit (413)
  
<pre><nowiki>#!highlight javascript numbers=disable
+
The remove vip function removes the specified vip and its associated configuration from the account. Any and all configuration data is immediately purged and is not recoverable.
POST /v1.0/vips
+
 
Host: lbaas-service.cloudX.com:8651
+
This operation does not require a request body.
Content-Type: application/json
+
 
 +
This operation does not return a response body.
 +
 
 +
'''Example . Deleting a vip ''' JSON Request:
 +
 
 +
 
 +
<pre><nowiki>#!highlight javascript numbers=disable
 +
DELETE /v1.0/vips/02b1fef7-16f5-4917-bf19-c40a9af805ed
 +
Host: lbaas-service.cloudX.com:8651
 
Accept: application/json
 
Accept: application/json
 
X-Auth-Token:887665443383838
 
X-Auth-Token:887665443383838
Content-Length: 234
 
 
{
 
  "vips":[
 
        {
 
          "name": "ssl_vip",
 
          "network_id": "96a4386a-f8c3-42ed-afce-d7954eee77b3",
 
          "address" : "10.30.176.47",
 
          "protocol": "HTTPS",
 
          "port": 443,
 
          "pool_id" : "91c20e53-96cd-4476-8efc-627f398773bb"
 
        }
 
      ]
 
}
 
 
</nowiki></pre>
 
</nowiki></pre>
  
Line 636: Line 707:
 
<pre><nowiki>#!highlight javascript numbers=disable
 
<pre><nowiki>#!highlight javascript numbers=disable
 
202 Accepted
 
202 Accepted
Content-Type: application/json
+
</nowiki></pre>
Content-Length: 282
+
 
 +
=== Pools ===
 +
A pool is a container of a set of members to which the traffic is load-balanced. The pool construct is a way to share several configuration attributes between members that belong to the same pool. For example health monitors are configured on the pool, and all members of the same pool, will be monitored using these health monitors.
  
{
+
Each vip object can be associated with one pool. A pool cannot be used by more than one vip.
  "vips":[
 
        {
 
          "id": "02b1fef7-16f5-4917-bf19-c40a9af805ed",
 
          "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
 
          "name": "ssl_vip",
 
          "network_id": "96a4386a-f8c3-42ed-afce-d7954eee77b3",
 
          "address" : "10.30.176.47",
 
          "protocol": "HTTPS",
 
          "port": 443,
 
          "lb_method": "ROUND_ROBIN",
 
          "pool_id" : "91c20e53-96cd-4476-8efc-627f398773bb",
 
          "admin_state_up": true,
 
          "status": "PENDING_CREATE"
 
        }
 
      ]
 
}
 
</nowiki></pre>
 
  
==== Update a VIP ====
+
==== List all Pools ====
 
{| border="1" cellpadding="2" cellspacing="0"
 
{| border="1" cellpadding="2" cellspacing="0"
 
| '''Verb'''  
 
| '''Verb'''  
Line 664: Line 720:
 
| '''Description'''  
 
| '''Description'''  
 
|-
 
|-
| PUT
+
| GET
| /1.0/vips/''vip_id''
+
| /v1.0/pools
 
|}
 
|}
  
'''Normal Response Code(s)''': 202
+
List all pools of a tenant.
 +
 
 +
'''Normal Response Code(s)''': 200
  
 
'''Error Response Code(s)''': loadbalancerFault (400, 500), serviceUnavailable (503), unauthorized (401), badRequest (400), overLimit (413)
 
'''Error Response Code(s)''': loadbalancerFault (400, 500), serviceUnavailable (503), unauthorized (401), badRequest (400), overLimit (413)
  
This operation updates the attributes of the specified vip. Upon successful validation of the request, the service will return a 202 (Accepted) response code. A caller should check that the vip status has changed to ACTIVE to confirm that the update has taken effect. If the vip status is "PENDING_UPDATE" then the caller can poll the vip with its ID (using a GET operation) to wait for the changes to be applied.
+
This operation does not require a request body.
  
This operation allows the caller to change one or more of the following attributes:
+
'''Example 4.13. List pools Request:''' JSON Request:
  
* name
 
* pool_id
 
* lb_method
 
* session_persistence
 
* connection_limit
 
* admin_state_up
 
  
This operation returns the updated vip object. The status of the vip in the response can take one of the following values: ACTIVE, PENDING_UPDATE or ERROR.
+
<pre><nowiki>#!highlight javascript numbers=disable
 +
GET /v1.0/pools
 +
Host: lbaas-service.cloudX.com:8651
 +
Accept: application/json
 +
X-Auth-Token:887665443383838
 +
</nowiki></pre>
  
 +
'''Example. List pools Response: JSON'''
  
<pre><nowiki>#!wiki caution
 
Note
 
  
The load balancer's ID, status, network_id, address, port and protocol are immutable attributes and cannot be modified once a vip is created. Supplying an unsupported attribute will result in a 400 (badRequest) fault.
+
<pre><nowiki>#!highlight javascript numbers=disable
</nowiki></pre>
+
200 OK
 
 
'''Example . updating a vip ''' JSON Request:
 
 
 
 
 
<pre><nowiki>#!highlight javascript numbers=disable
 
PUT /v1.0/vips/02b1fef7-16f5-4917-bf19-c40a9af805ed
 
Host: lbaas-service.cloudX.com:8651
 
 
Content-Type: application/json
 
Content-Type: application/json
Accept: application/json
+
Content-Length: 628
X-Auth-Token:887665443383838
 
Content-Length: 75
 
  
 
{
 
{
   "vip": {
+
   "pools" : [
          "name": "ssl_vip_1",
+
              {
          "lb_method": "LEAST_CONNECTIONS",
+
                "id":"cfc6589d-f949-4c66-99d2-c2da56ef3764",
          "session_persistence": { "type": "HTTP_COOKIE" }
+
                "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
        }
+
                "vip_id": "db902c0c-d5ff-4753-b465-668ad9656918",
}
+
                "name": "web_pool",
</nowiki></pre>
+
                "protocol": "HTTP",
 
+
                "network_id" : "e2a7a228-8fd1-4aa8-8d0c-4023a68e1c92",
JSON Response:
+
                "members" : [
 
+
                              "c57f581b-c834-408f-93fa-30543cf30618",
 
+
                              "f2e37304-e3c1-4f96-9201-dd57a16adb75",
<pre><nowiki>#!highlight javascript numbers=disable
+
                              "cd701b32-7f55-4e8b-94a0-756cd85a684d"
202 Accepted
+
                            ],
Content-Type: application/json
+
                "health_monitors" : [
Content-Length: 282
+
                                    "954171e2-8816-4d59-a9d5-c85310b4508d"
 
+
                                    ],
{
+
                "admin_state_up" : true,
  "vip": {
+
                "status" : "ACTIVE"
          "id": "02b1fef7-16f5-4917-bf19-c40a9af805ed",
+
              },
          "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
+
              {
          "name": "ssl_vip_1",
+
                "id":"91c20e53-96cd-4476-8efc-627f398773bb",
          "network_id": "96a4386a-f8c3-42ed-afce-d7954eee77b3",
+
                "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
          "address" : "10.30.176.47",
+
                "vip_id": "02b1fef7-16f5-4917-bf19-c40a9af805ed",
          "protocol": "HTTPS",
+
                "protocol": "HTTPS",
          "port": 443,
+
                "network_id" : "e2a7a228-8fd1-4aa8-8d0c-4023a68e1c92",
          "lb_method": "LEAST_CONNECTIONS",
+
                "members" : [
          "pool_id" : "cfc6589d-f949-4c66-99d2-c2da56ef3764",
+
                              "fcbf4e80-2fc7-4c7a-8a2e-8ea929620df9",
          "session_persistence": { "type": "HTTP_COOKIE" },
+
                              "6ea4761c-f571-4ec8-a6ae-6a4baf7e49d",
          "admin_state_up": true,
+
                              "26c49527-999c-4ef5-9484-5c065414d3db"
          "status": "PENDING_UPDATE"
+
                            ],
        }
+
                "health_monitors" : [
}
+
                                    "3b4ee887-fff5-4e45-ac55-c34ee599061a"
</nowiki></pre>
+
                                  ],
 
+
                "admin_state_up" : true,
'''Table 4.1. vip Statuses'''
+
                "status" : "ACTIVE"
 +
              },
 +
              {
 +
                "id":"41efe233-7591-43c5-9cf7-923964759f9e",
 +
                "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
 +
                "vip_id": "36e08a3e-a78f-4b40-a229-1e7e23eee1ab",
 +
                "protocol": "TCP",
 +
                "network_id" : "ddc3ab81-1dac-4be3-a340-c7b7b5d89beb",
 +
                "members" : [
 +
                              "a24a6159-fc0f-4f42-ab10-5fe8763fef6e",
 +
                              "8c65956d-8f3c-41a4-abc3-5311eb3b4ba9"
 +
                            ],
 +
                "health_monitors" : [
 +
                                    "65479d91-36f4-4651-89c2-2daee22a3c78",
 +
                                    "441d3298-bf31-4c3b-8433-7e93a7a3db16"
 +
                                  ],
 +
                "admin_state_up" : true,
 +
                "status" : "ACTIVE"
 +
              }
 +
            ]
 +
}
 +
</nowiki></pre>
 +
 
 +
==== Retrieve a specific Pool ====
 
{| border="1" cellpadding="2" cellspacing="0"
 
{| border="1" cellpadding="2" cellspacing="0"
| '''Name'''  
+
| '''Verb'''
 +
| '''URI'''
 +
| '''Description'''  
 
|-
 
|-
| ACTIVE
+
| GET
|-
+
| /v1.0/pools/''pool_id''
| PENDING_CREATE
 
|-
 
| PENDING_UPDATE
 
|-
 
| PENDING_DELETE
 
|-
 
| INACTIVE
 
|-
 
| ERROR
 
 
|}
 
|}
  
==== Remove a VIP ====
+
This operation retrieves the configuration of a pool.
{| border="1" cellpadding="2" cellspacing="0"
 
| '''Verb'''
 
| '''URI'''
 
| '''Description'''
 
|-
 
| DELETE
 
| /v1.0/vips/''vip_id''
 
| Remove a vip from the account.  
 
|}
 
  
'''Normal Response Code(s)''': 202
+
'''Normal Response Code(s)''': 200
  
 
'''Error Response Code(s)''': loadbalancerFault (400, 500), serviceUnavailable (503), unauthorized (401), badRequest (400), overLimit (413)
 
'''Error Response Code(s)''': loadbalancerFault (400, 500), serviceUnavailable (503), unauthorized (401), badRequest (400), overLimit (413)
 
The remove vip function removes the specified vip and its associated configuration from the account. Any and all configuration data is immediately purged and is not recoverable.
 
  
 
This operation does not require a request body.
 
This operation does not require a request body.
  
This operation does not return a response body.
+
'''Example 4.15. Retrieve the configuration of a pool '''
  
'''Example . Deleting a vip ''' JSON Request:
+
JSON Request:
  
  
 
<pre><nowiki>#!highlight javascript numbers=disable
 
<pre><nowiki>#!highlight javascript numbers=disable
DELETE /v1.0/vips/02b1fef7-16f5-4917-bf19-c40a9af805ed
+
GET /v1.0/pools/cfc6589d-f949-4c66-99d2-c2da56ef3764
 
Host: lbaas-service.cloudX.com:8651
 
Host: lbaas-service.cloudX.com:8651
 
Accept: application/json
 
Accept: application/json
Line 786: Line 838:
 
</nowiki></pre>
 
</nowiki></pre>
  
JSON Response:
+
'''Example. List pools Response: JSON'''
  
  
 
<pre><nowiki>#!highlight javascript numbers=disable
 
<pre><nowiki>#!highlight javascript numbers=disable
202 Accepted
+
200 OK
</nowiki></pre>
+
Content-Type: application/json
 +
Content-Length: 628
  
=== Pools ===
+
{
A pool is a container of a set of members to which the traffic is load-balanced. The pool construct is a way to share several configuration attributes between members that belong to the same pool. For example health monitors are configured on the pool, and all members of the same pool, will be monitored using these health monitors.
+
  "pool" : {
 
+
        "id":"cfc6589d-f949-4c66-99d2-c2da56ef3764",
Each vip object can be associated with one pool. A pool cannot be used by more than one vip.
+
        "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
 
+
        "vip_id": "db902c0c-d5ff-4753-b465-668ad9656918",
==== List all Pools ====
+
        "name": "web_pool",
{| border="1" cellpadding="2" cellspacing="0"
+
        "protocol": "HTTP",
| '''Verb'''  
+
        "network_id" : "e2a7a228-8fd1-4aa8-8d0c-4023a68e1c92",
| '''URI'''
+
        "members" : [
| '''Description'''  
+
                      "c57f581b-c834-408f-93fa-30543cf30618",
 +
                      "f2e37304-e3c1-4f96-9201-dd57a16adb75",
 +
                      "cd701b32-7f55-4e8b-94a0-756cd85a684d"
 +
                    ],
 +
        "health_monitors" : [
 +
                              "f784c3a7-c4e8-44da-bf12-5ff417d27555"
 +
                            ],
 +
        "admin_state_up" : true,
 +
        "status" : "ACTIVE"
 +
  }
 +
}
 +
</nowiki></pre>
 +
 
 +
==== Create a Pool ====
 +
{| border="1" cellpadding="2" cellspacing="0"
 +
| '''Verb'''  
 +
| '''URI'''  
 
|-
 
|-
| GET
+
| POST
 
| /v1.0/pools  
 
| /v1.0/pools  
 
|}
 
|}
  
List all pools of a tenant.
+
'''Normal Response Code(s)''': 202
 
 
'''Normal Response Code(s)''': 200
 
  
 
'''Error Response Code(s)''': loadbalancerFault (400, 500), serviceUnavailable (503), unauthorized (401), badRequest (400), overLimit (413)
 
'''Error Response Code(s)''': loadbalancerFault (400, 500), serviceUnavailable (503), unauthorized (401), badRequest (400), overLimit (413)
  
This operation does not require a request body.
+
When a pool is added, it is assigned a unique identifier which can be used for querying, changing or deleting it.  Optionally, you can also assign the pool to a vip during creation time, by specifying the ''vip_id'' attribute.
  
'''Example 4.13. List pools Request:''' JSON Request:
+
If a user has an admin role, she can create pools for other tenant by specifying the tenant_id attribute in the request payload.
 +
 
 +
'''Example 4.15. Creating a pool '''
 +
 
 +
JSON Request:
  
  
 
<pre><nowiki>#!highlight javascript numbers=disable
 
<pre><nowiki>#!highlight javascript numbers=disable
GET /v1.0/pools
+
POST /v1.0/pools
 
Host: lbaas-service.cloudX.com:8651
 
Host: lbaas-service.cloudX.com:8651
 
Accept: application/json
 
Accept: application/json
 +
Content-Type: application/json
 
X-Auth-Token:887665443383838
 
X-Auth-Token:887665443383838
 +
Content-Length: 194
 +
 +
{
 +
  "pools" : [
 +
        {
 +
            "name": "web_pool",
 +
            "vip_id": "db902c0c-d5ff-4753-b465-668ad9656918",
 +
            "protocol": "HTTP",
 +
            "network_id" : "e2a7a228-8fd1-4aa8-8d0c-4023a68e1c92",
 +
            "members" : [
 +
                          "c57f581b-c834-408f-93fa-30543cf30618",
 +
                          "f2e37304-e3c1-4f96-9201-dd57a16adb75"
 +
                        ]
 +
        }
 +
  ]
 +
}
 
</nowiki></pre>
 
</nowiki></pre>
  
'''Example. List pools Response: JSON'''
+
JSON Response
  
  
 
<pre><nowiki>#!highlight javascript numbers=disable
 
<pre><nowiki>#!highlight javascript numbers=disable
200 OK
+
202 Accepted
 
Content-Type: application/json
 
Content-Type: application/json
Content-Length: 628
+
Content-Length: 275
  
 
{
 
{
 
   "pools" : [
 
   "pools" : [
              {
+
          {
                "id":"cfc6589d-f949-4c66-99d2-c2da56ef3764",
+
            "id":"cfc6589d-f949-4c66-99d2-c2da56ef3764",
                "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
+
            "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
                "vip_id": "db902c0c-d5ff-4753-b465-668ad9656918",
+
            "vip_id": "db902c0c-d5ff-4753-b465-668ad9656918",
                "name": "web_pool",
+
            "name": "web_pool",
                "protocol": "HTTP",
+
            "protocol": "HTTP",
                "network_id" : "e2a7a228-8fd1-4aa8-8d0c-4023a68e1c92",
+
            "network_id" : "e2a7a228-8fd1-4aa8-8d0c-4023a68e1c92",
                "members" : [
+
            "members" : [
                              "c57f581b-c834-408f-93fa-30543cf30618",
+
                          "c57f581b-c834-408f-93fa-30543cf30618",
                              "f2e37304-e3c1-4f96-9201-dd57a16adb75",
+
                          "f2e37304-e3c1-4f96-9201-dd57a16adb75"
                              "cd701b32-7f55-4e8b-94a0-756cd85a684d"
+
                        ],
                            ],
+
            "admin_state_up" : true,
                "health_monitors" : [
+
            "status" : "PENDING_CREATE"
                                    "954171e2-8816-4d59-a9d5-c85310b4508d"
+
          }
                                    ],
+
        ]
                "admin_state_up" : true,
+
}
                "status" : "ACTIVE"
+
</nowiki></pre>
              },
+
 
              {
+
==== Update a Pool ====
                "id":"91c20e53-96cd-4476-8efc-627f398773bb",
+
{| border="1" cellpadding="2" cellspacing="0"
                "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
+
| Verb  
                "vip_id": "02b1fef7-16f5-4917-bf19-c40a9af805ed",
+
| URI  
                "protocol": "HTTPS",
+
|-
                "network_id" : "e2a7a228-8fd1-4aa8-8d0c-4023a68e1c92",
+
| PUT
                "members" : [
+
| /v1.0/pools/''pool_id''  
                              "fcbf4e80-2fc7-4c7a-8a2e-8ea929620df9",
+
|}
                              "6ea4761c-f571-4ec8-a6ae-6a4baf7e49d",
+
 
                              "26c49527-999c-4ef5-9484-5c065414d3db"
+
'''Normal Response Code(s)''': 202
                            ],
 
                "health_monitors" : [
 
                                    "3b4ee887-fff5-4e45-ac55-c34ee599061a"
 
                                  ],
 
                "admin_state_up" : true,
 
                "status" : "ACTIVE"
 
              },
 
              {
 
                "id":"41efe233-7591-43c5-9cf7-923964759f9e",
 
                "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
 
                "vip_id": "36e08a3e-a78f-4b40-a229-1e7e23eee1ab",
 
                "protocol": "TCP",
 
                "network_id" : "ddc3ab81-1dac-4be3-a340-c7b7b5d89beb",
 
                "members" : [
 
                              "a24a6159-fc0f-4f42-ab10-5fe8763fef6e",
 
                              "8c65956d-8f3c-41a4-abc3-5311eb3b4ba9"
 
                            ],
 
                "health_monitors" : [
 
                                    "65479d91-36f4-4651-89c2-2daee22a3c78",
 
                                    "441d3298-bf31-4c3b-8433-7e93a7a3db16"
 
                                  ],
 
                "admin_state_up" : true,
 
                "status" : "ACTIVE"
 
              }
 
            ]
 
}
 
</nowiki></pre>
 
 
 
==== Retrieve a specific Pool ====
 
{| border="1" cellpadding="2" cellspacing="0"
 
| '''Verb'''
 
| '''URI'''
 
| '''Description'''
 
|-
 
| GET
 
| /v1.0/pools/''pool_id''  
 
|}
 
 
 
This operation retrieves the configuration of a pool.
 
 
 
'''Normal Response Code(s)''': 200
 
  
 
'''Error Response Code(s)''': loadbalancerFault (400, 500), serviceUnavailable (503), unauthorized (401), badRequest (400), overLimit (413)
 
'''Error Response Code(s)''': loadbalancerFault (400, 500), serviceUnavailable (503), unauthorized (401), badRequest (400), overLimit (413)
  
This operation does not require a request body.
+
This operation does not return a response body.
  
'''Example 4.15. Retrieve the configuration of a pool '''
+
'''Example 4.21. Update name of the pool'''
  
 
JSON Request:
 
JSON Request:
Line 916: Line 963:
  
 
<pre><nowiki>#!highlight javascript numbers=disable
 
<pre><nowiki>#!highlight javascript numbers=disable
GET /v1.0/pools/cfc6589d-f949-4c66-99d2-c2da56ef3764
+
PUT /v1.0/pools/cfc6589d-f949-4c66-99d2-c2da56ef3764
 
Host: lbaas-service.cloudX.com:8651
 
Host: lbaas-service.cloudX.com:8651
 
Accept: application/json
 
Accept: application/json
 +
Content-Type: application/json
 
X-Auth-Token:887665443383838
 
X-Auth-Token:887665443383838
 +
Content-Length: 194
 +
 +
{
 +
  "pool" : {
 +
            "name": "web_pool_1"
 +
          }
 +
}
 
</nowiki></pre>
 
</nowiki></pre>
  
'''Example. List pools Response: JSON'''
+
JSON Response
  
  
 
<pre><nowiki>#!highlight javascript numbers=disable
 
<pre><nowiki>#!highlight javascript numbers=disable
200 OK
+
202 Accepted
 
Content-Type: application/json
 
Content-Type: application/json
Content-Length: 628
+
Content-Length: 269
  
 
{
 
{
 
   "pool" : {
 
   "pool" : {
        "id":"cfc6589d-f949-4c66-99d2-c2da56ef3764",
+
            "id":"cfc6589d-f949-4c66-99d2-c2da56ef3764",
        "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
+
            "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
        "vip_id": "db902c0c-d5ff-4753-b465-668ad9656918",
+
            "vip_id": "db902c0c-d5ff-4753-b465-668ad9656918",
        "name": "web_pool",
+
            "name": "web_pool_1",
        "protocol": "HTTP",
+
            "protocol": "HTTP",
        "network_id" : "e2a7a228-8fd1-4aa8-8d0c-4023a68e1c92",
+
            "network_id" : "e2a7a228-8fd1-4aa8-8d0c-4023a68e1c92",
        "members" : [
+
            "members" : [
                      "c57f581b-c834-408f-93fa-30543cf30618",
+
                          "c57f581b-c834-408f-93fa-30543cf30618",
                      "f2e37304-e3c1-4f96-9201-dd57a16adb75",
+
                          "f2e37304-e3c1-4f96-9201-dd57a16adb75"
                      "cd701b32-7f55-4e8b-94a0-756cd85a684d"
+
                        ],
                    ],
+
            "admin_state_up" : true,
        "health_monitors" : [
+
            "status" : "PENDING_UPDATE"
                              "f784c3a7-c4e8-44da-bf12-5ff417d27555"
+
          }
                            ],
 
        "admin_state_up" : true,
 
        "status" : "ACTIVE"
 
  }
 
 
}
 
}
 
</nowiki></pre>
 
</nowiki></pre>
  
==== Create a Pool ====
+
==== Remove a Pool ====
 
{| border="1" cellpadding="2" cellspacing="0"
 
{| border="1" cellpadding="2" cellspacing="0"
 
| '''Verb'''  
 
| '''Verb'''  
 
| '''URI'''  
 
| '''URI'''  
| '''Description'''
 
|-
 
| POST
 
| /v1.0/pools
 
| Add a new pool
 
 
|}
 
|}
  
'''Normal Response Code(s)''': 202
 
 
'''Error Response Code(s)''': loadbalancerFault (400, 500), serviceUnavailable (503), unauthorized (401), badRequest (400), overLimit (413)
 
 
When a pool is added, it is assigned a unique identifier which can be used for querying, changing or deleting it.  Optionally, you can also assign the pool to a vip during creation time, by specifying the ''vip_id'' attribute.
 
 
If a user has an admin role, she can create pools for other tenant by specifying the tenant_id attribute in the request payload.
 
 
'''Example 4.15. Creating a pool '''
 
 
JSON Request:
 
 
 
<pre><nowiki>#!highlight javascript numbers=disable
 
POST /v1.0/pools
 
Host: lbaas-service.cloudX.com:8651
 
Accept: application/json
 
Content-Type: application/json
 
X-Auth-Token:887665443383838
 
Content-Length: 194
 
 
{
 
  "pools" : [
 
        {
 
            "name": "web_pool",
 
            "vip_id": "db902c0c-d5ff-4753-b465-668ad9656918",
 
            "protocol": "HTTP",
 
            "network_id" : "e2a7a228-8fd1-4aa8-8d0c-4023a68e1c92",
 
            "members" : [
 
                          "c57f581b-c834-408f-93fa-30543cf30618",
 
                          "f2e37304-e3c1-4f96-9201-dd57a16adb75"
 
                        ]
 
        }
 
  ]
 
}
 
</nowiki></pre>
 
 
JSON Response
 
 
 
<pre><nowiki>#!highlight javascript numbers=disable
 
202 Accepted
 
Content-Type: application/json
 
Content-Length: 275
 
 
{
 
  "pools" : [
 
          {
 
            "id":"cfc6589d-f949-4c66-99d2-c2da56ef3764",
 
            "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
 
            "vip_id": "db902c0c-d5ff-4753-b465-668ad9656918",
 
            "name": "web_pool",
 
            "protocol": "HTTP",
 
            "network_id" : "e2a7a228-8fd1-4aa8-8d0c-4023a68e1c92",
 
            "members" : [
 
                          "c57f581b-c834-408f-93fa-30543cf30618",
 
                          "f2e37304-e3c1-4f96-9201-dd57a16adb75"
 
                        ],
 
            "admin_state_up" : true,
 
            "status" : "PENDING_CREATE"
 
          }
 
        ]
 
}
 
</nowiki></pre>
 
 
==== Update a Pool ====
 
{| border="1" cellpadding="2" cellspacing="0"
 
| Verb
 
| URI
 
|-
 
| PUT
 
| /v1.0/pools/''pool_id''
 
|}
 
 
'''Normal Response Code(s)''': 202
 
 
'''Error Response Code(s)''': loadbalancerFault (400, 500), serviceUnavailable (503), unauthorized (401), badRequest (400), overLimit (413)
 
 
This operation does not return a response body.
 
 
'''Example 4.21. Update name of the pool'''
 
 
JSON Request:
 
 
 
<pre><nowiki>#!highlight javascript numbers=disable
 
PUT /v1.0/pools/cfc6589d-f949-4c66-99d2-c2da56ef3764
 
Host: lbaas-service.cloudX.com:8651
 
Accept: application/json
 
Content-Type: application/json
 
X-Auth-Token:887665443383838
 
Content-Length: 194
 
 
{
 
  "pool" : {
 
            "name": "web_pool_1"
 
          }
 
}
 
</nowiki></pre>
 
 
JSON Response
 
 
 
<pre><nowiki>#!highlight javascript numbers=disable
 
202 Accepted
 
Content-Type: application/json
 
Content-Length: 269
 
 
{
 
  "pool" : {
 
            "id":"cfc6589d-f949-4c66-99d2-c2da56ef3764",
 
            "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
 
            "vip_id": "db902c0c-d5ff-4753-b465-668ad9656918",
 
            "name": "web_pool_1",
 
            "protocol": "HTTP",
 
            "network_id" : "e2a7a228-8fd1-4aa8-8d0c-4023a68e1c92",
 
            "members" : [
 
                          "c57f581b-c834-408f-93fa-30543cf30618",
 
                          "f2e37304-e3c1-4f96-9201-dd57a16adb75"
 
                        ],
 
            "admin_state_up" : true,
 
            "status" : "PENDING_UPDATE"
 
          }
 
}
 
</nowiki></pre>
 
 
==== Remove a Pool ====
 
 
{| border="1" cellpadding="2" cellspacing="0"
 
{| border="1" cellpadding="2" cellspacing="0"
| '''Verb'''
 
| '''URI'''
 
| '''Description'''
 
|-
 
 
| DELETE  
 
| DELETE  
 
| /pools/''pool_id''  
 
| /pools/''pool_id''  
| Removes a pool.
 
 
|}
 
|}
  
Line 1,141: Line 1,055:
 
</nowiki></pre>
 
</nowiki></pre>
  
=== Members ===
+
=== Pool Members ===
 
The members of a pool are responsible for servicing the requests received through the vip's virtual IP. The load-balancing method is used to distribute requests or connections between the pool members.
 
The members of a pool are responsible for servicing the requests received through the vip's virtual IP. The load-balancing method is used to distribute requests or connections between the pool members.
  
Line 1,394: Line 1,308:
 
</nowiki></pre>
 
</nowiki></pre>
  
==== Create a Member ====
+
==== Bulk Create Members ====
 
{| border="1" cellpadding="2" cellspacing="0"
 
{| border="1" cellpadding="2" cellspacing="0"
 
| '''Verb'''  
 
| '''Verb'''  
Line 1,604: Line 1,518:
 
202 Accepted
 
202 Accepted
 
</nowiki></pre>
 
</nowiki></pre>
 
  
 
=== Health Monitors ===
 
=== Health Monitors ===
Line 1,856: Line 1,769:
 
}
 
}
 
</nowiki></pre>
 
</nowiki></pre>
 
  
 
===== Associate Health Monitors with a Pool =====
 
===== Associate Health Monitors with a Pool =====

Latest revision as of 15:54, 21 June 2013

Contents

OpenStack LBaaS API 1.0

Overview

Intended Audience

Intended Audience

This guide is for software developers who create applications by using the LBaaS API v1.0. To use this information, you should have a general understanding of the OpenStack LBaaS service, the OpenStack Quantum service, and the integration between the two.

You should also be familiar with:

  • ReSTful web services
  • HTTP/1.1
  • JSON serialization format

Document Change History

This version of the Developer Guide replaces and obsoletes all previous versions. The most recent changes are described in the table below:

Revision Date
Oct, 25 2012

Resources

Use the following resources in conjunction with this guide:

Resource
tbd

Chapter 1. Overview

The LBaaS project provides a load balancing service to enable OpenStack tenants to load balance traffic to their VMs.

Th capabilities provided by the LBaaS service are:

 <tbd>

High-Level Task Flow

The high-level task flow for using LBaaS API to configure load balancing is as follows:

  • The tenant creates a pool, which is initially empty
  • The tenant create one or several members in the pool
  • The tenant create one or several health monitors
  • The tenant associates the health monitors with the pool
  • The tenant creates a vip with the pool

Concepts

To use OpenStack LBaaS APIs effectively, you should understand several key concepts:

VIP

A VIP is the primary load balancing configuration object that specifies the virtual IP address and port on which client traffic is received, as well as other details such as the load balancing method to be use, protocol, etc. This entity is sometimes known in LB products under the name of a "virtual server", a "vserver" or a "listener".

Pool

A load balancing pool is a logical set of devices, such as web servers, that you group together to receive and process traffic. The loadbalancing function chooses a member of the pool according to the configured load balancing method to handle the new requests or connections received on the VIP address. There is only one pool for a VIP.

Pool Member

A pool member represents the application running on backend server.

Health Monitoring

A health monitor is used to determine whether or not back-end members of the VIP's pool are usable for processing a request. A pool can have several health monitors associated with it. There are different types of health monitors supported by the OpenStack LBaaS service:

  • PING: used to ping the members using ICMP.
  • TCP: used to connect to the members using TCP.
  • HTTP: used to send an HTTP request to the member.
  • HTTPS: used to send a secure HTTP request to the member.

Session Persistence

Session persistence is a feature of the load balancing service. It attempts to force connections or requests in the same session to be processed by the same member as long as it is ative. The OpenStack LBaaS service supports three types of persistence:

  • SOURCE_IP: With this persistence mode, all connections originating from the same source IP address, will be handled by the same member of the pool.
  • HTTP_COOKIE: With this persistence mode, the loadbalancer will create a cookie on the first request from a client. Subsequent requests containing the same cookie value will be handled by the same member of the pool.
  • APP_COOKIE: With this persistence mode, the loadbalancer will rely on a cookie established by the backend application. All requests carrying the same cookie value will be handled by the same member of the pool.

Connection Limits

To control incoming traffic on the VIP address as well as traffic for a specific member of a pool, you can set a connection limit beyond which the load balancing function will refuse client requests or connections. This can be used to thwart DoS attacks and to allow each member to continue to work within its limits.

For HTTP and HTTPS protocols, since several HTTP requests can be multiplexed on the same TCP connection, the connection limit value is interpreted as the maximum number of requests allowed.

Chapter 2. General API Information

Sections in this chapter describe operations and guidelines that are common to all OpenStack APIs, and are not specific to the Load Balancing API.

Authentication and Authorization

The LBaaS API v1.0 uses the Keystone Identity Service as the default authentication service. When Keystone is enabled, users that submit requests to the LBaaS service must provide an authentication token in X-Auth-Token request header. You obtain the token by authenticating to the Keystone endpoint. For more information about Keystone, see the OpenStack Identity Developer Guide.

The default authorization settings allow only administrative users to create resources on behalf of a different tenant.

LBaaS uses information received from Keystone to authorize user requests. LBaaS handles the following types of authorization policies:

Operation-based policies

Specify access criteria for specific operations, possibly with fine-grained control over specific attributes.

Resource-based policies

Access a specific resource. Permissions might or might not be granted depending on the permissions configured for the resource.

Request/Response Types

The LBaaS API v1.0 supports the JSON data serialization format.This means that for requests that contain a body, the Content-Type header must be set to the MIME type value "application/json". Also, clients must accept JSON serialized responses by specifying the Accept header with the MIME type value "application/json" or adding ".json" extension to the resource name.

Example:


#!highlight javascript numbers=disable
GET /v1.0/vips.json

or


#!highlight javascript numbers=disable
GET /v1.0/vips
Accept: application/json

Filtering and Column Selection

The LBaaS API v1.0 supports filtering based on all top level attributes of a resource. Filters are applicable to all list requests.

For example, the following request returns all networks named foobar:


#!highlight javascript numbers=disable
GET /v1.0/vips?name=foobar

When you specify multiple filters, the LBaaS API v1.0 returns only objects that meet all filtering criteria. The operation applies an AND condition among the filters.


#!wiki caution
Note

LBaaS does not offer an OR mechanism for filters.

Alternatively, you can issue a distinct request for each filter and build a response set from the received responses on the client-side.

By default, LBaaS returns all attributes for any show or list call. The LBaaS API v1.0 has a mechanism to limit the set of attributes returned. For example, return id.

You can use the fields query parameter to control the attributes returned from the LBaaS API v1.0.

For example, the following request returns only id,name,network_id,address and port for each vip:


#!highlight javascript numbers=disable
GET /v1.0/vips.json?fields=id&fields=name&fields=network_id&fields=address&fields=port

Synchronous versus Asynchronous Plugin Behavior

The LBaaS API v1.0 presents a logical load balancing configuration consisting of vips, pools, and members. It is up to the LBaaS plugin to communicate with the underlying infrastructure to ensure load balancing is consistent with the logical model. A plugin might perform these operations asynchronously.

When an API client modifies the logical model by issuing an HTTP POST, PUT, or DELETE request, the API call might return before the plugin modifies underlying virtual and physical switching devices. However, an API client is guaranteed that all subsequent API calls properly reflect the changed logical model.

For example, if a client issues an HTTP PUT request to add a member to a pool, there is no guarantee that the member can receive traffic when the HTTP call returns. However, it is guaranteed that a subsequent HTTP GET request to view the members on the pool returns a list that would contain the added member.

You can use the status attribute of the VIP, the pool, the member or the health monitor to determine whether the LBaaS plugin has successfully completed the configuration of the resource.

Bulk Create Operations

The LBaaS API v1.0 enables you to create several objects of the same type in the same API request. Bulk create operations use exactly the same API syntax as single create operations except that you specify a list of objects rather than a single object in the request body.

Bulk operations are always performed atomically, meaning that either all or none of the objects in the request body are created. If a particular plugin does not support atomic operations, the LBaaS API v1.0 emulates the atomic behavior so that users can expect the same behavior regardless of the particular plugin running in the background.

The LBaaS service might be deployed without support for bulk operations and when the client attempts a bulk create operation, a 400 Bad Request error is returned.

For information about how to submit bulk requests to the LBaaS API v1.0, see the section called “Bulk Create Members” section.

Quotas

[tbd]

Notifications

[tbd]

Extensions

The LBaaS API v1.0 is extensible.

The purpose of LBaaS API v1.0 extensions is to:

  • Introduce new features in the API without requiring a version change.
  • Introduce vendor-specific niche functionality.
  • Act as a proving ground for experimental functionalities that might be included in a future version of the API.

To programmatically determine which extensions are available, issue a GET request on the /v1.0/extensions URI.

To query extensions individually by unique alias, issue a GET request on the /v1.0/extensions/alias_name URI. Use this method to easily determine if an extension is available. If the extension is not available, a 404 Not Found response is returned.

You can extend existing core API resources with new actions or extra attributes. Also, you can add new resources as extensions. Extensions usually have tags that prevent conflicts with other extensions that define attributes or resources with the same names, and with core resources and attributes. Because an extension might not be supported by all plugins, the availability of an extension varies with deployments and the specific plugin in use. So, make sure that your extension is available on the deployed LBaaS service before making use of its extra features.

Faults

The LBaaS API v1.0 returns an error response if a failure occurs while processing a request. LBaaS uses only standard HTTP error codes. 4xx errors indicate problems in the particular request being sent from the client.

Error Description
400 Bad Request
404 Not Found
409 Conflict
413 Over limit
422 Immutable
500 Internal server error
503 Service unavailable

Users submitting requests to the LBaaS API v1.0 might also receive the following errors:

401 Unauthorized - If invalid credentials are provided.

403 Forbidden - If the user cannot access a specific resource or perform the requested operation.

The response body will contain richer information about the cause of the error. An error response follows the format illustrated by the following example:


#!highlight javascript numbers=disable
409 Conflict
Content-type: application/json
Content-lentgh:78

{
   "errorcode": 409,
   "errormessage": "pool is already used by an existing VIP"
}


Chapter 3. API Operations

This chapter explains specific API operations. For ideas relevant to all API operations, see the "General API Information" chapter.

VIPs

Use the LBaaS API v1.0 to manage network resources

Verb URI
GET /v1.0/vips/
GET /v1.0/vips/vip_id
POST /v1.0/vips
PUT /v1.0/vips/vip_id
DELETE /v1.0/vips/vip_id

List all VIPs

Verb URI Description
GET /v1.0/vips/

Normal Response Code(s): 202

Error Response Code(s): 401 (Unauthorized), 500 (Internal server error), 503 (Service Unavailable)

This operation returns the list of all vips associated with your tenant account. If If you have an admin role, then this request returns all the vips of all tenants.

This operation does not require a request body.

This operation returns a response body. It returns a (potentially empty) list, each element in the list is a VIP that can contain the following attributes:

  • id
  • tenant_id
  • name
  • description
  • network_id
  • address
  • port
  • lbmethod
  • protocol
  • pool_id
  • session_persistence
  • connection_limit
  • admin_state_up
  • status

Example . List vips

JSON Request:


#!highlight javascript numbers=disable
GET /v1.0/vips
Host: lbaas-service.cloudX.com:8651
Accept: application/json
X-Auth-Token:887665443383838

JSON Response:


#!highlight javascript numbers=disable
200 OK
Content-Type: application/json
Content-Length: 384

{
  "vips":[
         {
           "id": "db902c0c-d5ff-4753-b465-668ad9656918",
           "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
           "name": "web_vip",
           "description": "lb config for the web tier",
           "network_id": "96a4386a-f8c3-42ed-afce-d7954eee77b3",
           "address" : "10.30.176.47",
           "protocol": "HTTP",
           "port": 80,
           "lb_method": "ROUND_ROBIN",
           "pool_id" : "cfc6589d-f949-4c66-99d2-c2da56ef3764",
           "admin_state_up": true,
           "status": "ACTIVE"
         },
         {
           "id": "36e08a3e-a78f-4b40-a229-1e7e23eee1ab",
           "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
           "name": "db_vip",
           "network_id": "9cedb85d-0759-4898-8a4b-fa5a5ea10086",
           "address" : "10.30.176.48",
           "protocol": "TCP",
           "port": 3306,
           "lb_method": "LEAST_CONNECTIONS",
           "pool_id" : "41efe233-7591-43c5-9cf7-923964759f9e",
           "session_persistence" : {"type" : "SOURCE_IP"},
           "connection_limit" : 2000,
           "admin_state_up": true,
           "status": "INACTIVE"
         }
      ]
}

Retrieve a specific VIP

Verb URI Description
GET /v1.0/vips/vip_id

Normal Response Code(s): 202

Error Response Code(s): 401 (Unauthorized), 404 (Not Found), 409 (Conflict), 413 (Over limit), 500 (Internal server error), 503 (Service Unavailable)

This operation returns a vip object associated with your tenant account.

This operation does not require a request body.

This operation returns a response body. The returned element is a VIP that can contain the following attributes:

  • id
  • tenant_id
  • name
  • description
  • network_id
  • address
  • port
  • lb_method
  • protocol
  • pool_id
  • session_persistence
  • connection_limit
  • admin_state_up
  • status

Example . Retrieve a VIP details:

JSON Request:


#!highlight javascript numbers=disable
GET /v1.0/vips/36e08a3e-a78f-4b40-a229-1e7e23eee1ab
Host: lbaas-service.cloudX.com:8651
Accept: application/json
X-Auth-Token:887665443383838

JSON Response:


#!highlight javascript numbers=disable
200 OK
Content-Type: application/json
Content-Length: 156

{
     "vip": {
           "id": "36e08a3e-a78f-4b40-a229-1e7e23eee1ab",
           "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
           "name": "db_vip",
           "description": "lb config for the MYSQL db tier",
           "network_id": "9cedb85d-0759-4898-8a4b-fa5a5ea10086",
           "address" : "10.30.176.47",
           "protocol": "TCP",
           "port": 3306,
           "lb_method": "LEAST_CONNECTIONS",
           "pool_id" : "41efe233-7591-43c5-9cf7-923964759f9e",
           "session_persistence" : {"type" : "SOURCE_IP"},
           "connection_limit" : 2000,
           "admin_state_up": true,
           "status": "INACTIVE"
         }
}

Create a VIP

Verb URI Description
POST /v1.0/vips

Normal Response Code(s): 202

Error Response Code(s): 401 (Unauthorized), 404 (Not Found), 409 (Conflict), 413 (Over limit), 500 (Internal server error), 503 (Service Unavailable)

This operation provisions a new vip based on the configuration defined in the request object. Once the request is validated and progress has started on the provisioning process, a response object will be returned. The object will contain a unique identifier and the status of provisioning the vip.

The status of the vip in the response can take one of the following values: ACTIVE, PENDING_CREATE or ERROR.

If the status returned is set to "PENDING_CREATE", then using the identifier of the vip, the caller can check on the progress of the provisioning operation by performing a GET on vips/vip_id. When the status of the vip returned changes to "ACTIVE", then the vip has been successfully provisioned and is now operational for traffic handling.

The caller of this operation must specify at least the following attributes of the vip:

  • name
  • tenant_id: only if a user has an admin role can he specify a tenant_id different from her's.
  • network_id: The network on which to allocate the vip's address. A tenant can only create vips on networks authorized by policy (e.g. her own networks or shared/provider networks).
  • protocol: the protocol of the vip address.
  • port: the port on which to listen for client traffic that is associated with the vip address.
  • pool_id: the id of the pool that contains the real servers to which traffic is load balanced.

Some attributes will receive default values if not specified in the request:

  • lb_method: the default method is ROUND_ROBIN
  • admin_state_up: The default configuration state for a vip is UP, so the default value for this attribute is true.

If the request cannot be fulfilled due to insufficient or invalid data, an HTTP 400 (Bad Request) error response will be returned with information regarding the nature of the failure in the body of the response. Failures in the validation process are non-recoverable and require the caller to correct the cause of the failure and POST the request again.

Users may configure all documented features of the vip at creation time by simply providing the additional elements or attributes in the request. This document provides an overview of all the features the load balancing service supports.

Users with an admin role can create vips for other tenants by specifying a tenant_id attribute different than their own.

Example 4.6. Create a vip (Required Attributes) Request: JSON

Example . create a vip with a shared address JSON Request:


#!highlight javascript numbers=disable
POST /v1.0/vips
Host: lbaas-service.cloudX.com:8651
Content-Type: application/json
Accept: application/json
X-Auth-Token:887665443383838
Content-Length: 463

{
  "vips":[
         {
           "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
           "name": "web_vip",
           "network_id": "96a4386a-f8c3-42ed-afce-d7954eee77b3",
           "protocol": "HTTP",
           "port": 80,
           "pool_id" : "cfc6589d-f949-4c66-99d2-c2da56ef3764"
         }
      ]
}

JSON Response:


#!highlight javascript numbers=disable
202 Accepted
Content-Type: application/json
Content-Length: 213

{
  "vips":[
         {
           "id": "02b1fef7-16f5-4917-bf19-c40a9af805ed",
           "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
           "name": "web_vip",
           "network_id": "96a4386a-f8c3-42ed-afce-d7954eee77b3",
           "address" : "10.30.176.47",
           "protocol": "HTTPS",
           "port": 443,
           "lb_method": "ROUND_ROBIN",
           "pool_id" : "cfc6589d-f949-4c66-99d2-c2da56ef3764",
           "admin_state_up": true,
           "status": "PENDING_CREATE"
         }
      ]
}

A user can supply an address field if she owns the network on which the vip will be created. If an address is not specified in the payload, then the LBaaS service will allocate one from the network ID.

Once an address is allocated to the user, the user can create other vip objects using the same address but with different ports.

Example . create a vip with an address shared with another vip JSON Request:


#!highlight javascript numbers=disable
POST /v1.0/vips
Host: lbaas-service.cloudX.com:8651
Content-Type: application/json
Accept: application/json
X-Auth-Token:887665443383838
Content-Length: 234

{
  "vips":[
         {
           "name": "ssl_vip",
           "network_id": "96a4386a-f8c3-42ed-afce-d7954eee77b3",
           "address" : "10.30.176.47",
           "protocol": "HTTPS",
           "port": 443,
           "pool_id" : "91c20e53-96cd-4476-8efc-627f398773bb"
         }
      ]
}

JSON Response:


#!highlight javascript numbers=disable
202 Accepted
Content-Type: application/json
Content-Length: 282

{
  "vips":[
         {
           "id": "02b1fef7-16f5-4917-bf19-c40a9af805ed",
           "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
           "name": "ssl_vip",
           "network_id": "96a4386a-f8c3-42ed-afce-d7954eee77b3",
           "address" : "10.30.176.47",
           "protocol": "HTTPS",
           "port": 443,
           "lb_method": "ROUND_ROBIN",
           "pool_id" : "91c20e53-96cd-4476-8efc-627f398773bb",
           "admin_state_up": true,
           "status": "PENDING_CREATE"
         }
      ]
}

Update a VIP

Verb URI Description
PUT /1.0/vips/vip_id

Normal Response Code(s): 202

Error Response Code(s): loadbalancerFault (400, 500), serviceUnavailable (503), unauthorized (401), badRequest (400), overLimit (413)

This operation updates the attributes of the specified vip. Upon successful validation of the request, the service will return a 202 (Accepted) response code. A caller should check that the vip status has changed to ACTIVE to confirm that the update has taken effect. If the vip status is "PENDING_UPDATE" then the caller can poll the vip with its ID (using a GET operation) to wait for the changes to be applied.

This operation allows the caller to change one or more of the following attributes:

  • name
  • description
  • pool_id
  • lb_method
  • session_persistence
  • connection_limit
  • admin_state_up

This operation returns the updated vip object. The status of the vip in the response can take one of the following values: ACTIVE, PENDING_UPDATE or ERROR.


#!wiki caution
Note

The load balancer's ID, status, network_id, address, port and protocol are immutable attributes and cannot be modified once a vip is created. Supplying an unsupported attribute will result in a 400 (badRequest) fault.

Example . updating a vip JSON Request:


#!highlight javascript numbers=disable
PUT /v1.0/vips/02b1fef7-16f5-4917-bf19-c40a9af805ed
Host: lbaas-service.cloudX.com:8651
Content-Type: application/json
Accept: application/json
X-Auth-Token:887665443383838
Content-Length: 75

{
  "vip": {
           "name": "ssl_vip_1",
           "description": "this VIP is used for secure web connections",
           "lb_method": "LEAST_CONNECTIONS",
           "session_persistence": { "type": "HTTP_COOKIE" }
         }
}

JSON Response:


#!highlight javascript numbers=disable
202 Accepted
Content-Type: application/json
Content-Length: 282

{
  "vip": {
           "id": "02b1fef7-16f5-4917-bf19-c40a9af805ed",
           "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
           "name": "ssl_vip_1",
           "network_id": "96a4386a-f8c3-42ed-afce-d7954eee77b3",
           "address" : "10.30.176.47",
           "protocol": "HTTPS",
           "port": 443,
           "lb_method": "LEAST_CONNECTIONS",
           "pool_id" : "cfc6589d-f949-4c66-99d2-c2da56ef3764",
           "session_persistence": { "type": "HTTP_COOKIE" },
           "admin_state_up": true,
           "status": "PENDING_UPDATE"
         }
}

Table 4.1. vip Statuses

Name
ACTIVE
PENDING_CREATE
PENDING_UPDATE
PENDING_DELETE
INACTIVE
ERROR

Remove a VIP

Verb URI Description
DELETE /v1.0/vips/vip_id Remove a VIP from the account.

Normal Response Code(s): 202

Error Response Code(s): loadbalancerFault (400, 500), serviceUnavailable (503), unauthorized (401), badRequest (400), overLimit (413)

The remove vip function removes the specified vip and its associated configuration from the account. Any and all configuration data is immediately purged and is not recoverable.

This operation does not require a request body.

This operation does not return a response body.

Example . Deleting a vip JSON Request:


#!highlight javascript numbers=disable
DELETE /v1.0/vips/02b1fef7-16f5-4917-bf19-c40a9af805ed
Host: lbaas-service.cloudX.com:8651
Accept: application/json
X-Auth-Token:887665443383838

JSON Response:


#!highlight javascript numbers=disable
202 Accepted

Pools

A pool is a container of a set of members to which the traffic is load-balanced. The pool construct is a way to share several configuration attributes between members that belong to the same pool. For example health monitors are configured on the pool, and all members of the same pool, will be monitored using these health monitors.

Each vip object can be associated with one pool. A pool cannot be used by more than one vip.

List all Pools

Verb URI Description
GET /v1.0/pools

List all pools of a tenant.

Normal Response Code(s): 200

Error Response Code(s): loadbalancerFault (400, 500), serviceUnavailable (503), unauthorized (401), badRequest (400), overLimit (413)

This operation does not require a request body.

Example 4.13. List pools Request: JSON Request:


#!highlight javascript numbers=disable
GET /v1.0/pools
Host: lbaas-service.cloudX.com:8651
Accept: application/json
X-Auth-Token:887665443383838

Example. List pools Response: JSON


#!highlight javascript numbers=disable
200 OK
Content-Type: application/json
Content-Length: 628

{
  "pools" : [
              {
                "id":"cfc6589d-f949-4c66-99d2-c2da56ef3764",
                "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
                "vip_id": "db902c0c-d5ff-4753-b465-668ad9656918",
                "name": "web_pool",
                "protocol": "HTTP",
                "network_id" : "e2a7a228-8fd1-4aa8-8d0c-4023a68e1c92",
                "members" : [
                              "c57f581b-c834-408f-93fa-30543cf30618",
                              "f2e37304-e3c1-4f96-9201-dd57a16adb75",
                              "cd701b32-7f55-4e8b-94a0-756cd85a684d"
                            ],
                "health_monitors" : [
                                     "954171e2-8816-4d59-a9d5-c85310b4508d"
                                    ],
                "admin_state_up" : true,
                "status" : "ACTIVE"
              },
              {
                "id":"91c20e53-96cd-4476-8efc-627f398773bb",
                "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
                "vip_id": "02b1fef7-16f5-4917-bf19-c40a9af805ed",
                "protocol": "HTTPS",
                "network_id" : "e2a7a228-8fd1-4aa8-8d0c-4023a68e1c92",
                "members" : [
                              "fcbf4e80-2fc7-4c7a-8a2e-8ea929620df9",
                              "6ea4761c-f571-4ec8-a6ae-6a4baf7e49d",
                              "26c49527-999c-4ef5-9484-5c065414d3db"
                            ],
                "health_monitors" : [
                                     "3b4ee887-fff5-4e45-ac55-c34ee599061a"
                                   ],
                "admin_state_up" : true,
                "status" : "ACTIVE"
              },
              {
                "id":"41efe233-7591-43c5-9cf7-923964759f9e",
                "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
                "vip_id": "36e08a3e-a78f-4b40-a229-1e7e23eee1ab",
                "protocol": "TCP",
                "network_id" : "ddc3ab81-1dac-4be3-a340-c7b7b5d89beb",
                "members" : [
                              "a24a6159-fc0f-4f42-ab10-5fe8763fef6e",
                              "8c65956d-8f3c-41a4-abc3-5311eb3b4ba9"
                            ],
                "health_monitors" : [
                                     "65479d91-36f4-4651-89c2-2daee22a3c78",
                                     "441d3298-bf31-4c3b-8433-7e93a7a3db16"
                                   ],
                "admin_state_up" : true,
                "status" : "ACTIVE"
              }
            ]
}

Retrieve a specific Pool

Verb URI Description
GET /v1.0/pools/pool_id

This operation retrieves the configuration of a pool.

Normal Response Code(s): 200

Error Response Code(s): loadbalancerFault (400, 500), serviceUnavailable (503), unauthorized (401), badRequest (400), overLimit (413)

This operation does not require a request body.

Example 4.15. Retrieve the configuration of a pool

JSON Request:


#!highlight javascript numbers=disable
GET /v1.0/pools/cfc6589d-f949-4c66-99d2-c2da56ef3764
Host: lbaas-service.cloudX.com:8651
Accept: application/json
X-Auth-Token:887665443383838

Example. List pools Response: JSON


#!highlight javascript numbers=disable
200 OK
Content-Type: application/json
Content-Length: 628

{
  "pool" : {
         "id":"cfc6589d-f949-4c66-99d2-c2da56ef3764",
         "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
         "vip_id": "db902c0c-d5ff-4753-b465-668ad9656918",
         "name": "web_pool",
         "protocol": "HTTP",
         "network_id" : "e2a7a228-8fd1-4aa8-8d0c-4023a68e1c92",
         "members" : [
                      "c57f581b-c834-408f-93fa-30543cf30618",
                      "f2e37304-e3c1-4f96-9201-dd57a16adb75",
                      "cd701b32-7f55-4e8b-94a0-756cd85a684d"
                     ],
         "health_monitors" : [
                               "f784c3a7-c4e8-44da-bf12-5ff417d27555"
                             ],
         "admin_state_up" : true,
         "status" : "ACTIVE"
  }
}

Create a Pool

Verb URI
POST /v1.0/pools

Normal Response Code(s): 202

Error Response Code(s): loadbalancerFault (400, 500), serviceUnavailable (503), unauthorized (401), badRequest (400), overLimit (413)

When a pool is added, it is assigned a unique identifier which can be used for querying, changing or deleting it. Optionally, you can also assign the pool to a vip during creation time, by specifying the vip_id attribute.

If a user has an admin role, she can create pools for other tenant by specifying the tenant_id attribute in the request payload.

Example 4.15. Creating a pool

JSON Request:


#!highlight javascript numbers=disable
POST /v1.0/pools
Host: lbaas-service.cloudX.com:8651
Accept: application/json
Content-Type: application/json
X-Auth-Token:887665443383838
Content-Length: 194

{
  "pools" : [
         {
            "name": "web_pool",
            "vip_id": "db902c0c-d5ff-4753-b465-668ad9656918",
            "protocol": "HTTP",
            "network_id" : "e2a7a228-8fd1-4aa8-8d0c-4023a68e1c92",
            "members" : [
                          "c57f581b-c834-408f-93fa-30543cf30618",
                          "f2e37304-e3c1-4f96-9201-dd57a16adb75"
                        ]
        }
   ]
}

JSON Response


#!highlight javascript numbers=disable
202 Accepted
Content-Type: application/json
Content-Length: 275

{
  "pools" : [
           {
            "id":"cfc6589d-f949-4c66-99d2-c2da56ef3764",
            "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
            "vip_id": "db902c0c-d5ff-4753-b465-668ad9656918",
            "name": "web_pool",
            "protocol": "HTTP",
            "network_id" : "e2a7a228-8fd1-4aa8-8d0c-4023a68e1c92",
            "members" : [
                          "c57f581b-c834-408f-93fa-30543cf30618",
                          "f2e37304-e3c1-4f96-9201-dd57a16adb75"
                        ],
            "admin_state_up" : true,
            "status" : "PENDING_CREATE"
          }
        ]
}

Update a Pool

Verb URI
PUT /v1.0/pools/pool_id

Normal Response Code(s): 202

Error Response Code(s): loadbalancerFault (400, 500), serviceUnavailable (503), unauthorized (401), badRequest (400), overLimit (413)

This operation does not return a response body.

Example 4.21. Update name of the pool

JSON Request:


#!highlight javascript numbers=disable
PUT /v1.0/pools/cfc6589d-f949-4c66-99d2-c2da56ef3764
Host: lbaas-service.cloudX.com:8651
Accept: application/json
Content-Type: application/json
X-Auth-Token:887665443383838
Content-Length: 194

{
  "pool" : {
            "name": "web_pool_1"
           }
}

JSON Response


#!highlight javascript numbers=disable
202 Accepted
Content-Type: application/json
Content-Length: 269

{
  "pool" : {
            "id":"cfc6589d-f949-4c66-99d2-c2da56ef3764",
            "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
            "vip_id": "db902c0c-d5ff-4753-b465-668ad9656918",
            "name": "web_pool_1",
            "protocol": "HTTP",
            "network_id" : "e2a7a228-8fd1-4aa8-8d0c-4023a68e1c92",
            "members" : [
                          "c57f581b-c834-408f-93fa-30543cf30618",
                          "f2e37304-e3c1-4f96-9201-dd57a16adb75"
                        ],
            "admin_state_up" : true,
            "status" : "PENDING_UPDATE"
          }
}

Remove a Pool

Verb URI
DELETE /pools/pool_id

Normal Response Code(s): 200, 202

Error Response Code(s): loadbalancerFault (400, 500), serviceUnavailable (503), unauthorized (401), badRequest (400), overLimit (413)

This operation does not require a request body.

This operation does not return a response body.


#!wiki caution
Note

Attempting to remove a pool that is used in a vip will result in a badRequest (400) error. First remove the pool from the vip, then you can remove the pool.

Example 4.21. Removing a pool

JSON Request:


#!highlight javascript numbers=disable
DELETE /v1.0/pools/cfc6589d-f949-4c66-99d2-c2da56ef3764
Host: lbaas-service.cloudX.com:8651
Accept: application/json
X-Auth-Token:887665443383838

JSON Response


#!highlight javascript numbers=disable
202 Accepted


#!wiki caution
Note

A pool that is pending to be deleted cannot be updated.

Pool Members

The members of a pool are responsible for servicing the requests received through the vip's virtual IP. The load-balancing method is used to distribute requests or connections between the pool members.

The weight of a member determines the portion of requests or connections it services compared to the other members of the pool. For example, if member A has a weight of 2 and member B has a weight of 1, then member A will service twice as many requests as member B. If the weight attribute is not specified, then the member's weight is implicitly set to "1".

List all Members

Verb URI
GET /v1.0/members

List all members of all pools for a tenant.

Normal Response Code(s): 200

Error Response Code(s): loadbalancerFault (400, 500), serviceUnavailable (503), unauthorized (401), badRequest (400), overLimit (413)

This operation does not require a request body.

Example: Listing all members

JSON Request:


#!highlight javascript numbers=disable
GET /v1.0/members
Host: lbaas-service.cloudX.com:8651
Accept: application/json
X-Auth-Token:887665443383838

JSON Response:


#!highlight javascript numbers=disable
200 OK
Content-Type: application/json
Content-Length: 917

{
  "members" : [
              {
                "id":"c57f581b-c834-408f-93fa-30543cf30618",
                "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
                "pool_id": "cfc6589d-f949-4c66-99d2-c2da56ef3764",
                "address": "192.168.224.31",
                "port": 8080,
                "weight" : 1,
                "admin_state_up" : true,
                "status" : "ACTIVE"
              },
              {
                "id":"f2e37304-e3c1-4f96-9201-dd57a16adb75",
                "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
                "pool_id": "cfc6589d-f949-4c66-99d2-c2da56ef3764",
                "address": "192.168.224.32",
                "port" : 8081,
                "weight": 2,
                "admin_state_up" : true,
                "status" : "ACTIVE"
              },
              {
                "id":"cd701b32-7f55-4e8b-94a0-756cd85a684d",
                "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
                "pool_id": "cfc6589d-f949-4c66-99d2-c2da56ef3764",
                "address": "192.168.224.35"
                "port": 8080,
                "weight" : 1,
                "admin_state_up" : false,
                "status" : "INACTIVE"
              },
              {
                "id":"fcbf4e80-2fc7-4c7a-8a2e-8ea929620df9",
                "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
                "pool_id": "91c20e53-96cd-4476-8efc-627f398773bb",
                "address": "192.168.137.61",
                "port": 8443,
                "weight" : 1,
                "admin_state_up" : true,
                "status" : "ACTIVE"
              },
              {
                "id":"6ea4761c-f571-4ec8-a6ae-6a4baf7e49d",
                "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
                "pool_id": "91c20e53-96cd-4476-8efc-627f398773bb",
                "address": "192.168.137.62",
                "port": 8443,
                "weight" : 1,
                "admin_state_up" : true,
                "status" : "ACTIVE"
              },
              {
                "id":"26c49527-999c-4ef5-9484-5c065414d3db",
                "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
                "pool_id": "91c20e53-96cd-4476-8efc-627f398773bb",
                "address": "192.168.137.63",
                "port": 8443,
                "weight" : 1,
                "admin_state_up" : true,
                "status" : "ACTIVE"
              },
              {
                "id":"a24a6159-fc0f-4f42-ab10-5fe8763fef6e",
                "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
                "pool_id": "41efe233-7591-43c5-9cf7-923964759f9e",
                "address": "192.168.200.114",
                "port": 3306,
                "weight" : 1,
                "admin_state_up" : true,
                "status" : "ACTIVE"
              },
              {
                "id":"8c65956d-8f3c-41a4-abc3-5311eb3b4ba9",
                "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
                "pool_id": "41efe233-7591-43c5-9cf7-923964759f9e",
                "address": "192.168.200.132",
                "port": 3306,
                "weight" : 1,
                "admin_state_up" : true,
                "status" : "INACTIVE"
              }
            ]
}

List all Members of a specific Pool

Verb URI
GET /v1.0/pools/pool_id/members

List all members of a specific pool.

Normal Response Code(s): 200

Error Response Code(s): loadbalancerFault (400, 500), serviceUnavailable (503), unauthorized (401), badRequest (400), overLimit (413)

This operation does not require a request body.

Example: Listing all members

JSON Request:


#!highlight javascript numbers=disable
GET /v1.0/pools/cfc6589d-f949-4c66-99d2-c2da56ef3764/members
Host: lbaas-service.cloudX.com:8651
Accept: application/json
X-Auth-Token:887665443383838

JSON Response:


#!highlight javascript numbers=disable
200 OK
Content-Type: application/json
Content-Length: 917

{
  "members" : [
              {
                "id":"c57f581b-c834-408f-93fa-30543cf30618",
                "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
                "pool_id": "cfc6589d-f949-4c66-99d2-c2da56ef3764",
                "address": "192.168.224.31",
                "port": 8080,
                "weight" : 1,
                "admin_state_up" : true,
                "status" : "ACTIVE"
              },
              {
                "id":"f2e37304-e3c1-4f96-9201-dd57a16adb75",
                "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
                "pool_id": "cfc6589d-f949-4c66-99d2-c2da56ef3764",
                "address": "192.168.224.32",
                "port" : 8081,
                "weight": 2,
                "admin_state_up" : true,
                "status" : "ACTIVE"
              },
              {
                "id":"cd701b32-7f55-4e8b-94a0-756cd85a684d",
                "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
                "pool_id": "cfc6589d-f949-4c66-99d2-c2da56ef3764",
                "address": "192.168.224.35"
                "port": 8080,
                "weight" : 1,
                "admin_state_up" : false,
                "status" : "INACTIVE"
              }
            ]
}

Retrieve a specific Member

Verb URI Description
GET /members/member_id

This operation retrieves the configuration of a node.

Normal Response Code(s): 200

Error Response Code(s): loadbalancerFault (400, 500), serviceUnavailable (503), unauthorized (401), badRequest (400), overLimit (413)

This operation does not require a request body.

Example. Retrieve the configuration of a member

JSON Request:


#!highlight javascript numbers=disable
GET /v1.0/members/c57f581b-c834-408f-93fa-30543cf30618
Host: lbaas-service.cloudX.com:8651
Accept: application/json
X-Auth-Token:887665443383838

JSON Response:


#!highlight javascript numbers=disable
200 OK
Content-Type: application/json
Content-Length: 917

{
  "member" :  {
                "id":"c57f581b-c834-408f-93fa-30543cf30618",
                "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
                "pool_id": "cfc6589d-f949-4c66-99d2-c2da56ef3764",
                "address": "192.168.224.31",
                "port": 8080,
                "weight" : 1,
                "admin_state_up" : true,
                "status" : "ACTIVE"
              }
}

Bulk Create Members

Verb URI Description
POST /v1.0/members Add members to pools.

Normal Response Code(s): 202

Error Response Code(s): loadbalancerFault (400, 500), serviceUnavailable (503), unauthorized (401), badRequest (400), overLimit (413)

When a member is added, it is assigned a unique identifier that can be used for mutating operations such as changing the admin_state or the weight of a member, or removing the member from the pool.


#!wiki caution
Note:

When a member is added to a load balancer, it is enabled by default (admin_state_up = true).

Example 4.17. Add members

In this example, we add the first 2 members to one pool and the third member to a second pool.

JSON Request:


#!highlight javascript numbers=disable
POST /v1.0/members
Host: lbaas-service.cloudX.com:8651
Accept: application/json
Content-Type: application/json
X-Auth-Token:887665443383838
Content-Length: 826

{
  "members" : [
              {
                "address": "192.168.224.31",
                "port": 8080,
                "pool_id": "cfc6589d-f949-4c66-99d2-c2da56ef3764"
              },
              {
                "address": "192.168.224.32",
                "port" : 8081,
                "weight" : 2,
                "pool_id": "cfc6589d-f949-4c66-99d2-c2da56ef3764"
              },
              {
                "address": "192.168.137.61",
                "port": 8443,
                "pool_id": "91c20e53-96cd-4476-8efc-627f398773bb"
              }
            ]
}

JSON Response:


#!highlight javascript numbers=disable
200 OK
Content-Type: application/json
Content-Length: 917

{
  "members" : [
              {
                "id":"c57f581b-c834-408f-93fa-30543cf30618",
                "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
                "pool_id": "cfc6589d-f949-4c66-99d2-c2da56ef3764",
                "address": "192.168.224.31",
                "port": 8080,
                "weight" : 1,
                "admin_state_up" : true,
                "status" : "PENDING_CREATE"
              },
              {
                "id":"f2e37304-e3c1-4f96-9201-dd57a16adb75",
                "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
                "pool_id": "cfc6589d-f949-4c66-99d2-c2da56ef3764",
                "address": "192.168.224.32",
                "port" : 8081,
                "weight" : 2,
                "admin_state_up" : true,
                "status" : "PENDING_CREATE"
              },
              {
                "id":"fcbf4e80-2fc7-4c7a-8a2e-8ea929620df9",
                "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
                "pool_id": "91c20e53-96cd-4476-8efc-627f398773bb",
                "address": "192.168.137.61",
                "port": 8443,
                "weight" : 1,
                "admin_state_up" : true,
                "status" : "PENDING_CREATE"
              }
            ]
}

Update a Member

Verb URI Description
PUT /v1.0/members/member_id

Normal Response Code(s): 202

Error Response Code(s): loadbalancerFault (400, 500), serviceUnavailable (503), unauthorized (401), badRequest (400), overLimit (413)

This operation does not return a response body.


#!wiki caution
Note

The member's address and port are immutable attributes and cannot be modified with a PUT request. Supplying an unsupported attribute will result in a 400 (badRequest) fault. A pool supports a
maximum number of nodes. The maximum number of nodes per pool is returned when querying the limits of the LBaaS service.

Every member in the pool is either enabled or disabled which determines its role within the pool using the admin_state_up attribute. When the member has admin_state_up=true, the member is permitted to accept new connections or requests. Its status will eventually become ACTIVE to reflect this configuration. When the member has admin_state_up=false, the member is not permitted to accept any new connections or requests regardless of session persistence configuration. Existing connections to the node are gracefully drained or forcibly terminated. The member's status changes to INACTIVE once the configuration has been successfully applied.

Example 4.21. Disable a member

JSON Request:


#!highlight javascript numbers=disable
PUT /v1.0/members/c57f581b-c834-408f-93fa-30543cf30618
Host: lbaas-service.cloudX.com:8651
Accept: application/json
Content-Type: application/json
X-Auth-Token:887665443383838
Content-Length: 826

{
  "member" :  {
                "admin_state_up": false
              }
}

JSON Response:


#!highlight javascript numbers=disable
202 ACCEPTED
Content-Type: application/json
Content-Length: 917

{
  "member" : {
                "id":"c57f581b-c834-408f-93fa-30543cf30618",
                "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
                "pool_id": "cfc6589d-f949-4c66-99d2-c2da56ef3764",
                "address": "192.168.224.31",
                "port": 8080,
                "weight" : 1,
                "admin_state_up" : false,
                "status" : "PENDING_UPDATE"
             }
}

Remove a Member

Verb URI Description
DELETE /v1.0/members/member_id Removes a member from a pool.

Normal Response Code(s): 200, 202

Error Response Code(s): loadbalancerFault (400, 500), serviceUnavailable (503), unauthorized (401), badRequest (400), overLimit (413)

This operation does not require a request body.

This operation does not return a response body.

Example 4.21. remove a member from its pool

JSON Request:


#!highlight javascript numbers=disable
DELETE /v1.0/members/c57f581b-c834-408f-93fa-30543cf30618
Host: lbaas-service.cloudX.com:8651
Accept: application/json
X-Auth-Token:887665443383838

JSON RESPONSE


#!highlight javascript numbers=disable
202 Accepted

Health Monitors

Verb URI
GET /v1.0/healthmonitors/
GET /v1.0/healthmonitors/healthmonitor_id
PUT /v1.0/healthmonitors/healthmonitor_id Update the settings for a health monitor.
DELETE /v1.0/healthmonitors/healthmonitor_id Remove the health monitor.

Normal Response Code(s): 200, 202

Error Response Code(s): loadbalancerFault (400, 500), serviceUnavailable (503), unauthorized (401), badRequest (400), overLimit (413)

Active health monitoring provides 3 types of health monitors. The caller can configure one health monitor on the load blancer.

The health monitor has a type attribute to signify which of the 3 types it is. The 3 types available in this specification are described below.

Table 4.4. Health Monitor Types

Name
PING
TCP
HTTP
HTTPS

The required attributes to specify when creating a health monitor depend on the health monitor type.

Create a PING Health Monitor

The monitor pings the member to ensure that the member is alive.

The PING monitor is the most basic type of health check. The following configurable properties can be specified

  • delay: This is the minimum time in seconds between regular pings of the member.
  • timeout: Maximum number of seconds for a monitor to wait for a ping reply before it times out. The value must be less than the delay value.
  • attemptsBeforeDeactivation: Number of permissible ping failures before changing the member's status to INACTIVE. Must be a number between 1 and 10.

Example 4.27. Monitor PING


#!highlight xml numbers=disable
POST /v1.0/healthmonitors
Host: lbaas-service.cloudX.com:8651
Accept: application/json
Content-Type: application/json
X-Auth-Token:887665443383838
Content-Length: 91

{
    "healthmonitor" :
      {
         "type" : "PING",
         "delay" : 20,
         "timeout": 10,
         "attemptsBeforeDeactivation": 3
      }
}

JSON Response:


#!highlight xml numbers=disable
202 Accepted
Content-Type: application/json
Content-Length: 114

{
    "healthmonitor" :
      {
         "id" : "f784c3a7-c4e8-44da-bf12-5ff417d27555",
         "type" : "PING",
         "delay" : 20,
         "timeout": 10,
         "attemptsBeforeDeactivation": 3,
         "admin_state_up": true,
         "status": "PENDING_CREATE"
      }
}

Create a TCP Health Monitor

A TCP monitor tries to establish a TCP connection to the member to ensure that the member is healthy.

The following configurable properties can be specified for a TCP monitor:

  • delay: This is the minimum time in seconds between regular connections of the member.
  • timeout: Maximum number of seconds for a monitor to wait for a connection to be established before it times out. The value must be less than the delay value.
  • attemptsBeforeDeactivation: Number of permissible connection failures before changing the member's status to INACTIVE. Must be a number between 1 and 10.

Example. Monitor TCP


#!highlight xml numbers=disable
POST /v1.0/healthmonitors
Host: lbaas-service.cloudX.com:8651
Accept: application/json
Content-Type: application/json
X-Auth-Token:887665443383838
Content-Length: 91

{
    "healthmonitor" :
      {
         "type" : "TCP",
         "delay" : 20,
         "timeout": 10,
         "attemptsBeforeDeactivation": 3
      }
}

JSON Response:


#!highlight xml numbers=disable
202 Accepted
Content-Type: application/json
Content-Length: 114

{
    "healthmonitor" :
      {
         "id" : "e5069610-744b-42a7-8bd8-ceac1a229cd4",
         "type" : "TCP",
         "delay" : 20,
         "timeout": 10,
         "attemptsBeforeDeactivation": 3,
         "admin_state_up": true,
         "status": "PENDING_CREATE"

      }
}

Create an HTTP or an HTTPS Health Monitor

The HTTP and HTTPS monitor is more intelligent than the TCP monitor. It is capable of processing an HTTP or HTTPS response to determine the condition of a node. It supports the same basic properties as the TCP monitor and includes the additional attribute of path that is used to evaluate the HTTP response to a monitor probe.

  • path: The HTTP path used in the HTTP request used by the monitor to test a member's health. This must be a string beginning with a / (forward slash). The monitor expects a response from the node with an HTTP status code of 200.

Example. Monitor TCP


#!highlight xml numbers=disable
POST /v1.0/healthmonitors
Host: lbaas-service.cloudX.com:8651
Accept: application/json
Content-Type: application/json
X-Auth-Token:887665443383838
Content-Length: 91

{
    "healthmonitor" :
      {
         "type" : "HTTP",
         "delay" : 20,
         "timeout": 10,
         "attemptsBeforeDeactivation": 3,
         "path" : "/check",
         "error_codes" : "200-299"
      }
}

JSON Response:


#!highlight xml numbers=disable
202 Accepted
Content-Type: application/json
Content-Length: 114

{
    "healthmonitor" :
      {
         "id" : "f3eeab00-8367-4524-b662-55e64d4cacb5",
         "type" : "HTTP",
         "delay" : 20,
         "timeout": 10,
         "attemptsBeforeDeactivation": 3,
         "path" : "/check",
         "error_codes" : "200-299",
         "admin_state_up": true,
         "status": "PENDING_CREATE"
      }
}

Associate and Dissociate Health Monitors with Pools

When a health monitor has been created, it can be associated with one or several pools.

Verb URI
GET /v1.0/pools/pool_id/healthmonitors
POST /v1.0/pools/pool_id/healthmonitors
DELETE /v1.0/pool_id/pool_id/healthmonitors/healthmonitor_id Dissociates a healthmonitor from a pool.

Normal Response Code(s): 200, 202

Error Response Code(s): loadbalancerFault (400, 500), serviceUnavailable (503), unauthorized (401), badRequest (400), overLimit (413)

List all Health Monitors associated with a Pool

Example. List health monitors for a pool


#!highlight xml numbers=disable
GET /v1.0/pools/cfc6589d-f949-4c66-99d2-c2da56ef3764/healthmonitors
Host: lbaas-service.cloudX.com:8651
Accept: application/json
X-Auth-Token:887665443383838

JSON Response:


#!highlight xml numbers=disable
200 OK
Content-Type: application/json
Content-Length: 114

{
    "healthmonitors" : [
                         "f784c3a7-c4e8-44da-bf12-5ff417d27555",
                         "e5069610-744b-42a7-8bd8-ceac1a229cd4"
                       ]
}
Associate Health Monitors with a Pool

You can associate one or several health monitors with a pool. Once associated, the health monitors will start monitoring the members of the pool and will deactivate these members if they are deemed unhealthy. A member can be disactivated (status set to INACTIVE) if any of health monitors finds its unhealthy.

The response will return the current list of all health monitors associated with the pool.

Example. Add a health monitor to the monitors for a pool


#!highlight xml numbers=disable
POST /v1.0/pools/cfc6589d-f949-4c66-99d2-c2da56ef3764/healthmonitors
Host: lbaas-service.cloudX.com:8651
Accept: application/json
X-Auth-Token:887665443383838

{
    "healthmonitors" : [
                         "f3eeab00-8367-4524-b662-55e64d4cacb5"
                       ]
}

JSON Response:


#!highlight xml numbers=disable
202 Accepted
Content-Type: application/json
Content-Length: 114

{
    "healthmonitors" : [
                         "f784c3a7-c4e8-44da-bf12-5ff417d27555",
                         "e5069610-744b-42a7-8bd8-ceac1a229cd4",
                         "f3eeab00-8367-4524-b662-55e64d4cacb5"
                       ]
}

Note that the pool status will change to PENDING_UPDATE while the association is processed. A pool status of ACTIVE indicates that the change has successfully taken place.

Dissociate Health Monitors from a Pool

you can dissociate a health monitor from a pool. When dissociation is successful, the health monitor will no longer check for the health of the members of the pool.

Note that the pool status will change to PENDING_UPDATE while the dissociation is processed. A pool status of ACTIVE indicates that the change has successfully taken place.

Example. Dissociate a health monitor from a pool


#!highlight xml numbers=disable
DELETE /v1.0/pools/cfc6589d-f949-4c66-99d2-c2da56ef3764/healthmonitors/f3eeab00-8367-4524-b662-55e64d4cacb5
Host: lbaas-service.cloudX.com:8651
Accept: application/json
X-Auth-Token:887665443383838

JSON Response:


#!highlight xml numbers=disable
202 Accepted

Statistics

List Traffic Statistics of a pool

Name URI Description
GET /v1.0/pools/pool_id/stats

Normal Response Code(s): 200

Error Response Code(s): loadbalancerFault (400, 500), serviceUnavailable (503), unauthorized (401), badRequest (400), overLimit (413)

This operation does not require a request body.

The pool stats reports provide a set of stats counters. This list will contain at least the following counters:

  • bytes_in: The total number of bytes that pool members have received from clients.
  • bytes_out: The total number of bytes that pool members have sent to clients.
  • active_connections: The current number of active connections being served by the pool members.
  • total_connections: The total number of connections that have been processed by the pool members.

Example 4.25. Retrieve the stats for a pool


#!highlight json numbers=disable
GET /v1.0/pools/cfc6589d-f949-4c66-99d2-c2da56ef3764/stats
Host: lbaas-service.cloudX.com:8651
Accept: application/json
X-Auth-Token:887665443383838

JSON Response:


#!highlight xml numbers=disable
200 OK
Content-Type: application/json
Content-Length: 114

{
    "stats" : {
                         "bytes_in" : 36839202,
                         "bytes_out" : 673193022,
                         "active_connections" : 39,
                         "total_connections" : 682
              }
}

Protocols

List Supported Load Balancing Protocols

Verb URI
GET /v1.0/protocols

Normal Response Code(s): 200

Error Response Code(s): loadbalancerFault (400, 500), serviceUnavailable (503), unauthorized (401), badRequest (400), overLimit (413)

This operation does not require a request body.

All vips and members must be configured with a protocol value from this list. The vip's protocol and the pool's protocol must be compatible with each other, which in this version of the API specification means that they have to be identical.

All LBaaS implementations of this specification must support at least the following protocols:

  • TCP
  • HTTP
  • HTTPS

When the protocol is HTTPS, the traffic received on the vip is SSL-encrypyted and will be forwaded as is to the pool members. The traffic is not decrypted by the load balancers. Because, requests are opaque, the HTTP_COOKIE session persistence cannot be configured when the vip's protocol is HTTPS.

Example: Listing protocols supported


#!highlight javascript numbers=disable
{
 "protocols": [
               {
                 "name": "TCP",
               },
               {
                 "name": "HTTP",
               },
               {
                 "name": "HTTPS",
               }
              ]
}

LB Methods

All LB methods utilize an algorithm that defines how a member is chosen to process a new request or a connection that arrives on a vip. The default algorithm for newly created vips is ROUND_ROBIN, which can be overridden at creation time or changed after the vip has been initially provisioned.

The algorithm name is to be constant within a major revision of the load balancing API, though new algorithms may be created with a unique algorithm name within a given major revision of this API.

Table 4.6. Load Balancing Algorithms

Name
LEAST_CONNECTIONS
ROUND_ROBIN

Listing Supported Load Balancing Methods

Verb URI
GET /v1.0/lb_methods

Normal Response Code(s): 200

Error Response Code(s): loadbalancerFault (400, 500), serviceUnavailable (503), unauthorized (401), badRequest (400), overLimit (413)

This operation does not require a request body.

Example 4.48. List Load Balancing Algorithms Response: XML


#!highlight javascript numbers=disable
200 OK
Content-type: application/json
Content-length: 362

{
   "lb_methods": [
                  {
                    "name": "ROUND_ROBIN"
                  },
                  {
                    "name": "LEAST_CONNECTIONS"
                  }
                 ]
}