Yandex Cloud
  • Services
  • Solutions
  • Why Yandex Cloud
  • Pricing
  • Documentation
  • Contact us
Get started
Language / Region
© 2022 Yandex.Cloud LLC
Yandex Application Load Balancer
  • Getting started
  • Step-by-step instructions
    • All instructions
    • Target groups
      • Create a target group
      • Edit a target group
      • Delete a target group
    • Backend groups
      • Create a backend group
      • Edit a backend group
      • Delete a backend group
    • HTTP routers
      • Create HTTP router
      • Edit an HTTP router
      • Delete an HTTP router
    • L7 load balancers
      • Create an L7 load balancer
      • Edit an L7 load balancer
      • View L7 load balancer statistics
      • View the L7 load balancer logs
      • Get the ID of the log group of the L7 load balancer
      • Stopping and restarting an L7 load balancer
      • Delete an L7 load balancer
    • Ingress Controller for Managed Service for Kubernetes
      • Install an Ingress controller
      • Create or update resources based on configuration
  • Practical guidelines
    • Setting up a virtual hosting
    • Creating a load balancer with DDoS protection
    • Integrating an L7 load balancer with the CDN and Object Storage
    • Blue-green and canary deployment of service versions
    • Terminating TLS connections
    • Writing load balancer logs to PostgreSQL
  • Concepts
    • Overview
    • Load balancers
    • HTTP routers
    • Backend groups
    • Target groups
    • Quotas and limits
  • Tools
    • Ingress Controller for Managed Service for Kubernetes
      • Overview
      • How it works
      • Security groups
      • Service accounts
  • Access management
  • Pricing policy
  • API reference
    • Authentication in the API
    • gRPC
      • Overview
      • BackendGroupService
      • HttpRouterService
      • LoadBalancerService
      • TargetGroupService
      • VirtualHostService
      • OperationService
    • REST
      • Overview
      • BackendGroup
        • Overview
        • addBackend
        • create
        • delete
        • get
        • list
        • listOperations
        • removeBackend
        • update
        • updateBackend
      • HttpRouter
        • Overview
        • create
        • delete
        • get
        • list
        • listOperations
        • update
      • LoadBalancer
        • Overview
        • addListener
        • addSniMatch
        • create
        • delete
        • get
        • getTargetStates
        • list
        • listOperations
        • removeListener
        • removeSniMatch
        • start
        • stop
        • update
        • updateListener
        • updateSniMatch
      • TargetGroup
        • Overview
        • addTargets
        • create
        • delete
        • get
        • list
        • listOperations
        • removeTargets
        • update
      • VirtualHost
        • Overview
        • create
        • delete
        • get
        • list
        • removeRoute
        • update
        • updateRoute
  • Ingress controller reference
    • Overview
    • Ingress
    • HttpBackendGroup
    • Service
  • Log reference
  1. API reference
  2. REST
  3. LoadBalancer
  4. create

Method create

Written by
Yandex Cloud
  • HTTP request
  • Body parameters
  • Response

Creates an application load balancer in the specified folder.

HTTP request

POST https://alb.api.cloud.yandex.net/apploadbalancer/v1/loadBalancers

Body parameters

{
  "folderId": "string",
  "name": "string",
  "description": "string",
  "labels": "object",
  "regionId": "string",
  "networkId": "string",
  "listenerSpecs": [
    {
      "name": "string",
      "endpointSpecs": [
        {
          "addressSpecs": [
            {

              // `listenerSpecs[].endpointSpecs[].addressSpecs[]` includes only one of the fields `externalIpv4AddressSpec`, `internalIpv4AddressSpec`, `externalIpv6AddressSpec`
              "externalIpv4AddressSpec": {
                "address": "string"
              },
              "internalIpv4AddressSpec": {
                "address": "string",
                "subnetId": "string"
              },
              "externalIpv6AddressSpec": {
                "address": "string"
              },
              // end of the list of possible fields`listenerSpecs[].endpointSpecs[].addressSpecs[]`

            }
          ],
          "ports": [
            "string"
          ]
        }
      ],

      // `listenerSpecs[]` includes only one of the fields `http`, `tls`, `stream`
      "http": {
        "handler": {
          "httpRouterId": "string",

          // `listenerSpecs[].http.handler` includes only one of the fields `http2Options`, `allowHttp10`
          "http2Options": {
            "maxConcurrentStreams": "string"
          },
          "allowHttp10": true,
          // end of the list of possible fields`listenerSpecs[].http.handler`

        },
        "redirects": {
          "httpToHttps": true
        }
      },
      "tls": {
        "defaultHandler": {
          "certificateIds": [
            "string"
          ],

          // `listenerSpecs[].tls.defaultHandler` includes only one of the fields `httpHandler`, `streamHandler`
          "httpHandler": {
            "httpRouterId": "string",

            // `listenerSpecs[].tls.defaultHandler.httpHandler` includes only one of the fields `http2Options`, `allowHttp10`
            "http2Options": {
              "maxConcurrentStreams": "string"
            },
            "allowHttp10": true,
            // end of the list of possible fields`listenerSpecs[].tls.defaultHandler.httpHandler`

          },
          "streamHandler": {
            "backendGroupId": "string"
          },
          // end of the list of possible fields`listenerSpecs[].tls.defaultHandler`

        },
        "sniHandlers": [
          {
            "name": "string",
            "serverNames": [
              "string"
            ],
            "handler": {
              "certificateIds": [
                "string"
              ],

              // `listenerSpecs[].tls.sniHandlers[].handler` includes only one of the fields `httpHandler`, `streamHandler`
              "httpHandler": {
                "httpRouterId": "string",

                // `listenerSpecs[].tls.sniHandlers[].handler.httpHandler` includes only one of the fields `http2Options`, `allowHttp10`
                "http2Options": {
                  "maxConcurrentStreams": "string"
                },
                "allowHttp10": true,
                // end of the list of possible fields`listenerSpecs[].tls.sniHandlers[].handler.httpHandler`

              },
              "streamHandler": {
                "backendGroupId": "string"
              },
              // end of the list of possible fields`listenerSpecs[].tls.sniHandlers[].handler`

            }
          }
        ]
      },
      "stream": {
        "handler": {
          "backendGroupId": "string"
        }
      },
      // end of the list of possible fields`listenerSpecs[]`

    }
  ],
  "allocationPolicy": {
    "locations": [
      {
        "zoneId": "string",
        "subnetId": "string",
        "disableTraffic": true
      }
    ]
  },
  "securityGroupIds": [
    "string"
  ]
}
Field Description
folderId string

Required. ID of the folder to create an application load balancer in.

To get the folder ID, make a list request.

name string

Name of the application load balancer. The name must be unique within the folder.

Value must match the regular expression ([a-z]([-a-z0-9]{0,61}[a-z0-9])?)?.

description string

Description of the application load balancer.

The maximum string length in characters is 256.

labels object

Application load balancer labels as key:value pairs. For details about the concept, see documentation.

No more than 64 per resource. The string length in characters for each key must be 1-63. Each key must match the regular expression [a-z][-_./\@0-9a-z]*. The maximum string length in characters for each value is 63. Each value must match the regular expression [-_./\@0-9a-z]*.

regionId string

Required. ID of the region that the application load balancer is located at.

The only supported value is ru-central1.

networkId string

Required. ID of the network that the application load balancer belongs to.

listenerSpecs[] object

Listeners that belong to the application load balancer.

For details about the concept, see documentation.

listenerSpecs[].
name
string

Required. Name of the listener. The name is unique within the application load balancer.

Value must match the regular expression [a-z]([-a-z0-9]{0,61}[a-z0-9])?.

listenerSpecs[].
endpointSpecs[]
object

Required. Endpoints of the listener.

Endpoints are defined by their IP addresses and ports.

Must contain at least one element.

listenerSpecs[].
endpointSpecs[].
addressSpecs[]
object

Required. Endpoint public (external) and internal addresses.

Must contain at least one element.

listenerSpecs[].
endpointSpecs[].
addressSpecs[].
externalIpv4AddressSpec
object
Public IPv4 endpoint address.
listenerSpecs[].endpointSpecs[].addressSpecs[] includes only one of the fields externalIpv4AddressSpec, internalIpv4AddressSpec, externalIpv6AddressSpec
listenerSpecs[].
endpointSpecs[].
addressSpecs[].
externalIpv4AddressSpec.
address
string

IPv4 address.

listenerSpecs[].
endpointSpecs[].
addressSpecs[].
internalIpv4AddressSpec
object
Internal IPv4 endpoint address. To enable the use of listeners with internal addresses, contact support.
listenerSpecs[].endpointSpecs[].addressSpecs[] includes only one of the fields externalIpv4AddressSpec, internalIpv4AddressSpec, externalIpv6AddressSpec
listenerSpecs[].
endpointSpecs[].
addressSpecs[].
internalIpv4AddressSpec.
address
string

IPv4 address.

listenerSpecs[].
endpointSpecs[].
addressSpecs[].
internalIpv4AddressSpec.
subnetId
string

ID of the subnet that the address belongs to.

listenerSpecs[].
endpointSpecs[].
addressSpecs[].
externalIpv6AddressSpec
object
Public IPv6 endpoint address.
listenerSpecs[].endpointSpecs[].addressSpecs[] includes only one of the fields externalIpv4AddressSpec, internalIpv4AddressSpec, externalIpv6AddressSpec
listenerSpecs[].
endpointSpecs[].
addressSpecs[].
externalIpv6AddressSpec.
address
string

IPv6 address.

listenerSpecs[].
endpointSpecs[].
ports[]
string (int64)

Required. Endpoint ports.

Must contain at least one element. Acceptable values are 1 to 65535, inclusive.

listenerSpecs[].
http
object
Unencrypted HTTP listener settings.
listenerSpecs[] includes only one of the fields http, tls, stream
listenerSpecs[].
http.
handler
object

Settings for handling HTTP requests.

Only one of handler and redirects can be specified.

An HTTP handler resource.

listenerSpecs[].
http.
handler.
httpRouterId
string

ID of the HTTP router processing requests. For details about the concept, see documentation.

To get the list of all available HTTP routers, make a list request.

listenerSpecs[].
http.
handler.
http2Options
object
HTTP/2 settings. If specified, incoming HTTP/2 requests are supported by the listener.
listenerSpecs[].http.handler includes only one of the fields http2Options, allowHttp10
listenerSpecs[].
http.
handler.
http2Options.
maxConcurrentStreams
string (int64)

Maximum number of concurrent HTTP/2 streams in a connection.

listenerSpecs[].
http.
handler.
allowHttp10
boolean (boolean)
listenerSpecs[].http.handler includes only one of the fields http2Options, allowHttp10

Enables support for incoming HTTP/1.0 and HTTP/1.1 requests and disables it for HTTP/2 requests.

listenerSpecs[].
http.
redirects
object

Redirects settings.

Only one of redirects and handler can be specified.

A listener redirects resource.

listenerSpecs[].
http.
redirects.
httpToHttps
boolean (boolean)

Redirects all unencrypted HTTP requests to the same URI with scheme changed to https.

The setting has the same effect as a single, catch-all HttpRoute with replaceScheme set to https.

listenerSpecs[].
tls
object
TLS-encrypted HTTP or TCP stream listener settings. All handlers within a listener (defaultHandler and sniHandlers) must be of one type, HttpHandler or StreamHandler. Mixing HTTP and TCP stream traffic in a TLS-encrypted listener is not supported.
listenerSpecs[] includes only one of the fields http, tls, stream
listenerSpecs[].
tls.
defaultHandler
object

Required. Settings for handling requests by default, with Server Name Indication (SNI) not matching any of the sniHandlers.

A TLS-encrypted (HTTP or TCP stream) handler resource.

listenerSpecs[].
tls.
defaultHandler.
certificateIds[]
string

Required. ID's of the TLS server certificates from Certificate Manager.

RSA and ECDSA certificates are supported, and only the first certificate of each type is used.

Must contain at least one element.

listenerSpecs[].
tls.
defaultHandler.
httpHandler
object
HTTP handler.
listenerSpecs[].tls.defaultHandler includes only one of the fields httpHandler, streamHandler
listenerSpecs[].
tls.
defaultHandler.
httpHandler.
httpRouterId
string

ID of the HTTP router processing requests. For details about the concept, see documentation.

To get the list of all available HTTP routers, make a list request.

listenerSpecs[].
tls.
defaultHandler.
httpHandler.
http2Options
object
HTTP/2 settings. If specified, incoming HTTP/2 requests are supported by the listener.
listenerSpecs[].tls.defaultHandler.httpHandler includes only one of the fields http2Options, allowHttp10
listenerSpecs[].
tls.
defaultHandler.
httpHandler.
http2Options.
maxConcurrentStreams
string (int64)

Maximum number of concurrent HTTP/2 streams in a connection.

listenerSpecs[].
tls.
defaultHandler.
httpHandler.
allowHttp10
boolean (boolean)
listenerSpecs[].tls.defaultHandler.httpHandler includes only one of the fields http2Options, allowHttp10

Enables support for incoming HTTP/1.0 and HTTP/1.1 requests and disables it for HTTP/2 requests.

listenerSpecs[].
tls.
defaultHandler.
streamHandler
object
Stream (TCP) handler.
listenerSpecs[].tls.defaultHandler includes only one of the fields httpHandler, streamHandler
listenerSpecs[].
tls.
defaultHandler.
streamHandler.
backendGroupId
string

Required. ID of the backend group processing requests. For details about the concept, see documentation.

The backend group type, specified via [BackendGroup.backend], must be stream.

To get the list of all available backend groups, make a list request.

listenerSpecs[].
tls.
sniHandlers[]
object

Settings for handling requests with Server Name Indication (SNI) matching one of serverNames values.

listenerSpecs[].
tls.
sniHandlers[].
name
string

Required. Name of the SNI handler.

listenerSpecs[].
tls.
sniHandlers[].
serverNames[]
string

Required. Server names that are matched by the SNI handler.

Must contain at least one element.

listenerSpecs[].
tls.
sniHandlers[].
handler
object

Required. Settings for handling requests with Server Name Indication (SNI) matching one of serverNames values.

A TLS-encrypted (HTTP or TCP stream) handler resource.

listenerSpecs[].
tls.
sniHandlers[].
handler.
certificateIds[]
string

Required. ID's of the TLS server certificates from Certificate Manager.

RSA and ECDSA certificates are supported, and only the first certificate of each type is used.

Must contain at least one element.

listenerSpecs[].
tls.
sniHandlers[].
handler.
httpHandler
object
HTTP handler.
listenerSpecs[].tls.sniHandlers[].handler includes only one of the fields httpHandler, streamHandler
listenerSpecs[].
tls.
sniHandlers[].
handler.
httpHandler.
httpRouterId
string

ID of the HTTP router processing requests. For details about the concept, see documentation.

To get the list of all available HTTP routers, make a list request.

listenerSpecs[].
tls.
sniHandlers[].
handler.
httpHandler.
http2Options
object
HTTP/2 settings. If specified, incoming HTTP/2 requests are supported by the listener.
listenerSpecs[].tls.sniHandlers[].handler.httpHandler includes only one of the fields http2Options, allowHttp10
listenerSpecs[].
tls.
sniHandlers[].
handler.
httpHandler.
http2Options.
maxConcurrentStreams
string (int64)

Maximum number of concurrent HTTP/2 streams in a connection.

listenerSpecs[].
tls.
sniHandlers[].
handler.
httpHandler.
allowHttp10
boolean (boolean)
listenerSpecs[].tls.sniHandlers[].handler.httpHandler includes only one of the fields http2Options, allowHttp10

Enables support for incoming HTTP/1.0 and HTTP/1.1 requests and disables it for HTTP/2 requests.

listenerSpecs[].
tls.
sniHandlers[].
handler.
streamHandler
object
Stream (TCP) handler.
listenerSpecs[].tls.sniHandlers[].handler includes only one of the fields httpHandler, streamHandler
listenerSpecs[].
tls.
sniHandlers[].
handler.
streamHandler.
backendGroupId
string

Required. ID of the backend group processing requests. For details about the concept, see documentation.

The backend group type, specified via [BackendGroup.backend], must be stream.

To get the list of all available backend groups, make a list request.

listenerSpecs[].
stream
object
Unencrypted stream (TCP) listener settings.
listenerSpecs[] includes only one of the fields http, tls, stream
listenerSpecs[].
stream.
handler
object

Required. Settings for handling stream (TCP) requests.

A stream (TCP) handler resource.

listenerSpecs[].
stream.
handler.
backendGroupId
string

Required. ID of the backend group processing requests. For details about the concept, see documentation.

The backend group type, specified via [BackendGroup.backend], must be stream.

To get the list of all available backend groups, make a list request.

allocationPolicy object

Locality settings of the application load balancer.

For details about the concept, see documentation.

A locality settings (allocation policy) resource.

allocationPolicy.
locations[]
object

Required. Availability zones and subnets that the application load balancer resides.

The minimum number of elements is 1.

allocationPolicy.
locations[].
zoneId
string

Required. ID of the availability zone where the application load balancer resides.

Each availability zone can only be specified once.

allocationPolicy.
locations[].
subnetId
string

ID of the subnet that the application load balancer belongs to.

allocationPolicy.
locations[].
disableTraffic
boolean (boolean)

Disables the load balancer node in the specified availability zone.

Backends in the availability zone are not directly affected by this setting. They still may receive traffic from the load balancer nodes in other availability zones, subject to localityAwareRoutingPercent and strictLocality settings.

securityGroupIds[] string

ID's of the security groups attributed to the application load balancer.

For details about the concept, see documentation.

Response

HTTP Code: 200 - OK

{
  "id": "string",
  "description": "string",
  "createdAt": "string",
  "createdBy": "string",
  "modifiedAt": "string",
  "done": true,
  "metadata": "object",

  //  includes only one of the fields `error`, `response`
  "error": {
    "code": "integer",
    "message": "string",
    "details": [
      "object"
    ]
  },
  "response": "object",
  // end of the list of possible fields

}

An Operation resource. For more information, see Operation.

Field Description
id string

ID of the operation.

description string

Description of the operation. 0-256 characters long.

createdAt string (date-time)

Creation timestamp.

String in RFC3339 text format.

createdBy string

ID of the user or service account who initiated the operation.

modifiedAt string (date-time)

The time when the Operation resource was last modified.

String in RFC3339 text format.

done boolean (boolean)

If the value is false, it means the operation is still in progress. If true, the operation is completed, and either error or response is available.

metadata object

Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any.

error object
The error result of the operation in case of failure or cancellation.
includes only one of the fields error, response
error.
code
integer (int32)

Error code. An enum value of google.rpc.Code.

error.
message
string

An error message.

error.
details[]
object

A list of messages that carry the error details.

response object
includes only one of the fields error, response

The normal response of the operation in case of success. If the original method returns no data on success, such as Delete, the response is google.protobuf.Empty. If the original method is the standard Create/Update, the response should be the target resource of the operation. Any method that returns a long-running operation should document the response type, if any.

Was the article helpful?

Language / Region
© 2022 Yandex.Cloud LLC
In this article:
  • HTTP request
  • Body parameters
  • Response