Yandex Cloud
  • Services
  • Solutions
  • Why Yandex Cloud
  • Pricing
  • Documentation
  • Contact us
Get started
Language / Region
© 2022 Yandex.Cloud LLC
Yandex Application Load Balancer
  • Getting started
  • Step-by-step instructions
    • All instructions
    • Target groups
      • Create a target group
      • Edit a target group
      • Delete a target group
    • Backend groups
      • Create a backend group
      • Edit a backend group
      • Delete a backend group
    • HTTP routers
      • Create HTTP router
      • Edit an HTTP router
      • Delete an HTTP router
    • L7 load balancers
      • Create an L7 load balancer
      • Edit an L7 load balancer
      • View L7 load balancer statistics
      • View the L7 load balancer logs
      • Get the ID of the log group of the L7 load balancer
      • Stopping and restarting an L7 load balancer
      • Delete an L7 load balancer
    • Ingress Controller for Managed Service for Kubernetes
      • Install an Ingress controller
      • Create or update resources based on configuration
  • Practical guidelines
    • Setting up a virtual hosting
    • Creating a load balancer with DDoS protection
    • Integrating an L7 load balancer with the CDN and Object Storage
    • Blue-green and canary deployment of service versions
    • Terminating TLS connections
    • Writing load balancer logs to PostgreSQL
  • Concepts
    • Overview
    • Load balancers
    • HTTP routers
    • Backend groups
    • Target groups
    • Quotas and limits
  • Tools
    • Ingress Controller for Managed Service for Kubernetes
      • Overview
      • How it works
      • Security groups
      • Service accounts
  • Access management
  • Pricing policy
  • API reference
    • Authentication in the API
    • gRPC
      • Overview
      • BackendGroupService
      • HttpRouterService
      • LoadBalancerService
      • TargetGroupService
      • VirtualHostService
      • OperationService
    • REST
      • Overview
      • BackendGroup
        • Overview
        • addBackend
        • create
        • delete
        • get
        • list
        • listOperations
        • removeBackend
        • update
        • updateBackend
      • HttpRouter
        • Overview
        • create
        • delete
        • get
        • list
        • listOperations
        • update
      • LoadBalancer
        • Overview
        • addListener
        • addSniMatch
        • create
        • delete
        • get
        • getTargetStates
        • list
        • listOperations
        • removeListener
        • removeSniMatch
        • start
        • stop
        • update
        • updateListener
        • updateSniMatch
      • TargetGroup
        • Overview
        • addTargets
        • create
        • delete
        • get
        • list
        • listOperations
        • removeTargets
        • update
      • VirtualHost
        • Overview
        • create
        • delete
        • get
        • list
        • removeRoute
        • update
        • updateRoute
  • Ingress controller reference
    • Overview
    • Ingress
    • HttpBackendGroup
    • Service
  • Log reference
  1. API reference
  2. REST
  3. BackendGroup
  4. create

Method create

Written by
Yandex Cloud
  • HTTP request
  • Body parameters
  • Response

Creates a backend group in the specified folder.

HTTP request

POST https://alb.api.cloud.yandex.net/apploadbalancer/v1/backendGroups

Body parameters

{
  "folderId": "string",
  "name": "string",
  "description": "string",
  "labels": "object",

  //  includes only one of the fields `http`, `grpc`, `stream`
  "http": {
    "backends": [
      {
        "name": "string",
        "backendWeight": "integer",
        "loadBalancingConfig": {
          "panicThreshold": "string",
          "localityAwareRoutingPercent": "string",
          "strictLocality": true,
          "mode": "string"
        },
        "port": "string",
        "healthchecks": [
          {
            "timeout": "string",
            "interval": "string",
            "intervalJitterPercent": "number",
            "healthyThreshold": "string",
            "unhealthyThreshold": "string",
            "healthcheckPort": "string",

            // `http.backends[].healthchecks[]` includes only one of the fields `plaintext`, `tls`
            "stream": {
              "send": {
                "text": "string"
              },
              "receive": {
                "text": "string"
              }
            },
            "http": {
              "host": "string",
              "path": "string",
              "useHttp2": true
            },
            "grpc": {
              "serviceName": "string"
            },
            // end of the list of possible fields`http.backends[].healthchecks[]`

            "plaintext": {},
            "tls": {
              "sni": "string",
              "validationContext": {

                // `http.backends[].healthchecks[].tls.validationContext` includes only one of the fields `trustedCaId`, `trustedCaBytes`
                "trustedCaId": "string",
                "trustedCaBytes": "string",
                // end of the list of possible fields`http.backends[].healthchecks[].tls.validationContext`

              }
            }
          }
        ],
        "tls": {
          "sni": "string",
          "validationContext": {

            // `http.backends[].tls.validationContext` includes only one of the fields `trustedCaId`, `trustedCaBytes`
            "trustedCaId": "string",
            "trustedCaBytes": "string",
            // end of the list of possible fields`http.backends[].tls.validationContext`

          }
        },
        "useHttp2": true,

        // `http.backends[]` includes only one of the fields `targetGroups`, `storageBucket`
        "targetGroups": {
          "targetGroupIds": [
            "string"
          ]
        },
        "storageBucket": {
          "bucket": "string"
        },
        // end of the list of possible fields`http.backends[]`

      }
    ],

    // `http` includes only one of the fields `connection`, `header`, `cookie`
    "connection": {
      "sourceIp": true
    },
    "header": {
      "headerName": "string"
    },
    "cookie": {
      "name": "string",
      "ttl": "string"
    },
    // end of the list of possible fields`http`

  },
  "grpc": {
    "backends": [
      {
        "name": "string",
        "backendWeight": "integer",
        "loadBalancingConfig": {
          "panicThreshold": "string",
          "localityAwareRoutingPercent": "string",
          "strictLocality": true,
          "mode": "string"
        },
        "port": "string",
        "healthchecks": [
          {
            "timeout": "string",
            "interval": "string",
            "intervalJitterPercent": "number",
            "healthyThreshold": "string",
            "unhealthyThreshold": "string",
            "healthcheckPort": "string",

            // `grpc.backends[].healthchecks[]` includes only one of the fields `plaintext`, `tls`
            "stream": {
              "send": {
                "text": "string"
              },
              "receive": {
                "text": "string"
              }
            },
            "http": {
              "host": "string",
              "path": "string",
              "useHttp2": true
            },
            "grpc": {
              "serviceName": "string"
            },
            // end of the list of possible fields`grpc.backends[].healthchecks[]`

            "plaintext": {},
            "tls": {
              "sni": "string",
              "validationContext": {

                // `grpc.backends[].healthchecks[].tls.validationContext` includes only one of the fields `trustedCaId`, `trustedCaBytes`
                "trustedCaId": "string",
                "trustedCaBytes": "string",
                // end of the list of possible fields`grpc.backends[].healthchecks[].tls.validationContext`

              }
            }
          }
        ],
        "tls": {
          "sni": "string",
          "validationContext": {

            // `grpc.backends[].tls.validationContext` includes only one of the fields `trustedCaId`, `trustedCaBytes`
            "trustedCaId": "string",
            "trustedCaBytes": "string",
            // end of the list of possible fields`grpc.backends[].tls.validationContext`

          }
        },
        "targetGroups": {
          "targetGroupIds": [
            "string"
          ]
        }
      }
    ],

    // `grpc` includes only one of the fields `connection`, `header`, `cookie`
    "connection": {
      "sourceIp": true
    },
    "header": {
      "headerName": "string"
    },
    "cookie": {
      "name": "string",
      "ttl": "string"
    },
    // end of the list of possible fields`grpc`

  },
  "stream": {
    "backends": [
      {
        "name": "string",
        "backendWeight": "integer",
        "loadBalancingConfig": {
          "panicThreshold": "string",
          "localityAwareRoutingPercent": "string",
          "strictLocality": true,
          "mode": "string"
        },
        "port": "string",
        "healthchecks": [
          {
            "timeout": "string",
            "interval": "string",
            "intervalJitterPercent": "number",
            "healthyThreshold": "string",
            "unhealthyThreshold": "string",
            "healthcheckPort": "string",

            // `stream.backends[].healthchecks[]` includes only one of the fields `plaintext`, `tls`
            "stream": {
              "send": {
                "text": "string"
              },
              "receive": {
                "text": "string"
              }
            },
            "http": {
              "host": "string",
              "path": "string",
              "useHttp2": true
            },
            "grpc": {
              "serviceName": "string"
            },
            // end of the list of possible fields`stream.backends[].healthchecks[]`

            "plaintext": {},
            "tls": {
              "sni": "string",
              "validationContext": {

                // `stream.backends[].healthchecks[].tls.validationContext` includes only one of the fields `trustedCaId`, `trustedCaBytes`
                "trustedCaId": "string",
                "trustedCaBytes": "string",
                // end of the list of possible fields`stream.backends[].healthchecks[].tls.validationContext`

              }
            }
          }
        ],
        "tls": {
          "sni": "string",
          "validationContext": {

            // `stream.backends[].tls.validationContext` includes only one of the fields `trustedCaId`, `trustedCaBytes`
            "trustedCaId": "string",
            "trustedCaBytes": "string",
            // end of the list of possible fields`stream.backends[].tls.validationContext`

          }
        },
        "enableProxyProtocol": true,
        "targetGroups": {
          "targetGroupIds": [
            "string"
          ]
        }
      }
    ],
    "connection": {
      "sourceIp": true
    }
  },
  // end of the list of possible fields

}
Field Description
folderId string

Required. ID of the folder to create a backend group in.

To get the folder ID, make a list request.

name string

Name of the backend group. The name must be unique within the folder.

Value must match the regular expression ([a-z]([-a-z0-9]{0,61}[a-z0-9])?)?.

description string

Description of the backend group.

The maximum string length in characters is 256.

labels object

Backend group labels as key:value pairs. For details about the concept, see documentation.

No more than 64 per resource. The string length in characters for each key must be 1-63. Each key must match the regular expression [a-z][-_./\@0-9a-z]*. The maximum string length in characters for each value is 63. Each value must match the regular expression [-_./\@0-9a-z]*.

http object
List of HTTP backends that the backend group will consist of.
includes only one of the fields http, grpc, stream
http.
backends[]
object
HTTP backend to add to the backend group.
http.
backends[].
name
string

Required. Name of the backend.

Value must match the regular expression [a-z][-a-z0-9]{1,61}[a-z0-9].

http.
backends[].
backendWeight
integer (int64)

Backend weight. Traffic is distributed between backends of a backend group according to their weights.

Weights must be set either for all backends in a group or for none of them. Setting no weights is the same as setting equal non-zero weights for all backends.

If the weight is non-positive, traffic is not sent to the backend.

http.
backends[].
loadBalancingConfig
object
Load balancing configuration for the backend.
http.
backends[].
loadBalancingConfig.
panicThreshold
string (int64)

Threshold for panic mode.

If percentage of healthy backends in the group drops below threshold, panic mode will be activated and traffic will be routed to all backends, regardless of their health check status. This helps to avoid overloading healthy backends. For details about panic mode, see documentation.

If the value is 0, panic mode will never be activated and traffic is routed only to healthy backends at all times.

Default value: 0.

Acceptable values are 0 to 100, inclusive.

http.
backends[].
loadBalancingConfig.
localityAwareRoutingPercent
string (int64)

Percentage of traffic that a load balancer node sends to healthy backends in its availability zone. The rest is divided equally between other zones. For details about zone-aware routing, see documentation.

If there are no healthy backends in an availability zone, all the traffic is divided between other zones.

If strictLocality is true, the specified value is ignored. A load balancer node sends all the traffic within its availability zone, regardless of backends' health.

Default value: 0.

Acceptable values are 0 to 100, inclusive.

http.
backends[].
loadBalancingConfig.
strictLocality
boolean (boolean)

Specifies whether a load balancer node should only send traffic to backends in its availability zone, regardless of their health, and ignore backends in other zones.

If set to true and there are no healthy backends in the zone, the node in this zone will respond to incoming traffic with errors. For details about strict locality, see documentation.

If strict_locality is true, the value specified in localityAwareRoutingPercent is ignored.

Default value: false.

http.
backends[].
loadBalancingConfig.
mode
string

Load balancing mode for the backend.

For details about load balancing modes, see documentation.

A load balancing mode resource. For details about the concept, see documentation.

  • ROUND_ROBIN: Round robin load balancing mode.

    All endpoints of the backend take their turns to receive requests attributed to the backend.

  • RANDOM: Random load balancing mode. Default value.

    For a request attributed to the backend, an endpoint that receives it is picked at random.

  • LEAST_REQUEST: Least request load balancing mode.

    To pick an endpoint that receives a request attributed to the backend, the power of two choices algorithm is used; that is, two endpoints are picked at random, and the request is sent to the one which has the fewest active requests.

  • MAGLEV_HASH: Maglev hashing load balancing mode.

    Each endpoint is hashed, and a hash table with 65537 rows is filled accordingly, so that every endpoint occupies the same amount of rows. An attribute of each request is also hashed by the same function (if session affinity is enabled for the backend group, the attribute to hash is specified in session affinity configuration). The row with the same number as the resulting value is looked up in the table to determine the endpoint that receives the request.

    If the backend group with session affinity enabled contains more than one backend with positive weight, endpoints for backends with MAGLEV_HASH load balancing mode are picked at RANDOM instead.

http.
backends[].
port
string (int64)

Port used by all targets to receive traffic.

Acceptable values are 0 to 65535, inclusive.

http.
backends[].
healthchecks[]
object

Health checks to perform on targets from target groups. For details about health checking, see documentation.

If no health checks are specified, active health checking is not performed.

http.
backends[].
healthchecks[].
timeout
string

Required. Health check timeout.

The timeout is the time allowed for the target to respond to a check. If the target doesn't respond in time, the check is considered failed.

http.
backends[].
healthchecks[].
interval
string

Required. Base interval between consecutive health checks.

http.
backends[].
healthchecks[].
intervalJitterPercent
number (double)
http.
backends[].
healthchecks[].
healthyThreshold
string (int64)

Number of consecutive successful health checks required to mark an unhealthy target as healthy.

Both 0 and 1 values amount to one successful check required.

The value is ignored when a load balancer is initialized; a target is marked healthy after one successful check.

Default value: 0.

http.
backends[].
healthchecks[].
unhealthyThreshold
string (int64)

Number of consecutive failed health checks required to mark a healthy target as unhealthy.

Both 0 and 1 values amount to one unsuccessful check required.

The value is ignored if a health check is failed due to an HTTP 503 Service Unavailable response from the target (not applicable to TCP stream health checks). The target is immediately marked unhealthy.

Default value: 0.

http.
backends[].
healthchecks[].
healthcheckPort
string (int64)

Port used for health checks.

If not specified, the backend port (port or port) is used for health checks.

Acceptable values are 0 to 65535, inclusive.

http.
backends[].
healthchecks[].
stream
object
TCP stream health check settings.
http.backends[].healthchecks[] includes only one of the fields stream, http, grpc
http.
backends[].
healthchecks[].
stream.
send
object

Message sent to targets during TCP data transfer.

If not specified, no data is sent to the target.

A health check payload resource.

http.
backends[].
healthchecks[].
stream.
send.
text
string

Payload text.

The string length in characters must be greater than 0.

http.
backends[].
healthchecks[].
stream.
receive
object

Data that must be contained in the messages received from targets for a successful health check.

If not specified, no messages are expected from targets, and those that are received are not checked.

A health check payload resource.

http.
backends[].
healthchecks[].
stream.
receive.
text
string

Payload text.

The string length in characters must be greater than 0.

http.
backends[].
healthchecks[].
http
object
HTTP health check settings.
http.backends[].healthchecks[] includes only one of the fields stream, http, grpc
http.
backends[].
healthchecks[].
http.
host
string

Value for the HTTP/1.1 Host header or the HTTP/2 :authority pseudo-header used in requests to targets.

http.
backends[].
healthchecks[].
http.
path
string

Required. HTTP path used in requests to targets: request URI for HTTP/1.1 request line or value for the HTTP/2 :path pseudo-header.

http.
backends[].
healthchecks[].
http.
useHttp2
boolean (boolean)

Enables HTTP/2 usage in health checks.

Default value: false, HTTP/1.1 is used.

http.
backends[].
healthchecks[].
grpc
object
gRPC health check settings.
http.backends[].healthchecks[] includes only one of the fields stream, http, grpc
http.
backends[].
healthchecks[].
grpc.
serviceName
string

Name of the gRPC service to be checked.

If not specified, overall health is checked.

For details about the concept, see GRPC Health Checking Protocol.

http.
backends[].
healthchecks[].
plaintext
object
http.backends[].healthchecks[] includes only one of the fields plaintext, tls

Transport settings to be used instead of the settings configured per-cluster

http.
backends[].
healthchecks[].
tls
object
http.backends[].healthchecks[] includes only one of the fields plaintext, tls

Transport settings to be used instead of the settings configured per-cluster

http.
backends[].
healthchecks[].
tls.
sni
string

SNI string for TLS connections.

http.
backends[].
healthchecks[].
tls.
validationContext
object

Validation context for backend TLS connections.

A TLS validation context resource.

http.
backends[].
healthchecks[].
tls.
validationContext.
trustedCaId
string
http.backends[].healthchecks[].tls.validationContext includes only one of the fields trustedCaId, trustedCaBytes
http.
backends[].
healthchecks[].
tls.
validationContext.
trustedCaBytes
string
http.backends[].healthchecks[].tls.validationContext includes only one of the fields trustedCaId, trustedCaBytes

X.509 certificate contents in PEM format.

http.
backends[].
tls
object
Settings for TLS connections between load balancer nodes and backend targets. If specified, the load balancer establishes TLS-encrypted TCP connections with targets and compares received certificates with the one specified in validationContext. If not specified, the load balancer establishes unencrypted TCP connections with targets.
http.
backends[].
tls.
sni
string

Server Name Indication (SNI) string for TLS connections.

http.
backends[].
tls.
validationContext
object

Validation context for TLS connections.

A TLS validation context resource.

http.
backends[].
tls.
validationContext.
trustedCaId
string
http.backends[].tls.validationContext includes only one of the fields trustedCaId, trustedCaBytes
http.
backends[].
tls.
validationContext.
trustedCaBytes
string
http.backends[].tls.validationContext includes only one of the fields trustedCaId, trustedCaBytes

X.509 certificate contents in PEM format.

http.
backends[].
useHttp2
boolean (boolean)

Enables HTTP/2 usage in connections between load balancer nodes and backend targets.

Default value: false, HTTP/1.1 is used.

http.
backends[].
targetGroups
object
Target groups that belong to the backend. For details about target groups, see documentation.
http.backends[] includes only one of the fields targetGroups, storageBucket
http.
backends[].
targetGroups.
targetGroupIds[]
string

Required. List of ID's of target groups that belong to the backend.

To get the ID's of all available target groups, make a list request.

Must contain at least one element.

http.
backends[].
storageBucket
object
Object Storage bucket to use as the backend. For details about buckets, see documentation. If a bucket is used as a backend, the list of bucket objects and the objects themselves must be publicly accessible. For instructions, see documentation.
http.backends[] includes only one of the fields targetGroups, storageBucket
http.
backends[].
storageBucket.
bucket
string

Required. Name of the bucket.

http.
connection
object
Connection-based session affinity configuration. For now, a connection is defined only by an IP address of the client.
http includes only one of the fields connection, header, cookie
http.
connection.
sourceIp
boolean (boolean)

Specifies whether an IP address of the client is used to define a connection for session affinity.

http.
header
object
HTTP-header-field-based session affinity configuration.
http includes only one of the fields connection, header, cookie
http.
header.
headerName
string

Name of the HTTP header field that is used for session affinity.

The string length in characters must be 1-256.

http.
cookie
object
Cookie-based session affinity configuration.
http includes only one of the fields connection, header, cookie
http.
cookie.
name
string

Name of the cookie that is used for session affinity.

The string length in characters must be 1-256.

http.
cookie.
ttl
string

Maximum age of cookies that are generated for sessions.

If set to 0, session cookies are used, which are stored by clients in temporary memory and are deleted on client restarts.

If not set, the balancer does not generate cookies and only uses incoming ones for establishing session affinity.

grpc object
List of gRPC backends that the backend group consists of.
includes only one of the fields http, grpc, stream
grpc.
backends[]
object
gRPC backend to add to the backend group.
grpc.
backends[].
name
string

Required. Name of the backend.

Value must match the regular expression [a-z][-a-z0-9]{1,61}[a-z0-9].

grpc.
backends[].
backendWeight
integer (int64)

Backend weight. Traffic is distributed between backends of a backend group according to their weights.

Weights must be set either for all backends of a group or for none of them. Setting no weights is the same as setting equal non-zero weights for all backends.

If the weight is non-positive, traffic is not sent to the backend.

grpc.
backends[].
loadBalancingConfig
object
Load balancing configuration for the backend.
grpc.
backends[].
loadBalancingConfig.
panicThreshold
string (int64)

Threshold for panic mode.

If percentage of healthy backends in the group drops below threshold, panic mode will be activated and traffic will be routed to all backends, regardless of their health check status. This helps to avoid overloading healthy backends. For details about panic mode, see documentation.

If the value is 0, panic mode will never be activated and traffic is routed only to healthy backends at all times.

Default value: 0.

Acceptable values are 0 to 100, inclusive.

grpc.
backends[].
loadBalancingConfig.
localityAwareRoutingPercent
string (int64)

Percentage of traffic that a load balancer node sends to healthy backends in its availability zone. The rest is divided equally between other zones. For details about zone-aware routing, see documentation.

If there are no healthy backends in an availability zone, all the traffic is divided between other zones.

If strictLocality is true, the specified value is ignored. A load balancer node sends all the traffic within its availability zone, regardless of backends' health.

Default value: 0.

Acceptable values are 0 to 100, inclusive.

grpc.
backends[].
loadBalancingConfig.
strictLocality
boolean (boolean)

Specifies whether a load balancer node should only send traffic to backends in its availability zone, regardless of their health, and ignore backends in other zones.

If set to true and there are no healthy backends in the zone, the node in this zone will respond to incoming traffic with errors. For details about strict locality, see documentation.

If strict_locality is true, the value specified in localityAwareRoutingPercent is ignored.

Default value: false.

grpc.
backends[].
loadBalancingConfig.
mode
string

Load balancing mode for the backend.

For details about load balancing modes, see documentation.

A load balancing mode resource. For details about the concept, see documentation.

  • ROUND_ROBIN: Round robin load balancing mode.

    All endpoints of the backend take their turns to receive requests attributed to the backend.

  • RANDOM: Random load balancing mode. Default value.

    For a request attributed to the backend, an endpoint that receives it is picked at random.

  • LEAST_REQUEST: Least request load balancing mode.

    To pick an endpoint that receives a request attributed to the backend, the power of two choices algorithm is used; that is, two endpoints are picked at random, and the request is sent to the one which has the fewest active requests.

  • MAGLEV_HASH: Maglev hashing load balancing mode.

    Each endpoint is hashed, and a hash table with 65537 rows is filled accordingly, so that every endpoint occupies the same amount of rows. An attribute of each request is also hashed by the same function (if session affinity is enabled for the backend group, the attribute to hash is specified in session affinity configuration). The row with the same number as the resulting value is looked up in the table to determine the endpoint that receives the request.

    If the backend group with session affinity enabled contains more than one backend with positive weight, endpoints for backends with MAGLEV_HASH load balancing mode are picked at RANDOM instead.

grpc.
backends[].
port
string (int64)

Port used by all targets to receive traffic.

Acceptable values are 0 to 65535, inclusive.

grpc.
backends[].
healthchecks[]
object

Health checks to perform on targets from target groups. For details about health checking, see documentation.

If no health checks are specified, active health checking is not performed.

grpc.
backends[].
healthchecks[].
timeout
string

Required. Health check timeout.

The timeout is the time allowed for the target to respond to a check. If the target doesn't respond in time, the check is considered failed.

grpc.
backends[].
healthchecks[].
interval
string

Required. Base interval between consecutive health checks.

grpc.
backends[].
healthchecks[].
intervalJitterPercent
number (double)
grpc.
backends[].
healthchecks[].
healthyThreshold
string (int64)

Number of consecutive successful health checks required to mark an unhealthy target as healthy.

Both 0 and 1 values amount to one successful check required.

The value is ignored when a load balancer is initialized; a target is marked healthy after one successful check.

Default value: 0.

grpc.
backends[].
healthchecks[].
unhealthyThreshold
string (int64)

Number of consecutive failed health checks required to mark a healthy target as unhealthy.

Both 0 and 1 values amount to one unsuccessful check required.

The value is ignored if a health check is failed due to an HTTP 503 Service Unavailable response from the target (not applicable to TCP stream health checks). The target is immediately marked unhealthy.

Default value: 0.

grpc.
backends[].
healthchecks[].
healthcheckPort
string (int64)

Port used for health checks.

If not specified, the backend port (port or port) is used for health checks.

Acceptable values are 0 to 65535, inclusive.

grpc.
backends[].
healthchecks[].
stream
object
TCP stream health check settings.
grpc.backends[].healthchecks[] includes only one of the fields stream, http, grpc
grpc.
backends[].
healthchecks[].
stream.
send
object

Message sent to targets during TCP data transfer.

If not specified, no data is sent to the target.

A health check payload resource.

grpc.
backends[].
healthchecks[].
stream.
send.
text
string

Payload text.

The string length in characters must be greater than 0.

grpc.
backends[].
healthchecks[].
stream.
receive
object

Data that must be contained in the messages received from targets for a successful health check.

If not specified, no messages are expected from targets, and those that are received are not checked.

A health check payload resource.

grpc.
backends[].
healthchecks[].
stream.
receive.
text
string

Payload text.

The string length in characters must be greater than 0.

grpc.
backends[].
healthchecks[].
http
object
HTTP health check settings.
grpc.backends[].healthchecks[] includes only one of the fields stream, http, grpc
grpc.
backends[].
healthchecks[].
http.
host
string

Value for the HTTP/1.1 Host header or the HTTP/2 :authority pseudo-header used in requests to targets.

grpc.
backends[].
healthchecks[].
http.
path
string

Required. HTTP path used in requests to targets: request URI for HTTP/1.1 request line or value for the HTTP/2 :path pseudo-header.

grpc.
backends[].
healthchecks[].
http.
useHttp2
boolean (boolean)

Enables HTTP/2 usage in health checks.

Default value: false, HTTP/1.1 is used.

grpc.
backends[].
healthchecks[].
grpc
object
gRPC health check settings.
grpc.backends[].healthchecks[] includes only one of the fields stream, http, grpc
grpc.
backends[].
healthchecks[].
grpc.
serviceName
string

Name of the gRPC service to be checked.

If not specified, overall health is checked.

For details about the concept, see GRPC Health Checking Protocol.

grpc.
backends[].
healthchecks[].
plaintext
object
grpc.backends[].healthchecks[] includes only one of the fields plaintext, tls

Transport settings to be used instead of the settings configured per-cluster

grpc.
backends[].
healthchecks[].
tls
object
grpc.backends[].healthchecks[] includes only one of the fields plaintext, tls

Transport settings to be used instead of the settings configured per-cluster

grpc.
backends[].
healthchecks[].
tls.
sni
string

SNI string for TLS connections.

grpc.
backends[].
healthchecks[].
tls.
validationContext
object

Validation context for backend TLS connections.

A TLS validation context resource.

grpc.
backends[].
healthchecks[].
tls.
validationContext.
trustedCaId
string
grpc.backends[].healthchecks[].tls.validationContext includes only one of the fields trustedCaId, trustedCaBytes
grpc.
backends[].
healthchecks[].
tls.
validationContext.
trustedCaBytes
string
grpc.backends[].healthchecks[].tls.validationContext includes only one of the fields trustedCaId, trustedCaBytes

X.509 certificate contents in PEM format.

grpc.
backends[].
tls
object
Settings for TLS connections between load balancer nodes and backend targets. If specified, the load balancer establishes HTTPS (HTTP over TLS) connections with targets and compares received certificates with the one specified in validationContext. If not specified, the load balancer establishes unencrypted HTTP connections with targets.
grpc.
backends[].
tls.
sni
string

Server Name Indication (SNI) string for TLS connections.

grpc.
backends[].
tls.
validationContext
object

Validation context for TLS connections.

A TLS validation context resource.

grpc.
backends[].
tls.
validationContext.
trustedCaId
string
grpc.backends[].tls.validationContext includes only one of the fields trustedCaId, trustedCaBytes
grpc.
backends[].
tls.
validationContext.
trustedCaBytes
string
grpc.backends[].tls.validationContext includes only one of the fields trustedCaId, trustedCaBytes

X.509 certificate contents in PEM format.

grpc.
backends[].
targetGroups
object
Target groups that belong to the backend. For details about target groups, see documentation.
grpc.
backends[].
targetGroups.
targetGroupIds[]
string

Required. List of ID's of target groups that belong to the backend.

To get the ID's of all available target groups, make a list request.

Must contain at least one element.

grpc.
connection
object
Connection-based session affinity configuration. For now, a connection is defined only by an IP address of the client.
grpc includes only one of the fields connection, header, cookie
grpc.
connection.
sourceIp
boolean (boolean)

Specifies whether an IP address of the client is used to define a connection for session affinity.

grpc.
header
object
HTTP-header-field-based session affinity configuration.
grpc includes only one of the fields connection, header, cookie
grpc.
header.
headerName
string

Name of the HTTP header field that is used for session affinity.

The string length in characters must be 1-256.

grpc.
cookie
object
Cookie-based session affinity configuration.
grpc includes only one of the fields connection, header, cookie
grpc.
cookie.
name
string

Name of the cookie that is used for session affinity.

The string length in characters must be 1-256.

grpc.
cookie.
ttl
string

Maximum age of cookies that are generated for sessions.

If set to 0, session cookies are used, which are stored by clients in temporary memory and are deleted on client restarts.

If not set, the balancer does not generate cookies and only uses incoming ones for establishing session affinity.

stream object
List of stream (TCP) backends that the backend group consists of.
includes only one of the fields http, grpc, stream
stream.
backends[]
object
New settings for the Stream backend.
stream.
backends[].
name
string

Name of the backend.

Value must match the regular expression [a-z][-a-z0-9]{1,61}[a-z0-9].

stream.
backends[].
backendWeight
integer (int64)

Backend weight. Traffic is distributed between backends of a backend group according to their weights.

Weights must be set either for all backends in a group or for none of them. Setting no weights is the same as setting equal non-zero weights for all backends.

If the weight is non-positive, traffic is not sent to the backend.

stream.
backends[].
loadBalancingConfig
object
Load balancing configuration for the backend.
stream.
backends[].
loadBalancingConfig.
panicThreshold
string (int64)

Threshold for panic mode.

If percentage of healthy backends in the group drops below threshold, panic mode will be activated and traffic will be routed to all backends, regardless of their health check status. This helps to avoid overloading healthy backends. For details about panic mode, see documentation.

If the value is 0, panic mode will never be activated and traffic is routed only to healthy backends at all times.

Default value: 0.

Acceptable values are 0 to 100, inclusive.

stream.
backends[].
loadBalancingConfig.
localityAwareRoutingPercent
string (int64)

Percentage of traffic that a load balancer node sends to healthy backends in its availability zone. The rest is divided equally between other zones. For details about zone-aware routing, see documentation.

If there are no healthy backends in an availability zone, all the traffic is divided between other zones.

If strictLocality is true, the specified value is ignored. A load balancer node sends all the traffic within its availability zone, regardless of backends' health.

Default value: 0.

Acceptable values are 0 to 100, inclusive.

stream.
backends[].
loadBalancingConfig.
strictLocality
boolean (boolean)

Specifies whether a load balancer node should only send traffic to backends in its availability zone, regardless of their health, and ignore backends in other zones.

If set to true and there are no healthy backends in the zone, the node in this zone will respond to incoming traffic with errors. For details about strict locality, see documentation.

If strict_locality is true, the value specified in localityAwareRoutingPercent is ignored.

Default value: false.

stream.
backends[].
loadBalancingConfig.
mode
string

Load balancing mode for the backend.

For details about load balancing modes, see documentation.

A load balancing mode resource. For details about the concept, see documentation.

  • ROUND_ROBIN: Round robin load balancing mode.

    All endpoints of the backend take their turns to receive requests attributed to the backend.

  • RANDOM: Random load balancing mode. Default value.

    For a request attributed to the backend, an endpoint that receives it is picked at random.

  • LEAST_REQUEST: Least request load balancing mode.

    To pick an endpoint that receives a request attributed to the backend, the power of two choices algorithm is used; that is, two endpoints are picked at random, and the request is sent to the one which has the fewest active requests.

  • MAGLEV_HASH: Maglev hashing load balancing mode.

    Each endpoint is hashed, and a hash table with 65537 rows is filled accordingly, so that every endpoint occupies the same amount of rows. An attribute of each request is also hashed by the same function (if session affinity is enabled for the backend group, the attribute to hash is specified in session affinity configuration). The row with the same number as the resulting value is looked up in the table to determine the endpoint that receives the request.

    If the backend group with session affinity enabled contains more than one backend with positive weight, endpoints for backends with MAGLEV_HASH load balancing mode are picked at RANDOM instead.

stream.
backends[].
port
string (int64)

Port used by all targets to receive traffic.

Acceptable values are 0 to 65535, inclusive.

stream.
backends[].
healthchecks[]
object

Health checks to perform on targets from target groups. For details about health checking, see documentation.

If no health checks are specified, active health checking is not performed.

stream.
backends[].
healthchecks[].
timeout
string

Required. Health check timeout.

The timeout is the time allowed for the target to respond to a check. If the target doesn't respond in time, the check is considered failed.

stream.
backends[].
healthchecks[].
interval
string

Required. Base interval between consecutive health checks.

stream.
backends[].
healthchecks[].
intervalJitterPercent
number (double)
stream.
backends[].
healthchecks[].
healthyThreshold
string (int64)

Number of consecutive successful health checks required to mark an unhealthy target as healthy.

Both 0 and 1 values amount to one successful check required.

The value is ignored when a load balancer is initialized; a target is marked healthy after one successful check.

Default value: 0.

stream.
backends[].
healthchecks[].
unhealthyThreshold
string (int64)

Number of consecutive failed health checks required to mark a healthy target as unhealthy.

Both 0 and 1 values amount to one unsuccessful check required.

The value is ignored if a health check is failed due to an HTTP 503 Service Unavailable response from the target (not applicable to TCP stream health checks). The target is immediately marked unhealthy.

Default value: 0.

stream.
backends[].
healthchecks[].
healthcheckPort
string (int64)

Port used for health checks.

If not specified, the backend port (port or port) is used for health checks.

Acceptable values are 0 to 65535, inclusive.

stream.
backends[].
healthchecks[].
stream
object
TCP stream health check settings.
stream.backends[].healthchecks[] includes only one of the fields stream, http, grpc
stream.
backends[].
healthchecks[].
stream.
send
object

Message sent to targets during TCP data transfer.

If not specified, no data is sent to the target.

A health check payload resource.

stream.
backends[].
healthchecks[].
stream.
send.
text
string

Payload text.

The string length in characters must be greater than 0.

stream.
backends[].
healthchecks[].
stream.
receive
object

Data that must be contained in the messages received from targets for a successful health check.

If not specified, no messages are expected from targets, and those that are received are not checked.

A health check payload resource.

stream.
backends[].
healthchecks[].
stream.
receive.
text
string

Payload text.

The string length in characters must be greater than 0.

stream.
backends[].
healthchecks[].
http
object
HTTP health check settings.
stream.backends[].healthchecks[] includes only one of the fields stream, http, grpc
stream.
backends[].
healthchecks[].
http.
host
string

Value for the HTTP/1.1 Host header or the HTTP/2 :authority pseudo-header used in requests to targets.

stream.
backends[].
healthchecks[].
http.
path
string

Required. HTTP path used in requests to targets: request URI for HTTP/1.1 request line or value for the HTTP/2 :path pseudo-header.

stream.
backends[].
healthchecks[].
http.
useHttp2
boolean (boolean)

Enables HTTP/2 usage in health checks.

Default value: false, HTTP/1.1 is used.

stream.
backends[].
healthchecks[].
grpc
object
gRPC health check settings.
stream.backends[].healthchecks[] includes only one of the fields stream, http, grpc
stream.
backends[].
healthchecks[].
grpc.
serviceName
string

Name of the gRPC service to be checked.

If not specified, overall health is checked.

For details about the concept, see GRPC Health Checking Protocol.

stream.
backends[].
healthchecks[].
plaintext
object
stream.backends[].healthchecks[] includes only one of the fields plaintext, tls

Transport settings to be used instead of the settings configured per-cluster

stream.
backends[].
healthchecks[].
tls
object
stream.backends[].healthchecks[] includes only one of the fields plaintext, tls

Transport settings to be used instead of the settings configured per-cluster

stream.
backends[].
healthchecks[].
tls.
sni
string

SNI string for TLS connections.

stream.
backends[].
healthchecks[].
tls.
validationContext
object

Validation context for backend TLS connections.

A TLS validation context resource.

stream.
backends[].
healthchecks[].
tls.
validationContext.
trustedCaId
string
stream.backends[].healthchecks[].tls.validationContext includes only one of the fields trustedCaId, trustedCaBytes
stream.
backends[].
healthchecks[].
tls.
validationContext.
trustedCaBytes
string
stream.backends[].healthchecks[].tls.validationContext includes only one of the fields trustedCaId, trustedCaBytes

X.509 certificate contents in PEM format.

stream.
backends[].
tls
object
Settings for TLS connections between load balancer nodes and backend targets. If specified, the load balancer establishes HTTPS (HTTP over TLS) connections with targets and compares received certificates with the one specified in validationContext. If not specified, the load balancer establishes unencrypted HTTP connections with targets.
stream.
backends[].
tls.
sni
string

Server Name Indication (SNI) string for TLS connections.

stream.
backends[].
tls.
validationContext
object

Validation context for TLS connections.

A TLS validation context resource.

stream.
backends[].
tls.
validationContext.
trustedCaId
string
stream.backends[].tls.validationContext includes only one of the fields trustedCaId, trustedCaBytes
stream.
backends[].
tls.
validationContext.
trustedCaBytes
string
stream.backends[].tls.validationContext includes only one of the fields trustedCaId, trustedCaBytes

X.509 certificate contents in PEM format.

stream.
backends[].
enableProxyProtocol
boolean (boolean)

If set, proxy protocol will be enabled for this backend.

stream.
backends[].
targetGroups
object
Target groups that belong to the backend.
stream.
backends[].
targetGroups.
targetGroupIds[]
string

Required. List of ID's of target groups that belong to the backend.

To get the ID's of all available target groups, make a list request.

Must contain at least one element.

stream.
connection
object
Connection-based session affinity configuration. For now, a connection is defined only by an IP address of the client.
stream.
connection.
sourceIp
boolean (boolean)

Specifies whether an IP address of the client is used to define a connection for session affinity.

Response

HTTP Code: 200 - OK

{
  "id": "string",
  "description": "string",
  "createdAt": "string",
  "createdBy": "string",
  "modifiedAt": "string",
  "done": true,
  "metadata": "object",

  //  includes only one of the fields `error`, `response`
  "error": {
    "code": "integer",
    "message": "string",
    "details": [
      "object"
    ]
  },
  "response": "object",
  // end of the list of possible fields

}

An Operation resource. For more information, see Operation.

Field Description
id string

ID of the operation.

description string

Description of the operation. 0-256 characters long.

createdAt string (date-time)

Creation timestamp.

String in RFC3339 text format.

createdBy string

ID of the user or service account who initiated the operation.

modifiedAt string (date-time)

The time when the Operation resource was last modified.

String in RFC3339 text format.

done boolean (boolean)

If the value is false, it means the operation is still in progress. If true, the operation is completed, and either error or response is available.

metadata object

Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any.

error object
The error result of the operation in case of failure or cancellation.
includes only one of the fields error, response
error.
code
integer (int32)

Error code. An enum value of google.rpc.Code.

error.
message
string

An error message.

error.
details[]
object

A list of messages that carry the error details.

response object
includes only one of the fields error, response

The normal response of the operation in case of success. If the original method returns no data on success, such as Delete, the response is google.protobuf.Empty. If the original method is the standard Create/Update, the response should be the target resource of the operation. Any method that returns a long-running operation should document the response type, if any.

Was the article helpful?

Language / Region
© 2022 Yandex.Cloud LLC
In this article:
  • HTTP request
  • Body parameters
  • Response