Yandex Cloud
  • Services
  • Solutions
  • Why Yandex Cloud
  • Blog
  • Pricing
  • Documentation
  • Contact us
Get started
Language / Region
Yandex project
© 2023 Yandex.Cloud LLC
Yandex Application Load Balancer
  • Getting started
  • Step-by-step instructions
    • All instructions
    • Target groups
      • Create a target group
      • Edit a target group
      • Delete a target group
    • Backend groups
      • Create a backend group
      • Edit a backend group
      • Delete a backend group
    • HTTP routers
      • Create HTTP router for HTTP traffic
      • Create HTTP router for gRPC traffic
      • Edit an HTTP router
      • Delete an HTTP router
    • L7 load balancers
      • Create an L7 load balancer
      • Edit an L7 load balancer
      • View L7 load balancer statistics
      • View the L7 load balancer logs
      • Get the ID of the log group of the L7 load balancer
      • Stopping and restarting an L7 load balancer
      • Delete an L7 load balancer
    • Tools for Managed Service for Kubernetes
      • Install an Ingress controller
      • Install a Gateway API
      • Create or update resources based on configuration
  • Practical guidelines
    • All practical guidelines
    • Setting up a virtual hosting
    • Creating a load balancer with DDoS protection
    • Integrating an L7 load balancer with the CDN and Object Storage
    • Blue-green and canary deployment of service versions
    • Terminating TLS connections
    • Writing load balancer logs to PostgreSQL
    • Deploying and load testing a gRPC service with scaling
  • Concepts
    • Overview
    • Load balancers
    • HTTP routers
    • Backend groups
    • Target groups
    • Quotas and limits
  • Tools for Managed Service for Kubernetes
    • Ingress controller
      • Overview
      • How it works
    • Gateway API
    • Required settings
      • Security groups
      • Service accounts
  • Access management
  • Pricing policy
  • API reference
    • Authentication in the API
    • gRPC
      • Overview
      • BackendGroupService
      • HttpRouterService
      • LoadBalancerService
      • TargetGroupService
      • VirtualHostService
      • OperationService
    • REST
      • Overview
      • BackendGroup
        • Overview
        • addBackend
        • create
        • delete
        • get
        • list
        • listOperations
        • removeBackend
        • update
        • updateBackend
      • HttpRouter
        • Overview
        • create
        • delete
        • get
        • list
        • listOperations
        • update
      • LoadBalancer
        • Overview
        • addListener
        • addSniMatch
        • create
        • delete
        • get
        • getTargetStates
        • list
        • listOperations
        • removeListener
        • removeSniMatch
        • start
        • stop
        • update
        • updateListener
        • updateSniMatch
      • TargetGroup
        • Overview
        • addTargets
        • create
        • delete
        • get
        • list
        • listOperations
        • removeTargets
        • update
      • VirtualHost
        • Overview
        • create
        • delete
        • get
        • list
        • removeRoute
        • update
        • updateRoute
  • Managed Service for Kubernetes tool references
    • Overview
    • Ingress controller
      • Ingress
      • HttpBackendGroup
    • Gateway API
      • Gateway
      • HTTPRoute
    • Service
  • Log reference
  1. API reference
  2. REST
  3. LoadBalancer
  4. Overview

Application Load Balancer API, REST: LoadBalancer methods

Written by
Yandex Cloud
  • JSON Representation
  • Methods

A set of methods for managing application load balancers.

JSON Representation

{
  "id": "string",
  "name": "string",
  "description": "string",
  "folderId": "string",
  "labels": "object",
  "status": "string",
  "regionId": "string",
  "networkId": "string",
  "listeners": [
    {
      "name": "string",
      "endpoints": [
        {
          "addresses": [
            {

              // `listeners[].endpoints[].addresses[]` includes only one of the fields `externalIpv4Address`, `internalIpv4Address`, `externalIpv6Address`
              "externalIpv4Address": {
                "address": "string"
              },
              "internalIpv4Address": {
                "address": "string",
                "subnetId": "string"
              },
              "externalIpv6Address": {
                "address": "string"
              },
              // end of the list of possible fields`listeners[].endpoints[].addresses[]`

            }
          ],
          "ports": [
            "string"
          ]
        }
      ],

      // `listeners[]` includes only one of the fields `http`, `tls`, `stream`
      "http": {
        "handler": {
          "httpRouterId": "string",

          // `listeners[].http.handler` includes only one of the fields `http2Options`, `allowHttp10`
          "http2Options": {
            "maxConcurrentStreams": "string"
          },
          "allowHttp10": true,
          // end of the list of possible fields`listeners[].http.handler`

        },
        "redirects": {
          "httpToHttps": true
        }
      },
      "tls": {
        "defaultHandler": {
          "certificateIds": [
            "string"
          ],

          // `listeners[].tls.defaultHandler` includes only one of the fields `httpHandler`, `streamHandler`
          "httpHandler": {
            "httpRouterId": "string",

            // `listeners[].tls.defaultHandler.httpHandler` includes only one of the fields `http2Options`, `allowHttp10`
            "http2Options": {
              "maxConcurrentStreams": "string"
            },
            "allowHttp10": true,
            // end of the list of possible fields`listeners[].tls.defaultHandler.httpHandler`

          },
          "streamHandler": {
            "backendGroupId": "string"
          },
          // end of the list of possible fields`listeners[].tls.defaultHandler`

        },
        "sniHandlers": [
          {
            "name": "string",
            "serverNames": [
              "string"
            ],
            "handler": {
              "certificateIds": [
                "string"
              ],

              // `listeners[].tls.sniHandlers[].handler` includes only one of the fields `httpHandler`, `streamHandler`
              "httpHandler": {
                "httpRouterId": "string",

                // `listeners[].tls.sniHandlers[].handler.httpHandler` includes only one of the fields `http2Options`, `allowHttp10`
                "http2Options": {
                  "maxConcurrentStreams": "string"
                },
                "allowHttp10": true,
                // end of the list of possible fields`listeners[].tls.sniHandlers[].handler.httpHandler`

              },
              "streamHandler": {
                "backendGroupId": "string"
              },
              // end of the list of possible fields`listeners[].tls.sniHandlers[].handler`

            }
          }
        ]
      },
      "stream": {
        "handler": {
          "backendGroupId": "string"
        }
      },
      // end of the list of possible fields`listeners[]`

    }
  ],
  "allocationPolicy": {
    "locations": [
      {
        "zoneId": "string",
        "subnetId": "string",
        "disableTraffic": true
      }
    ]
  },
  "logGroupId": "string",
  "securityGroupIds": [
    "string"
  ],
  "createdAt": "string",
  "autoScalePolicy": {
    "minZoneSize": "string",
    "maxSize": "string"
  },
  "logOptions": {
    "logGroupId": "string",
    "discardRules": [
      {
        "httpCodes": [
          "string"
        ],
        "httpCodeIntervals": [
          "string"
        ],
        "grpcCodes": [
          "string"
        ],
        "discardPercent": "integer"
      }
    ],
    "disable": true
  }
}
Field Description
id string

ID of the application load balancer. Generated at creation time.

name string

Name of the application load balancer. The name is unique within the folder.

description string

Description of the application load balancer.

folderId string

ID of the folder that the application load balancer belongs to.

labels object

Application load balancer labels as key:value pairs. For details about the concept, see documentation.

status string

Status of the application load balancer.

  • CREATING: The application load balancer is being created.
  • STARTING: The application load balancer is being started.
  • ACTIVE: The application load balancer is active and sends traffic to the targets.
  • STOPPING: The application load balancer is being stopped.
  • STOPPED: The application load balancer is stopped and doesn't send traffic to the targets.
  • DELETING: The application load balancer is being deleted.
regionId string

ID of the region that the application load balancer is located at.

networkId string

ID of the network that the application load balancer belongs to.

listeners[] object

Listeners that belong to the application load balancer.

For details about the concept, see documentation.

listeners[].
name
string

Required. Name of the listener. The name is unique within the application load balancer. The string length in characters is 3-63.

listeners[].
endpoints[]
object

Endpoints of the listener.

Endpoints are defined by their IP addresses and ports.

listeners[].
endpoints[].
addresses[]
object

Required. Endpoint public (external) and internal addresses.

Must contain at least one element.

listeners[].
endpoints[].
addresses[].
externalIpv4Address
object
listeners[].endpoints[].addresses[] includes only one of the fields externalIpv4Address, internalIpv4Address, externalIpv6Address

A public (external) IPv4 endpoint address resource.

listeners[].
endpoints[].
addresses[].
externalIpv4Address.
address
string

IPv4 address.

listeners[].
endpoints[].
addresses[].
internalIpv4Address
object
listeners[].endpoints[].addresses[] includes only one of the fields externalIpv4Address, internalIpv4Address, externalIpv6Address

An internal IPv4 endpoint address resource.

listeners[].
endpoints[].
addresses[].
internalIpv4Address.
address
string

IPv4 address.

listeners[].
endpoints[].
addresses[].
internalIpv4Address.
subnetId
string

ID of the subnet that the address belongs to.

listeners[].
endpoints[].
addresses[].
externalIpv6Address
object
listeners[].endpoints[].addresses[] includes only one of the fields externalIpv4Address, internalIpv4Address, externalIpv6Address

A public (external) IPv4 endpoint address resource.

listeners[].
endpoints[].
addresses[].
externalIpv6Address.
address
string

IPv6 address.

listeners[].
endpoints[].
ports[]
string (int64)

Required. Endpoint ports.

Must contain at least one element. Acceptable values are 1 to 65535, inclusive.

listeners[].
http
object
listeners[] includes only one of the fields http, tls, stream

An HTTP listener resource.

listeners[].
http.
handler
object

Settings for handling HTTP requests.

Only one of handler and redirects can be specified.

An HTTP handler resource.

listeners[].
http.
handler.
httpRouterId
string

ID of the HTTP router processing requests. For details about the concept, see documentation.

To get the list of all available HTTP routers, make a list request.

listeners[].
http.
handler.
http2Options
object
listeners[].http.handler includes only one of the fields http2Options, allowHttp10

An HTTP/2 options resource.

listeners[].
http.
handler.
http2Options.
maxConcurrentStreams
string (int64)

Maximum number of concurrent HTTP/2 streams in a connection.

listeners[].
http.
handler.
allowHttp10
boolean (boolean)
listeners[].http.handler includes only one of the fields http2Options, allowHttp10

Enables support for incoming HTTP/1.0 and HTTP/1.1 requests and disables it for HTTP/2 requests.

listeners[].
http.
redirects
object

Redirects settings.

Only one of redirects and handler can be specified.

A listener redirects resource.

listeners[].
http.
redirects.
httpToHttps
boolean (boolean)

Redirects all unencrypted HTTP requests to the same URI with scheme changed to https.

The setting has the same effect as a single, catch-all HttpRoute with replaceScheme set to https.

listeners[].
tls
object
listeners[] includes only one of the fields http, tls, stream

TLS-encrypted (HTTP or TCP stream) listener resource.

listeners[].
tls.
defaultHandler
object

Required. Settings for handling requests by default, with Server Name Indication (SNI) not matching any of the sniHandlers.

A TLS-encrypted (HTTP or TCP stream) handler resource.

listeners[].
tls.
defaultHandler.
certificateIds[]
string

Required. ID's of the TLS server certificates from Certificate Manager.

RSA and ECDSA certificates are supported, and only the first certificate of each type is used.

Must contain at least one element.

listeners[].
tls.
defaultHandler.
httpHandler
object
listeners[].tls.defaultHandler includes only one of the fields httpHandler, streamHandler

An HTTP handler resource.

listeners[].
tls.
defaultHandler.
httpHandler.
httpRouterId
string

ID of the HTTP router processing requests. For details about the concept, see documentation.

To get the list of all available HTTP routers, make a list request.

listeners[].
tls.
defaultHandler.
httpHandler.
http2Options
object
HTTP/2 settings. If specified, incoming HTTP/2 requests are supported by the listener.
listeners[].tls.defaultHandler.httpHandler includes only one of the fields http2Options, allowHttp10
listeners[].
tls.
defaultHandler.
httpHandler.
http2Options.
maxConcurrentStreams
string (int64)

Maximum number of concurrent HTTP/2 streams in a connection.

listeners[].
tls.
defaultHandler.
httpHandler.
allowHttp10
boolean (boolean)
listeners[].tls.defaultHandler.httpHandler includes only one of the fields http2Options, allowHttp10

Enables support for incoming HTTP/1.0 and HTTP/1.1 requests and disables it for HTTP/2 requests.

listeners[].
tls.
defaultHandler.
streamHandler
object
listeners[].tls.defaultHandler includes only one of the fields httpHandler, streamHandler

A stream (TCP) handler resource.

listeners[].
tls.
defaultHandler.
streamHandler.
backendGroupId
string

Required. ID of the backend group processing requests. For details about the concept, see documentation.

The backend group type, specified via [BackendGroup.backend], must be stream.

To get the list of all available backend groups, make a list request.

listeners[].
tls.
sniHandlers[]
object

Settings for handling requests with Server Name Indication (SNI) matching one of serverNames values.

listeners[].
tls.
sniHandlers[].
name
string

Required. Name of the SNI handler.

listeners[].
tls.
sniHandlers[].
serverNames[]
string

Required. Server names that are matched by the SNI handler.

Must contain at least one element.

listeners[].
tls.
sniHandlers[].
handler
object

Required. Settings for handling requests with Server Name Indication (SNI) matching one of serverNames values.

A TLS-encrypted (HTTP or TCP stream) handler resource.

listeners[].
tls.
sniHandlers[].
handler.
certificateIds[]
string

Required. ID's of the TLS server certificates from Certificate Manager.

RSA and ECDSA certificates are supported, and only the first certificate of each type is used.

Must contain at least one element.

listeners[].
tls.
sniHandlers[].
handler.
httpHandler
object
HTTP handler.
listeners[].tls.sniHandlers[].handler includes only one of the fields httpHandler, streamHandler
listeners[].
tls.
sniHandlers[].
handler.
httpHandler.
httpRouterId
string

ID of the HTTP router processing requests. For details about the concept, see documentation.

To get the list of all available HTTP routers, make a list request.

listeners[].
tls.
sniHandlers[].
handler.
httpHandler.
http2Options
object
HTTP/2 settings. If specified, incoming HTTP/2 requests are supported by the listener.
listeners[].tls.sniHandlers[].handler.httpHandler includes only one of the fields http2Options, allowHttp10
listeners[].
tls.
sniHandlers[].
handler.
httpHandler.
http2Options.
maxConcurrentStreams
string (int64)

Maximum number of concurrent HTTP/2 streams in a connection.

listeners[].
tls.
sniHandlers[].
handler.
httpHandler.
allowHttp10
boolean (boolean)
listeners[].tls.sniHandlers[].handler.httpHandler includes only one of the fields http2Options, allowHttp10

Enables support for incoming HTTP/1.0 and HTTP/1.1 requests and disables it for HTTP/2 requests.

listeners[].
tls.
sniHandlers[].
handler.
streamHandler
object
Stream (TCP) handler.
listeners[].tls.sniHandlers[].handler includes only one of the fields httpHandler, streamHandler
listeners[].
tls.
sniHandlers[].
handler.
streamHandler.
backendGroupId
string

Required. ID of the backend group processing requests. For details about the concept, see documentation.

The backend group type, specified via [BackendGroup.backend], must be stream.

To get the list of all available backend groups, make a list request.

listeners[].
stream
object
listeners[] includes only one of the fields http, tls, stream

A stream (TCP) listener resource.

listeners[].
stream.
handler
object

Required. Settings for handling stream (TCP) requests.

A stream (TCP) handler resource.

listeners[].
stream.
handler.
backendGroupId
string

Required. ID of the backend group processing requests. For details about the concept, see documentation.

The backend group type, specified via [BackendGroup.backend], must be stream.

To get the list of all available backend groups, make a list request.

allocationPolicy object

Locality settings of the application load balancer.

For details about the concept, see documentation.

A locality settings (allocation policy) resource.

allocationPolicy.
locations[]
object

Required. Availability zones and subnets that the application load balancer resides.

The minimum number of elements is 1.

allocationPolicy.
locations[].
zoneId
string

Required. ID of the availability zone where the application load balancer resides.

Each availability zone can only be specified once.

allocationPolicy.
locations[].
subnetId
string

ID of the subnet that the application load balancer belongs to.

allocationPolicy.
locations[].
disableTraffic
boolean (boolean)

Disables the load balancer node in the specified availability zone.

Backends in the availability zone are not directly affected by this setting. They still may receive traffic from the load balancer nodes in other availability zones, subject to localityAwareRoutingPercent and strictLocality settings.

logGroupId string

ID of the log group that stores access logs of the application load balancer.

The logs can be accessed using a Cloud Functions trigger for Cloud Logs.

securityGroupIds[] string

ID's of the security groups attributed to the application load balancer.

For details about the concept, see documentation.

createdAt string (date-time)

Creation timestamp.

String in RFC3339 text format. The range of possible values is from 0001-01-01T00:00:00Z to 9999-12-31T23:59:59.999999999Z, i.e. from 0 to 9 digits for fractions of a second.

To work with values in this field, use the APIs described in the Protocol Buffers reference. In some languages, built-in datetime utilities do not support nanosecond precision (9 digits).

autoScalePolicy object

Autoscale settings of the application load balancer.

autoScalePolicy.
minZoneSize
string (int64)

Lower limit for the number of resource units in each zone.

Acceptable values are 0 to 1000, inclusive.

autoScalePolicy.
maxSize
string (int64)

Upper limit for the total number of resource units across all zones.

Acceptable values are 0 to 1000, inclusive.

logOptions object

Cloud logging settings of the application load balancer.

logOptions.
logGroupId
string

Cloud Logging log group ID to store access logs. If not set then logs will be stored in default log group for the folder where load balancer located.

logOptions.
discardRules[]
object

ordered list of rules, first matching rule applies

logOptions.
discardRules[].
httpCodes[]
string (int64)

HTTP codes that should be discarded.

Acceptable values are 100 to 599, inclusive.

logOptions.
discardRules[].
httpCodeIntervals[]
string

Groups of HTTP codes like 4xx that should be discarded.

logOptions.
discardRules[].
grpcCodes[]
string

GRPC codes that should be discarded

  • OK: Not an error; returned on success

    HTTP Mapping: 200 OK

  • CANCELLED: The operation was cancelled, typically by the caller.

    HTTP Mapping: 499 Client Closed Request

  • UNKNOWN: Unknown error. For example, this error may be returned when a Status value received from another address space belongs to an error space that is not known in this address space. Also errors raised by APIs that do not return enough error information may be converted to this error.

    HTTP Mapping: 500 Internal Server Error

  • INVALID_ARGUMENT: The client specified an invalid argument. Note that this differs from FAILED_PRECONDITION. INVALID_ARGUMENT indicates arguments that are problematic regardless of the state of the system (e.g., a malformed file name).

    HTTP Mapping: 400 Bad Request

  • DEADLINE_EXCEEDED: The deadline expired before the operation could complete. For operations that change the state of the system, this error may be returned even if the operation has completed successfully. For example, a successful response from a server could have been delayed long enough for the deadline to expire.

    HTTP Mapping: 504 Gateway Timeout

  • NOT_FOUND: Some requested entity (e.g., file or directory) was not found.

    Note to server developers: if a request is denied for an entire class of users, such as gradual feature rollout or undocumented whitelist, NOT_FOUND may be used. If a request is denied for some users within a class of users, such as user-based access control, PERMISSION_DENIED must be used.

    HTTP Mapping: 404 Not Found

  • ALREADY_EXISTS: The entity that a client attempted to create (e.g., file or directory) already exists.

    HTTP Mapping: 409 Conflict

  • PERMISSION_DENIED: The caller does not have permission to execute the specified operation. PERMISSION_DENIED must not be used for rejections caused by exhausting some resource (use RESOURCE_EXHAUSTED instead for those errors). PERMISSION_DENIED must not be used if the caller can not be identified (use UNAUTHENTICATED instead for those errors). This error code does not imply the request is valid or the requested entity exists or satisfies other pre-conditions.

    HTTP Mapping: 403 Forbidden

  • UNAUTHENTICATED: The request does not have valid authentication credentials for the operation.

    HTTP Mapping: 401 Unauthorized

  • RESOURCE_EXHAUSTED: Some resource has been exhausted, perhaps a per-user quota, or perhaps the entire file system is out of space.

    HTTP Mapping: 429 Too Many Requests

  • FAILED_PRECONDITION: The operation was rejected because the system is not in a state required for the operation's execution. For example, the directory to be deleted is non-empty, an rmdir operation is applied to a non-directory, etc.

    Service implementors can use the following guidelines to decide between FAILED_PRECONDITION, ABORTED, and UNAVAILABLE: (a) Use UNAVAILABLE if the client can retry just the failing call. (b) Use ABORTED if the client should retry at a higher level (e.g., when a client-specified test-and-set fails, indicating the client should restart a read-modify-write sequence). (c) Use FAILED_PRECONDITION if the client should not retry until the system state has been explicitly fixed. E.g., if an "rmdir" fails because the directory is non-empty, FAILED_PRECONDITION should be returned since the client should not retry unless the files are deleted from the directory.

    HTTP Mapping: 400 Bad Request

  • ABORTED: The operation was aborted, typically due to a concurrency issue such as a sequencer check failure or transaction abort.

    See the guidelines above for deciding between FAILED_PRECONDITION, ABORTED, and UNAVAILABLE.

    HTTP Mapping: 409 Conflict

  • OUT_OF_RANGE: The operation was attempted past the valid range. E.g., seeking or reading past end-of-file.

    Unlike INVALID_ARGUMENT, this error indicates a problem that may be fixed if the system state changes. For example, a 32-bit file system will generate INVALID_ARGUMENT if asked to read at an offset that is not in the range [0,2^32-1], but it will generate OUT_OF_RANGE if asked to read from an offset past the current file size.

    There is a fair bit of overlap between FAILED_PRECONDITION and OUT_OF_RANGE. We recommend using OUT_OF_RANGE (the more specific error) when it applies so that callers who are iterating through a space can easily look for an OUT_OF_RANGE error to detect when they are done.

    HTTP Mapping: 400 Bad Request

  • UNIMPLEMENTED: The operation is not implemented or is not supported/enabled in this service.

    HTTP Mapping: 501 Not Implemented

  • INTERNAL: Internal errors. This means that some invariants expected by the underlying system have been broken. This error code is reserved for serious errors.

    HTTP Mapping: 500 Internal Server Error

  • UNAVAILABLE: The service is currently unavailable. This is most likely a transient condition, which can be corrected by retrying with a backoff.

    See the guidelines above for deciding between FAILED_PRECONDITION, ABORTED, and UNAVAILABLE.

    HTTP Mapping: 503 Service Unavailable

  • DATA_LOSS: Unrecoverable data loss or corruption.

    HTTP Mapping: 500 Internal Server Error

logOptions.
discardRules[].
discardPercent
integer (int64)

Percent of logs to be discarded: 0 - keep all, 100 or unset - discard all

Acceptable values are 0 to 100, inclusive.

logOptions.
disable
boolean (boolean)

Do not send logs to Cloud Logging log group.

Methods

Method Description
addListener Adds a listener to the specified application load balancer.
addSniMatch Adds a SNI handler to the specified listener.
create Creates an application load balancer in the specified folder.
delete Deletes the specified application load balancer.
get Returns the specified application load balancer.
getTargetStates Returns the statuses of all targets of the specified backend group in all their availability zones.
list Lists application load balancers in the specified folder.
listOperations Lists operations for the specified application load balancer.
removeListener Deletes the specified listener.
removeSniMatch Deletes the specified SNI handler.
start Starts the specified application load balancer.
stop Stops the specified application load balancer.
update Updates the specified application load balancer.
updateListener Updates the specified listener of the specified application load balancer.
updateSniMatch Updates the specified SNI handler of the specified listener.

Was the article helpful?

Language / Region
Yandex project
© 2023 Yandex.Cloud LLC
In this article:
  • JSON Representation
  • Methods