All Products
Search
Document Center

Server Load Balancer:CreateLoadBalancerTCPListener

Last Updated:Sep 20, 2024

Creates a TCP listener.

Operation description

Note A newly created listener is in the stopped state. After a listener is created, you can call the StartLoadBalancerListener operation to enable the listener to forward traffic to backend servers.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer.

Authorization information

The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:

  • Operation: the value that you can use in the Action element to specify the operation on a resource.
  • Access level: the access level of each operation. The levels are read, write, and list.
  • Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
    • The required resource types are displayed in bold characters.
    • If the permissions cannot be granted at the resource level, All Resources is used in the Resource type column of the operation.
  • Condition Key: the condition key that is defined by the cloud service.
  • Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.
OperationAccess levelResource typeCondition keyAssociated operation
slb:CreateLoadBalancerTCPListenercreate
  • AccessControlList
    acs:slb:{#regionId}:{#accountId}:acl/{#AclId}
  • LoadBalancer
    acs:slb:{#regionId}:{#accountId}:loadbalancer/{#LoadBalancerId}
  • slb:tag
none

Request parameters

ParameterTypeRequiredDescriptionExample
RegionIdstringNo

The ID of the region where the Classic Load Balancer (CLB) instance is deployed.

You can query the region ID from the Regions and zones list or by calling the DescribeRegions operation.

cn-hangzhou
LoadBalancerIdstringYes

The ID of the CLB instance.

lb-bp1b6c719dfa08ex****
ListenerPortintegerYes

The frontend port used by the CLB instance.

Valid values: 1 to 65535.

80
BackendServerPortintegerNo

The backend port used by the CLB instance.

Valid values: 1 to 65535.

If the VServerGroupId parameter is not set, this parameter is required.

80
Tagarray<object>No

The tags.

objectNo
KeystringNo

The key of the tag. You can specify up to 20 tag keys. The tag key cannot be an empty string.

The tag key must be 1 to 64 characters in length and cannot start with aliyun or acs:. It cannot contain http:// or https://.

TestKey
ValuestringNo

The value of the tag. You can specify up to 20 tag values. The tag value can be an empty string.

The tag value can be at most 128 characters in length and cannot start with acs: or aliyun. It cannot contain http:// or https://.

TestValue
BandwidthintegerYes

The maximum bandwidth of the listener. Unit: Mbit/s. Valid values:

  • -1: For a pay-by-data-transfer Internet-facing CLB instance, this value can be set to -1, which specifies unlimited bandwidth.
  • 1 to 5120: For a pay-by-bandwidth Internet-facing CLB instance, you can specify the maximum bandwidth of each listener. The sum of the maximum bandwidth values that you set for all listeners cannot exceed the maximum bandwidth of the CLB instance.
-1
SchedulerstringNo

The routing algorithm. Valid values:

  • wrr (default): Backend servers with higher weights receive more requests than backend servers with lower weights.
  • rr: Requests are distributed to backend servers in sequence.
  • sch: specifies consistent hashing that is based on source IP addresses. Requests from the same source IP address are distributed to the same backend server.
  • tch: specifies consistent hashing that is based on four factors: source IP address, destination IP address, source port, and destination port. Requests that contain the same information based on the four factors are distributed to the same backend server.
Note Only high-performance CLB instances support the sch and tch consistent hashing algorithms.
wrr
PersistenceTimeoutintegerNo

The timeout period of session persistence. Unit: seconds.

Valid values: 0 to 3600.

Default value: 0. If the default value is used, the system disables session persistence.

0
EstablishedTimeoutintegerNo

The timeout period of a connection. Unit: seconds.

Valid values: 10 to 900.

500
HealthyThresholdintegerNo

The number of times that an unhealthy backend server must consecutively pass health checks before it is declared healthy. In this case, the health status is changed from fail to success.

Valid values: 2 to 10.

4
UnhealthyThresholdintegerNo

The number of times that a healthy backend server must consecutively fail health checks before it is declared unhealthy. In this case, the health status is changed from success to fail.

Valid values: 2 to 10.

4
HealthCheckConnectTimeoutintegerNo

The maximum timeout period of a health check response. Unit: seconds.

Valid values: 1 to 300.

Default value: 5.

100
HealthCheckConnectPortintegerNo

The port that is used for health checks.

Valid values: 1 to 65535.

If this parameter is not set, the backend port specified by BackendServerPort is used for health checks.

80
healthCheckIntervalintegerNo

The interval between two consecutive health checks. Unit: seconds.

Valid values: 1 to 50.

3
HealthCheckDomainstringNo

The domain name that you want to use for health checks. Valid values:

  • $_ip: the private IP address of a backend server. If you do not set the HealthCheckDomain parameter or set the parameter to $_ip, the CLB instance uses the private IP address of each backend server for health checks.
  • domain: The domain name must be 1 to 80 characters in length, and can contain letters, digits, periods (.), and hyphens (-).
172.XX.XX.6
HealthCheckURIstringNo

The URI that is used for health checks. The URI must be 1 to 80 characters in length, and can contain only digits, letters, hyphens (-), forward slashes (/), periods (.), percent signs (%), number signs (#), and ampersands (&). The URI must start with a forward slash (/) but cannot be a single forward slash (/).

You can set this parameter when the TCP listener requires HTTP health checks. If you do not set this parameter, TCP health checks are performed.

/test/index.html
HealthCheckHttpCodestringNo

The HTTP status code for a successful health check. Separate multiple HTTP status codes with commas (,). Valid values:

  • http_2xx(default)
  • http_3xx
  • http_4xx
  • http_5xx
http_2xx,http_3xx
HealthCheckTypestringNo

The type of health checks. Valid values:

  • tcp (default)
  • http
tcp
VServerGroupIdstringNo

The ID of the vServer group.

rsp-cige6j****
MasterSlaveServerGroupIdstringNo

The ID of the primary/secondary server group.

Note You cannot set both VServerGroupId and MasterSlaveServerGroupId.
rsp-0bfucw****
AclIdstringNo

The ID of the network ACL that is associated with the listener.

Note If AclStatus is set to on, this parameter is required.
1323
AclTypestringNo

The type of the ACL. Valid values:

  • white: a whitelist. Only requests from the IP addresses or CIDR blocks in the network ACL are forwarded. Whitelists apply to scenarios where you want to allow only specific IP addresses to access an application.

    Your service may be adversely affected if the whitelist is not properly configured.

    If a whitelist is configured, only requests from IP addresses that are added to the whitelist are forwarded by the listener. If a whitelist is configured but no IP address is added to the whitelist, the listener forwards all requests.

  • black: a blacklist. All requests from the IP addresses or CIDR blocks in the ACL are rejected. Blacklists apply to scenarios where you want to block access from specified IP addresses to an application.

    If a blacklist is configured for a listener but no IP address is added to the blacklist, the listener forwards all requests.

Note If AclStatus is set to on, this parameter is required.
black
AclStatusstringNo

Specifies whether to enable access control. Valid values:

  • on: yes
  • off (default): no
off
DescriptionstringNo

The name of the listener.

The name must be 1 to 256 characters in length, and can contain letters, digits, hyphens (-), forward slashes (/), periods (.), and underscores (_).

tcp_80
ConnectionDrainstringNo

Specifies whether to enable connection draining. Valid values:

  • on: yes
  • off: no
off
ConnectionDrainTimeoutintegerNo

The timeout period of connection draining. Unit: seconds.

Valid values: 10 to 900.

Note This parameter is required if ConnectionDrain is set to on.
300
ProxyProtocolV2EnabledbooleanNo

Specifies whether to use the Proxy protocol to pass client IP addresses to backend servers. Valid values:

  • true: yes
  • false (default): no
false
HealthCheckSwitchstringNo

Specifies whether to enable the health check feature. Valid values:

  • on (default): yes
  • off: no
on

Response parameters

ParameterTypeDescriptionExample
object
RequestIdstring

The ID of the request.

CEF72CEB-54B6-4AE8-B225-F876FF7BA984

Examples

Sample success responses

JSONformat

{
  "RequestId": "CEF72CEB-54B6-4AE8-B225-F876FF7BA984"
}

Error codes

HTTP status codeError codeError messageDescription
400InvalidParameterValue.SpecNotSupportThe loadBalancer of shared spec does not support the parameter value, %s.-
400OperationNotSupport.AclThe cloud box instance does not support acl.-
400InvalidParameterValue.RegionNotSupportThe region does not support the parameter value, %s.-
400Abs.VServerGroupIdAndMasterSlaveServerGroupId.MissMatchThe parameters VServerGroupId or MasterSlaveServerGroupId miss match.-
400IpVersionConflictThe ip version of this LoadBalancer and the Acl is conflict.-
400InvalidParameterValue.ZoneNotSupportThe zone does not support the parameter value, %s.-
400ListenerProcessingA previous configuration of the listener is pending, please try again later.-
400AclNotExistAcl does not exist.-
400InvalidParameter.ListenerPortConflictThere is conflict listener port exists.-
400InvalidParameter.ZoneNotSupportThe zone does not support the parameter %s.-
400InvalidParam.VServerGroupIdThe specified VServerGroupId is invalid.-
400MissingParam.HealthCheckConnectPortThe parameter HealthCheckConnectPort is required.-
400InvalidParam.ListenerPortThe specified ListenerPort is invalid.-
400InvalidParam.StartPortThe specified StartPort is invalid.-
400InvalidParamSize.PortRangeThe size of param PortRange is invalid.-
400InvalidParam.EndPortThe specified EndPort is invalid.-
400QuotaLimitExceeds.AclAttachedToListener%s.-
400QuotaLimitExceeds.TotalAclEntry%s.-
400AclListenerOverLimit%s.-
400Duplicated.AclEntry%s.-
400OperationUnsupported.SetAccessControlThe singleTunnel/anyTunnel loadbalancer does not support config AccessControlList.-
400InvalidParam.PortRangeThe specified PortRange is invalid.-
400InvalidParameter.RegionNotSupportThe region does not support the parameter: %s.-
400LbNotSupportTcpsslYou cannot create a TCP SSL type listener for the specified load balancer.-
400LbSupportTcpsslOnlyThe specified load balancer supports TCP SSL type listener only.-
400ListenerNotSupportRuleYou cannot create a rule for the specified listener.You cannot create a rule for the specified listener.
400ListenerPortConflictThe specified ListenerPort is conflict with other listener.-
400ResourceNotFound.VServerGroup%s.-
400IllegalParam.FailoverThresholdThe parameter FailoverThreshold is illegal.-
400IllegalParam.FailoverStrategyThe parameter FailoverStrategy is illegal.-
400MasterSlaveServerConflictThe servers are conflict for MasterSlaveGroup.-
400OperationDenied.HealthCheckClosedForMasterSlaveModeThe operation is denied because of HealthCheckClosedForMasterSlaveMode.-
400IllegalParam.HealthCheckThe param of HelathCheck is illegal.-
400Mismatch.SlbSpecTypeAndListenerProtocolThe SlbSpecType and ListenerProtocol are mismatched.-
400OperationDenied.FullNatModeNotAllowedThe operation is not allowed because of FullNatModeNotAllowed.-
400OperationDenied.OnlyIpv4SlbSupportThe operation is not allowed because of OnlyIpv4SlbSupport.-
400SpecNotSupportParameterThe instance with share spec does not support FullNatEnabled parameter.-
400InvalidParam.TagValue %s.-
400InvalidParam.TagKey%s.-
400SizeLimitExceeded.Tag%s.-
400MissingParam.TagKeyThe param MissingParam.TagKey is missing.-
400MissingParameterThe BackendServerPort or VServerGroupId is required at lease one.-

For a list of error codes, visit the Service error codes.

Change history

Change timeSummary of changesOperation
2023-09-08The Error code has changedView Change Details
2023-06-02The Error code has changedView Change Details