Use SetLoadBalancerTCPListenerAttribute to modify TCP listener attributes - Server Load Balancer

Modifies the configurations of a TCP listener of Classic Load Balancer (CLB).

Operation description

A CLB instance is created. For more information, see CreateLoadBalancer.
A TCP listener is created. For more information, see CreateLoadBalancerTCPListener.

Try it now

Try this API in OpenAPI Explorer, no manual signing needed. Successful calls auto-generate SDK code matching your parameters. Download it with built-in credential security for local usage.

Test

RAM authorization

The table below describes the authorization required to call this API. You can define it in a Resource Access Management (RAM) policy. The table's columns are detailed below:

Action: The actions can be used in the Action element of RAM permission policy statements to grant permissions to perform the operation.
API: The API that you can call to perform the action.
Access level: The predefined level of access granted for each API. Valid values: create, list, get, update, and delete.
Resource type: The type of the resource that supports authorization to perform the action. It indicates if the action supports resource-level permission. The specified resource must be compatible with the action. Otherwise, the policy will be ineffective.
- For APIs with resource-level permissions, required resource types are marked with an asterisk (*). Specify the corresponding Alibaba Cloud Resource Name (ARN) in the Resource element of the policy.
- For APIs without resource-level permissions, it is shown as All Resources. Use an asterisk (*) in the Resource element of the policy.
Condition key: The condition keys defined by the service. The key allows for granular control, applying to either actions alone or actions associated with specific resources. In addition to service-specific condition keys, Alibaba Cloud provides a set of common condition keys applicable across all RAM-supported services.
Dependent action: The dependent actions required to run the action. To complete the action, the RAM user or the RAM role must have the permissions to perform all dependent actions.

Action

Access level

Resource type

Condition key

Dependent action

slb:SetLoadBalancerTCPListenerAttribute

update

*acl

acs:slb:{#regionId}:{#accountId}:acl/{#aclId}

*loadbalancer

acs:slb:{#regionId}:{#accountId}:loadbalancer/{#loadbalancerId}

slb:tag
slb:tag
slb:tag

None

Request parameters

Parameter	Type	Required	Description	Example
RegionId	string	No	The region ID of the CLB instance. You can query the region ID from the Regions and zones list or by calling the DescribeRegions operation.	cn-hangzhou
LoadBalancerId	string	Yes	The ID of the CLB instance.	lb-bp1ygod3yctvg1y****
ListenerPort	integer	Yes	The frontend port used by the CLB instance. Valid values: 1 to 65535.	80
Bandwidth	integer	No	The maximum bandwidth of the listener. Unit: Mbit/s. Valid values: -1 and 1 to 5120. -1: For a pay-by-data-transfer Internet-facing CLB instance, you can set this parameter to -1, which specifies unlimited bandwidth. 1 to 5120: For a pay-by-bandwidth Internet-facing CLB instance, you can specify the maximum bandwidth of each listener. The sum of the maximum bandwidth values of all listeners cannot exceed the maximum bandwidth of the CLB instance.	43
Scheduler	string	No	The scheduling algorithm. Valid values: wrr: Backend servers that have higher weights receive more requests than backend servers that have lower weights. rr: Requests are distributed to backend servers in sequence. sch: specifies consistent hashing that is based on source IP addresses. Requests from the same source IP address are distributed to the same backend server. tch: specifies consistent hashing that is based on four factors: source IP address, destination IP address, source port, and destination port. Requests that contain the same information based on the four factors are distributed to the same backend server. Note Only high-performance CLB instances support the sch and tch algorithms. CLB does not support converting the wrr and rr algorithms to sch or tch. You cannot switch the hash algorithm from one to another.	wrr
PersistenceTimeout	integer	No	The timeout period of session persistence. Valid values: 0 to 3600. Unit: seconds. Default value: 0. If the default value is used, the system disables session persistence.	0
EstablishedTimeout	integer	No	The timeout period of a connection. Unit: seconds. Valid values: 10 to 900.	500
HealthyThreshold	integer	No	The number of times that an unhealthy backend server must consecutively pass health checks before it is declared healthy. In this case, the health status is changed from fail to success. Valid values: 2 to 10.	4
UnhealthyThreshold	integer	No	The number of times that a healthy backend server must consecutively fail health checks before it is declared unhealthy. In this case, the health status is changed from success to fail. Valid values: 2 to 10.	4
HealthCheckConnectTimeout	integer	No	The timeout period of a health check. If a backend ECS instance does not return a health check response within the specified timeout period, the server fails the health check. Valid values: 1 to 300. Unit: seconds. Note If the value of the HealthCheckConnectTimeout parameter is smaller than that of the HealthCheckInterval parameter, the timeout period specified by the HCTimeout parameter is ignored and the period of time specified by the HealthCheckInterval parameter is used as the timeout period.	100
HealthCheckConnectPort	integer	No	The port that is used for health checks. Valid values: 1 to 65535. If you do not set this parameter, the port specified by the BackendServerPort parameter is used.	8080
HealthCheckInterval	integer	No	The interval between two consecutive health checks. Unit: seconds. Valid values: 1 to 50.	5
HealthCheckDomain	string	No	The domain name that is used for health checks. You can set this parameter when the TCP listener requires HTTP health checks. If you do not set this parameter, TCP health checks are performed. $_ip: the private IP addresses of the backend servers. If you do not set the HealthCheckHost parameter or set the parameter to $SERVER_IP, the CLB instance uses the private IP addresses of backend servers for health checks. domain: The domain name is 1 to 80 characters in length, and can contain letters, digits, periods (.), and hyphens (-).	192.168.XX.XX
HealthCheckURI	string	No	The URI that is used for health checks. The URI must be 1 to 80 characters in length, and can contain letters, digits, hyphens (-), forward slashes (/), periods (.), percent signs (%), question marks (?), number signs (#), and ampersands (&). The URI must start with a forward slash (/) but cannot be a single forward slash (/). You can set this parameter when the TCP listener requires HTTP health checks. If you do not set this parameter, TCP health checks are performed.	/test/index.html
HealthCheckHttpCode	string	No	The HTTP status code for a successful health check. Separate multiple HTTP status codes with commas (,). Valid values: http_2xx, http_3xx, http_4xx, and http_5xx.	http_2xx
HealthCheckType	string	No	The type of the health check. Valid values: tcp and http.	tcp
SynProxy	string	No	Specifies whether to enable the SynProxy feature of CLB for protection. Valid values: enable: yes disable: no We recommend that you use the default value of this parameter.	enable
VServerGroup	string	No	Specifies whether to use a vServer group. Valid values: on: yes off: no Note You cannot set both VserverGroup and MasterSlaveServerGroup to on.	on
VServerGroupId	string	No	The ID of the vServer group.	rsp-cige6j5****
MasterSlaveServerGroupId	string	No	The ID of the primary/secondary server group. Note You can set only one of the VServerGroupId and MasterSlaveServerGroupId parameters.	rsp-cige****
MasterSlaveServerGroup	string	No	Specifies whether to use a primary/secondary server group. Valid values: on: yes off: no You cannot set both VserverGroup and MasterSlaveServerGroup to on.	on
AclId	string	No	The ID of the network access control list (ACL) that is associated with the listener. If AclStatus is set to on, this parameter is required.	12333
AclType	string	No	The type of the network ACL. Valid values: white: a whitelist. Only requests from the IP addresses or CIDR blocks in the network ACL are forwarded. Whitelists apply to scenarios where you want to allow only specific IP addresses to access an application. Your service may be adversely affected if the allowlist is not properly configured. After a whitelist is configured, only requests from IP addresses that are added to the whitelist are forwarded by the listener. If you enable a whitelist but do not add an IP address to the ACL, the listener forwards all requests. black: a blacklist. All requests from the IP addresses or CIDR blocks in the ACL are rejected. Blacklists apply to scenarios where you want to block access from specified IP addresses to an application. If a blacklist is configured for a listener but no IP address is added to the blacklist, the listener forwards all requests. Note If AclStatus is set to on, this parameter is required.	white
AclStatus	string	No	Specifies whether to enable access control. Valid values: on: yes off: no	off
Description	string	No	The name of the listener. The name must be 1 to 256 characters in length and can contain letters, digits, hyphens (-), forward slashes (/), periods (.), and underscores (_).	tcp_80
ConnectionDrain	string	No	Specifies whether to enable connection draining. Valid values: on: yes off: no	off
ConnectionDrainTimeout	integer	No	The timeout period of connection draining. This parameter is required if ConnectionDrain is set to on. Unit: seconds. Valid values: 10 to 900.	300
ProxyProtocolV2Enabled	boolean	No	Specifies whether to use the Proxy protocol to pass client IP addresses to backend servers. Valid values: true: yes false: no	false
HealthCheckSwitch	string	No	Specifies whether to enable the health check feature. Valid values: on: yes off: no	on

Response elements

Element	Type	Description	Example
	object
RequestId	string	The ID of the request.	CEF72CEB-54B6-4AE8-B225-F876FF7BA984

Examples

Success response

JSON format

{
  "RequestId": "CEF72CEB-54B6-4AE8-B225-F876FF7BA984"
}

Error codes

HTTP status code	Error code	Error message	Description
400	InvalidParameterValue.SpecNotSupport	The loadBalancer of shared spec does not support the parameter value, %s.
400	OperationNotSupport.Acl	The cloud box instance does not support acl.
400	InvalidParameterValue.RegionNotSupport	The region does not support the parameter value, %s.
400	IpVersionConflict	The ip version of this LoadBalancer and the Acl is conflict.
400	InvalidParameterValue.ZoneNotSupport	The zone does not support the parameter value, %s.
400	InvalidParameter.ZoneNotSupport	The zone does not support the parameter %s.
400	OperationFailed.ServerGroupInUse	The VServerGroup or MasterSlaveServerGroup can not be close for this listener.
400	InvalidParam.VServerGroupId	The specified VServerGroupId is invalid.
400	MissingParam.HealthCheckConnectPort	The parameter HealthCheckConnectPort is required.
400	InvalidParam.ListenerPort	The specified ListenerPort is invalid.
400	InvalidParam.StartPort	The specified StartPort is invalid.
400	InvalidParamSize.PortRange	The size of param PortRange is invalid.
400	InvalidParam.EndPort	The specified EndPort is invalid.
400	InvalidParam.PortRange	The specified PortRange is invalid.
400	Duplicated.AclEntry	%s.	%s
400	ResourceNotFound.VServerGroup	%s.
400	IllegalParam.FailoverStrategy	The parameter FailoverStrategy is illegal.
400	IllegalParam.FailoverThreshold	The parameter FailoverThreshold is illegal.
400	MasterSlaveServerConflict	The servers are conflict for MasterSlaveGroup.
400	MissingParam.VServerGroupId	The parameter VServerGroupId is missing.
400	OperationDenied.HealthCheckClosedForMasterSlaveMode	The operation is denied because of HealthCheckClosedForMasterSlaveMode.
400	InvalidParam.HealthCheck	The param of HealthCheck is illegal.
400	OperationDenied.MasterSlaveGroupLogEnabled	The operation is denied because of MasterSlaveGroupLogEnabled.
400	OperationDenied.NotSupportAcl	The operation is denied because The single Tunnel or any Tunnel loadbalancer does not support config AccessControlList.
400	OperationDenied.FullNatModeNotAllowed	The operation is not allowed because of FullNatModeNotAllowed.
400	OperationDenied.OnlyIpv4SlbSupport	The operation is not allowed because of OnlyIpv4SlbSupport.
400	SpecNotSupportParameter	The instance with share spec does not support FullNatEnabled parameter.
400	Abs.VServerGroupIdAndMasterSlaveServerGroupId.MissMatch	Virtual service group ID or master slave server group ID is missing. Please check the input parameters.
400	AclListenerOverLimit	This acl has reached the limit of binding to listeners.
400	QuotaLimitExceeds.AclAttachedToListener	The number of Acl bound listeners has reached the quota limit
400	QuotaLimitExceeds.TotalAclEntry	The number of Acl entries has reached the quota limit.
400	QuotaLimitExceeds.AclListenerOverLimit	This acl has reached the limit of binding to listeners.

See Error Codes for a complete list.

Release notes

See Release Notes for a complete list.