osc load-balancer listener set

Update an existing listener.

If the request is valid, the service returns the Accepted (202) response code. To confirm the update, check that the listener provisioning status is ACTIVE. If the status is PENDING_UPDATE, use a GET operation to poll the listener object for changes.

This operation returns the updated listener object with the ACTIVE, PENDING_UPDATE, or ERROR provisioning status.

Usage: osc load-balancer listener set [OPTIONS] <ID>

Arguments:

  • <ID> — listener_id parameter for /v2/lbaas/listeners/{listener_id} API

Options:

  • --admin-state-up <ADMIN_STATE_UP> — The administrative state of the resource, which is up (true) or down (false). Default is true

    Possible values: true, false

  • --allowed-cidrs <ALLOWED_CIDRS> — A list of IPv4, IPv6 or mix of both CIDRs. The default is all allowed. When a list of CIDRs is provided, the default switches to deny all.

    New in version 2.12

  • --alpn-protocols <ALPN_PROTOCOLS> — A list of ALPN protocols. Available protocols: http/1.0, http/1.1, h2

    New in version 2.20

  • --client-authentication <CLIENT_AUTHENTICATION> — The TLS client authentication mode. One of the options NONE, OPTIONAL or MANDATORY.

    New in version 2.8

    Possible values: mandatory, none, optional

  • --client-ca-tls-container-ref <CLIENT_CA_TLS_CONTAINER_REF> — The ref of the key manager service secret containing a PEM format client CA certificate bundle for TERMINATED_HTTPS listeners.

    New in version 2.8

  • --client-crl-container-ref <CLIENT_CRL_CONTAINER_REF> — The URI of the key manager service secret containing a PEM format CA revocation list file for TERMINATED_HTTPS listeners.

    New in version 2.8

  • --connection-limit <CONNECTION_LIMIT> — The maximum number of connections permitted for this listener. Default value is -1 which represents infinite connections or a default value defined by the provider driver

  • --default-pool-id <DEFAULT_POOL_ID> — The ID of the pool used by the listener if no L7 policies match. The pool has some restrictions. See Protocol Combinations (Listener/Pool)

  • --default-tls-container-ref <DEFAULT_TLS_CONTAINER_REF> — The URI of the key manager service secret containing a PKCS12 format certificate/key bundle for TERMINATED_HTTPS listeners. DEPRECATED: A secret container of type “certificate” containing the certificate and key for TERMINATED_HTTPS listeners

  • --description <DESCRIPTION> — A human-readable description for the resource

  • --hsts-include-subdomains <HSTS_INCLUDE_SUBDOMAINS> — Defines whether the includeSubDomains directive should be added to the Strict-Transport-Security HTTP response header. This requires setting the hsts_max_age option as well in order to become effective.

    New in version 2.27

    Possible values: true, false

  • --hsts-max-age <HSTS_MAX_AGE> — The value of the max_age directive for the Strict-Transport-Security HTTP response header. Setting this enables HTTP Strict Transport Security (HSTS) for the TLS-terminated listener.

    New in version 2.27

  • --hsts-preload <HSTS_PRELOAD> — Defines whether the preload directive should be added to the Strict-Transport-Security HTTP response header. This requires setting the hsts_max_age option as well in order to become effective.

    New in version 2.27

    Possible values: true, false

  • --insert-headers <key=value> — A dictionary of optional headers to insert into the request before it is sent to the backend member. See Supported HTTP Header Insertions. Both keys and values are always specified as strings

  • --name <NAME> — Human-readable name of the resource

  • --sni-container-refs <SNI_CONTAINER_REFS> — A list of URIs to the key manager service secrets containing PKCS12 format certificate/key bundles for TERMINATED_HTTPS listeners. (DEPRECATED) Secret containers of type “certificate” containing the certificates and keys for TERMINATED_HTTPS listeners

  • --tags <TAGS> — A list of simple strings assigned to the resource.

    New in version 2.5

  • --timeout-client-data <TIMEOUT_CLIENT_DATA> — Frontend client inactivity timeout in milliseconds. Default: 50000.

    New in version 2.1

  • --timeout-member-connect <TIMEOUT_MEMBER_CONNECT> — Backend member connection timeout in milliseconds. Default: 5000.

    New in version 2.1

  • --timeout-member-data <TIMEOUT_MEMBER_DATA> — Backend member inactivity timeout in milliseconds. Default: 50000.

    New in version 2.1

  • --timeout-tcp-inspect <TIMEOUT_TCP_INSPECT> — Time, in milliseconds, to wait for additional TCP packets for content inspection. Default: 0.

    New in version 2.1

  • --tls-ciphers <TLS_CIPHERS> — List of ciphers in OpenSSL format (colon-separated). See https://www.openssl.org/docs/man1.1.1/man1/ciphers.html

    New in version 2.15

  • --tls-versions <TLS_VERSIONS> — A list of TLS protocol versions. Available versions: SSLv3, TLSv1, TLSv1.1, TLSv1.2, TLSv1.3

    New in version 2.17