Create or update a ALBVirtualService

If a ALBVirtualService with the alb-VirtualService-id is not
already present, create a new ALBVirtualService. If it already exists,
update the ALBVirtualService. This is a full replace.
This API is only available when using VMware NSX-T.

Request:

Method:

PUT

URI Path(s):

/policy/api/v1/infra/alb-virtual-services/<alb-virtualservice-id>

Request Headers:

n/a

Query Parameters:

n/a

Request Body:

ALBVirtualService+

ALBVirtualService (schema)

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
active_standby_se_tag	Active standby se tag This configuration only applies if the VirtualService is in Legacy Active Standby HA mode and Load Distribution among Active Standby is enabled. This field is used to tag the VirtualService so that VirtualServices with the same tag will share the same Active ServiceEngine. VirtualServices with different tags will have different Active ServiceEngines. If one of the ServiceEngine's in the ServiceEngineGroup fails, all VirtualServices will end up using the same Active ServiceEngine. Redistribution of the VirtualServices can be either manual or automated when the failed ServiceEngine recovers. Redistribution is based on the auto redistribute property of the ServiceEngineGroup. Enum options - ACTIVE_STANDBY_SE_1, ACTIVE_STANDBY_SE_2. Default value when not specified in API or module is interpreted by ALB Controller as ACTIVE_STANDBY_SE_1.	ALBActiveStandbySeTag	Default: "ACTIVE_STANDBY_SE_1"
advertise_down_vs	Advertise down vs Keep advertising Virtual Service via BGP even if it is marked down by health monitor. This setting takes effect for future Virtual Service flaps. To advertise current VSes that are down, please disable and re-enable the Virtual Service. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.	boolean	Default: "False"
allow_invalid_client_cert	Allow invalid client cert Process request even if invalid client certificate is presented. Datascript APIs need to be used for processing of such requests. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.	boolean	Default: "False"
analytics_policy	Analytics policy Determines analytics settings for the application.	ALBAnalyticsPolicy
analytics_profile_path	Analytics profile path Specifies settings related to analytics. It is a reference to an object of type AnalyticsProfile.	string
apic_contract_graph	Apic contract graph The name of the Contract/Graph associated with the Virtual Service. Should be in the format. This is applicable only for Service Integration mode with Cisco APIC Controller. Allowed in Basic edition, Essentials edition, Enterprise edition.	string
application_profile_path	Application profile path Enable application layer specific features for the Virtual Service. It is a reference to an object of type ApplicationProfile. Special default for Essentials edition is System-L4-Application.	string
azure_availability_set	Azure availability set (internal-use)Applicable for Azure only. Azure Availability set to which this VS is associated. Internally set by the cloud connector.	string
bgp_peer_labels	Bgp peer labels Select BGP peers, using peer label, for VsVip advertisement. Maximum of 128 items allowed.	array of string
bulk_sync_kvcache	Bulk sync kvcache (This is a beta feature). Sync Key-Value cache to the new SEs when VS is scaled out. For ex SSL sessions are stored using VS's Key-Value cache. When the VS is scaled out, the SSL session information is synced to the new SE, allowing existing SSL sessions to be reused on the new SE. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.	boolean	Default: "False"
children	subtree for this type within policy tree subtree for this type within policy tree containing nested elements.	array of ChildPolicyConfigResource Children are not allowed for this type
client_auth	Client auth HTTP authentication configuration for protected resources.	ALBHTTPClientAuthenticationParams
close_client_conn_on_config_update	Close client conn on config update close client connection on vs config update. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.	boolean	Default: "False"
cloud_config_cksum	Cloud config cksum Checksum of cloud configuration for VS. Internally set by cloud connector.	string
cloud_name	Cloud name It is a reference to an object of type Cloud.	string
cloud_type	Cloud type Enum options - CLOUD_NONE, CLOUD_VCENTER, CLOUD_OPENSTACK, CLOUD_AWS, CLOUD_VCA, CLOUD_APIC, CLOUD_MESOS, CLOUD_LINUXSERVER, CLOUD_DOCKER_UCP, CLOUD_RANCHER, CLOUD_OSHIFT_K8S, CLOUD_AZURE, CLOUD_GCP, CLOUD_NSXT. Allowed in Basic(Allowed values- CLOUD_NONE,CLOUD_NSXT) edition, Essentials(Allowed values- CLOUD_NONE,CLOUD_VCENTER) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as CLOUD_NONE.	ALBCloudType	Default: "CLOUD_NONE"
connections_rate_limit	Connections rate limit Rate limit the incoming connections to this virtual service.	ALBRateProfile
content_rewrite	Content rewrite Profile used to match and rewrite strings in request and/or response body.	ALBContentRewriteProfile
created_by	Created by Creator name.	string
delay_fairness	Delay fairness Select the algorithm for QoS fairness. This determines how multiple Virtual Services sharing the same Service Engines will prioritize traffic over a congested network. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.	boolean	Default: "False"
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
dns_info	Dns info Service discovery specific data including fully qualified domain name, type and Time-To-Live of the DNS record. Note that only one of fqdn and dns_info setting is allowed. Maximum of 1000 items allowed.	array of ALBDnsInfo
dns_policies	Dns policies DNS Policies applied on the dns traffic of the Virtual Service. Allowed in Basic edition, Essentials edition, Enterprise edition.	array of ALBDnsPolicies
east_west_placement	East west placement Force placement on all SE's in service group (Mesos mode only). Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.	boolean	Default: "False"
enable_autogw	Enable autogw Response traffic to clients will be sent back to the source MAC address of the connection, rather than statically sent to a default gateway. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Special default for Basic edition is false, Essentials edition is false, Enterprise is True. Default value when not specified in API or module is interpreted by ALB Controller as false.	boolean	Default: "False"
enable_rhi	Enable rhi Enable Route Health Injection using the BGP Config in the vrf context.	boolean
enable_rhi_snat	Enable rhi snat Enable Route Health Injection for Source NAT'ted floating IP Address using the BGP Config in the vrf context.	boolean
enabled	Enabled Enable or disable the Virtual Service. Default value when not specified in API or module is interpreted by ALB Controller as true.	boolean	Default: "True"
error_page_profile_path	Error page profile path Error Page Profile to be used for this virtualservice.This profile is used to send the custom error page to the client generated by the proxy. It is a reference to an object of type ErrorPageProfile. Allowed in Basic edition, Essentials edition, Enterprise edition.	string
flow_dist	Flow dist Criteria for flow distribution among SEs. Enum options - LOAD_AWARE, CONSISTENT_HASH_SOURCE_IP_ADDRESS, CONSISTENT_HASH_SOURCE_IP_ADDRESS_AND_PORT. Allowed in Basic(Allowed values- LOAD_AWARE) edition, Essentials(Allowed values- LOAD_AWARE) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as LOAD_AWARE.	ALBSeFlowDist	Default: "LOAD_AWARE"
flow_label_type	Flow label type Criteria for flow labelling. Enum options - NO_LABEL, APPLICATION_LABEL, SERVICE_LABEL. Default value when not specified in API or module is interpreted by ALB Controller as NO_LABEL.	ALBFlowLabelType	Default: "NO_LABEL"
fqdn	Fqdn DNS resolvable, fully qualified domain name of the virtualservice. Only one of 'fqdn' and 'dns_info' configuration is allowed.	string
group_paths	Group paths A list of NSX Groups representing the Clients which can access the Virtual IP of the Virtual Service.	array of string
host_name_xlate	Host name xlate Translate the host name sent to the servers to this value. Translate the host name sent from servers back to the value used by the client.	string
http_policies	Http policies HTTP Policies applied on the data traffic of the Virtual Service.	array of ALBHTTPPolicies
id	Unique identifier of this resource	string	Sortable
ign_pool_net_reach	Ign pool net reach Ignore Pool servers network reachability constraints for Virtual Service placement. Default value when not specified in API or module is interpreted by ALB Controller as false.	boolean	Default: "False"
l4_policies	L4 policies L4 Policies applied to the data traffic of the Virtual Service.	array of ALBL4Policies
limit_doser	Limit doser Limit potential DoS attackers who exceed max_cps_per_client significantly to a fraction of max_cps_per_client for a while. Default value when not specified in API or module is interpreted by ALB Controller as false.	boolean	Default: "False"
marked_for_delete	Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.	boolean	Readonly Default: "False"
markers	Markers List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition.	array of ALBRoleFilterMatchLabel
max_cps_per_client	Max cps per client Maximum connections per second per client IP. Allowed values are 10-1000. Special values are 0- 'unlimited'. Default value when not specified in API or module is interpreted by ALB Controller as 0.	integer	Minimum: 0 Maximum: 1000 Default: "0"
min_pools_up	Min pools up Minimum number of UP pools to mark VS up.	integer
network_profile_path	Network profile path Determines network settings such as protocol, TCP or UDP, and related options for the protocol. It is a reference to an object of type NetworkProfile. Special default for Essentials edition is System-TCP-Fast-Path.	string
network_security_policy_path	Network security policy path Network security policies for the Virtual Service. It is a reference to an object of type NetworkSecurityPolicy.	string
overridden	Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.	boolean	Readonly Default: "False"
parent_path	Path of its parent Path of its parent	string	Readonly
path	Absolute path of this object Absolute path of this object	string	Readonly
performance_limits	Performance limits Optional settings that determine performance limits like max connections or bandwdith etc.	ALBPerformanceLimits
pool_group_path	Pool group path The pool group is an object that contains pools. It is a reference to an object of type PoolGroup.	string
pool_path	Pool path The pool is an object that contains destination servers and related attributes such as load-balancing and persistence. It is a reference to an object of type Pool.	string
realization_id	A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.	string	Readonly
relative_path	Relative path of this object Path relative from its parent	string	Readonly
remove_listening_port_on_vs_down	Remove listening port on vs down Remove listening port if VirtualService is down. Default value when not specified in API or module is interpreted by ALB Controller as false.	boolean	Default: "False"
requests_rate_limit	Requests rate limit Rate limit the incoming requests to this virtual service.	ALBRateProfile
resource_type	Must be set to the value ALBVirtualService	string
saml_sp_config	Saml sp config Application-specific SAML config. Allowed in Basic edition, Essentials edition, Enterprise edition.	ALBSAMLSPConfig
se_group_name	Se group name The Service Engine Group to use for this Virtual Service. Moving to a new SE Group is disruptive to existing connections for this VS. It is a reference to an object of type ServiceEngineGroup.	string
security_policy_path	Security policy path Security policy applied on the traffic of the Virtual Service. This policy is used to perform security actions such as Distributed Denial of Service (DDoS) attack mitigation, etc. It is a reference to an object of type SecurityPolicy. Allowed in Basic edition, Essentials edition, Enterprise edition.	string
server_network_profile_path	Server network profile path Determines the network settings profile for the server side of TCP proxied connections. Leave blank to use the same settings as the client to VS side of the connection. It is a reference to an object of type NetworkProfile.	string
service_metadata	Service metadata Metadata pertaining to the Service provided by this virtual service. In Openshift/Kubernetes environments, egress pod info is stored. Any user input to this field will be overwritten by Avi Vantage.	string
service_pool_select	Service pool select Select pool based on destination port.	array of ALBServicePoolSelector
services	Services List of Services defined for this Virtual Service. Maximum of 2048 items allowed.	array of ALBService
sideband_profile	Sideband profile Sideband configuration to be used for this virtualservice.It can be used for sending traffic to sideband VIPs for external inspection etc.	ALBSidebandProfile
snat_ip	Snat ip NAT'ted floating source IP Address(es) for upstream connection to servers. Maximum of 32 items allowed.	array of ALBIpAddr
sp_pool_paths	Sp pool paths GSLB pools used to manage site-persistence functionality. Each site-persistence pool contains the virtualservices in all the other sites, that is auto-generated by the GSLB manager. This is a read-only field for the user. It is a reference to an object of type Pool.	array of string
ssl_key_and_certificate_paths	Ssl key and certificate paths Select or create one or two certificates, EC and/or RSA, that will be presented to SSL/TLS terminated connections. It is a reference to an object of type SSLKeyAndCertificate.	array of string
ssl_profile_path	Ssl profile path Determines the set of SSL versions and ciphers to accept for SSL/TLS terminated connections. It is a reference to an object of type SSLProfile.	string
ssl_profile_selectors	Ssl profile selectors Select SSL Profile based on client IP address match. Allowed in Basic edition, Essentials edition, Enterprise edition.	array of ALBSSLProfileSelector
ssl_sess_cache_avg_size	Ssl sess cache avg size Expected number of SSL session cache entries (may be exceeded). Allowed values are 1024-16383. Default value when not specified in API or module is interpreted by ALB Controller as 1024.	integer	Minimum: 1024 Maximum: 16383 Default: "1024"
sso_policy_path	Sso policy path The SSO Policy attached to the virtualservice. It is a reference to an object of type SSOPolicy. Allowed in Basic edition, Essentials edition, Enterprise edition.	string
static_dns_records	Static dns records List of static DNS records applied to this Virtual Service. These are static entries and no health monitoring is performed against the IP addresses. Maximum of 1000 items allowed.	array of ALBDnsRecord
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30
topology_policies	Topology policies Topology Policies applied on the dns traffic of the Virtual Service based onGSLB Topology algorithm. Allowed in Basic edition, Essentials edition, Enterprise edition.	array of ALBDnsPolicies
traffic_clone_profile_path	Traffic clone profile path Server network or list of servers for cloning traffic. It is a reference to an object of type TrafficCloneProfile. Allowed in Basic edition, Essentials edition, Enterprise edition.	string
traffic_enabled	Traffic enabled Knob to enable the Virtual Service traffic on its assigned service engines. This setting is effective only when the enabled flag is set to True. Default value when not specified in API or module is interpreted by ALB Controller as true.	boolean	Default: "True"
type	Type Specify if this is a normal Virtual Service, or if it is the parent or child of an SNI-enabled virtual hosted Virtual Service. Enum options - VS_TYPE_NORMAL, VS_TYPE_VH_PARENT, VS_TYPE_VH_CHILD. Allowed in Basic(Allowed values- VS_TYPE_NORMAL,VS_TYPE_VH_PARENT) edition, Essentials(Allowed values- VS_TYPE_NORMAL) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as VS_TYPE_NORMAL.	ALBVirtualServiceType	Default: "VS_TYPE_NORMAL"
unique_id	A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.	string	Readonly
use_bridge_ip_as_vip	Use bridge ip as vip Use Bridge IP as VIP on each Host in Mesos deployments. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.	boolean	Default: "False"
use_vip_as_snat	Use vip as snat Use the Virtual IP as the SNAT IP for health monitoring and sending traffic to the backend servers instead of the Service Engine interface IP. The caveat of enabling this option is that the VirtualService cannot be configured in an Active-Active HA mode. DNS based Multi VIP solution has to be used for HA & Non-disruptive Upgrade purposes. Allowed in Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.	boolean	Default: "False"
vh_domain_name	Vh domain name The exact name requested from the client's SNI-enabled TLS hello domain name field. If this is a match, the parent VS will forward the connection to this child VS.	array of string
vh_parent_vs_uuid	Vh parent vs uuid Specifies the Virtual Service acting as Virtual Hosting (SNI) parent.	string
vip	Vip List of Virtual Service IPs. While creating a 'Shared VS',please use vsvip_ref to point to the shared entities.	array of ALBVip
vrf_context_name	Vrf context name Virtual Routing Context that the Virtual Service is bound to. This is used to provide the isolation of the set of networks the application is attached to. It is a reference to an object of type VrfContext.	string
vs_datascripts	Vs datascripts Datascripts applied on the data traffic of the Virtual Service.	array of ALBVSDataScripts
vsvip_path	Vsvip path Mostly used during the creation of Shared VS, this field refers to entities that can be shared across Virtual Services. It is a reference to an object of type VsVip.	string
waf_policy_path	Waf policy path WAF policy for the Virtual Service. It is a reference to an object of type WafPolicy. Allowed in Basic edition, Essentials edition, Enterprise edition.	string
weight	Weight The Quality of Service weight to assign to traffic transmitted from this Virtual Service. A higher weight will prioritize traffic versus other Virtual Services sharing the same Service Engines. Allowed values are 1-128. Allowed in Basic(Allowed values- 1) edition, Essentials(Allowed values- 1) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 1.	integer	Minimum: 1 Maximum: 128 Default: "1"

Example Request:

{ "application_profile_path": "/infra/alb-application-profiles/https_ssl_pass_through_enable_src_ip", "close_client_conn_on_config_update": false, "cloud_name": "nsxt_cloud_overlay", "connections_rate_limit": { "action": { "type": "RL_ACTION_DROP_CONN" }, "rate_limiter": { "count": 123, "period": 1 } }, "display_name": "https_vip1", "east_west_placement": false, "enabled": false, "network_profile_path": "/infra/alb-network-profiles/System-TCP-Proxy", "performance_limits": { "max_concurrent_connections": 123 }, "pool_path": "/infra/alb-pools/https_pool_1", "se_group_name": null, "services": [ { "enable_ssl": false, "port": 9000 } ], "type": "VS_TYPE_NORMAL", "vsvip_path": "/infra/alb-vs-vips/vsvip_http_vip1" }

Successful Response:

Response Code:

200 OK

Response Headers:

Content-type: application/json

Response Body:

ALBVirtualService+

ALBVirtualService (schema)

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
active_standby_se_tag	Active standby se tag This configuration only applies if the VirtualService is in Legacy Active Standby HA mode and Load Distribution among Active Standby is enabled. This field is used to tag the VirtualService so that VirtualServices with the same tag will share the same Active ServiceEngine. VirtualServices with different tags will have different Active ServiceEngines. If one of the ServiceEngine's in the ServiceEngineGroup fails, all VirtualServices will end up using the same Active ServiceEngine. Redistribution of the VirtualServices can be either manual or automated when the failed ServiceEngine recovers. Redistribution is based on the auto redistribute property of the ServiceEngineGroup. Enum options - ACTIVE_STANDBY_SE_1, ACTIVE_STANDBY_SE_2. Default value when not specified in API or module is interpreted by ALB Controller as ACTIVE_STANDBY_SE_1.	ALBActiveStandbySeTag	Default: "ACTIVE_STANDBY_SE_1"
advertise_down_vs	Advertise down vs Keep advertising Virtual Service via BGP even if it is marked down by health monitor. This setting takes effect for future Virtual Service flaps. To advertise current VSes that are down, please disable and re-enable the Virtual Service. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.	boolean	Default: "False"
allow_invalid_client_cert	Allow invalid client cert Process request even if invalid client certificate is presented. Datascript APIs need to be used for processing of such requests. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.	boolean	Default: "False"
analytics_policy	Analytics policy Determines analytics settings for the application.	ALBAnalyticsPolicy
analytics_profile_path	Analytics profile path Specifies settings related to analytics. It is a reference to an object of type AnalyticsProfile.	string
apic_contract_graph	Apic contract graph The name of the Contract/Graph associated with the Virtual Service. Should be in the format. This is applicable only for Service Integration mode with Cisco APIC Controller. Allowed in Basic edition, Essentials edition, Enterprise edition.	string
application_profile_path	Application profile path Enable application layer specific features for the Virtual Service. It is a reference to an object of type ApplicationProfile. Special default for Essentials edition is System-L4-Application.	string
azure_availability_set	Azure availability set (internal-use)Applicable for Azure only. Azure Availability set to which this VS is associated. Internally set by the cloud connector.	string
bgp_peer_labels	Bgp peer labels Select BGP peers, using peer label, for VsVip advertisement. Maximum of 128 items allowed.	array of string
bulk_sync_kvcache	Bulk sync kvcache (This is a beta feature). Sync Key-Value cache to the new SEs when VS is scaled out. For ex SSL sessions are stored using VS's Key-Value cache. When the VS is scaled out, the SSL session information is synced to the new SE, allowing existing SSL sessions to be reused on the new SE. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.	boolean	Default: "False"
children	subtree for this type within policy tree subtree for this type within policy tree containing nested elements.	array of ChildPolicyConfigResource Children are not allowed for this type
client_auth	Client auth HTTP authentication configuration for protected resources.	ALBHTTPClientAuthenticationParams
close_client_conn_on_config_update	Close client conn on config update close client connection on vs config update. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.	boolean	Default: "False"
cloud_config_cksum	Cloud config cksum Checksum of cloud configuration for VS. Internally set by cloud connector.	string
cloud_name	Cloud name It is a reference to an object of type Cloud.	string
cloud_type	Cloud type Enum options - CLOUD_NONE, CLOUD_VCENTER, CLOUD_OPENSTACK, CLOUD_AWS, CLOUD_VCA, CLOUD_APIC, CLOUD_MESOS, CLOUD_LINUXSERVER, CLOUD_DOCKER_UCP, CLOUD_RANCHER, CLOUD_OSHIFT_K8S, CLOUD_AZURE, CLOUD_GCP, CLOUD_NSXT. Allowed in Basic(Allowed values- CLOUD_NONE,CLOUD_NSXT) edition, Essentials(Allowed values- CLOUD_NONE,CLOUD_VCENTER) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as CLOUD_NONE.	ALBCloudType	Default: "CLOUD_NONE"
connections_rate_limit	Connections rate limit Rate limit the incoming connections to this virtual service.	ALBRateProfile
content_rewrite	Content rewrite Profile used to match and rewrite strings in request and/or response body.	ALBContentRewriteProfile
created_by	Created by Creator name.	string
delay_fairness	Delay fairness Select the algorithm for QoS fairness. This determines how multiple Virtual Services sharing the same Service Engines will prioritize traffic over a congested network. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.	boolean	Default: "False"
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
dns_info	Dns info Service discovery specific data including fully qualified domain name, type and Time-To-Live of the DNS record. Note that only one of fqdn and dns_info setting is allowed. Maximum of 1000 items allowed.	array of ALBDnsInfo
dns_policies	Dns policies DNS Policies applied on the dns traffic of the Virtual Service. Allowed in Basic edition, Essentials edition, Enterprise edition.	array of ALBDnsPolicies
east_west_placement	East west placement Force placement on all SE's in service group (Mesos mode only). Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.	boolean	Default: "False"
enable_autogw	Enable autogw Response traffic to clients will be sent back to the source MAC address of the connection, rather than statically sent to a default gateway. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Special default for Basic edition is false, Essentials edition is false, Enterprise is True. Default value when not specified in API or module is interpreted by ALB Controller as false.	boolean	Default: "False"
enable_rhi	Enable rhi Enable Route Health Injection using the BGP Config in the vrf context.	boolean
enable_rhi_snat	Enable rhi snat Enable Route Health Injection for Source NAT'ted floating IP Address using the BGP Config in the vrf context.	boolean
enabled	Enabled Enable or disable the Virtual Service. Default value when not specified in API or module is interpreted by ALB Controller as true.	boolean	Default: "True"
error_page_profile_path	Error page profile path Error Page Profile to be used for this virtualservice.This profile is used to send the custom error page to the client generated by the proxy. It is a reference to an object of type ErrorPageProfile. Allowed in Basic edition, Essentials edition, Enterprise edition.	string
flow_dist	Flow dist Criteria for flow distribution among SEs. Enum options - LOAD_AWARE, CONSISTENT_HASH_SOURCE_IP_ADDRESS, CONSISTENT_HASH_SOURCE_IP_ADDRESS_AND_PORT. Allowed in Basic(Allowed values- LOAD_AWARE) edition, Essentials(Allowed values- LOAD_AWARE) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as LOAD_AWARE.	ALBSeFlowDist	Default: "LOAD_AWARE"
flow_label_type	Flow label type Criteria for flow labelling. Enum options - NO_LABEL, APPLICATION_LABEL, SERVICE_LABEL. Default value when not specified in API or module is interpreted by ALB Controller as NO_LABEL.	ALBFlowLabelType	Default: "NO_LABEL"
fqdn	Fqdn DNS resolvable, fully qualified domain name of the virtualservice. Only one of 'fqdn' and 'dns_info' configuration is allowed.	string
group_paths	Group paths A list of NSX Groups representing the Clients which can access the Virtual IP of the Virtual Service.	array of string
host_name_xlate	Host name xlate Translate the host name sent to the servers to this value. Translate the host name sent from servers back to the value used by the client.	string
http_policies	Http policies HTTP Policies applied on the data traffic of the Virtual Service.	array of ALBHTTPPolicies
id	Unique identifier of this resource	string	Sortable
ign_pool_net_reach	Ign pool net reach Ignore Pool servers network reachability constraints for Virtual Service placement. Default value when not specified in API or module is interpreted by ALB Controller as false.	boolean	Default: "False"
l4_policies	L4 policies L4 Policies applied to the data traffic of the Virtual Service.	array of ALBL4Policies
limit_doser	Limit doser Limit potential DoS attackers who exceed max_cps_per_client significantly to a fraction of max_cps_per_client for a while. Default value when not specified in API or module is interpreted by ALB Controller as false.	boolean	Default: "False"
marked_for_delete	Indicates whether the intent object is marked for deletion Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.	boolean	Readonly Default: "False"
markers	Markers List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition.	array of ALBRoleFilterMatchLabel
max_cps_per_client	Max cps per client Maximum connections per second per client IP. Allowed values are 10-1000. Special values are 0- 'unlimited'. Default value when not specified in API or module is interpreted by ALB Controller as 0.	integer	Minimum: 0 Maximum: 1000 Default: "0"
min_pools_up	Min pools up Minimum number of UP pools to mark VS up.	integer
network_profile_path	Network profile path Determines network settings such as protocol, TCP or UDP, and related options for the protocol. It is a reference to an object of type NetworkProfile. Special default for Essentials edition is System-TCP-Fast-Path.	string
network_security_policy_path	Network security policy path Network security policies for the Virtual Service. It is a reference to an object of type NetworkSecurityPolicy.	string
overridden	Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.	boolean	Readonly Default: "False"
parent_path	Path of its parent Path of its parent	string	Readonly
path	Absolute path of this object Absolute path of this object	string	Readonly
performance_limits	Performance limits Optional settings that determine performance limits like max connections or bandwdith etc.	ALBPerformanceLimits
pool_group_path	Pool group path The pool group is an object that contains pools. It is a reference to an object of type PoolGroup.	string
pool_path	Pool path The pool is an object that contains destination servers and related attributes such as load-balancing and persistence. It is a reference to an object of type Pool.	string
realization_id	A unique identifier assigned by the system for realizing intent This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.	string	Readonly
relative_path	Relative path of this object Path relative from its parent	string	Readonly
remove_listening_port_on_vs_down	Remove listening port on vs down Remove listening port if VirtualService is down. Default value when not specified in API or module is interpreted by ALB Controller as false.	boolean	Default: "False"
requests_rate_limit	Requests rate limit Rate limit the incoming requests to this virtual service.	ALBRateProfile
resource_type	Must be set to the value ALBVirtualService	string
saml_sp_config	Saml sp config Application-specific SAML config. Allowed in Basic edition, Essentials edition, Enterprise edition.	ALBSAMLSPConfig
se_group_name	Se group name The Service Engine Group to use for this Virtual Service. Moving to a new SE Group is disruptive to existing connections for this VS. It is a reference to an object of type ServiceEngineGroup.	string
security_policy_path	Security policy path Security policy applied on the traffic of the Virtual Service. This policy is used to perform security actions such as Distributed Denial of Service (DDoS) attack mitigation, etc. It is a reference to an object of type SecurityPolicy. Allowed in Basic edition, Essentials edition, Enterprise edition.	string
server_network_profile_path	Server network profile path Determines the network settings profile for the server side of TCP proxied connections. Leave blank to use the same settings as the client to VS side of the connection. It is a reference to an object of type NetworkProfile.	string
service_metadata	Service metadata Metadata pertaining to the Service provided by this virtual service. In Openshift/Kubernetes environments, egress pod info is stored. Any user input to this field will be overwritten by Avi Vantage.	string
service_pool_select	Service pool select Select pool based on destination port.	array of ALBServicePoolSelector
services	Services List of Services defined for this Virtual Service. Maximum of 2048 items allowed.	array of ALBService
sideband_profile	Sideband profile Sideband configuration to be used for this virtualservice.It can be used for sending traffic to sideband VIPs for external inspection etc.	ALBSidebandProfile
snat_ip	Snat ip NAT'ted floating source IP Address(es) for upstream connection to servers. Maximum of 32 items allowed.	array of ALBIpAddr
sp_pool_paths	Sp pool paths GSLB pools used to manage site-persistence functionality. Each site-persistence pool contains the virtualservices in all the other sites, that is auto-generated by the GSLB manager. This is a read-only field for the user. It is a reference to an object of type Pool.	array of string
ssl_key_and_certificate_paths	Ssl key and certificate paths Select or create one or two certificates, EC and/or RSA, that will be presented to SSL/TLS terminated connections. It is a reference to an object of type SSLKeyAndCertificate.	array of string
ssl_profile_path	Ssl profile path Determines the set of SSL versions and ciphers to accept for SSL/TLS terminated connections. It is a reference to an object of type SSLProfile.	string
ssl_profile_selectors	Ssl profile selectors Select SSL Profile based on client IP address match. Allowed in Basic edition, Essentials edition, Enterprise edition.	array of ALBSSLProfileSelector
ssl_sess_cache_avg_size	Ssl sess cache avg size Expected number of SSL session cache entries (may be exceeded). Allowed values are 1024-16383. Default value when not specified in API or module is interpreted by ALB Controller as 1024.	integer	Minimum: 1024 Maximum: 16383 Default: "1024"
sso_policy_path	Sso policy path The SSO Policy attached to the virtualservice. It is a reference to an object of type SSOPolicy. Allowed in Basic edition, Essentials edition, Enterprise edition.	string
static_dns_records	Static dns records List of static DNS records applied to this Virtual Service. These are static entries and no health monitoring is performed against the IP addresses. Maximum of 1000 items allowed.	array of ALBDnsRecord
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30
topology_policies	Topology policies Topology Policies applied on the dns traffic of the Virtual Service based onGSLB Topology algorithm. Allowed in Basic edition, Essentials edition, Enterprise edition.	array of ALBDnsPolicies
traffic_clone_profile_path	Traffic clone profile path Server network or list of servers for cloning traffic. It is a reference to an object of type TrafficCloneProfile. Allowed in Basic edition, Essentials edition, Enterprise edition.	string
traffic_enabled	Traffic enabled Knob to enable the Virtual Service traffic on its assigned service engines. This setting is effective only when the enabled flag is set to True. Default value when not specified in API or module is interpreted by ALB Controller as true.	boolean	Default: "True"
type	Type Specify if this is a normal Virtual Service, or if it is the parent or child of an SNI-enabled virtual hosted Virtual Service. Enum options - VS_TYPE_NORMAL, VS_TYPE_VH_PARENT, VS_TYPE_VH_CHILD. Allowed in Basic(Allowed values- VS_TYPE_NORMAL,VS_TYPE_VH_PARENT) edition, Essentials(Allowed values- VS_TYPE_NORMAL) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as VS_TYPE_NORMAL.	ALBVirtualServiceType	Default: "VS_TYPE_NORMAL"
unique_id	A unique identifier assigned by the system This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.	string	Readonly
use_bridge_ip_as_vip	Use bridge ip as vip Use Bridge IP as VIP on each Host in Mesos deployments. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.	boolean	Default: "False"
use_vip_as_snat	Use vip as snat Use the Virtual IP as the SNAT IP for health monitoring and sending traffic to the backend servers instead of the Service Engine interface IP. The caveat of enabling this option is that the VirtualService cannot be configured in an Active-Active HA mode. DNS based Multi VIP solution has to be used for HA & Non-disruptive Upgrade purposes. Allowed in Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.	boolean	Default: "False"
vh_domain_name	Vh domain name The exact name requested from the client's SNI-enabled TLS hello domain name field. If this is a match, the parent VS will forward the connection to this child VS.	array of string
vh_parent_vs_uuid	Vh parent vs uuid Specifies the Virtual Service acting as Virtual Hosting (SNI) parent.	string
vip	Vip List of Virtual Service IPs. While creating a 'Shared VS',please use vsvip_ref to point to the shared entities.	array of ALBVip
vrf_context_name	Vrf context name Virtual Routing Context that the Virtual Service is bound to. This is used to provide the isolation of the set of networks the application is attached to. It is a reference to an object of type VrfContext.	string
vs_datascripts	Vs datascripts Datascripts applied on the data traffic of the Virtual Service.	array of ALBVSDataScripts
vsvip_path	Vsvip path Mostly used during the creation of Shared VS, this field refers to entities that can be shared across Virtual Services. It is a reference to an object of type VsVip.	string
waf_policy_path	Waf policy path WAF policy for the Virtual Service. It is a reference to an object of type WafPolicy. Allowed in Basic edition, Essentials edition, Enterprise edition.	string
weight	Weight The Quality of Service weight to assign to traffic transmitted from this Virtual Service. A higher weight will prioritize traffic versus other Virtual Services sharing the same Service Engines. Allowed values are 1-128. Allowed in Basic(Allowed values- 1) edition, Essentials(Allowed values- 1) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 1.	integer	Minimum: 1 Maximum: 128 Default: "1"

Example Response:

{ "_create_time": 1591327900946, "_create_user": "admin", "_last_modified_time": 1591327900953, "_last_modified_user": "admin", "_protection": "NOT_PROTECTED", "_revision": 0, "_system_owned": false, "application_profile_path": "/infra/alb-application-profiles/https_ssl_pass_through_enable_src_ip", "close_client_conn_on_config_update": false, "cloud_name": "nsxt_cloud_overlay", "connections_rate_limit": { "action": { "type": "RL_ACTION_DROP_CONN" }, "rate_limiter": { "count": 123, "period": 1 } }, "display_name": "https_vip1", "east_west_placement": false, "enabled": false, "id": "https_vip1", "marked_for_delete": false, "network_profile_path": "/infra/alb-network-profiles/System-TCP-Proxy", "overridden": false, "parent_path": "/infra", "path": "/infra/alb-virtual-services/https_vip1", "performance_limits": { "max_concurrent_connections": 123 }, "pool_path": "/infra/alb-pools/https_pool_1", "relative_path": "https_vip1", "resource_type": "VirtualService", "se_group_name": null, "services": [ { "enable_ssl": false, "port": 9000 } ], "type": "VS_TYPE_NORMAL", "unique_id": "8c0142f1-76e4-4749-82dc-288a209e10d6", "vsvip_path": "/infra/alb-vs-vips/vsvip_http_vip1" }

Create or update a ALBVirtualService

Request:

ALBVirtualService (schema)

Example Request:

Successful Response:

ALBVirtualService (schema)

Example Response:

Required Permissions:

Feature:

Additional Errors: