Modifying the Attributes of a Load Balancer

You can modify the following attributes of a load balancer:

The public IP associated (for an internet-facing load balancer only)
Security groups
Publication of access logs in an OUTSCALE Object Storage (OOS) bucket
Secure cookie setting
Connection draining setting
Idle connection setting

You can associate a public IP with an internet-facing load balancer through the OUTSCALE API only. For more information see the OSC CLI section below.

Modifying the Attributes of a Load Balancer Using Cockpit v2

Modifying the Public IP of an Internet-facing Load Balancer in the Public Cloud

Click inside the Load Balancers dashboard to make checkboxes appear.
Check the box of the load balancer you want to update.
The load balancer is selected and an action menu appears.
Click Update.
The UPDATE LOAD BALANCER dialog box appears.
From the Public IP list, select the public IP you want to associate with the load balancer.

The former public IP is then dissociated.
Click Update.
The public IP of the load balancer is updated.

Modifying the Security Group of an Internal Load Balancer

Click inside the Load Balancers dashboard to make checkboxes appear.
Check the box of the load balancer you want to update.
The load balancer is selected and an action menu appears.
Click Update.
The UPDATE LOAD BALANCER dialog box appears.
From the Security Group list, select:
1. Proceed with a default security group to select the default security group of the Net.
2. Select a security group to select a security group for the load balancer.
Click Update.
The security group of the load balancer is updated.

Modifying the Attributes of an Internet-facing Load Balancer Using OSC CLI

The UpdateLoadBalancer command modifies the specified attribute of a load balancer. You can specify only one attribute at a time.

You can set a new SSL certificate to an SSL or HTTPS listener of a load balancer.
This certificate replaces any certificate used on the same load balancer and port.

You can also replace the currently enabled policy for the load balancer with another one.
If the PolicyNames parameter is empty, the currently enabled policy is disabled.

Request sample: Updating health checks

$ osc-cli api UpdateLoadBalancer --profile "default" \
    --LoadBalancerName "private-lb-example" \
    --HealthCheck '{
        "HealthyThreshold": 10,
        "CheckInterval": 30,
        "Path": "/index.html",
        "Port": 8080,
        "Protocol": "HTTPS",
        "Timeout": 5,
        "UnhealthyThreshold": 5,
      }'

Request sample: Updating access logs

$ osc-cli api UpdateLoadBalancer --profile "default" \
    --LoadBalancerName "private-lb-example" \
    --AccessLog '{
        "PublicationInterval": 5,
        "IsEnabled": True,
        "OsuBucketName": "BUCKET",
        "OsuBucketPrefix": "PREFIX",
      }'

Request sample: Updating policies

$ osc-cli api UpdateLoadBalancer --profile "default" \
    --LoadBalancerName "private-lb-example" \
    --LoadBalancerPort 443 \
    --PolicyNames '["example-browser-policy"]'

Request sample: Updating SSL certificate

$ osc-cli api UpdateLoadBalancer --profile "default" \
    --LoadBalancerName "private-lb-example" \
    --LoadBalancerPort 443 \
    --ServerCertificateId "orn:ows:idauth::012345678910:server-certificate/AnotherCertificate"

This command contains the following attributes that you need to specify:

AccessLog: (optional) Information about access logs.
DryRun: (optional) If true, checks whether you have the required permissions to perform the action.
HealthCheck: (optional) Information about the health check configuration.
LoadBalancerName: The name of the load balancer.
LoadBalancerPort: (optional) The port on which the load balancer is listening (between 1 and 65535, both included). This parameter is required if you want to update the server certificate.
PolicyNames: (optional) The name of the policy you want to enable for the listener.
PublicIp: (optional) (internet-facing only) The public IP you want to associate with the load balancer. The former public IP of the load balancer is then disassociated. If you specify an empty string and the former public IP belonged to you, it is disassociated and replaced by a public IP owned by 3DS OUTSCALE.
SecuredCookies: (optional) If true, secure cookies are enabled for the load balancer.
SecurityGroups: (optional) (Net only) One or more IDs of security groups you want to assign to the load balancer. You need to specify the already assigned security groups that you want to keep along with the new ones you are assigning. If the list is empty, the default security group of the Net is assigned to the load balancer.
ServerCertificateId: (optional) The OUTSCALE Resource Name (ORN) of the server certificate. For more information, see Resource Identifiers > OUTSCALE Resource Names (ORNs). If this parameter is specified, you must also specify the LoadBalancerPort parameter.

The UpdateLoadBalancer command returns the following elements:

LoadBalancer: Information about the load balancer.
ResponseContext: Information about the context of the response.

Result sample: Updating health checks

{
  "ResponseContext": {
    "RequestId": "0475ca1e-d0c5-441d-712a-da55a4175157"
  },
  "LoadBalancer": {
    "Tags": [],
    "SourceSecurityGroup": {
      "SecurityGroupName": "security-group-example",
      "SecurityGroupAccountId": "123456789012"
    },
    "SecuredCookies": false,
    "PublicIp": "192.0.2.0",
    "Subnets": [
      "subnet-12345678"
    ],
    "NetId": "vpc-12345678",
    "BackendVmIds": [],
    "ApplicationStickyCookiePolicies": [],
    "SecurityGroups": [
      "sg-12345678"
    ],
    "LoadBalancerType": "internet-facing",
    "AccessLog": {
      "PublicationInterval": 60,
      "IsEnabled": false
    },
    "DnsName": "private-lb-example.123456789.eu-west-2.lbu.outscale.com",
    "HealthCheck": {
      "UnhealthyThreshold": 5,
      "Timeout": 5,
      "CheckInterval": 30,
      "Path": "/index.html",
      "Protocol": "HTTPS",
      "HealthyThreshold": 10,
      "Port": 8080
    },
    "LoadBalancerStickyCookiePolicies": [],
    "SubregionNames": [
      "eu-west-2a"
    ],
    "Listeners": [
      {
        "ServerCertificateId": "orn:ows:idauth::012345678910:server-certificate/Certificate",
        "BackendPort": 80,
        "BackendProtocol": "HTTP",
        "LoadBalancerPort": 443,
        "LoadBalancerProtocol": "HTTPS"
      }
    ],
    "LoadBalancerName": "private-lb-example"
  }
}

Result sample: Updating access logs

{
  "ResponseContext": {
    "RequestId": "0475ca1e-d0c5-441d-712a-da55a4175157"
  },
  "LoadBalancer": {
    "Tags": [],
    "SourceSecurityGroup": {
      "SecurityGroupName": "security-group-example",
      "SecurityGroupAccountId": "123456789012"
    },
    "SecuredCookies": false,
    "PublicIp": "192.0.2.0",
    "Subnets": [
      "subnet-12345678"
    ],
    "NetId": "vpc-12345678",
    "BackendVmIds": [],
    "ApplicationStickyCookiePolicies": [],
    "SecurityGroups": [
      "sg-12345678"
    ],
    "LoadBalancerType": "internet-facing",
    "AccessLog": {
      "PublicationInterval": 5,
      "OsuBucketPrefix": "PREFIX",
      "OsuBucketName": "BUCKET",
      "IsEnabled": true
    },
    "DnsName": "private-lb-example.123456789.eu-west-2.lbu.outscale.com",
    "HealthCheck": {
      "UnhealthyThreshold": 2,
      "Timeout": 5,
      "CheckInterval": 30,
      "Protocol": "TCP",
      "HealthyThreshold": 10,
      "Port": 80
    },
    "LoadBalancerStickyCookiePolicies": [],
    "SubregionNames": [
      "eu-west-2a"
    ],
    "Listeners": [
      {
        "ServerCertificateId": "orn:ows:idauth::012345678910:server-certificate/Certificate",
        "BackendPort": 80,
        "BackendProtocol": "HTTP",
        "LoadBalancerPort": 443,
        "LoadBalancerProtocol": "HTTPS"
      }
    ],
    "LoadBalancerName": "private-lb-example"
  }
}

Result sample: Updating policies

{
  "ResponseContext": {
    "RequestId": "0475ca1e-d0c5-441d-712a-da55a4175157"
  },
  "LoadBalancer": {
    "Tags": [],
    "SourceSecurityGroup": {
      "SecurityGroupName": "security-group-example",
      "SecurityGroupAccountId": "123456789012"
    },
    "SecuredCookies": false,
    "PublicIp": "192.0.2.0",
    "Subnets": [
      "subnet-12345678"
    ],
    "NetId": "vpc-12345678",
    "BackendVmIds": [],
    "ApplicationStickyCookiePolicies": [],
    "SecurityGroups": [
      "sg-12345678"
    ],
    "LoadBalancerType": "internet-facing",
    "AccessLog": {
      "PublicationInterval": 60,
      "IsEnabled": false
    },
    "DnsName": "private-lb-example.123456789.eu-west-2.lbu.outscale.com",
    "HealthCheck": {
      "UnhealthyThreshold": 2,
      "Timeout": 5,
      "CheckInterval": 30,
      "Protocol": "TCP",
      "HealthyThreshold": 10,
      "Port": 80
    },
    "LoadBalancerStickyCookiePolicies": [
      {
        "PolicyName": "example-browser-policy",
        "CookieExpirationPeriod": 1
      }
    ],
    "SubregionNames": [
      "eu-west-2a"
    ],
    "Listeners": [
      {
        "ServerCertificateId": "orn:ows:idauth::012345678910:server-certificate/Certificate",
        "BackendPort": 80,
        "BackendProtocol": "HTTP",
        "LoadBalancerPort": 443,
        "LoadBalancerProtocol": "HTTPS"
      }
    ],
    "LoadBalancerName": "private-lb-example"
  }
}

Result sample: Updating SSL certificate

{
  "ResponseContext": {
    "RequestId": "0475ca1e-d0c5-441d-712a-da55a4175157"
  },
  "LoadBalancer": {
    "Tags": [],
    "SourceSecurityGroup": {
      "SecurityGroupName": "security-group-example",
      "SecurityGroupAccountId": "123456789012"
    },
    "SecuredCookies": false,
    "PublicIp": "192.0.2.0",
    "Subnets": [
      "subnet-12345678"
    ],
    "NetId": "vpc-12345678",
    "BackendVmIds": [],
    "ApplicationStickyCookiePolicies": [],
    "SecurityGroups": [
      "sg-12345678"
    ],
    "LoadBalancerType": "internet-facing",
    "AccessLog": {
      "PublicationInterval": 60,
      "IsEnabled": false
    },
    "DnsName": "private-lb-example.123456789.eu-west-2.lbu.outscale.com",
    "HealthCheck": {
      "UnhealthyThreshold": 2,
      "Timeout": 5,
      "CheckInterval": 30,
      "Protocol": "TCP",
      "HealthyThreshold": 10,
      "Port": 80
    },
    "LoadBalancerStickyCookiePolicies": [],
    "SubregionNames": [
      "eu-west-2a"
    ],
    "Listeners": [
      {
        "ServerCertificateId": "orn:ows:idauth::012345678910:server-certificate/AnotherCertificate",
        "BackendPort": 80,
        "BackendProtocol": "HTTP",
        "LoadBalancerPort": 443,
        "LoadBalancerProtocol": "HTTPS"
      }
    ],
    "LoadBalancerName": "private-lb-example"
  }
}

Modifying the Attributes of a Load Balancer Using AWS CLI

To modify the attributes of your load balancers, use the modify-load-balancer-attributes command following this syntax:

Request sample

$ aws elb modify-load-balancer-attributes \
    --profile YOUR_PROFILE \
    --load-balancer-name LOAD_BALANCER_NAME \
    --load-balancer-attributes "{ \
                                 \"AccessLog\": \
                                             { \
                                              \"Enabled\": true, \
                                              \"S3BucketName\": \"BUCKET_NAME\", \
                                              \"EmitInterval\": 60, \
                                              \"S3BucketPrefix\": \"BUCKET_PREFIX\" \
                                             }, \
                                \"AdditionalAttributes\": \
                                            { \
                                             \"Key\": \"SecuredCookies\", \
                                             \"Value\": \"true\" \
                                            }, \
                                \"ConnectionDraining\": \
                                            { \
                                             \"Enabled\": true, \
                                             \"Timeout\": 20 \
                                            }, \
                                \"ConnectionSettings\": \
                                            { \
                                             \"IdleTimeout\": 60 \
                                            } \
                               }" \
    --endpoint https://lbu.eu-west-2.outscale.com

This command contains the following attributes that you need to specify:

(optional) profile: The named profile you want to use, created when configuring AWS CLI. For more information, see Installing and Configuring AWS CLI.
load-balancer-name: The name of the load balancer whose attributes you want to modify.
load-balancer-attributes: The attributes of the load balancer you want to modify. The following attributes are available:
- (optional) AccessLog: Information about the publication of the access logs. This element contains the following attributes that you need to specify:
  - Enabled: If true, access logs are enabled for the specified load balancer. If false, they are not.
    
    If you enable access logs, you must specify the S3BucketName attribute below.
  - (optional) S3BucketName: The name of the OOS bucket in which to publish the access logs. For more information, see About OOS.
  - (optional) EmitInterval: The time interval for the publication of access logs in the OOS bucket, in minutes. This value can be either 5 or 60 (by default, 60).
  - (optional) S3BucketPrefix: The path to the folder in your OOS bucket in which to publish the access logs (by default, the root level of your bucket).
- (optional) ConnectionDraining: Information about the draining of the connections to unhealthy or deregistered instances.
  - Enabled: If true, connection draining is enabled for your load balancer. In this case, existing requests are completed before the connections are closed. If false, it is not (by default, false).
  - (optional) Timeout: The maximum time that the load balancer keeps the existing connections open before deregistering instances, in seconds (by default, 20).
- (optional) ConnectionSettings: Information about idle connections.
  - IdleTimeout: The amount of time, in seconds, that the connection is allowed to be idle (meaning no data is sent over), before it is closed by the load balancer. By default, set to 30 for the frontend connection and 60 for the backend connection of your load balancer.
    
    If you set a new duration, the same value is applied to both frontend and backend connections.
- (optional) AdditionalAttributes: Information about additional load balancer attributes, for example secure cookies.
  - Key: The name of the attribute. You can configure secure cookies on your load balancer with SecuredCookies.
  - Value: The value of the attribute. If the Key is SecuredCookies, set the Value to true to enable secure cookies and false to disable them.
endpoint: The endpoint corresponding to the Region you want to send the request to.

The modify-load-balancer-attributes command returns the following elements:

LoadBalancerName: The name of the load balancer.
LoadBalancerAttributes: Information about the load balancer you modified. This element contains the following information:
- AccessLog: Information about the publication of access logs. This element contains the following information:
  - Enabled: If true, access logs are enabled for the specified load balancer. If false, they are not.
  - S3BucketName: The name of the OOS bucket in which the access logs are published. For more information, see About OOS.
  - EmitInterval: The time interval for the publication of access logs in the OOS bucket, in minutes. This value can be either 5 or 60 (by default, 60).
  - S3BucketPrefix: The path to the folder in your OOS bucket in which the access logs are published (by default, the root level of your bucket).
- ConnectionDraining: Information about the draining of the connections. This element contains the following information:
  - Enabled: If true, connection draining is enabled for your load balancer. If false, it is not.
  - Timeout: The time that the load balancer keeps the existing connections open before deregistering instances, in seconds.
- ConnectionSettings: Information about idle connections. This element contains the following information:
  - IdleTimeout: The time that the connection is allowed to be idle before it is closed by the load balancer.
- AdditionalAttributes: Information about additional load balancer attributes. This element contains the following information:
  - Key: The name of the attribute, for example secured_cookies.
  - Value: The value of the attribute. If the Key is secured_cookies and the Value is true, secure cookies are enabled. If false, they are not.

Result sample

{
    "LoadBalancerName": LOAD_BALANCER_NAME,
    "LoadBalancerAttributes": {
        "AccessLog": {
            "Enabled": true,
            "S3BucketName": "BUCKET_NAME",
            "EmitInterval": 60,
            "S3BucketPrefix": "BUCKET_PREFIX"
        },
        "AdditionalAttributes": {
            "member": {
                "Key": "secured_cookies",
                "Value": "true"
            }
        },
        "ConnectionDraining": {
            "Enabled": true,
            "Timeout": 20
        },
        "ConnectionSettings": {
            "IdleTimeout": 60
        }
    }
}

The attributes of the specified load balancer are modified.

After you disable access logs, the existing log files remain in the OOS bucket until you delete them. For more information, see Removing Objects from a Bucket.

Related Pages

Corresponding API Method

AWS™ and Amazon Web Services™ are trademarks of Amazon Technologies, Inc or its affiliates in the United States and/or other countries.