/
Virtual Service

Virtual Service

Jul 05, 2021

A "Virtual Service" is a combination of a Virtual IP (VIP) address and a TCP port, which listens and directs the traffic to the intended service.

To Create a Virtual Service

URL: /v1/virtual_services

Method: POST

Description: Creates a virtual service with the given values.

Parameter Name

Data Type

Mandatory

Description

Input Parameters:

 

 

 

name

Alphanumeric

Yes

The name of the new service.

ip_address

Numeric

Yes

The virtual IP address that will be used for accessing this application.

port

Numeric

Yes

The port number on which your web server responds.

type

Enumeration

Yes

The type of the service you want to create. The enumerated values include:

  • HTTP

  • HTTPS

  • FTP

  • FTPSSL

  • CUSTOM

  • CUSTOMSSL

  • INSTANTSSL

  • REDIRECT (for Redirect service)

address_version

Enumeration

Yes

The internet protocol version of the service. The enumerated values include:

  • ipv4

  • ipv6

vsite

Alphanumeric

Optional

The name of the vsite under which the service needs to be created.

Note: This field is required ONLY when the service needs to be created under a specific vsite. If not, the service will be created under the default vsite.

group

Alphanumeric

Optional

The name of the service group under which the service needs to be created.

Note: This field is required ONLY when the service needs to be created under a specific service group. If not, the service will be created under the default service group.

certificate

Alphanumeric

Conditional

The certificate that needs to be presented to the browser when accessing this Service.

Note: This is a required parameter

ONLY when the service is HTTPS, Instant SSL, Custom SSL or FTP SSL.

service_hostname

Alphanumeric

Conditional

The domain name to identify and rewrite HTTP requests to HTTPS.

Note: This is a required parameter ONLY when the service is Instant SSL.

Output Parameters:

 

 

 

id

Alphanumeric

 

The name of the service that got created.

Example: HTTP Service

Request:

curl http://192.168.0.1:8000/restapi/v1/virtual_services -u 'eyJldCI6IjEnYzYzZTFjIiwidXNlciI6ImFkbWluIn0=\n:' -X POST -H Content-Type:application/json -d '{"name": "demo_service_3", "ip_address": "10.11.16.176", "port": "80", "type":"http", "address_version":"ipv4", "vsite":"demo_vsite", "group":"demo_vsite_group"}'

Response:

{"id":"demo_service_3","token":"eyJldCI6IjEzNzk2ODMxIiwidXNlciI6ImFkbWluIn0=\n"}

Example: HTTPS Service

Request:

 curl http://192.168.0.1:8000/restapi/v1/virtual_services -u 'eyJldCI6IjEzxMTEwIiwidXNlciI6ImFkbWluIn0=\n:' -X POST -H Content-Type:application/json –d

'{
"certificate": "cert1",
"address_version": "ipv4",
"name": "demo_service_2",
"type": "https",
"ip_address": "10.11.12.138",
"port": "80"
}'

Response:

{"id":"demo_service_2","token":"eyJldCI6IjTQzODMxIiwidXNlciI6ImFkbWluIn0=\n"}

Example: Instant SSL Service

Request:

 curl http://192.168.0.1:8000/restapi/v1/virtual_services -u 'eyJldCI6IjNzM4IiwidXNlciI6ImFkbWluIn0=\n:' -X POST -H Content-Type:application/json -d

'{
"name": "instant_ssl",
"ip_address": "10.11.25.233",
"port": "445",
"type": "instantssl",
"address_version": "ipv4",
"vsite": "default",
"group": "default",
"certificate": "cert",
"service_hostname": "*"
}'

 Response:

{"id":"instant_ssl","token":"eyJldCI6IjEzMzc4IiwidXNlciI6ImFkbWluIn0=\n"}

To Retrieve Virtual Service

URL: /v1/virtual_services

          /v1/virtual_services/{virtual_service_id}

Method: GET

Description: Lists all virtual services if “service_id” is not specified.

Parameter Name

Data Type

Mandatory

Description

Input Parameters:

 

 

 

parameters

Alphanumeric

Optional

Any specific parameter name that needs to be retrieved. See Example 2.

Example 1:

Request:

curl http://192.168.0.1:8000/restapi/v1/virtual_services/demo_service -u 'eyJldCI6IjEwYTA2IiwidXNlciI6ImFkbWluIn0=\n:' -X GET

Response:

{
"load_balance": {
"algorithm": null,
"persistence_method": "NONE"
},
"session_timeout": "60",
"comments": null,
"group": "demo_vsite_group",
"ip_address": "10.11.15.176",
"id": "demo_service",
"token": "eyJldCI6IjEzEwZTYwIiwidXNlciI6ImFkbWluIn0=\n",
"ssl_offloading": {
"ciphers": "default",
"trusted_certificates": [

],
"status": "0",
"enforce_client_certificate": "1",
"enable_tls_1_2": "1",
"enable_tls_1": "1",
"enable_sni": "0",
"enable_tls_1_1": "1",
"keepalive_requests": "64",
"enable_client_authentication": "0",
"enable_ssl_3": "1"
},
"enable": "1",
"name": "demo_service",
"enable_access_log": "1",
"port": "80",
"address_version": "ipv4",
"security": {
"ignore_case": "1",
"trusted_hosts_action": "DEFAULT",
"mode": "PASSIVE",
"web_firewall_log_level": "5",
"web_firewall_policy": "default",
"rate_control_status": "OFF",
"trusted_hosts_group": null,
"rate_control_pool": "NONE",
"client_ip_addr_header": null
},
"type": "HTTP",
"servers": [

],
"content_rules": [

]
}

Example 2:

Request:

curl http://192.168.0.1:8000/restapi/v1/virtual_services/demo_service -u 'eyJldCI6IjE1MNFlIiwidXNlciI6ImFkbWluIn0=\n:'  -X GET -G -d  parameters=ip_address,load_balance,security

Response:

{
"load_balance": {
"algorithm": "round_robin",
"failover_method": "error",
"persistence_method": "none"
},
"security": {
"ignore_case": "yes",
"trusted_hosts_action": "default",
"mode": "passive",
"web_firewall_log_level": "notice",
"web_firewall_policy": "sharepoint",
"rate_control_status": "off",
"trusted_hosts_group": "",
"rate_control_pool": "NONE",
"client_ip_addr_header": null
},
"ip_address": "99.99.116.7",
"id": "demo_service",
"token": "eyJldCI6IjE0IiwidXNlciI6ImFkbWluIn0=\n"
}

To Update a Virtual Service

In this REST API call, the parameters can be passed in a Simple JSON request or a Nested JSON request based on the parameters that needs to be modified. For information on JSON requests, see Request Syntax.

URL:  /v1/virtual_services/{virtual_service_id}

Method: PUT

Description: Updates the values of given parameters in the given service.

Parameter Name

Data Type

Mandatory

Description

Input Parameters:

 

 

 

ip_address

Numeric

Optional

The virtual IP address that will be used for accessing this application.

port

Numeric

Optional

The port number on which your web server responds.

certificate

Alphanumeric

Conditional

The certificate that needs to be presented to the browser when accessing this Service.

Note: This is a required parameter ONLY when the service is HTTPS, Instant SSL, Custom SSL or FTP SSL

service_hostname

Alphanumeric

Conditional

The domain name to identify and rewrite HTTP requests to HTTPS.

Note: This is a required parameter ONLY when the service is Instant SSL.

status

String

Optional

The status of the virtual service. The values include:

  • enable

  • disable

mask

Numeric

Optional

The netmask of the associated IP address.

enable_access_logs

String

Optional

Specifies whether to log every request made to this Service or not. The values include:

  • yes – to log every request made to this Service on the BASIC > Access Logs page. 

  • no – to disable logging.

session_timeout

Numeric

Optional

The time-out period in seconds for persistent connections with clients.

 

Zero (0) indicates that the session never times out (session lives forever).

comments

Alphanumeric

Optional

Description/comment for updating the parameter values.

security.web_firewall_policy

Enumeration

Optional

A web firewall policy to be associated with the service.

The enumerated values include:

  • default

  • sharepoint

  • sharepoint2013

  • owa

  • owa2010

  • owa2013 

  • oracle

security.web_firewall_log_level

Enumeration

Optional

The threshold for logging the error messages for the service. The enumerated values include:

  • emergency - System is unusable (highest priority)

  • alert - Response must be taken immediately

  • critical - Critical conditions

  • error - Error conditions

  • warning - Warning conditions

  • notice - Normal but significant condition

  • information - Informational messages (on ACL configuration changes)

  • debug - Debug level messages (lowest priority)

security.mode

String

Optional

The mode to determine how the service responds to the offending traffic. The enumerated values include:

  • passive - This mode allows the intrusions to be passed to the server, but logs the events. 

  • active - This mode blocks the intrusions and logs the events.

security. trusted_hosts_action

String

Optional

The action to be performed for a set of trusted hosts accessing the service. The values include:

  • allow

  • passive 

  • default

security. trusted_hosts_group

String

Optional

The trusted hosts group to which the Trusted Hosts Action needs to be applied.

 

Note: If you want to remove the associated trusted hosts group, pass the double inverted commas without space (“”) in the request. Example: {"security":{"trusted_hosts_group":""}}

security.ignore_case

String

Optional

Determines how, for this service, the URLs are matched to rules like URL ACLs and URL Profiles. The values include:

  • yes

  • no

security.client_ip_addr_header

Alphanumeric

Optional

The name of the header in which the client IP address is stored for identification by the server.

security.rate_control_status

String

Optional

The rate control pool status. The enumerated values include:

  • on 

  • off

security. rate_control_pool

String

Optional

The rate control pool to be associated with the service to limit the rate of requests.

load_balance.algorithm

Enumeration

Optional

The algorithm to be used to distribute incoming requests for the service.

The enumerated values include:

  • round_robin

  • weighted_round_robin 

  • weighted_least_connection

load_balance.persistence_idle_timeout

Numeric

Optional

The maximum idle time (in seconds) for a persistent connection.

load_balance.persistence_method

Enumeration

Optional

The Persistence Method to be used to maintain the connection between a client and the first server that it connects to, even when the system is load balancing traffic.

The enumerated values include:

  • none

  • source_ip

    • source_ip_netmask

Contact Us
Barracuda Campus
Barracuda Support