Resource: TargetServer
TargetServer configuration. TargetServers are used to decouple a proxy TargetEndpoint HTTPTargetConnections from concrete URLs for backend services.
JSON representation |
---|
{ "name": string, "description": string, "host": string, "port": integer, "isEnabled": boolean, "sSLInfo": { object ( |
Fields | |
---|---|
name |
Required. The resource id of this target server. Values must match the regular expression |
description |
Optional. A human-readable description of this TargetServer. |
host |
Required. The host name this target connects to. Value must be a valid hostname as described by RFC-1123. |
port |
Required. The port number this target connects to on the given host. Value must be between 1 and 65535, inclusive. |
isEnabled |
Optional. Enabling/disabling a TargetServer is useful when TargetServers are used in load balancing configurations, and one or more TargetServers need to taken out of rotation periodically. Defaults to true. |
sSLInfo |
Optional. Specifies TLS configuration info for this TargetServer. The JSON name is |
protocol |
Immutable. The protocol used by this TargetServer. |
TlsInfo
TLS configuration information for virtual hosts and TargetServer
s.
JSON representation |
---|
{
"enabled": boolean,
"clientAuthEnabled": boolean,
"keyStore": string,
"keyAlias": string,
"trustStore": string,
"ignoreValidationErrors": boolean,
"protocols": [
string
],
"ciphers": [
string
],
"commonName": {
object ( |
Fields | |
---|---|
enabled |
Required. Enables TLS. If false, neither one-way nor two-way TLS will be enabled. |
clientAuthEnabled |
Optional. Enables two-way TLS. |
keyStore |
Required if |
keyAlias |
Required if |
trustStore |
The resource ID of the |
ignoreValidationErrors |
If true, Edge ignores TLS certificate errors. Valid when configuring TLS for target servers and target endpoints, and when configuring virtual hosts that use 2-way TLS. When used with a target endpoint/target server, if the backend system uses SNI and returns a cert with a subject Distinguished Name (DN) that does not match the hostname, there is no way to ignore the error and the connection fails. |
protocols[] |
The TLS versioins to be used. |
ciphers[] |
The SSL/TLS cipher suites to be used. For programmable proxies, it must be one of the cipher suite names listed in: http://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html#ciphersuites. For configurable proxies, it must follow the configuration specified in: https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration. This setting has no effect for configurable proxies when negotiating TLS 1.3. |
commonName |
The TLS Common Name of the certificate. |
enforce |
TLS is strictly enforced. |
CommonName
JSON representation |
---|
{ "value": string, "wildcardMatch": boolean } |
Fields | |
---|---|
value |
The TLS Common Name string of the certificate. |
wildcardMatch |
Indicates whether the cert should be matched against as a wildcard cert. |
Protocol
Supported protocols for a TargetServer.
Enums | |
---|---|
PROTOCOL_UNSPECIFIED |
UNSPECIFIED defaults to HTTP for backwards compatibility. |
HTTP |
The TargetServer uses HTTP. |
HTTP2 |
The TargetSever uses HTTP2. |
GRPC_TARGET |
The TargetServer uses GRPC. |
GRPC |
GRPC TargetServer to be used in ExternalCallout Policy. Prefer to use EXTERNAL_CALLOUT instead. TODO(b/266125112) deprecate once EXTERNAL _CALLOUT generally available. |
EXTERNAL_CALLOUT |
The TargetServer is to be used in the ExternalCallout Policy |
Methods |
|
---|---|
|
Creates a TargetServer in the specified environment. |
|
Deletes a TargetServer from an environment. |
|
Gets a TargetServer resource. |
|
Lists all TargetServers in an environment as a JSON array. |
|
Updates an existing TargetServer. |