Skip to main content

REST APIs for 23.5

Virtual Servers

A virtual server is similar to a workload. It can be assigned labels and has IP addresses, but does not report traffic to the Illumio Core. Each virtual server has only one VIP. The local IP addresses are used as source IP addresses for connections to the pool members (backend servers) when the virtual server is operating in SNAT mode or Auto mode. These IP addresses are likely to be shared by multiple virtual servers on the server load balancer.

A discovered virtual server is a server load balancer (SLB) virtual server (IP address and port(s)) that the NEN has discovered when interrogating SLBs managed by the PCE.

For the topic overview and more details, see the Security Policy Guide, Load Balancers, and Virtual Servers.

Virtual Server Methods

There are two groups of methods used to manage virtual servers:

  • Methods for virtual servers

  • Methods for discovered virtual servers

Virtual Servers
Virtual Server Methods

Functionality

HTTP

URI

Get a list of Virtual Servers.

GET

[api_version][org_href]/sec_policy/:version/virtual_servers

Get a specified Virtual Serve.r

GET

[api_version][org_href]/sec_policy/:version/virtual_servers/:uuid

Create a Virtual Server objec.t

POST

[api_version][org_href]/sec_policy/:version/virtual_servers

Modify the enforcement mode, labels, and backend/provider labels of a specified Virtual Server.

PUT

[api_version][org_href]/sec_policy/:version/virtual_servers/:uuid

Query Parameters for Virtual Servers

Parameter

Description

Type

Required

org_id

Organization ID

Integer

Yes

pversion

Security Policy Version

String

Yes

discovered_virtual_server

URI of the discovered virtual server to filter by

String

No

active_pce_fqdn

FQDN of the PCE

String

No

external_data_reference

A unique identifier within the external data source

String

No

external_data_set

The data source from which a resource originates

String

NO

labels

2D array of label URIs encoded as a JSON string. Filter by virtual server labels.

String

No

max_results

Maximum number of discovered virtual servers to return

Integer

No

mode

Mode of the virtual server(s) to return

String

No

name

Name of virtual server(s) to return. Supports partial matches

String

No

network_enforcement_node.hostname

Hostname of NEN object to filter virtual server(s)v

String

No

slb

URI of SLB object to filter virtual server(s)

String

No

vip

Frontend (VIP) address of the virtual server(s). Supports suffix-wildcard matches

String

No

vip_port

Port of frontend VIP of the virtual server(s)

Integer

No

vip_proto

Protocol of frontend VIP of the virtual server(s)

Integer

No

Properties for Virtual Servers :

Property

Description

Type

Required

href

href of virtual server

String

Yes

name

The short friendly name of the virtual server

String

Yes

labels

2D array of label URIs, encoded as a JSON string. Filter by virtual server labels.

"$ref": "../common/label_optional_key_value.schema.json"

Array

Yes

service

URI of associated service

"$ref": "../common/href_object.schema.json"

Yes

providers

minItems: 0,

label: "$ref": "../common/label_optional_key_value.schema.json"

workload: "$ref": "../common/href_object.schema.json"

Array

Yes

mode

Management mode of the virtual server

String

Yes

discovered_virtual_server

Corresponding discovered virtual server, server URI

String/Null

Yes

update_type

Reference to common/sec_policy_update_type.schema.json

Yes

created_at

The time (rfc3339 timestamp) at which this virtual server was created

String

Yes

updated_at

The time (rfc3339 timestamp) at which this virtual server was last updated

String

Yes

deleted_at

The time (rfc3339 timestamp) at which this virtual server was deleted

String/Null

Yes

created_by

The URI of the user who created this virtual server

Reference to common/href_object.schema.json

Yes

updated_by

The URI of the user who last updated this virtual server

Reference to common/href_object.schema.json

Yes

deleted_by

The URI of the user who deleted this virtual server

Reference to common/nullable_href_object.schema.json

Yes

Discovered Virtual Servers
Discovered Virtual Servers Methods

You can use only three GET methods for discovered virtual servers.

Functionality

HTTP

URI

Get a list of Discovered Virtual Servers.

GET

[api_version][org_href]/discovered_virtual_servers

Get a specified Discovered Virtual Serve.r

GET

[api_version][org_href]/discovered_virtual_servers/:uuid

Discovery on-demand: list the discovered virtual servers

GET

[api_version][org_href]/network_enforcement_nodes/virtual_server_discovery_jobs/:uuid

Discovered Virtual Servers Parameters

Parameter

Description

Type

Required

org_id

Organization ID

Integer

Yes

active_pce_fqdn

FQDN of the PCE

String

No

has_virtual_server

Filter discovered virtual server(s) by whether they are managed by a virtual server object

Boolean

No

max_results

Maximum number of discovered virtual servers to return

Integer

No

name

Name of discovered virtual server(s) to return. Supports partial matches

String

No

network_enforcement_node

Hostname of NEN object to filter discovered virtual server(s)

String

No

slb

URI of SLB object to filter discovered virtual server(s)

String

No

vip

Frontend (VIP) address of the discovered virtual server(s). Supports suffix-wildcard matches

String

No

vip_port

Port of frontend VIP of the discovered virtual server(s)

Integer

No

vip_proto

Protocol of frontend VIP of the discovered virtual server(s)

Integer

No

virtual_server

URI of virtual server to filter discovered virtual server(s)

String

No

virtual_server_labels

2D array of label URIs, encoded as a JSON string. Filter by virtual server labels. Requires usage of has_virtual_server: true

String

No

virtual_server_mode

The filter discovered virtual server(s) in virtual server mode. Requires usage of has_virtual_server: true

String

No

Discovered Virtual Server Properties

Property

Description

Type

Required

href

href of discovered virtual server

String

Yes

dvs_identifier

NFC-generated unique identifier for discovered virtual server

String

Yes

name

Configured name of the virtual server

String

Yes

vip_port

VIP including protocol and port for the discovered virtual server.

Reference to common/dvs_vip_port.schema.json

Yes

local_ips

Local IPs of virtual server

Format: ipv4

Array

Yes

mode

Virtual server mode of operation

String

Yes

slb

URI of Service Load Balancer (SLB) object to filter discovered virtual server(s)

Reference to common/href_object.schema.json

Yes

service_checks

Service checks, which has these properties:

  • protocol

  • port

Object

Yes

nfc

DEPRECATED AND REPLACED (USE 'network_enforcement_node' INSTEAD) URI of the NFC for this discovered virtual server

Reference to common/href_object.schema.json

Yes

created_at

The time (rfc3339 timestamp) at which this server load balancer was created

date/time

Yes

updated_at

The time (rfc3339 timestamp) at which this server load balancer was last updated

date/time

Yes

created_by

Reference to common/href_object.schema.json

Yes

updated_by

Reference to common/href_object.schema.json

Yes

network_enforcement_node

URI of the Network Enforcement Node for this discovered virtual server

Reference to common/href_object.schema.json

Yes

See also: