salesforce Dreamforce On-Demand
Contact Us 1-800-596-4880
  1. Homepage
  2. Anypoint CLI (4.x)
  3. CloudHub

  4. CloudHub Dedicated Load Balancers

CLI for CloudHub Dedicated Load Balancers

Command Description

cloudhub:load-balancer:list

Lists all load balancers in an organization

cloudhub:load-balancer:describe

Shows load balancer details

cloudhub:load-balancer:create

Creates a load balancer

cloudhub:load-balancer:start

Starts a load balancer

cloudhub:load-balancer:stop

Stops a load balancer

cloudhub:load-balancer:delete

Deletes a load balancer

cloudhub:load-balancer:ssl-endpoint:add

Adds an additional certificate to an existing load balancer

cloudhub:load-balancer:ssl-endpoint:remove

Removes a certificate from a load balancer

cloudhub:load-balancer:ssl-endpoint:set-default

Sets the default certificate that the load balancer will serve

cloudhub:load-balancer:ssl-endpoint:describe

Shows the load balancer configuration for a particular certificate

cloudhub:load-balancer:allowlist:add

Adds an IP or range of IPs to the load balancer allowlist

cloudhub:load-balancer:allowlist:remove

Removes an IP or range of IPs from the load balancer allowlist

cloudhub:load-balancer:mappings:describe

Lists the proxy mapping rules for a load balancer. If no certificateName is given, the mappings for the default SSL endpoint are shown

cloudhub:load-balancer:mappings:add

Adds a proxy mapping rule at the specified index. If no certificateName is given, the mappings for the default SSL endpoint are shown

cloudhub:load-balancer:mappings:remove

Removes a proxy mapping rule. If no certificateName is given, the mappings for the default SSL endpoint are shown.

cloudhub:load-balancer:dynamic-ips:enable

Enables dynamic IPs

cloudhub:load-balancer:dynamic-ips:disable

Disables dynamic IPs

cloudhub:load-balancer:list

> cloudhub:load-balancer:list [flags]

This command lists all load balancers in your Anypoint Platform. It displays load balancer’s name, domain, its state, and the Anypoint VPC ID to which the load balancer is bound.

This command has the --output flag. Use the --output flag to specify the response format. Supported values are table (default) and json.

This command also accepts the default flag --help.

cloudhub:load-balancer:describe

> cloudhub:load-balancer:describe [flags] <name>

This command displays information about the load balancer that is specified in <name>.

Use the flag -o json to get the raw JSON response of the application you specify in <name>.

It displays load balancer’s name, domain, its state and the Anypoint VPC Id to which the load balancer is bound.

This command has the --output flag. Use the --output flag to specify the response format. Supported values are table (default) and json.

This command also accepts the default flag --help.

cloudhub:load-balancer:create

> cloudhub:load-balancer:create [flags] <vpc> <name> <certificate> <privateKey>

This command creates a load balancer using the specified values in the variables.

Value Description Example

vpc

Name of the Anypoint VPC to which this load balancer is bound.
If your Anypoint VPC name contains spaces, you need to pass it between ´"´ characters.

vpc-demo

name

Name for the load balancer.

newtestloadbalancer

certificate

Absolute path to the .pem file of your server certificate in your local hard drive.
Your certificate files need to be PEM encoded and not encrypted.

/Users/mule/Documents/cert.pem

privateKey

Absolute path to the .pem file of your private key of the server certificate in your local hard drive.
Your private key file needs to be passphraseless.

/Users/mule/Documents/privateKey.pem

The name for the load balancer that you pass in <name> must be unique.
By default, your load balancer listens external requests on HTTPS and communicates with your workers internally through HTTP.
If you configured your Mule application within the Anypoint VPC to listen on HTTPS, make sure you set upstreamProtocol to HTTPS when creating the mapping list using the load-balancer mappings add command.

Besides the default --help flag, this command also accepts:

Flag Description

--http

Specifies the Load balancer HTTP behavior. It can be set to on (accepts HTTP requests and forwards it to your configured default sslendpoint), off (refuses all HTTP requests), or --redirect (redirects to HTTPS).

--clientCertificate

Client certificate file

--verificationMode

Specifies the client verification mode. It can be set to on (verify always), off (don’t verify), or optional (verification optional).

--crl

Certificate revocation list file

--[no-]tlsv1

Supports TLSv1 in addition to TLSv1.1 and TLSv1.2

--[no-]dynamic-ips

Uses dynamic IPs, which are not persistent through restarts
CloudHub does not implement the Online Certificate Status Protocol (OCSP). To keep your certification revocation list up to date, it’s recommended to use the CloudHub API to update your certificates programmatically.

For more configuration information, see Configure SSL Endpoints and Certificates.

cloudhub:load-balancer:start

> cloudhub:load-balancer:start [flags] <name>

This command starts the load balancer specified in <name>.
This command accepts only the default flag --help.

cloudhub:load-balancer:stop

> cloudhub:load-balancer:stop [flags] <name>

This command stops the load balancer specified in <name>.
This command accepts only the default flag --help.

cloudhub:load-balancer:delete

> cloudhub:load-balancer:delete [flags] <name>

This command deletes the load balancer specified in <name>.

This command does not prompt twice before deleting. If you send a delete instruction, it does not ask for confirmation.

This command accepts only the default flag --help.

cloudhub:load-balancer:ssl-endpoint:add

> cloudhub:load-balancer:ssl-endpoint:add [flags] <name> <certificate> <privateKey>

This command adds an SSL endpoint to the load balancer specified in <name>, using the certificate and private key passed.

Value Description Example

name

Name for the load balancer.

newtestloadbalancer

certificate

Absolute path to the .pem file of your certificate in your local hard drive.
Your certificate files need to be PEM encoded and not encrypted.

/Users/mule/Documents/cert.pem

privateKey

Absolute path to the .pem file of your private key in your local hard drive.
Your private key file needs to be passphraseless.

/Users/mule/Documents/privateKey.pem
CloudHub does not implement the Online Certificate Status Protocol (OCSP). To keep your certification revocation list up to date, it’s recommended to use the CloudHub API to update your certificates programmatically.

Besides the default --help flag, this command also accepts:

Flag Description

--clientCertificate

Client certificate file

--verificationMode

Specifies the client verification mode. It can be set to on (verify always) off (don’t verify) or optional (Verification optional).

--crl

Certificate Revocation List file

--tlsv1

Supports TLSv1 in addition to TLSv1.1 and TLSv1.2

For more configuration information, see Configure SSL Endpoints and Certificates.

cloudhub:load-balancer:ssl-endpoint:remove

> cloudhub:load-balancer:ssl-endpoint:remove [flags] <name> <certificateName>

This command removes the ssl certificate specified in <certificateName> from the load balancer specified in <name>.

This command does not prompt twice before deleting. If you send a delete instruction, it does not ask for confirmation.

This command accepts only the default flag --help.

cloudhub:load-balancer:ssl-endpoint:set-default

> cloudhub:load-balancer:ssl-endpoint:set-default [flags] <name> <certificateName>

This command sets the certificate specified in <certificateName> as the default certificate for the load balancer passed in <name>.

Besides the default --help flag, this command also accepts:

Flag Description

--http

Specifies the Load balancer HTTP behavior

cloudhub:load-balancer:ssl-endpoint:describe

> cloudhub:load-balancer:ssl-endpoint:set-describe [flags] <name> <certificateName>

This command shows information about the configuration of the load balancer passed in <name> for the the certificate specified in <certificateName>.

This command has the --output flag. Use the --output flag to specify the response format. Supported values are table (default) and json

This command also accepts the default flag --help.

cloudhub:load-balancer:allowlist:add

> cloudhub:load-balancer:allowlist:add [flags] <name> <cidrBlock>

This command adds a range of IP addresses specified in <cidrBlock> to the allowlist of the load balancer specified in <name>.

The allowlist works at the load balancer level, not at the CN certificate level. Make sure you only pass IP addresses formatted in CIDR notation.

This command accepts only the default flag --help.

cloudhub:load-balancer:allowlist:remove

> cloudhub:load-balancer:allowlist:remove <name> <cidrBlock>

This command removes an IP or range of IPs addresses specified in <cidrBlock> to the allowlist of the load balancer specified in <name>.

This command does not prompt twice before deleting. If you send a delete instruction, it does not ask for confirmation.

This command accepts only the default flag --help.

cloudhub:load-balancer:mappings:describe

> cloudhub:load-balancer:mappings:describe <name> [certificateName]

This command lists the mapping rules for the load balancer specified in <name>.
If no certificateName is passed, Anypoint Platform CLI returns the mappings for the default SSL endpoint.

This command has the --output flag. Use the --output flag to specify the response format. Supported values are table (default) and json.

This command also accepts the default flag --help.

cloudhub:load-balancer:mappings:add

> cloudhub:load-balancer:mappings:add [flags] <name> <index> <inputUri> <appName> <appUri> [certificateName]

This command adds a proxy mapping rule to the load balancer specified in <name> in the CN passed under the certificateName flag.
If no certificateName is passed, Anypoint Platform CLI adds the mappings to the default SSL endpoint.

Value Description Example

name

Name of the load balancer to which this rule is applied.

testloadbalancer

inputUri

Name of the URI of your input URL

example.com

appName

Name of the app of your output URL to which the request is forwarded

{app}-example

appUri

URI of the app of your output URL to which the request is forwarded

/

For the values in the example above, for an input call to my-superapp.api.example.com/status?limit=10, the endpoint my-superapp-example: /status?limit=10 will be called for the application.

This command also has the --upstreamProtocol flag. The --upstreamProtocol flag sets the protocol used by your application to communicate internally with your load balancer. If no upstream protocol is set, HTTP is used as default.

Flag Description

--upstreamProtocol <protocol>

Look for upstream applications in HTTP port 8091 or HTTPS port 8092. Supported Values: http, https

--certificateName <certificate name>

Optional flag

cloudhub:load-balancer:mappings:remove

> cloudhub:load-balancer:mappings:remove [flags] <name> <index> [certificateName]

This command removes the proxy mapping rules from the load balancer specified in <name> at the priority index specified in <index> and the CN specified as the certificateName flag.

This command accepts only the default flag --help.

If no certificateName is passed, Anypoint Platform CLI removes the mappings for the default SSL endpoint.

cloudhub:load-balancer:dynamic-ips:enable

> cloudhub:load-balancer:dynamic-ips:enable [flags] <name>

This command enables dynamic IPs for the load balancer specified in <name>. This command accepts only the default flag --help.

cloudhub:load-balancer:dynamic-ips:disable

> cloudhub:load-balancer:dynamic-ips:disable [flags] <name>

This command disables dynamic IPs for the load balancer specified in <name>.

This command accepts only the default flag --help.