syntax = "proto3";

package yandex.cloud.apploadbalancer.v1;

import "google/protobuf/timestamp.proto";
import "yandex/cloud/validation.proto";
import "yandex/cloud/apploadbalancer/v1/target_group.proto";

option go_package = "github.com/yandex-cloud/go-genproto/yandex/cloud/apploadbalancer/v1;apploadbalancer";
option java_package = "yandex.cloud.api.apploadbalancer.v1";

// An application load balancer resource.
// For details about the concept, see [documentation](/docs/application-load-balancer/concepts/application-load-balancer).
message LoadBalancer {
  enum Status {
    STATUS_UNSPECIFIED = 0;

    // The application load balancer is being created.
    CREATING = 1;

    // The application load balancer is being started.
    STARTING = 2;

    // The application load balancer is active and sends traffic to the targets.
    ACTIVE = 3;

    // The application load balancer is being stopped.
    STOPPING = 4;

    // The application load balancer is stopped and doesn't send traffic to the targets.
    STOPPED = 5;
    
    // The application load balancer is being deleted.
    DELETING = 6;
  }

  // ID of the application load balancer. Generated at creation time.
  string id = 1;

  // Name of the application load balancer. The name is unique within the folder.
  string name = 2;

  // Description of the application load balancer.
  string description = 3;

  // ID of the folder that the application load balancer belongs to.
  string folder_id = 4;

  // Application load balancer labels as `key:value` pairs.
  // For details about the concept, see [documentation](/docs/overview/concepts/services#labels).
  map<string, string> labels = 5;

  // Status of the application load balancer.
  Status status = 6;

  // ID of the region that the application load balancer is located at.
  //
  // Currently Yandex Cloud supports only `ru-central1` region.
  string region_id = 7;

  // ID of the network that the application load balancer belongs to.
  string network_id = 8;

  // Listeners that belong to the application load balancer.
  //
  // For details about the concept, see [documentation](/docs/application-load-balancer/concepts/application-load-balancer#listener).
  repeated Listener listeners = 9;

  // Locality settings of the application load balancer.
  //
  // For details about the concept, see [documentation](/docs/application-load-balancer/concepts/application-load-balancer#lb-location).
  AllocationPolicy allocation_policy = 10;

  // ID of the log group that stores access logs of the application load balancer.
  //
  // The logs can be accessed using a Cloud Functions [trigger for Cloud Logs](/docs/functions/operations/trigger/cloudlogs-trigger-create).
  string log_group_id = 11;

  // ID's of the security groups attributed to the application load balancer.
  //
  // For details about the concept,
  // see [documentation](/docs/application-load-balancer/concepts/application-load-balancer#security-groups).
  repeated string security_group_ids = 12;

  // Creation timestamp.
  google.protobuf.Timestamp created_at = 13;
}

// An endpoint address resource.
message Address {
  // Endpoint address of one of the types: public (external) IPv4 address, internal IPv4 address, public IPv6 address.
  oneof address {
    option (exactly_one) = true;

    // Public IPv4 endpoint address.
    ExternalIpv4Address external_ipv4_address = 1;

    // Internal IPv4 endpoint address.
    //
    // To enable the use of listeners with internal addresses, [contact support](https://console.cloud.yandex.ru/support).
    InternalIpv4Address internal_ipv4_address = 2;

    // Public IPv6 endpoint address.
    ExternalIpv6Address external_ipv6_address = 3;
  }
}

// A public (external) IPv4 endpoint address resource.
message ExternalIpv4Address {
  // IPv4 address.
  string address = 1;
}

// An internal IPv4 endpoint address resource.
message InternalIpv4Address {
  // IPv4 address.
  string address = 1;

  // ID of the subnet that the address belongs to.
  string subnet_id = 2;
}

// A public (external) IPv4 endpoint address resource.
message ExternalIpv6Address {
  // IPv6 address.
  string address = 1;
}

// An application load balancer location resource.
//
// For details about the concept, see [documentation](/docs/application-load-balancer/concepts/application-load-balancer#lb-location).
message Location {
  // ID of the availability zone where the application load balancer resides.
  //
  // Each Yandex Cloud availability zone can only be specified once.
  string zone_id = 1 [(required) = true];

  // ID of the subnet that the application load balancer belongs to.
  string subnet_id = 2;

  // Disables the load balancer node in the specified availability zone.
  //
  // Backends in the availability zone are not directly affected by this setting.
  // They still may receive traffic from the load balancer nodes in other availability zones,
  // subject to [LoadBalancingConfig.locality_aware_routing_percent] and [LoadBalancingConfig.strict_locality] settings.
  bool disable_traffic = 3;
}

// A locality settings (allocation policy) resource.
message AllocationPolicy {
  // Availability zones and subnets that the application load balancer resides.
  repeated Location locations = 1 [(size) = ">=1", (unique) = true];
}

// A listener resource.
//
// For details about the concept, see [documentation](/docs/application-load-balancer/concepts/application-load-balancer#listener).
message Listener {
  // Name of the listener. The name is unique within the application load balancer.
  // The string length in characters is 3-63.
  string name = 1 [(required) = true];

  // Endpoints of the listener.
  //
  // Endpoints are defined by their IP addresses and ports.
  repeated Endpoint endpoints = 2;

  // HTTP or HTTPS (HTTP over TLS) listener settings.
  oneof listener {
    option (exactly_one) = true;

    // HTTP listener settings.
    HttpListener http = 3;

    // HTTPS (HTTP over TLS) listener settings.
    TlsListener tls = 4;
  }
}

// An endpoint resource.
message Endpoint {
  // Endpoint public (external) and internal addresses.
  repeated Address addresses = 1 [(size) = ">0"];

  // Endpoint ports.
  repeated int64 ports = 2 [(size) = ">0", (value) = "1-65535"];
}

// An HTTP listener resource.
message HttpListener {
  // Settings for handling HTTP requests.
  //
  // Only one of `handler` and [redirects] can be specified.
  HttpHandler handler = 1;

  // Redirects settings.
  //
  // Only one of `redirects` and [handler] can be specified.
  Redirects redirects = 2;
}

// An HTTPS (HTTP over TLS) listener resource.
message TlsListener {
  // Settings for handling HTTPS requests by default,
  // with Server Name Indication (SNI) not matching any of the [sni_handlers].
  TlsHandler default_handler = 1 [(required) = true];

  // Settings for handling HTTPS requests with Server Name Indication (SNI)
  // matching one of [SniMatch.server_names] values.
  repeated SniMatch sni_handlers = 2;
}

// An HTTP/2 options resource.
message Http2Options {
  // Maximum number of concurrent HTTP/2 streams in a connection.
  int64 max_concurrent_streams = 1;
}

// An HTTP handler resource.
message HttpHandler {
  // ID of the HTTP router processing requests.
  //
  // For details about the concept, see [documentation](/docs/application-load-balancer/concepts/http-router).
  string http_router_id = 1;

  // Protocol settings.
  //
  // For HTTPS (HTTP over TLS) connections, settings are applied to the protocol
  // negotiated using TLS [ALPN](https://en.wikipedia.org/wiki/Application-Layer_Protocol_Negotiation) extension.
  oneof protocol_settings {
    // HTTP/2 settings.
    //
    // If specified, incoming HTTP/2 requests are supported by the listener.
    Http2Options http2_options = 2;

    // Enables support for incoming HTTP/1.0 and HTTP/1.1 requests and disables it for HTTP/2 requests.
    bool allow_http10 = 3;
  }
}

// A listener redirects resource.
message Redirects {
  // Redirects all unencrypted HTTP requests to the same URI with scheme changed to `https`.
  //
  // The setting has the same effect as a single, catch-all [HttpRoute]
  // with [RedirectAction.replace_scheme] set to `https`.
  bool http_to_https = 1;
}

// A SNI handler resource.
message SniMatch {
  // Name of the SNI handler.
  string name = 1 [(required) = true];

  // Server names that are matched by the SNI handler.
  repeated string server_names = 2 [(size) = ">0"];

  // Settings for handling requests with Server Name Indication (SNI) matching one of [server_names] values.
  TlsHandler handler = 3 [(required) = true];
}

// An HTTPS (HTTP over TLS) handler resource.
message TlsHandler {
  // Settings for handling requests.
  oneof handler {
    option (exactly_one) = true;
    // HTTP handler.
    HttpHandler http_handler = 2;
  }

  // ID's of the TLS server certificates from [Certificate Manager](/docs/certificate-manager/).
  //
  // RSA and ECDSA certificates are supported, and only the first certificate of each type is used.
  repeated string certificate_ids = 3 [(size) = ">0"];
}

// A target state resource.
message TargetState {
  // Supported target statuses.
  enum Status {
    STATUS_UNSPECIFIED = 0;

    // All of the health checks specified in [HttpBackend.healthchecks] or [GrpcBackend.healthchecks] are passed
    // (the number depends on the [HealthCheck.healthy_threshold] setting) and the target is ready to receive traffic.
    HEALTHY = 1;

    // Some of the health checks specified in [HttpBackend.healthchecks] or [GrpcBackend.healthchecks] failed
    // (the number depends on the [HealthCheck.unhealthy_threshold] setting).
    // The target is ready to receive traffic from the load balancer nodes which, based on their health checks,
    // consider the target healthy.
    PARTIALLY_HEALTHY = 2;

    // All of the health checks specified in [HttpBackend.healthchecks] or [GrpcBackend.healthchecks] failed
    // (the number depends on the [HealthCheck.unhealthy_threshold] setting) and the target is not receiving traffic.
    UNHEALTHY = 3;

    // Target is being deleted and the application load balancer is no longer sending traffic to this target.
    DRAINING = 4;

    TIMEOUT = 5;
  }

  // Health of the target.
  message HealthcheckStatus {
    // Statuses of the target in its availability zones.
    repeated ZoneHealthcheckStatus zone_statuses = 1;
  }

  // Health of the target in the availability zone.
  message ZoneHealthcheckStatus {
    // ID of the availability zone.
    string zone_id = 1 [(required) = true];

    // Status of the target in the availability zone.
    Status status = 2;

    // Indicates whether the target has been marked `UNHEALTHY` due to failing active health checks,
    // which determine target statuses as configured in [HttpBackend.healthchecks] or [GrpcBackend.healthchecks].
    //
    // Currently the only type of health checks is active, as described above.
    // Passive health checks, which determine the health of a target based on its responses to production requests
    // (HTTP 5xx status codes, connection errors etc.), are not implemented yet.
    bool failed_active_hc = 3;
  }

  // Health of the target, i.e. its statuses in all availability zones.
  HealthcheckStatus status = 1;

  // Target.
  Target target = 2 [(required) = true];
}
