Advanced Rate Limiting

Advanced Rate Limiting

Advanced rate-limiting is a route level plugin that enables controlling the rate of requests passing through a route depending on L7 attributes.

More information about advanced rate-limiting (including an advanced use-case) can be found in the article here

Rate-Limit engine global config

Rate limit global config provides a mechanism to tell the rate-limit engine about the rates we wish to enforce. Internally, it uses redis to perform the counting of tokens specified using this config

Example below counts rate-limit descriptor remote_address which is the address of the client making the request. The remote_address is passed to the rate-limit engine when a rate-limit route-filter is associated with a route (see below for per-route config).

Global RateLimit Config for KubernetesGlobal RateLimit Config for Standalone
---
apiVersion: enroute.saaras.io/v1beta1       
kind: GlobalConfig
metadata:
  labels:
    app: httpbin
  name: rl-global-config
  namespace: enroute-gw-k8s
spec:
  name: rl-global-config
  type: globalconfig_ratelimit
  config: |
{
	"domain": "enroute",
	"descriptors": [
	  {
	  	"key" : "remote_address",
	  	"rate_limit": {
	  		"unit": "second",
	  		"requests_per_unit": 100000
	  	}
	  }
	]
}
# Variables for global config
GLOBALCONFIG_NAME="rl-global-config"
GLOBALCONFIG_TYPE="globalconfig_ratelimit"
GLOBAL_CONFIG='
    {
	"domain": "enroute",
	"descriptors": [
	  {
	  	"key" : "remote_address",
	  	"rate_limit": {
	  		"unit": "second",
	  		"requests_per_unit": 100000
	  	}
	  }
	]
'

curl -s -X POST localhost:1323/globalconfig    \
   -d "globalconfig_name=${GLOBALCONFIG_NAME}" \
   -d "globalconfig_type=${GLOBALCONFIG_TYPE}" \
   -d "config=${GLOBALCONFIG_ARG}"

Rate Limit per-route Filter Configuration

When HTTP request traffic hits this route, the specified descriptor (remote_address) is passed to the rate-limit engine

Per-route RateLimit Config for KubernetesPer-route RateLimit Config for Standalone
---
apiVersion: enroute.saaras.io/v1beta1        
kind: RouteFilter
metadata:
  name: per-route-rl 
  namespace: enroute-gw-k8s
spec:
  name: per-route-rl
  type: route_filter_ratelimit
  routeFilterConfig:
    config: |
      {
          "descriptors": [
            {
              "remote_address": "{}"
            }
          ]
      }
# Variables for rate-limit config
FILTER_NAME="per-route-rl"
FILTER_TYPE="route_filter_ratelimit"
FILTER_CONFIG='
    {
	"domain": "enroute",
	"descriptors": [
      {
          "descriptors": [
            {
              "remote_address": "{}"
            }
          ]
      }
'

curl -s -X POST localhost:1323/filter         \
        -d "Filter_name=${FILTER_NAME}"       \
        -d "Filter_type=${FILTER_TYPE}"       \
        -d "Filter_config"="${FILTER_CONFIG}"

Notes

Advanced Rate Limit plugin is included with Community Edition

More information about advanced rate-limiting can be found in the article here