From a826b2744979be1380c58a2887699f4a2b98a237 Mon Sep 17 00:00:00 2001 From: "data-plane-api(Azure Pipelines)" Date: Wed, 8 Mar 2023 16:00:45 +0000 Subject: [PATCH] listener: Local rate limit listener filter (#25440) * listener: Local rate limit listener filter Signed-off-by: kuochunghsu Mirrored from https://github.com/envoyproxy/envoy @ e71a141c3f191e5a0c5ddfb8c41151a5fbef3dd2 --- BUILD | 1 + .../filters/listener/local_ratelimit/v3/BUILD | 13 +++++++ .../local_ratelimit/v3/local_ratelimit.proto | 38 +++++++++++++++++++ versioning/BUILD | 1 + 4 files changed, 53 insertions(+) create mode 100644 envoy/extensions/filters/listener/local_ratelimit/v3/BUILD create mode 100644 envoy/extensions/filters/listener/local_ratelimit/v3/local_ratelimit.proto diff --git a/BUILD b/BUILD index 3a38f547..c1bde726 100644 --- a/BUILD +++ b/BUILD @@ -200,6 +200,7 @@ proto_library( "//envoy/extensions/filters/http/upstream_codec/v3:pkg", "//envoy/extensions/filters/http/wasm/v3:pkg", "//envoy/extensions/filters/listener/http_inspector/v3:pkg", + "//envoy/extensions/filters/listener/local_ratelimit/v3:pkg", "//envoy/extensions/filters/listener/original_dst/v3:pkg", "//envoy/extensions/filters/listener/original_src/v3:pkg", "//envoy/extensions/filters/listener/proxy_protocol/v3:pkg", diff --git a/envoy/extensions/filters/listener/local_ratelimit/v3/BUILD b/envoy/extensions/filters/listener/local_ratelimit/v3/BUILD new file mode 100644 index 00000000..ad2fc9a9 --- /dev/null +++ b/envoy/extensions/filters/listener/local_ratelimit/v3/BUILD @@ -0,0 +1,13 @@ +# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. + +load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") + +licenses(["notice"]) # Apache 2 + +api_proto_package( + deps = [ + "//envoy/config/core/v3:pkg", + "//envoy/type/v3:pkg", + "@com_github_cncf_udpa//udpa/annotations:pkg", + ], +) diff --git a/envoy/extensions/filters/listener/local_ratelimit/v3/local_ratelimit.proto b/envoy/extensions/filters/listener/local_ratelimit/v3/local_ratelimit.proto new file mode 100644 index 00000000..37051ae3 --- /dev/null +++ b/envoy/extensions/filters/listener/local_ratelimit/v3/local_ratelimit.proto @@ -0,0 +1,38 @@ +syntax = "proto3"; + +package envoy.extensions.filters.listener.local_ratelimit.v3; + +import "envoy/config/core/v3/base.proto"; +import "envoy/type/v3/token_bucket.proto"; + +import "udpa/annotations/status.proto"; +import "validate/validate.proto"; + +option java_package = "io.envoyproxy.envoy.extensions.filters.listener.local_ratelimit.v3"; +option java_outer_classname = "LocalRatelimitProto"; +option java_multiple_files = true; +option go_package = "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/listener/local_ratelimit/v3;local_ratelimitv3"; +option (udpa.annotations.file_status).package_version_status = ACTIVE; + +// [#protodoc-title: Local Rate Limit Filter] +// Local rate limit :ref:`configuration overview `. +// [#extension: envoy.filters.listener.local_ratelimit] + +message LocalRateLimit { + // The prefix to use when emitting :ref:`statistics + // `. + string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; + + // The token bucket configuration to use for rate limiting all incoming sockets. If the token is available, + // the socket will be allowed. If no tokens are available, the socket will be immediately closed. + // + // .. note:: + // In the current implementation the token bucket's :ref:`fill_interval + // ` must be >= 50ms to avoid too aggressive + // refills. + type.v3.TokenBucket token_bucket = 2 [(validate.rules).message = {required: true}]; + + // Runtime flag that controls whether the filter is enabled or not. If not specified, defaults + // to enabled. + config.core.v3.RuntimeFeatureFlag runtime_enabled = 3; +} diff --git a/versioning/BUILD b/versioning/BUILD index c2a9b860..7412d028 100644 --- a/versioning/BUILD +++ b/versioning/BUILD @@ -138,6 +138,7 @@ proto_library( "//envoy/extensions/filters/http/upstream_codec/v3:pkg", "//envoy/extensions/filters/http/wasm/v3:pkg", "//envoy/extensions/filters/listener/http_inspector/v3:pkg", + "//envoy/extensions/filters/listener/local_ratelimit/v3:pkg", "//envoy/extensions/filters/listener/original_dst/v3:pkg", "//envoy/extensions/filters/listener/original_src/v3:pkg", "//envoy/extensions/filters/listener/proxy_protocol/v3:pkg",