From d852b5d48d71937634dc5fdd283ba06bfda0b1dd Mon Sep 17 00:00:00 2001 From: "data-plane-api(Azure Pipelines)" Date: Fri, 28 Apr 2023 03:32:24 +0000 Subject: [PATCH] redis filter: Add rate limit for redis client reconnection (#26502) Adding a rate limiting for redis client reconnection rate to avoid reconnection storm on redis server Risk Level: Low Testing: Unit test, Manual test with redis Fixes #26400 Signed-off-by: lgao Mirrored from https://github.com/envoyproxy/envoy @ dbec6f88d6d814829f1988d92e888cdc98c34fb1 --- .../network/redis_proxy/v3/redis_proxy.proto | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.proto b/envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.proto index 47c211a0..3a64c9cc 100644 --- a/envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.proto +++ b/envoy/extensions/filters/network/redis_proxy/v3/redis_proxy.proto @@ -31,7 +31,7 @@ message RedisProxy { "envoy.config.filter.network.redis_proxy.v2.RedisProxy"; // Redis connection pool settings. - // [#next-free-field: 10] + // [#next-free-field: 11] message ConnPoolSettings { option (udpa.annotations.versioning).previous_message_type = "envoy.config.filter.network.redis_proxy.v2.RedisProxy.ConnPoolSettings"; @@ -127,6 +127,11 @@ message RedisProxy { // Read policy. The default is to read from the primary. ReadPolicy read_policy = 7 [(validate.rules).enum = {defined_only: true}]; + + // Ops or connection timeout triggers reconnection to redis server which could result in reconnection + // storm to busy redis server. This config is a protection to rate limit reconnection rate. + // If not set, there will be no rate limiting on the reconnection. + ConnectionRateLimit connection_rate_limit = 10; } message PrefixRoutes { @@ -221,6 +226,13 @@ message RedisProxy { repeated string commands = 4; } + // Configuration to limit reconnection rate to redis server to protect redis server + // from client reconnection storm. + message ConnectionRateLimit { + // Reconnection rate per sec. Rate limiting is implemented with TokenBucket. + uint32 connection_rate_limit_per_sec = 1; + } + reserved 2; reserved "cluster";