Add HTTP local rate limiter (#13395)
Signed-off-by: Raul Gutierrez Segales <rgs@pinterest.com> Mirrored from https://github.com/envoyproxy/envoy @ 5d12b675fe13747bc716859275c2d3c21004e99fmaster-ci-test
data-plane-api(CircleCI)
4 years ago
parent
65ad518787
commit
fd9dffdc6a
4 changed files with 85 additions and 0 deletions
@ -0,0 +1,13 @@ |
|||||||
|
# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. |
||||||
|
|
||||||
|
load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") |
||||||
|
|
||||||
|
licenses(["notice"]) # Apache 2 |
||||||
|
|
||||||
|
api_proto_package( |
||||||
|
deps = [ |
||||||
|
"//envoy/config/core/v3:pkg", |
||||||
|
"//envoy/type/v3:pkg", |
||||||
|
"@com_github_cncf_udpa//udpa/annotations:pkg", |
||||||
|
], |
||||||
|
) |
||||||
@ -0,0 +1,70 @@ |
|||||||
|
syntax = "proto3"; |
||||||
|
|
||||||
|
package envoy.extensions.filters.http.local_ratelimit.v3; |
||||||
|
|
||||||
|
import "envoy/config/core/v3/base.proto"; |
||||||
|
import "envoy/type/v3/http_status.proto"; |
||||||
|
import "envoy/type/v3/token_bucket.proto"; |
||||||
|
|
||||||
|
import "udpa/annotations/status.proto"; |
||||||
|
import "udpa/annotations/versioning.proto"; |
||||||
|
import "validate/validate.proto"; |
||||||
|
|
||||||
|
option java_package = "io.envoyproxy.envoy.extensions.filters.http.local_ratelimit.v3"; |
||||||
|
option java_outer_classname = "LocalRateLimitProto"; |
||||||
|
option java_multiple_files = true; |
||||||
|
option (udpa.annotations.file_status).package_version_status = ACTIVE; |
||||||
|
|
||||||
|
// [#protodoc-title: Local Rate limit] |
||||||
|
// Local Rate limit :ref:`configuration overview <config_http_filters_local_rate_limit>`. |
||||||
|
// [#extension: envoy.filters.http.local_ratelimit] |
||||||
|
|
||||||
|
// [#next-free-field: 7] |
||||||
|
message LocalRateLimit { |
||||||
|
// The human readable prefix to use when emitting stats. |
||||||
|
string stat_prefix = 1 [(validate.rules).string = {min_len: 1}]; |
||||||
|
|
||||||
|
// This field allows for a custom HTTP response status code to the downstream client when |
||||||
|
// the request has been rate limited. |
||||||
|
// Defaults to 429 (TooManyRequests). |
||||||
|
// |
||||||
|
// .. note:: |
||||||
|
// If this is set to < 400, 429 will be used instead. |
||||||
|
type.v3.HttpStatus status = 2; |
||||||
|
|
||||||
|
// The token bucket configuration to use for rate limiting requests that are processed by this |
||||||
|
// filter. Each request processed by the filter consumes a single token. If the token is available, |
||||||
|
// the request will be allowed. If no tokens are available, the request will receive the configured |
||||||
|
// rate limit status. |
||||||
|
// |
||||||
|
// .. note:: |
||||||
|
// It's fine for the token bucket to be unset for the global configuration since the rate limit |
||||||
|
// can be applied at a the virtual host or route level. Thus, the token bucket must be set |
||||||
|
// for the per route configuration otherwise the config will be rejected. |
||||||
|
// |
||||||
|
// .. note:: |
||||||
|
// When using per route configuration, the bucket becomes unique to that route. |
||||||
|
// |
||||||
|
// .. note:: |
||||||
|
// In the current implementation the token bucket's :ref:`fill_interval |
||||||
|
// <envoy_api_field_type.v3.TokenBucket.fill_interval>` must be >= 50ms to avoid too aggressive |
||||||
|
// refills. |
||||||
|
type.v3.TokenBucket token_bucket = 3; |
||||||
|
|
||||||
|
// If set, this will enable -- but not necessarily enforce -- the rate limit for the given |
||||||
|
// fraction of requests. |
||||||
|
// Defaults to 0% of requests for safety. |
||||||
|
config.core.v3.RuntimeFractionalPercent filter_enabled = 4; |
||||||
|
|
||||||
|
// If set, this will enforce the rate limit decisions for the given fraction of requests. |
||||||
|
// |
||||||
|
// Note: this only applies to the fraction of enabled requests. |
||||||
|
// |
||||||
|
// Defaults to 0% of requests for safety. |
||||||
|
config.core.v3.RuntimeFractionalPercent filter_enforced = 5; |
||||||
|
|
||||||
|
// Specifies a list of HTTP headers that should be added to each response for requests that |
||||||
|
// have been rate limited. |
||||||
|
repeated config.core.v3.HeaderValueOption response_headers_to_add = 6 |
||||||
|
[(validate.rules).repeated = {max_items: 10}]; |
||||||
|
} |
||||||
Loading…
Reference in new issue