Skip to content

Commit

Permalink
feat(limt-count): use 'remote_addr' as default key (#2927)
Browse files Browse the repository at this point in the history
  • Loading branch information
@spacewander
spacewander authored Dec 2, 2020
1 parent 33d70d1 commit f84a44e
Show file tree
Hide file tree
Showing 5 changed files with 59 additions and 9 deletions.
3 changes: 2 additions & 1 deletion apisix/plugins/limit-count.lua
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,7 @@ local schema = {
type = "string",
enum = {"remote_addr", "server_addr", "http_x_real_ip",
"http_x_forwarded_for", "consumer_name", "service_id"},
default = "remote_addr",
},
rejected_code = {
type = "integer", minimum = 200, maximum = 600,
Expand All @@ -51,7 +52,7 @@ local schema = {
default = "local",
}
},
required = {"count", "time_window", "key"},
required = {"count", "time_window"},
dependencies = {
policy = {
oneOf = {
Expand Down
2 changes: 1 addition & 1 deletion doc/plugins/limit-count.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ Limit request rate by a fixed number of requests in a given time window.
| -------------- | ------- | -------------------- | ------- | ------------------------------------------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| count | integer | required | | [0,...] | the specified number of requests threshold. |
| time_window | integer | required | | [0,...] | the time window in seconds before the request count is reset. |
| key | string | required | | ["remote_addr", "server_addr", "http_x_real_ip", "http_x_forwarded_for", "consumer_name", "service_id"] | The user specified key to limit the count. <br> Now accept those as key: "remote_addr"(client's IP), "server_addr"(server's IP), "X-Forwarded-For/X-Real-IP" in request header, "consumer_name"(consumer's username) and "service_id". |
| key | string | optional | "remote_addr" | ["remote_addr", "server_addr", "http_x_real_ip", "http_x_forwarded_for", "consumer_name", "service_id"] | The user specified key to limit the count. <br> Now accept those as key: "remote_addr"(client's IP), "server_addr"(server's IP), "X-Forwarded-For/X-Real-IP" in request header, "consumer_name"(consumer's username) and "service_id". |
| rejected_code | integer | optional | 503 | [200,600] | The HTTP status code returned when the request exceeds the threshold is rejected, default 503. |
| policy | string | optional | "local" | ["local", "redis", "redis-cluster"] | The rate-limiting policies to use for retrieving and incrementing the limits. Available values are `local`(the counters will be stored locally in-memory on the node) and `redis`(counters are stored on a Redis server and will be shared across the nodes, usually use it to do the global speed limit). |
| redis_host | string | required for `redis` | | | When using the `redis` policy, this property specifies the address of the Redis server. |
Expand Down
2 changes: 1 addition & 1 deletion doc/zh-cn/plugins/limit-count.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@
| --------------- | -------- | ------------ | ------- | ------------------------------------------------------------ | ------------------------------------------------------------ |
| count | integer | 必须 | | [0,...] | 指定时间窗口内的请求数量阈值 |
| time_window | integer | 必须 | | [0,...] | 时间窗口的大小(以秒为单位),超过这个时间就会重置 |
| key | string | 必须 | | ["remote_addr", "server_addr", "http_x_real_ip", "http_x_forwarded_for", "consumer_name", "service_id"] | 用来做请求计数的有效值。<br>例如,可以使用主机名(或服务器区域)作为关键字,以便限制每个主机名规定时间内的请求次数。我们也可以使用客户端地址作为关键字,这样我们就可以避免单个客户端规定时间内多次的连接我们的服务。<br>当前接受的 key 有:"remote_addr"(客户端IP地址), "server_addr"(服务端 IP 地址), 请求头中的"X-Forwarded-For" 或 "X-Real-IP", "consumer_name"(consumer 的 username), "service_id" 。 |
| key | string | 可选 | "remote_addr" | ["remote_addr", "server_addr", "http_x_real_ip", "http_x_forwarded_for", "consumer_name", "service_id"] | 用来做请求计数的有效值。<br>例如,可以使用主机名(或服务器区域)作为关键字,以便限制每个主机名规定时间内的请求次数。我们也可以使用客户端地址作为关键字,这样我们就可以避免单个客户端规定时间内多次的连接我们的服务。<br>当前接受的 key 有:"remote_addr"(客户端IP地址), "server_addr"(服务端 IP 地址), 请求头中的"X-Forwarded-For" 或 "X-Real-IP", "consumer_name"(consumer 的 username), "service_id" 。 |
| rejected_code | integer | 可选 | 503 | [200,600] | 当请求超过阈值被拒绝时,返回的 HTTP 状态码 |
| policy | string | 可选 | "local" | ["local", "redis", "redis-cluster"] | 用于检索和增加限制的速率限制策略。可选的值有:`local`(计数器被以内存方式保存在节点本地,默认选项) 和 `redis`(计数器保存在 Redis 服务节点上,从而可以跨节点共享结果,通常用它来完成全局限速);以及`redis-cluster`,跟redis功能一样,只是使用redis集群方式。 |
| redis_host | string | `redis` 必须 | | | 当使用 `redis` 限速策略时,该属性是 Redis 服务节点的地址。 |
Expand Down
2 changes: 1 addition & 1 deletion t/admin/schema.t
View file
Original file line number Diff line number Diff line change
Expand Up @@ -146,7 +146,7 @@ passed
--- request
GET /apisix/admin/schema/plugins/limit-count
--- response_body eval
qr/"required":\["count","time_window","key"\]/
qr/"required":\["count","time_window"\]/
--- no_error_log
[error]

Expand Down
59 changes: 54 additions & 5 deletions t/plugin/limit-count.t
View file
Original file line number Diff line number Diff line change
Expand Up @@ -193,7 +193,7 @@ passed



=== TEST 8: invalid route: missing key
=== TEST 8: invalid route: missing count
--- config
location /t {
content_by_lua_block {
Expand All @@ -203,7 +203,6 @@ passed
[[{
"plugins": {
"limit-count": {
"count": 2,
"time_window": 60,
"rejected_code": 503
}
Expand All @@ -228,7 +227,7 @@ passed
GET /t
--- error_code: 400
--- response_body
{"error_msg":"failed to check the configuration of plugin limit-count err: property \"key\" is required"}
{"error_msg":"failed to check the configuration of plugin limit-count err: property \"count\" is required"}
--- no_error_log
[error]

Expand Down Expand Up @@ -328,7 +327,6 @@ GET /t
[[{
"plugins": {
"limit-count": {
"count": 2,
"time_window": 60,
"rejected_code": 503
}
Expand All @@ -352,7 +350,7 @@ GET /t
GET /t
--- error_code: 400
--- response_body
{"error_msg":"failed to check the configuration of plugin limit-count err: property \"key\" is required"}
{"error_msg":"failed to check the configuration of plugin limit-count err: property \"count\" is required"}
--- no_error_log
[error]

Expand Down Expand Up @@ -1126,3 +1124,54 @@ GET /t
passed
--- no_error_log
[error]



=== TEST 35: use 'remote_addr' as default key
--- config
location /t {
content_by_lua_block {
local t = require("lib.test_admin").test
local code, body = t('/apisix/admin/routes/1',
ngx.HTTP_PUT,
[[{
"methods": ["GET"],
"plugins": {
"limit-count": {
"count": 2,
"time_window": 60,
"rejected_code": 503
}
},
"upstream": {
"nodes": {
"127.0.0.1:1980": 1
},
"type": "roundrobin"
},
"uri": "/hello"
}]]
)

if code >= 300 then
ngx.status = code
end
ngx.say(body)
}
}
--- request
GET /t
--- response_body
passed
--- no_error_log
[error]



=== TEST 36: up the limit
--- pipelined_requests eval
["GET /hello", "GET /hello", "GET /hello", "GET /hello"]
--- error_code eval
[200, 200, 503, 503]
--- no_error_log
[error]

0 comments on commit f84a44e

Please sign in to comment.