Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for path specific rate limiting #6011

Closed
nielsbasjes opened this issue Aug 12, 2020 · 1 comment
Closed

Support for path specific rate limiting #6011

nielsbasjes opened this issue Aug 12, 2020 · 1 comment
Labels
kind/feature Categorizes issue or PR as related to a new feature.

Comments

@nielsbasjes
Copy link

In nginx there is good support for limiting the number of requests to avoid overloading/hacking/...

What I would like to to have some paths without rate limiting and some with rate limiting.
Also for my usecase the IP address is not the right value to limit the requests by. In my case either a request header (i..e. $http_foobar) or cookie (i.e. $cookie_foobar) would make more sense.

I would like to be able to configure rate limiting (per path, different rate, bursts, delay, etc.) in a more fine grained way then I found to be possible in the current version.

Looking around I found this article which found the same limitations as I ran into:
https://medium.com/titansoft-engineering/rate-limiting-for-your-kubernetes-applications-with-nginx-ingress-2e32721f7f57

The current rate limiting support is configured via annotations on the ingress.
This can possibly be implemented by extending the supported annotations for nginx specifically.

Alternatively I was thinking that support for this kind of rate limiting may be better suited to become an integral part of the Ingress definition itself ( https://kubernetes.io/docs/concepts/services-networking/ingress/ ) so that all ingress implementations can leverage the same configurations.
So then I can simply do something like this instead:

spec:
  rules:
  - host: foo.bar.com
    http:
      paths:
      - path: /foo
        backend:
          serviceName: service1
          servicePort: 4200
        rateLimits:
            - path: /bar                # This is relative under the '/foo'  so the path to which this applies is /foo/bar
              byCookie: jsessionid
              #byHeader: customerid
              # if neither configured : by IP 
              maxPerSecond: 5
              allowBurst: 10
              delayBurst: false

or something like that.

/kind feature
@nielsbasjes nielsbasjes added the kind/feature Categorizes issue or PR as related to a new feature. label Aug 12, 2020
@aledbf
Copy link
Member

aledbf commented Aug 12, 2020

Closing. This requires changes to the Ingress spec. Something is not going to happen now that is V1.

That said, you should check https://github.com/kubernetes-sigs/service-apis, the next generation (like Ingress V2) where these extension points are being considered.

@aledbf aledbf closed this as completed Aug 12, 2020
@nielsbasjes nielsbasjes mentioned this issue Sep 11, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/feature Categorizes issue or PR as related to a new feature.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@aledbf @nielsbasjes