How to configure local rate limit

    After installation, you can see that the following two NSs have been added to the cluster, and the Dubbo and Thrift demo applications are installed in these two NSs. You can choose either of them to test.

    Aeraki’s rate limiting rules are designed to be flexible and easy to use, supporting both rate limiting for all inbound requests to a service and fine-grained rate limiting control based on specified conditions.

    The following rule limits all inbound requests to the thrift-sample-server.meta-thrift.svc.cluster.local service to 2 requests / minute.

    2. apiVersion: metaprotocol.aeraki.io/v1alpha1
    3. kind: MetaRouter
    4. metadata:
    5.   name: test-metaprotocol-thrift-route
    6.   namespace: meta-thrift
    7. spec:
    8.   hosts:
    9.   - thrift-sample-server.meta-thrift.svc.cluster.local
    10.   localRateLimit:
    11.       fillInterval: 60s
    12.       maxTokens: 2
    13.       tokensPerFill: 2

    Aeraki supports setting multiple rate limiting rules for a service, each with different conditions. This is super useful if you need to enforce fine-grained rate limiting on a service. For example, you can set different quota for users based on their SLA(Service Level Agreement).

    Just like routing condtions, any attributes that can be extracted from the request packet can be used for the matching conditions of the rate limiting rule.

    For example, the following rules set different rate limiting for the sayHello and ping interfaces.

    1. apiVersion: metaprotocol.aeraki.io/v1alpha1
    2. kind: MetaRouter
    3. metadata:
    4.   name: test-metaprotocol-thrift-route
    5.   namespace: meta-thrift
    6. spec:
    7.   hosts:
    8.   - thrift-sample-server.meta-thrift.svc.cluster.local
    9.   localRateLimit:
    10.     conditions:
    11.     - match:
    12.           method:
    14.       tokenBucket:
    15.         fillInterval: 60s
    16.         maxTokens: 10
    17.         tokensPerFill: 10
    18.     - match:
    19.         attributes:
    20.           method:
    21.             exact: ping
    22.       tokenBucket:
    23.         fillInterval: 60s
    24.         maxTokens: 100
    25.         tokensPerFill: 100

    It is possible to set both service level and condition level rate limiting, which is useful when you need to set a global quota for the whole service, but with a few exceptions.

    In the configuration sent to the Sidecar Proxy, Aeraki sets the MetaProtocol Proxy in the FilterChain corresponding to the service in the VirtualInbound Listener.

    Aeraki translates the rate limiting rules configured in the MetaRouter into configuration for the local rate limit filter, and distributes the configuration to sidecar proxies.

    The configuration of the service’s sidecar proxy can be viewed with the following command.

    1. aerakictl_sidecar_config server-v1 meta-thrift |fx

    The configuration of the MetaProtocol Proxy in the Inbound Listener of the Thrift service is shown below.