Add Rate Limiting Policy via CRs¶
Tip
To get familiar with the concept of Rate Limiting, see Rate Limiting Overview.
You need to define the API Policies as separate Custom Resources (CRs) when creating an API using the Kubernetes Command Line Interface (kubctl). Let's get familiar with the API-level and Operation-level configurations and the configurations definitions that you will use to add Rate Limiting Policies..
API-level¶
Sample code snippets
The following is a sample code snippet that defines how you can define Rate Limiting Policies at the API-level via a Rate Limiting Policy Custom Resource (CR) definition.
apiVersion: dp.wso2.com/v1alpha1
kind: RateLimitPolicy
metadata:
name: sand-http-bin-ratelimit
spec:
default:
api:
requestsPerUnit: 5
unit: Minute
targetRef:
kind: API
name: http-bin-api
group: gateway.networking.k8s.io
Operation-level¶
Sample code snippets
The following is a sample code snippet that defines how you can define Rate Limiting Policies at the Operation-level via a Rate Limiting Policy Custom Resource (CR) definition.
apiVersion: dp.wso2.com/v1alpha1
kind: RateLimitPolicy
metadata:
name: sand-http-bin-ratelimit
spec:
override:
api:
rateLimit:
requestsPerUnit: 5
unit: Minute
targetRef:
kind: Resource
name: sand-http-route-http-bin-api
group: gateway.networking.k8s.io
Configuration definitions¶
The following are the configurations that you need when defining Rate Limiting Policies to an API when working with CRs.
Configuration | Description | ||||
---|---|---|---|---|---|
apiVersion |
Version of the API. | ||||
kind |
This determines the kind of Custom Resource (CR). As you are creating a CR to define a Rate Limiting Policy, this should be RateLimitPolicy . |
||||
metadata |
This contains the metadata related to the Rate Limiting Policy.
| ||||
spec |
This defines the configuration related to the Rate Limiting Policy. The configuration will vary based on whether you are creating an API-Level or Operation-Level Rate Limiting Policy. |
-
The following are the configurations defined under the
spec
configuration.Configuration Description default
Use this when defining an API-Level Rate Limiting Policy, which applies to all the resources of a specific API globally. override
Use this when defining an Operation-Level Rate Limiting Policy, which applies to only a specific resource within an API. targetRef
Use this to define the API/Resource(HTTPRoute)/Gateway CR that the Rate Limiting Policy corresponds to. -
Configuration Description type
Define the Rate Limiting type.
Default Value:Api
api
Defines the specifications that correspond to the api
Rate Limiting type.Configuration Description requestsPerUnit
This defines the number of API requests that are allowed per unit.
Example:
Ifunit
is Minutes andrequestsPerUnit
is 5, then only 5 API requests are allowed per Minute.unit
Specifies the measurement unit used to define Rate Limits.
Possible Values:Minutes
,Hours
,Days
Example:
Ifunit
is Minutes, then how many API requests are allowed per Minute. -
The following are the configurations that are defined under the
targetRef
configuration.Configuration Description kind
This defines the kind of the target resource. -
If the Rate Limiting Policy applies to a particular resource, this should be
Resource
. -
If the Rate Limiting Policy applies to all the resources in the HTTP Route, this should be
HTTPRoute
.
name
This defines the name of the target resource. Define the name of the HTTP route CR here. group
Define the group as gateway.networking.k8s.io
-
If the Rate Limiting Policy applies to a particular resource, this should be
Create an API using CRs with API-level Rate Limiting Policies¶
Follow the instructions below to add an API-level Rate Limiting Policy to an API via CRs:
Before you begin
- Install the prerequisites that are required to run WSO2 APK.
- Start WSO2 APK.
Step 1 - Define the CRs
-
Create the following Custom Resource (CR).
- Resource API CR.
- Production and/or Sandbox HTTPRoute CR.
-
CR that defines the service for the API backend.
Note
- You can find a sample set of CRs in the
<APK-HOME>/samples/
directory. - The backend of the sample REST API is https://httpbin.org/
- You can find a sample set of CRs in the
-
Define the required API-level Rate Limiting Policy in your HTTPRoute CR.
Note
For more information, see the configurations used to add an API-level Rate Limiting Policy via an HTTPRoute CR and the configurations definitions.
Let's add the Rate Limiting Policy as follows:
apiVersion: dp.wso2.com/v1alpha1 kind: RateLimitPolicy metadata: name: sand-http-bin-ratelimit spec: default: api: requestsPerUnit: 5 unit: Minute targetRef: kind: API name: http-bin-api group: gateway.networking.k8s.io
Step 2 - Apply the CRs
Apply CRs to the Kubernetes API server using the kubectl.
kubectl apply -f <path-to-crs>
kubectl apply -f samples/
Note
- The APIs should be created in the APK deployment namespace.
Create an API using CRs with Operation-level Rate Limiting Policies¶
Follow the instructions below to add an Operation-level Rate Limiting Policy to an API via CRs:
Before you begin
- Install the prerequisites that are required to run WSO2 APK.
- Start WSO2 APK.
Step 1 - Define the CRs
-
Create the following Custom Resource (CR).
- Resource API CR.
- Production and/or Sandbox HTTPRoute CR.
-
CR that defines the service for the API backend.
Note
- You can find a sample set of CRs in the
<APK-HOME>/samples/
directory. - The backend of the sample REST API is https://httpbin.org/
- You can find a sample set of CRs in the
-
Define the required Operation-level Rate Limiting Policy in a separate CR.
Note
For more information, see the configurations used to add an Operation-level Rate Limiting Policy via an HTTPRoute CR and the configurations definitions.
Let's add the Rate Limiting Policy as follows:
apiVersion: dp.wso2.com/v1alpha1 kind: RateLimitPolicy metadata: name: sand-http-bin-ratelimit spec: override: api: requestsPerUnit: 5 unit: Minute targetRef: kind: Resource name: sand-http-route-http-bin-api group: gateway.networking.k8s.io
Step 2 - Apply the CRs
Apply CRs to the Kubernetes API server using the kubectl.
kubectl apply -f <path-to-crs>
kubectl apply -f samples/
Note
- The APIs should be created in the APK deployment namespace.
Note
Once the ratelimit is enforced, the ratelimited requests will receive a 429 response code with no content as the response.