Skip to content

Add Rate Limiting Policy via CRs

Tip

To get familiar with the concept of Rate Limiting, see Rate Limiting Overview.

You need to define the API Policies as separate Custom Resources (CRs) when creating an API using the Kubernetes Command Line Interface (kubctl). Let's get familiar with the API-level and Operation-level configurations and the configurations definitions that you will use to add Rate Limiting Policies..

API-level

Sample code snippets

The following is a sample code snippet that defines how you can define Rate Limiting Policies at the API-level via a Rate Limiting Policy Custom Resource (CR) definition.

apiVersion: dp.wso2.com/v1alpha1
kind: RateLimitPolicy
metadata:
  name: sand-http-bin-ratelimit
spec:
  default:
    api:
      requestsPerUnit: 5
      unit: Minute
  targetRef:
    kind: API
    name: http-bin-api
    group: gateway.networking.k8s.io

Operation-level

Sample code snippets

The following is a sample code snippet that defines how you can define Rate Limiting Policies at the Operation-level via a Rate Limiting Policy Custom Resource (CR) definition.

apiVersion: dp.wso2.com/v1alpha1
kind: RateLimitPolicy
metadata:
  name: sand-http-bin-ratelimit
spec:
  override:
    api:
      rateLimit:
        requestsPerUnit: 5
        unit: Minute
  targetRef:
    kind: Resource
    name: sand-http-route-http-bin-api
    group: gateway.networking.k8s.io

Configuration definitions

The following are the configurations that you need when defining Rate Limiting Policies to an API when working with CRs.

Configuration Description
apiVersion Version of the API.
kind This determines the kind of Custom Resource (CR). As you are creating a CR to define a Rate Limiting Policy, this should be RateLimitPolicy.
metadata This contains the metadata related to the Rate Limiting Policy.
Configuration Description
name This defines the UUID of the Rate Limiting Policy.
spec This defines the configuration related to the Rate Limiting Policy.
The configuration will vary based on whether you are creating an API-Level or Operation-Level Rate Limiting Policy.
  • The following are the configurations defined under the spec configuration.

    Configuration Description
    default Use this when defining an API-Level Rate Limiting Policy, which applies to all the resources of a specific API globally.
    override Use this when defining an Operation-Level Rate Limiting Policy, which applies to only a specific resource within an API.
    targetRef Use this to define the API/Resource(HTTPRoute)/Gateway CR that the Rate Limiting Policy corresponds to.

  • The following are the configurations that are defined under the override and default configuration sections.

    Configuration Description
    type Define the Rate Limiting type.
    Default Value: Api
    api Defines the specifications that correspond to the api Rate Limiting type.
    Configuration Description
    requestsPerUnit This defines the number of API requests that are allowed per unit.
    Example:
    If unit is Minutes and requestsPerUnit is 5, then only 5 API requests are allowed per Minute.
    unit Specifies the measurement unit used to define Rate Limits.
    Possible Values: Minutes, Hours, Days
    Example:
    If unit is Minutes, then how many API requests are allowed per Minute.

  • The following are the configurations that are defined under the targetRef configuration.

    Configuration Description
    kind This defines the kind of the target resource.
    • If the Rate Limiting Policy applies to a particular resource, this should be Resource.
    • If the Rate Limiting Policy applies to all the resources in the HTTP Route, this should be HTTPRoute.
    name This defines the name of the target resource. Define the name of the HTTP route CR here.
    group Define the group as gateway.networking.k8s.io

Create an API using CRs with API-level Rate Limiting Policies

Follow the instructions below to add an API-level Rate Limiting Policy to an API via CRs:

Before you begin

Step 1 - Define the CRs

  1. Create the following Custom Resource (CR).

    • Resource API CR.
    • Production and/or Sandbox HTTPRoute CR.
    • CR that defines the service for the API backend.

      Note

      • You can find a sample set of CRs in the <APK-HOME>/samples/ directory.
      • The backend of the sample REST API is https://httpbin.org/
  2. Define the required API-level Rate Limiting Policy in your HTTPRoute CR.

    Note

    For more information, see the configurations used to add an API-level Rate Limiting Policy via an HTTPRoute CR and the configurations definitions.

    Let's add the Rate Limiting Policy as follows:

      apiVersion: dp.wso2.com/v1alpha1
      kind: RateLimitPolicy
      metadata:
        name: sand-http-bin-ratelimit
      spec:
        default:
          api:
            requestsPerUnit: 5
            unit: Minute
        targetRef:
          kind: API
          name: http-bin-api
          group: gateway.networking.k8s.io
    

Step 2 - Apply the CRs

Apply CRs to the Kubernetes API server using the kubectl.

kubectl apply -f <path-to-crs>
kubectl apply -f samples/

Note

  • The APIs should be created in the APK deployment namespace.

Create an API using CRs with Operation-level Rate Limiting Policies

Follow the instructions below to add an Operation-level Rate Limiting Policy to an API via CRs:

Before you begin

Step 1 - Define the CRs

  1. Create the following Custom Resource (CR).

    • Resource API CR.
    • Production and/or Sandbox HTTPRoute CR.
    • CR that defines the service for the API backend.

      Note

      • You can find a sample set of CRs in the <APK-HOME>/samples/ directory.
      • The backend of the sample REST API is https://httpbin.org/
  2. Define the required Operation-level Rate Limiting Policy in a separate CR.

    Note

    For more information, see the configurations used to add an Operation-level Rate Limiting Policy via an HTTPRoute CR and the configurations definitions.

    Let's add the Rate Limiting Policy as follows:

      apiVersion: dp.wso2.com/v1alpha1
      kind: RateLimitPolicy
      metadata:
        name: sand-http-bin-ratelimit
      spec:
        override:
          api:
            requestsPerUnit: 5
            unit: Minute
        targetRef:
          kind: Resource
          name: sand-http-route-http-bin-api
          group: gateway.networking.k8s.io
    

Step 2 - Apply the CRs

Apply CRs to the Kubernetes API server using the kubectl.

kubectl apply -f <path-to-crs>
kubectl apply -f samples/

Note

  • The APIs should be created in the APK deployment namespace.

Note

Once the ratelimit is enforced, the ratelimited requests will receive a 429 response code with no content as the response.