Add Rate Limiting Policy via CRs¶

Tip

To get familiar with the concept of Rate Limiting, see Rate Limiting Overview.

You need to define the API Policies as separate Custom Resources (CRs) when creating an API using the Kubernetes Command Line Interface (kubctl). Let's get familiar with the API-level and Operation-level configurations and the configurations definitions that you will use to add Rate Limiting Policies..

API-level¶

Sample code snippets

The following is a sample code snippet that defines how you can define Rate Limiting Policies at the API-level via a Rate Limiting Policy Custom Resource (CR) definition.

apiVersion: dp.wso2.com/v1alpha1
kind: RateLimitPolicy
metadata:
  name: sand-http-bin-ratelimit
spec:
  default:
    api:
      requestsPerUnit: 5
      unit: Minute
  targetRef:
    kind: API
    name: http-bin-api
    group: gateway.networking.k8s.io

Operation-level¶

Sample code snippets

The following is a sample code snippet that defines how you can define Rate Limiting Policies at the Operation-level via a Rate Limiting Policy Custom Resource (CR) definition.

apiVersion: dp.wso2.com/v1alpha1
kind: RateLimitPolicy
metadata:
  name: sand-http-bin-ratelimit
spec:
  override:
    api:
      rateLimit:
        requestsPerUnit: 5
        unit: Minute
  targetRef:
    kind: Resource
    name: sand-http-route-http-bin-api
    group: gateway.networking.k8s.io

Configuration definitions¶

The following are the configurations that you need when defining Rate Limiting Policies to an API when working with CRs.

Configuration Description

apiVersion Version of the API.

kind This determines the kind of Custom Resource (CR). As you are creating a CR to define a Rate Limiting Policy, this should be RateLimitPolicy.

metadata

This contains the metadata related to the Rate Limiting Policy.

Configuration	Description
`name`	This defines the UUID of the Rate Limiting Policy.

spec This defines the configuration related to the Rate Limiting Policy.
The configuration will vary based on whether you are creating an API-Level or Operation-Level Rate Limiting Policy.

The following are the configurations defined under the spec configuration.

Configuration	Description
`default`	Use this when defining an API-Level Rate Limiting Policy, which applies to all the resources of a specific API globally.
`override`	Use this when defining an Operation-Level Rate Limiting Policy, which applies to only a specific resource within an API.
`targetRef`	Use this to define the API/Resource(HTTPRoute)/Gateway CR that the Rate Limiting Policy corresponds to.

The following are the configurations that are defined under the override and default configuration sections.

Configuration Description

type Define the Rate Limiting type.
Default Value: Api

api

Defines the specifications that correspond to the api Rate Limiting type.

Configuration	Description
`requestsPerUnit`	This defines the number of API requests that are allowed per unit. Example: If `unit` is Minutes and `requestsPerUnit` is 5, then only 5 API requests are allowed per Minute.
`unit`	Defines the measurement unit used to define Rate Limits. Possible Values: `Minutes`, `Hours`, `Days` Example: If `unit` is Minutes, then how many API requests are allowed per Minute.

The following are the configurations that are defined under the targetRef configuration.

Configuration	Description
`kind`	This defines the kind of the target resource. If the Rate Limiting Policy applies to a particular resource, this should be `Resource`. If the Rate Limiting Policy applies to all the resources in the HTTP Route, this should be `HTTPRoute`.
`name`	This defines the name of the target resource. Define the name of the HTTP route CR here.
`group`	Define the group as `gateway.networking.k8s.io`

Create an API using CRs with API-level Rate Limiting Policies¶

Follow the instructions below to add an API-level Rate Limiting Policy to an API via CRs:

Before you begin

Install the prerequisites that are required to run WSO2 APK.
Start WSO2 APK.

Step 1 - Define the CRs

Create the following Custom Resource (CR).
- Resource API CR.
- Production and/or Sandbox HTTPRoute CR.
- CR that defines the service for the API backend.
  Note
  - You can find a sample set of CRs in the <APK-HOME>/samples/ directory.
  - The backend of the sample REST API is https://httpbin.org/

Define the required API-level Rate Limiting Policy in your HTTPRoute CR.

Note

For more information, see the configurations used to add an API-level Rate Limiting Policy via an HTTPRoute CR and the configurations definitions.

Let's add the Rate Limiting Policy as follows:

  apiVersion: dp.wso2.com/v1alpha1
  kind: RateLimitPolicy
  metadata:
    name: sand-http-bin-ratelimit
  spec:
    default:
      api:
        requestsPerUnit: 5
        unit: Minute
    targetRef:
      kind: API
      name: http-bin-api
      group: gateway.networking.k8s.io

Step 2 - Apply the CRs

Apply CRs to the Kubernetes API server using the kubectl.

FormatCommand

kubectl apply -f <path-to-crs>

kubectl apply -f samples/

Note

The APIs should be created in the APK deployment namespace.

Create an API using CRs with Operation-level Rate Limiting Policies¶

Follow the instructions below to add an Operation-level Rate Limiting Policy to an API via CRs:

Before you begin

Install the prerequisites that are required to run WSO2 APK.
Start WSO2 APK.

Step 1 - Define the CRs

Create the following Custom Resource (CR).
- Resource API CR.
- Production and/or Sandbox HTTPRoute CR.
- CR that defines the service for the API backend.
  Note
  - You can find a sample set of CRs in the <APK-HOME>/samples/ directory.
  - The backend of the sample REST API is https://httpbin.org/

Define the required Operation-level Rate Limiting Policy in a separate CR.

Note

For more information, see the configurations used to add an Operation-level Rate Limiting Policy via an HTTPRoute CR and the configurations definitions.

Let's add the Rate Limiting Policy as follows:

  apiVersion: dp.wso2.com/v1alpha1
  kind: RateLimitPolicy
  metadata:
    name: sand-http-bin-ratelimit
  spec:
    override:
      api:
        requestsPerUnit: 5
        unit: Minute
    targetRef:
      kind: Resource
      name: sand-http-route-http-bin-api
      group: gateway.networking.k8s.io

Step 2 - Apply the CRs

Apply CRs to the Kubernetes API server using the kubectl.

FormatCommand

kubectl apply -f <path-to-crs>

kubectl apply -f samples/

Note

The APIs should be created in the APK deployment namespace.

Note

Once the ratelimit is enforced, the ratelimited requests will receive a 429 response code with no content as the response.