Closed jaggerwang closed 3 months ago
2024-07-09T06:40:48.831897Z error wasm cannot fetch Wasm module oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/key-cluster-rate-limit:1.0.0: could not fetch Wasm OCI image: could not fetch image: GET https://higress-registry.cn-hangzhou.cr.aliyuncs.com/v2/plugins/key-cluster-rate-limit/manifests/1.0.0: UNAUTHORIZED: authentication required; [map[Action:pull Class: Name:plugins/key-cluster-rate-limit Type:repository]]
应该是这个镜像在仓库中还没有。可以参考这里手动构建一下镜像:https://higress.io/zh-cn/docs/user/wasm-image-spec#4-%E9%95%9C%E5%83%8F%E6%9E%84%E5%BB%BA%E6%96%B9%E5%BC%8F
@CH3CHO 自动构建镜像的 pr 已经合并了 https://github.com/alibaba/higress/pull/1069 可以触发把现有插件的镜像都构建一下吗?
@CH3CHO 自动构建镜像的 pr 已经合并了 #1069 可以触发把现有插件的镜像都构建一下吗?
我先针对性的构建一下 key-cluster-rate-limit 吧。
@CH3CHO 自动构建镜像的 pr 已经合并了 #1069 可以触发把现有插件的镜像都构建一下吗?
这个插件我看 main 分支里还没有?
https://github.com/alibaba/higress/tree/main/plugins/wasm-go/extensions
@CH3CHO https://github.com/alibaba/higress/tree/main/plugins/wasm-go/extensions/cluster-key-rate-limit
好吧。那打出来的镜像也会叫 cluster-key-rate-limit 的。
我等下把文档改成 cluster-key-rate-limit
另外请问一下 key-rate-limit 和 cluster-key-rate-limit 两个插件的区别是什么,文档里没有相关介绍。
我等下把文档改成 cluster-key-rate-limit
https://higress.io/zh-cn/docs/plugins/traffic/cluster-key-rate-limit hi,我看你这个文档的内容之前调整过了,麻烦也帮忙同步过来吧,感谢
另外请问一下 key-rate-limit 和 cluster-key-rate-limit 两个插件的区别是什么,文档里没有相关介绍。
key-rate-limit 插件针对的是单机限流,cluster-key-rate-limit 插件针对的是集群限流,https://mp.weixin.qq.com/s/7yaN1wQSQC0JPdUenE53lg 这篇文章中有相关介绍,可以看下
hi,我看你这个文档的内容之前调整过了,麻烦也帮忙同步过来吧,感谢
ok
hi,我看你这个文档的内容之前调整过了,麻烦也帮忙同步过来吧,感谢
ok
建议在文档里注明一下 cluster-key-rate-limit 与 key-rate-limit 的区别。
cluster-key-rate-limit
镜像已经 push 上去了:higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/cluster-key-rate-limit:1.0.0
@jaggerwang @cr7258 @hanxiantao
插件连接 Redis 失败:
[Envoy (Epoch 0)] [2024-07-10 03:58:11.453][29][critical][wasm] wasm log: failed to init redis: error status returned by host: bad argument
2024-07-10T11:58:11.453791194+08:00 [Envoy (Epoch 0)] [2024-07-10 03:58:11.453][29][warning][wasm] wasm log: [cluster-key-rate-limit] parse rule config failed: error status returned by host: bad argument
[Envoy (Epoch 0)] [2024-07-10 03:58:11.453][29][error][wasm] Wasm VM failed Failed to configure base Wasm plugin
[Envoy (Epoch 0)] [2024-07-10 03:58:11.455][29][warning][config] gRPC config for type.googleapis.com/envoy.config.core.v3.TypedExtensionConfig rejected: Unable to create Wasm HTTP filter higress-system.cluster-key-rate-limit
[Envoy (Epoch 0)] [2024-07-10 03:58:11.455][29][warning][config] gRPC config for type.googleapis.com/envoy.config.core.v3.TypedExtensionConfig rejected: Unable to create Wasm HTTP filter higress-system.cluster-key-rate-limit
[Envoy (Epoch 0)] [2024-07-10 03:58:41.246][29][critical][wasm] wasm log: failed to init redis: error status returned by host: bad argument
2024-07-10T11:58:41.246939056+08:00 [Envoy (Epoch 0)] [2024-07-10 03:58:41.246][29][warning][wasm] wasm log: [cluster-key-rate-limit] parse rule config failed: error status returned by host: bad argument
2024-07-10T11:58:41.246944224+08:00 [Envoy (Epoch 0)] [2024-07-10 03:58:41.246][29][error][wasm] Wasm VM failed Failed to configure base Wasm plugin
2024-07-10T11:58:41.248254058+08:00 [Envoy (Epoch 0)] [2024-07-10 03:58:41.248][29][warning][config] gRPC config for type.googleapis.com/envoy.config.core.v3.TypedExtensionConfig rejected: Unable to create Wasm HTTP filter higress-system.cluster-key-rate-limit
2024-07-10T12:01:58.133559420+08:00 [Envoy (Epoch 0)] [2024-07-10 04:01:58.133][29][critical][wasm] wasm log: failed to init redis: error status returned by host: bad argument
2024-07-10T12:01:58.133594104+08:00 [Envoy (Epoch 0)] [2024-07-10 04:01:58.133][29][warning][wasm] wasm log: [cluster-key-rate-limit] parse rule config failed: error status returned by host: bad argument
[Envoy (Epoch 0)] [2024-07-10 04:01:58.133][29][error][wasm] Wasm VM failed Failed to configure base Wasm plugin
2024-07-10T12:01:58.135050855+08:00 [Envoy (Epoch 0)] [2024-07-10 04:01:58.134][29][warning][config] gRPC config for type.googleapis.com/envoy.config.core.v3.TypedExtensionConfig rejected: Unable to create Wasm HTTP filter higress-system.cluster-key-rate-limit
Redis 配置如下,使用 redis-cli
命令确认过地址、端口和密码都是正确的(注意无用户名)。
apiVersion: extensions.higress.io/v1alpha1
kind: WasmPlugin
metadata:
name: cluster-key-rate-limit
spec:
url: oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/cluster-key-rate-limit:1.0.0
matchRules:
- domain:
- open-dev-cloud.alidev.beisai.com
- open-test-cloud.alidev.beisai.com
config:
rule_name: open_api_rate_limit
rule_items:
- limit_by_per_header: x-api-key
limit_keys:
- key: "*"
query_per_second: 1
show_limit_quota_header: true
rejected_code: 429
redis:
service_name: basicai-redis-master.redis-cluster.svc.cluster.local
service_port: 6379
password: ******
即便配置 username
为空也不行。
插件连接 Redis 失败:
[Envoy (Epoch 0)] [2024-07-10 03:58:11.453][29][critical][wasm] wasm log: failed to init redis: error status returned by host: bad argument 2024-07-10T11:58:11.453791194+08:00 [Envoy (Epoch 0)] [2024-07-10 03:58:11.453][29][warning][wasm] wasm log: [cluster-key-rate-limit] parse rule config failed: error status returned by host: bad argument [Envoy (Epoch 0)] [2024-07-10 03:58:11.453][29][error][wasm] Wasm VM failed Failed to configure base Wasm plugin [Envoy (Epoch 0)] [2024-07-10 03:58:11.455][29][warning][config] gRPC config for type.googleapis.com/envoy.config.core.v3.TypedExtensionConfig rejected: Unable to create Wasm HTTP filter higress-system.cluster-key-rate-limit [Envoy (Epoch 0)] [2024-07-10 03:58:11.455][29][warning][config] gRPC config for type.googleapis.com/envoy.config.core.v3.TypedExtensionConfig rejected: Unable to create Wasm HTTP filter higress-system.cluster-key-rate-limit [Envoy (Epoch 0)] [2024-07-10 03:58:41.246][29][critical][wasm] wasm log: failed to init redis: error status returned by host: bad argument 2024-07-10T11:58:41.246939056+08:00 [Envoy (Epoch 0)] [2024-07-10 03:58:41.246][29][warning][wasm] wasm log: [cluster-key-rate-limit] parse rule config failed: error status returned by host: bad argument 2024-07-10T11:58:41.246944224+08:00 [Envoy (Epoch 0)] [2024-07-10 03:58:41.246][29][error][wasm] Wasm VM failed Failed to configure base Wasm plugin 2024-07-10T11:58:41.248254058+08:00 [Envoy (Epoch 0)] [2024-07-10 03:58:41.248][29][warning][config] gRPC config for type.googleapis.com/envoy.config.core.v3.TypedExtensionConfig rejected: Unable to create Wasm HTTP filter higress-system.cluster-key-rate-limit 2024-07-10T12:01:58.133559420+08:00 [Envoy (Epoch 0)] [2024-07-10 04:01:58.133][29][critical][wasm] wasm log: failed to init redis: error status returned by host: bad argument 2024-07-10T12:01:58.133594104+08:00 [Envoy (Epoch 0)] [2024-07-10 04:01:58.133][29][warning][wasm] wasm log: [cluster-key-rate-limit] parse rule config failed: error status returned by host: bad argument [Envoy (Epoch 0)] [2024-07-10 04:01:58.133][29][error][wasm] Wasm VM failed Failed to configure base Wasm plugin 2024-07-10T12:01:58.135050855+08:00 [Envoy (Epoch 0)] [2024-07-10 04:01:58.134][29][warning][config] gRPC config for type.googleapis.com/envoy.config.core.v3.TypedExtensionConfig rejected: Unable to create Wasm HTTP filter higress-system.cluster-key-rate-limit
Redis 配置如下,使用
redis-cli
命令确认过地址、端口和密码都是正确的(注意无用户名)。apiVersion: extensions.higress.io/v1alpha1 kind: WasmPlugin metadata: name: cluster-key-rate-limit spec: url: oci://higress-registry.cn-hangzhou.cr.aliyuncs.com/plugins/cluster-key-rate-limit:1.0.0 matchRules: - domain: - open-dev-cloud.alidev.beisai.com - open-test-cloud.alidev.beisai.com config: rule_name: open_api_rate_limit rule_items: - limit_by_per_header: x-api-key limit_keys: - key: "*" query_per_second: 1 show_limit_quota_header: true rejected_code: 429 redis: service_name: basicai-redis-master.redis-cluster.svc.cluster.local service_port: 6379 password: ******
即便配置
username
为空也不行。
进到gateway pod里,curl http://localhost:15000/clusters 看看,是否有对应的cluster
默认配置的是只下发有路由的cluster,有两种解决方法:
1.新增一条路由关联redis对应的service
2.修改一下环境变量为false,会下发Kubernetes集群中所有的service对应的cluster
这个也有挺多人在使用redis的时候遇到
禁用 global.onlyPushRouteCluster
后可以了,谢谢!
禁用
global.onlyPushRouteCluster
后可以了,谢谢!
好的,我这边会尽快完善下如何访问redis的文档,把涉及的case都给出对应示例,感谢提问
Ⅰ. Issue Description
Config key-cluster-rate-limit plugin as following to limit query per second to 1 time/s, but still can query more than one time in one second.
Ⅱ. Describe what happened
higress-controller log
higress-gateway log
It seems that pull key-cluster-rate-limit image failed, but there is no this plugin's address at doc Introduction to the use of Wasm plugins.
Ⅵ. Environment: