Closed grumpymatt closed 4 months ago
Hi! It works for me, but I implemented the rate limit with the external rate limit service. If you are interested, I can share to you the step-by-step guide.
Emissary's rate limit example relies on an external rate limit service as noted on the page. By contrast, Edge Stack, the licensed version, comes with a rate limit service.
The RateLimitService resource tells Emissary-ingress what external service to use for rate limiting. If Emissary-ingress cannot contact the rate limit service, it will allow the request to be processed as if there were no rate limit service configuration.
I had installed the example external rate limit service: https://github.com/emissary-ingress/ratelimit-example
The problem I saw was errors in the Envoy logs when it tried to reconfigure after applying rate limiting. It looked the config was bad not that it couldn't reach the rate limit service.
I used the service https://github.com/envoyproxy/ratelimit
The config for it looked like something:
---
domain: emissary
descriptors:
- key: remote_address
rate_limit:
unit: second
requests_per_unit: 1000
shadow_mode: false
descriptors:
- key: generic_key
value: api_3
rate_limit:
unit: second
requests_per_unit: 30
shadow_mode: false
- key: generic_key
value: api_3_order
rate_limit:
unit: second
requests_per_unit: 100
shadow_mode: false
- key: generic_key
value: api_v4
rate_limit:
unit: second
requests_per_unit: 200
shadow_mode: false
- key: remote_address
value: 10.2.132.186
rate_limit:
unit: second
requests_per_unit: 0
shadow_mode: true
- key: remote_address
value: 50.0.0.5
rate_limit:
unit: second
requests_per_unit: 0
shadow_mode: true
- key: test
value: vasya
rate_limit:
unit: second
requests_per_unit: 1
shadow_mode: true
and finally my mapping looked like:
apiVersion: getambassador.io/v3alpha1
kind: Mapping
metadata:
name: **********
namespace: **********
spec:
ambassador_id: [ "public" ]
hostname: ***********
prefix: /api/v4
rewrite: ""
add_request_headers:
Site-Enum:
value: *********
append: False
service: **********
labels:
emissary:
- request_label_group:
- request_headers:
header_name: "CF-Connecting-IP"
key: remote_address
- generic_key:
key: endpoint
value: api_v4
no errors at all
Describe the bug The basic rate limiting example does not work with emissary 3.9.1 https://www.getambassador.io/docs/emissary/latest/topics/using/rate-limits
To Reproduce Steps to reproduce the behavior:
Expected behavior The rate limit example should install and work according to documentation
Versions (please complete the following information):
Additional context emissary-ingress shows this error after updating the quote Mappings