Bypass Ratelimit service , if Ratelimit svc healthcheck fails

debbiswal commented 2 years ago

NOTE : This is not an issue . I am asking for a solution if anyone has implemented. I did not find any community group where I will ask for the solution. So posting here.

Hi All, My applications are running in Kubernets with ISTIO . I working on implementing ratelimiting using Envoy Filters.

I have deployed the Ratelimit service and Redis . http_health_check is configured for Ratelimit service and Redis healthcheck is implemented using REDIS_HEALTH_CHECK_ACTIVE_CONNECTION=true

We are facing an issue where , if Ratelimit service or Redis is down then latency is increased by the timeout configured for Ratelimit or Redis.

we are looking for a solution where : If the Ratelimit service is DOWN , then Envoy will not reach ratelimit service. It will bypass it and directly call the upstream.

Looking for suggestions and guidance .

daixiang0 commented 2 years ago

Did you try using https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/health_check_filter#config-http-filters-health-check and exclude health endpoint from ratelimit?

zirain commented 2 years ago

@debbiswal have you ever try these?

envoyproxy / envoy

Bypass Ratelimit service , if Ratelimit svc healthcheck fails #22398

NOTE : This is not an issue . I am asking for a solution if anyone has implemented. I did not find any community group where I will ask for the solution. So posting here.