Closed nacx closed 1 year ago
smarunich
commented
1 year ago do you mind replicating redis install using cert-manager as an example model (to basically follow the addons model) and leveraging https://artifacthub.io/packages/helm/bitnami/redis helm chart instead - thank you!!
nacx
commented
1 year ago One of the reason I didn't go the Helm route is because we use our very own redis instance (the envoy ratelimit-redis). I don't know to what extent is just a vanilla redis or it has other stuff, so I opted to not use an official vanilla redis Helm chart, to avoid any confusion/gotchas. WDYT?
nacx
commented
1 year ago Moving to draft as I have a couple changes to move it to the addons folder, although I'll keep the deployment files instead of using a Helm chart, as we can't guarantee hat helm chart matches the image we're using, and there could be mismatches in startup flags, etc.
smarunich
commented
1 year ago ack @nacx , meanwhile I will investigate further the image story, i got your point, sounds like a fair statement, also need to make an option to have the rate limit as option to choose, but enabled by default.
nacx
commented
1 year ago The image is based on this one: https://github.com/envoyproxy/ratelimit I think it's safer to not make assumptions on what Helm charts it can be installed with and just have a deployment+service.
nacx
commented
1 year ago Done, the ratelimit component is now an optional addon, enabled by default.
Fixes https://github.com/smarunich/tetrate-service-bridge-sandbox/issues/58
Adds the rate-limit backend tot he CPs and configures the eshop with WAF and rate limiting enabled by default.