Closed nacx closed 1 year ago
do you mind replicating redis
install using cert-manager
as an example model (to basically follow the addons model) and leveraging https://artifacthub.io/packages/helm/bitnami/redis helm chart instead - thank you!!
One of the reason I didn't go the Helm route is because we use our very own redis instance (the envoy ratelimit-redis). I don't know to what extent is just a vanilla redis or it has other stuff, so I opted to not use an official vanilla redis Helm chart, to avoid any confusion/gotchas. WDYT?
Moving to draft as I have a couple changes to move it to the addons folder, although I'll keep the deployment files instead of using a Helm chart, as we can't guarantee hat helm chart matches the image we're using, and there could be mismatches in startup flags, etc.
ack @nacx , meanwhile I will investigate further the image story, i got your point, sounds like a fair statement, also need to make an option to have the rate limit as option to choose, but enabled by default.
The image is based on this one: https://github.com/envoyproxy/ratelimit I think it's safer to not make assumptions on what Helm charts it can be installed with and just have a deployment+service.
Done, the ratelimit component is now an optional addon, enabled by default.
Fixes https://github.com/smarunich/tetrate-service-bridge-sandbox/issues/58
Adds the rate-limit backend tot he CPs and configures the eshop with WAF and rate limiting enabled by default.