CODEWITHSUNDEEP
kubernetesmanagedamazon-eksrate-limiting
Talha Tariq
Talha Tariq

Reputation: 181

Rate Limiting based on URL and Path in Kubernetes

I need to implement Rate Limiting (based on URL and path) on applications deployed on Kubernetes Cluster (EKS).

I'm looking for a managed way that involves least scripting and does provide an interface through which to manage rate limits for different application.

That system should be able to work accurately at the enterprise level.

Can somebody please suggest me the path/tool/framework to follow in order to achieve it.

Upvotes: 18

Views: 23295

Answers (1)

kool
kool

Reputation: 3613

Rate-limiting is available in NGINX Ingress by using correct annotations. Available options are:

  1. nginx.ingress.kubernetes.io/limit-connections: number of concurrent connections allowed from a single IP address. A 503 error is returned when exceeding this limit.
  2. nginx.ingress.kubernetes.io/limit-rps: number of requests accepted from a given IP each second. The burst limit is set to this limit multiplied by the burst multiplier, the default multiplier is 5. When clients exceed this limit, limit-req-status-code default: 503 is returned.
  3. nginx.ingress.kubernetes.io/limit-rpm: number of requests accepted from a given IP each minute. The burst limit is set to this limit multiplied by the burst multiplier, the default multiplier is 5. When clients exceed this limit, limit-req-status-code default: 503 is returned.
  4. nginx.ingress.kubernetes.io/limit-burst-multiplier: multiplier of the limit rate for burst size. The default burst multiplier is 5, this annotation override the default multiplier. When clients exceed this limit, limit-req-status-code default: 503 is returned.
  5. nginx.ingress.kubernetes.io/limit-rate-after: initial number of kilobytes after which the further transmission of a response to a given connection will be rate limited. This feature must be used with proxy-buffering enabled.
  6. nginx.ingress.kubernetes.io/limit-rate: number of kilobytes per second allowed to send to a given connection. The zero value disables rate limiting. This feature must be used with proxy-buffering enabled.
  7. nginx.ingress.kubernetes.io/limit-whitelist: client IP source ranges to be excluded from rate-limiting. The value is a comma separated list of CIDRs.

You can read more about NGINX rate limiting here and for NGINX rate limiting in kubernetes in this guide.

Upvotes: 34

Related Questions