Hello Chad,
Thank you for your reply.
First of all, I'm using haproxy 1.5.18 2016/05/10.
I put the following in frontend section (replaced 'int(0)' with 'fe_id()'
as I got an error message):
tcp-request content track-sc0 fe_id() table es_backend
use_backend error_503 if { sc_http_req_rate(0) gt 9 }
And this one to backend section:
stick-table size 1 expire 10s type integer store http_req_rate(10s)
It does work and I get correct global numbers. I checked that as follows:
root@server:~# echo "show table es_backend" | sudo socat
unix:/etc/haproxy/status -
# table: es_backend, type: integer, size:1, used:1
0x1df223c: key=3 use=0 exp=9982 http_req_rate(10000)=80
However it doesn't drop the counter each 10 seconds so once it gets 10
requests it point everything to the error_503 backend forever. What I need
is to process 10 requests each 10 seconds. Am I missing something?
Thanks.
On Fri, Aug 12, 2016 at 6:45 PM, Chad Lavoie <[email protected]> wrote:
> Greetings,
>
> On 08/12/2016 11:01 AM, Artem Lalaiants wrote:
>
> Hello,
>
> I'm trying to limit traffic based on the amount of http requests load
> balancer handles at the moment. The goal is to limit http requests
> globally, same way it works with http_req_rate() but globally - not per IP.
> For example, use another backend (with a custom error page) if it gets more
> then 10 http requests for the last 10 seconds. After 10th second the
> counter must be dropped and start counting again.
>
>
> My example here uses the http_req_rate, so its a running average vs
> counting up and then dropping once 10s is up. Other than having a script
> clearing the table via socket on a timer I can't think of an easy way to
> handle a sudden expiration.
>
>
> Is there a way to do that with haproxy?
>
>
> Add the following above the frontend in question (you could keep it in the
> same frontend if there is just one of them, but I like the clarity of
> having them outside (and it allows for more than one)):
>
> backend global-rate-limit
> stick-table size 1 expire 10s type integer store http_req_rate(10s)
>
> In the frontend(s) in question:
> tcp-request content track-sc0 int(0) table global-rate-limit
> use_backend my_overlimit_backend if { sc_http_req_rate(0) gt 9 }
>
> In this case the 'int(0)' just makes it store 0 in the stick table so
> everything is tracked in the same entry. Can also use fe_id() to make it
> per frontend sharing the same table (make sure to increase the size if you
> do that) and other similar things.
>
> Thanks,
> - Chad
>
>
> Any advice is highly appreciated! Thank you.
>
> --
> Artem Lalaiants
> ​DevOps Lead
> , GeoComply
> skype: artem.kharkov
> www.geocomply.com
>
> *CONFIDENTIALITY NOTICE: The information contained in this email message
> is intended only for use of the intended recipient. If the reader of this
> message is not the intended recipient, you are hereby notified that any
> dissemination, distribution or copying of this communication is strictly
> prohibited. If you have received this communication in error, please
> immediately delete it from your system and notify the sender by replying to
> this email.*
>
>
>
--
Artem Lalaiants
Infrastructure Engineer, GeoComply
skype: artem.kharkov
www.geocomply.com
--
*CONFIDENTIALITY NOTICE: The information contained in this email message is
intended only for use of the intended recipient. If the reader of this
message is not the intended recipient, you are hereby notified that any
dissemination, distribution or copying of this communication is strictly
prohibited. If you have received this communication in error, please
immediately delete it from your system and notify the sender by replying to
this email.*
