kayx23 commented on code in PR #11878: URL: https://github.com/apache/apisix/pull/11878#discussion_r1967236364
########## docs/en/latest/plugins/limit-conn.md: ########## @@ -70,162 +75,346 @@ admin_key=$(yq '.deployment.admin.admin_key[0].key' conf/config.yaml | sed 's/"/ ::: +### Apply Rate Limiting by Remote Address + +The following example demonstrates how to use `limit-conn` to rate limit requests by `remote_addr`, with example connection and burst thresholds. + +Create a Route with `limit-conn` Plugin to allow 2 concurrent requests and 1 excessive concurrent request. Additionally: + +* Configure the Plugin to allow 0.1 second of processing latency for concurrent requests exceeding `conn + burst`. +* Set the key type to `vars` to interpret `key` as a variable. +* Calculate rate limiting count by request's `remote_address`. +* Set `policy` to `local` to use the local counter in memory. +* Customize the `rejected_code` to `429`. + ```shell -curl http://127.0.0.1:9180/apisix/admin/routes/1 \ --H "X-API-KEY: $admin_key" -X PUT -d ' -{ - "methods": ["GET"], - "uri": "/index.html", +curl "http://127.0.0.1:9180/apisix/admin/routes"; -X PUT \ + -H "X-API-KEY: ${admin_key}" \ + -d '{ + "id": "limit-conn-route", + "uri": "/get", "plugins": { - "limit-conn": { - "conn": 1, - "burst": 0, - "default_conn_delay": 0.1, - "rejected_code": 503, - "key_type": "var", - "key": "http_a" - } + "limit-conn": { + "conn": 2, + "burst": 1, + "default_conn_delay": 0.1, + "key_type": "var", + "key": "remote_addr", + "policy": "local", + "rejected_code": 429 + } }, "upstream": { - "type": "roundrobin", - "nodes": { - "127.0.0.1:1980": 1 - } + "type": "roundrobin", + "nodes": { + "httpbin.org:80": 1 + } } -}' + }' ``` -You can also configure the `key_type` to `var_combination` as shown: +Send five concurrent requests to the route: ```shell -curl http://127.0.0.1:9180/apisix/admin/routes/1 \ --H "X-API-KEY: $admin_key" -X PUT -d ' -{ - "methods": ["GET"], - "uri": "/index.html", +seq 1 5 | xargs -n1 -P5 bash -c 'curl -s -o /dev/null -w "Response: %{http_code}\n" "http://127.0.0.1:9080/get";' +``` + +You should see responses similar to the following, where excessive requests are rejected: + +```text +Response: 200 +Response: 200 +Response: 200 +Response: 429 +Response: 429 +``` + +### Apply Rate Limiting by Remote Address and Consumer Name + +The following example demonstrates how to use `limit-conn` to rate limit requests by a combination of variables, `remote_addr` and `consumer_name`. + +Create a Consumer `john`: + +```shell +curl "http://127.0.0.1:9180/apisix/admin/consumers"; -X PUT \ + -H "X-API-KEY: ${admin_key}" \ + -d '{ + "username": "john" + }' +``` + +Create `key-auth` Credential for the consumer: + +```shell +curl "http://127.0.0.1:9180/apisix/admin/consumers/john/credentials"; -X PUT \ + -H "X-API-KEY: ${admin_key}" \ + -d '{ + "id": "cred-john-key-auth", "plugins": { - "limit-conn": { - "conn": 1, - "burst": 0, - "default_conn_delay": 0.1, - "rejected_code": 503, - "key_type": "var_combination", - "key": "$consumer_name $remote_addr" - } + "key-auth": { + "key": "john-key" + } + } + }' +``` + +Create a second Consumer `jane`: + +```shell +curl "http://127.0.0.1:9180/apisix/admin/consumers"; -X PUT \ + -H "X-API-KEY: ${admin_key}" \ + -d '{ + "username": "jane" + }' +``` + +Create `key-auth` Credential for the consumer: + +```shell +curl "http://127.0.0.1:9180/apisix/admin/consumers/jane/credentials"; -X PUT \ + -H "X-API-KEY: ${admin_key}" \ + -d '{ + "id": "cred-jane-key-auth", + "plugins": { + "key-auth": { + "key": "jane-key" + } + } + }' +``` + +Create a Route with `key-auth` and `limit-conn` plugins, and specify in the `limit-conn` Plugin to use a combination of variables as the rate limiting key: Review Comment: ```suggestion Create a Route with `key-auth` and `limit-conn` Plugins, and specify in the `limit-conn` Plugin to use a combination of variables as the rate limiting key: ``` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
