Re: [PR] fix(limit-req): Make Redis path atomic via EVAL + use hash key with TTL [apisix]

Wed, 24 Sep 2025 05:55:58 -0700 


falvaradorodriguez commented on code in PR #12605:
URL: https://github.com/apache/apisix/pull/12605#discussion_r2375702880


##########
apisix/plugins/limit-req/util.lua:
##########
@@ -14,60 +14,66 @@
 -- See the License for the specific language governing permissions and
 -- limitations under the License.
 --
-local math              = require "math"
-local abs               = math.abs
-local max               = math.max
 local ngx_now           = ngx.now
-local ngx_null          = ngx.null
 local tonumber          = tonumber
+local core              = require("apisix.core")
 
 
 local _M = {version = 0.1}
 
 
+local script = core.string.compress_script([=[
+  local state_key  = KEYS[1]             -- state_key (hash), fields: 
"excess", "last"
+  local rate       = tonumber(ARGV[1])   -- req/s
+  local now        = tonumber(ARGV[2])   -- ms
+  local burst      = tonumber(ARGV[3])   -- req/s
+  local commit     = tonumber(ARGV[4])   -- 1/0
+
+  local vals = redis.call("HMGET", state_key, "excess", "last")
+  local prev_excess = tonumber(vals[1] or "0")
+  local prev_last   = tonumber(vals[2] or "0")
+
+  local new_excess
+  if prev_last > 0 then
+    local elapsed = math.abs(now - prev_last)
+    new_excess = math.max(prev_excess - rate * (elapsed) / 1000 + 1000, 0)
+  else
+    new_excess = 0
+  end
+
+  if new_excess > burst then
+    return {0, new_excess}
+  end
+
+  if commit == 1 then
+    redis.call("HMSET", state_key, "excess", new_excess, "last", now)
+    redis.call("EXPIRE", state_key, 60)

Review Comment:
   
   In the limit-req plugin, there is no window time like in the limit-count 
plugin. 
   
   This configuration is simply done to prevent keys from remaining dead in 
redis. Currently, if a consumer stops making requests, their key remains in 
redis until it is deleted by an action independent of Apisix.
   
   It could be made configurable, but in my opinion, it would not add much 
value to this plugin. It would also be an extra feature, not related with this 
fix.
   
   In my opinion, since limit-req is always for 1 second, with a 1 minute of 
margin in redis, it is acceptable. If the consumer makes requests after 1 
minute, the flow management would be the same as for the first request.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Reply via email to