local rate limit: add new rate_limits support to the filter #36099
Conversation
Signed-off-by: wangbaiping <[email protected]>
|
CC @envoyproxy/api-shepherds: Your approval is needed for changes made to |
Signed-off-by: wangbaiping <[email protected]>
|
/retest |
…ocal-rate-limit-api
|
/retest |
I think it's okay. But note the current API of http/ratelimit had been added for a long time. But I think we can treat it as special case. It's never be implemented by Envoy and I think no third party xds clients will use it. |
Do you mean should we re-use the |
What I'm trying to understand is whether this should be added to the current local-rate-limit proto as you are currently suggesting, or should it be a new local-rate-limit. |
|
Signed-off-by: wangbaiping <[email protected]>
…ocal-rate-limit-new-implementation
Signed-off-by: wangbaiping <[email protected]>
…ocal-rate-limit-new-implementation
|
friendly ping @adisuissa |
|
I found I mis-understood @adisuissa again :( sorry. The new By this way, the local rate limit filter could work without dependency to the core route configuration. And could resolve the problems in the PR description. I completed the implementation. So, you could take a quick look at that to ensure it could work as expected. |
wbpcode
force-pushed
the
dev-local-rate-limit-api
branch
from
9669986
to
0dd7f9b
Compare
Signed-off-by: wangbaiping <[email protected]>
wbpcode
changed the title
Signed-off-by: wangbaiping <[email protected]>
…ocal-rate-limit-api
Signed-off-by: wangbaiping <[email protected]>
Signed-off-by: wangbaiping <[email protected]>
…ocal-rate-limit-api
|
Hi, @mattklein123 , @adisuissa and me basically get agreement on the API. Could you take another look to both the API and implementation when you get some free time? Thanks. |
…ocal-rate-limit-api
|
/retest |
|
Friendly ping @mattklein123 :) |
api/envoy/extensions/filters/http/local_ratelimit/v3/local_rate_limit.proto
Outdated
Show resolved
Hide resolved
| if (config.has_stage() || !config.disable_key().empty()) { | ||
| ENVOY_LOG(warn, "'stage' field and 'disable_key' field are not supported"); | ||
| } | ||
|
|
||
| if (config.has_limit()) { | ||
| if (no_limit) { | ||
| ENVOY_LOG(warn, "'limit' field is only supported in filter that calls remote rate " | ||
| "limit service."); | ||
| } | ||
| } |
There was a problem hiding this comment.
Should these return errors that lead to config rejection?
There was a problem hiding this comment.
Configuration rejection actually bring some risks in production env.
I agree we should reject the configuration if there are more serious problem like unknown factory for extension rate limit policy.
But specific to these fields, basically I inclined to flush warning log because these fields won't effect the feature
Feel free to let me know if you think this is a block point.
There was a problem hiding this comment.
People generally don't notice warnings. For this case I would make it a failure. People should be checking for config failures.
| if (rate_limit_config_->empty()) { | ||
| if (!config.descriptors().empty()) { | ||
| ENVOY_LOG_FIRST_N( | ||
| warn, 20, | ||
| "'descriptors' are set for local rate limit filter but no 'rate_limits' " | ||
| "are configured in the filter config. Please use the 'rate_limits' field " | ||
| "in filter config to instead of the 'rate_limits' field in the route config."); | ||
| } | ||
| } |
There was a problem hiding this comment.
Shouldn't this cause a config load failure?
There was a problem hiding this comment.
Nope. This warning will notice the users to switch the rate_limits from route to the embedded rate_limits of filter config.
But considering the backward compatibility, before we removed the support to the route rate_limits completely in the filter, we shouldn't reject the configuration that without embedded rate_limits.
There was a problem hiding this comment.
Then sorry I don't understand this warning. Can you make it more clear?
There was a problem hiding this comment.
Let me have a try make it more clear.
There was a problem hiding this comment.
I have updated the log message. Hope it makes sense for you. The core points are:
descriptorsonly makes sense whenrate_limits(of filter config or route) is configured.- Now, if the
rate_limitsin filter config is not set, may be it's set in the route. Please take therate_limitsof filter config as priority because we may remove the support ofrate_limitsof route config from the local rate limit filter in the future.
…e_limit.proto Co-authored-by: Matt Klein <[email protected]> Signed-off-by: code <[email protected]>
Signed-off-by: wangbaiping <[email protected]>
…/envoy into dev-local-rate-limit-api
…ocal-rate-limit-api
|
/retest |
1 similar comment
|
/retest |
| if (rate_limit_config_->empty()) { | ||
| if (!config.descriptors().empty()) { | ||
| ENVOY_LOG_FIRST_N( | ||
| warn, 20, | ||
| "'descriptors' is set but no valid 'rate_limits' in LocalRateLimit config. Note that " | ||
| "'descriptors' only makes sense when 'rate_limits' in LocalRateLimit config or route " | ||
| "config is specified. And please take the 'rate_limits' in the LocalRateLimit config as " | ||
| "priority because the 'rate_limits' in the route config may be ignored by the filter in " | ||
| "the future."); | ||
| } | ||
| } |
There was a problem hiding this comment.
Sorry for being dense but I still don't understand why this has to be a runtime failure? This is a new feature, right? If the user configured it incorrectly can we fail to load the config?
/wait-any
There was a problem hiding this comment.
For backward compatibility.
Note, in the previous local ratelimit, the local ratelimit's descriptors field will be used to declare the rate limit config of specific descriptor, like 10 requests per second for descriptor (key1, value1), etc.
And the rate_limits in the route configuration will be used to generate specific descriptor (key, value) of request and the descriptor will be used to match a config in the descriptors field (The naming is a little confusing because the historical reason.)
But previous implementation has some drawbacks in actual practices (see PR description), so I added the new rate_limits field in the filter config directly as an alternative and resolve previous drawbacks.
But we cannot reject the filter config which doesn't contains the new rate_limits, because the users may have configured rate_limits in the route.
source/extensions/filters/http/local_ratelimit/local_ratelimit.cc
Outdated
Show resolved
Hide resolved
Co-authored-by: Matt Klein <[email protected]> Signed-off-by: code <[email protected]>
Signed-off-by: wangbaiping <[email protected]>
|
/retest |
…xy#36099) Commit Message: local rate limit: add new rate_limits api to the filter's api Additional Description: In the previous local rate limit, the [rate_limits](https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/route/v3/route_components.proto#envoy-v3-api-field-config-route-v3-virtualhost-rate-limits) field of route is used to generate the descriptor entries. Then the generated entries will be used to match a token bucket which is configured in the filter configs (route level, vhost level, etc). However, it make the configuration very complex, and cannot cover some common scenarios easily. For example, give a specific virtual host X and a special route Y that under this virtual host X. We want to provides a virtual host level rate limit for the specific virtual host X, and a route level rate limit for the specific route Y. We hope the configuration of virtual host could works for all routes except the Y. For most filters, this requirement could be achieved by getting the most specific filter config and applying it. But for the local rate limit, thing become very complex. Because the rate limit configuration is split into `rate_limits` field of route and the filter config. The local rate limit need to handle these relationship carefully. This PR try to simplify it. Risk Level: low. Testing: n/a. Docs Changes: n/a. Release Notes: n/a. Platform Specific Features: n/a. --------- Signed-off-by: wangbaiping <[email protected]> Signed-off-by: code <[email protected]> Co-authored-by: Matt Klein <[email protected]> Signed-off-by: Steven Jin Xuan <[email protected]>
Commit Message: local rate limit: add new rate_limits api to the filter's api
Additional Description:
In the previous local rate limit, the rate_limits field of route is used to generate the descriptor entries. Then the generated entries will be used to match a token bucket which is configured in the filter configs (route level, vhost level, etc).
However, it make the configuration very complex, and cannot cover some common scenarios easily. For example, give a specific virtual host X and a special route Y that under this virtual host X.
We want to provides a virtual host level rate limit for the specific virtual host X, and a route level rate limit for the specific route Y. We hope the configuration of virtual host could works for all routes except the Y.
For most filters, this requirement could be achieved by getting the most specific filter config and applying it. But for the local rate limit, thing become very complex. Because the rate limit configuration is split into
rate_limitsfield of route and the filter config. The local rate limit need to handle these relationship carefully.This PR try to simplify it.
Risk Level: low.
Testing: n/a.
Docs Changes: n/a.
Release Notes: n/a.
Platform Specific Features: n/a.