apisix
apisix copied to clipboard
apache
help request: per consumer per route rate limit
Description
I have multiple consumers using the same route. I want to allow user A to have 50 requests per 60 seconds, user B to have 30 requests per 60 seconds and all other users to have 10 requests per 60 seconds.
The limit-count allows only a single count limit for all
I enabled the workflow plugin but it does not seem to be working as expected. It does not limit the api count.
Environment
- APISIX version : docker image version 3.8.0
- Operating system : ubuntu linux
- OpenResty / Nginx version: bundled with the docker image
- etcd version: 3.5.6
- APISIX Dashboard version: docker image version 3.0.0 alpine
- Plugin runner version: Not aware
- LuaRocks version, for installation issues: 3.5
The limit-count allows only a single count limit for all
Not ture. See https://docs.api7.ai/hub/limit-count#apply-rate-limiting-by-remote-address-and-consumer-name
The limit-count allows only a single count limit for all
Not ture. See https://docs.api7.ai/hub/limit-count#apply-rate-limiting-by-remote-address-and-consumer-name
- The suggested approach allows one to have the same limit value for multiple users, this is not my case.
- This would force me to define consumers, this would become a problem in the case of high number of users.
- When we enable key-auth on a route, it checks for the specified key against defined consumers(this causes the request to become unauthorised for undefined consumers) - please correct me if my observation is not fully correct.
- In my case I need a solution where I have my authentication set up separately and do not wish to use the key-auth plugin
- Additionally, I need support for standard rate limit for 90/100 consumers and specific rate limit for the remaining 10/100 customers.
I have already used the suggested approach to separate users based on unique extractable properties. My problem statement is different.
I also look into this feature, per consumer per route rate limit. is there any update since then?
Yes, I was able to get this done with the help of the workflow plugin available. I had made a mistake at my end earlier when configuring the workflow plugin, once that was fixed I got the expected results
Yes, I was able to get this done with the help of the workflow plugin available. I had made a mistake at my end earlier when configuring the workflow plugin, once that was fixed I got the expected results
Thanks. Could you share some code snippets?
It looked something like below, adjust the identifiers as needed. Check out the limit-count and workflow docs
{
"_meta": {
"disable": false
},
"rules": [
{
"actions": [
[
"limit-count",
{
"allow_degradation": false,
"count": 10,
"time_window": 1,
"key": "${identifier_1}:${identidier_2}",
"key_type": "var_combination",
"policy": "redis",
"redis_database": 0,
"redis_host": "redis_host",
"redis_password": "redis_pwd",
"redis_port": redis_port,
"redis_ssl": false,
"redis_ssl_verify": false,
"redis_timeout": 1000,
"redis_username": "",
"rejected_code": 429,
"rejected_msg": "Error Message",
"show_limit_quota_header": false
}
]
],
"case": [
[
"identifier",
"==",
"foo"
]
]
},
{
"actions": [
[
"limit-count",
{
"allow_degradation": false,
"count": 20,
"time_window": 3,
"key": "${identifier_1}:${identidier_2}",
"key_type": "var_combination",
"policy": "redis",
"redis_database": 0,
"redis_host": "redis_host",
"redis_password": "redis_pwd",
"redis_port": reds_port,
"redis_ssl": false,
"redis_ssl_verify": false,
"redis_timeout": 1000,
"redis_username": "",
"rejected_code": 429,
"rejected_msg": "Error Message",
"show_limit_quota_header": true
}
]
],
"case": [
[
"identifier",
"==",
"bar"
]
]
}
]
}