You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@apisix.apache.org by GitBox <gi...@apache.org> on 2020/09/24 04:12:18 UTC
[GitHub] [apisix] moonming commented on a change in pull request #2270: feat: The "limit-req" plugin adds the "consumer_name" method to limit the request speed
moonming commented on a change in pull request #2270:
URL: https://github.com/apache/apisix/pull/2270#discussion_r494019356
##########
File path: apisix/plugins/limit-req.lua
##########
@@ -67,7 +67,17 @@ function _M.access(conf, ctx)
return 500
end
- local key = (ctx.var[conf.key] or "") .. ctx.conf_type .. ctx.conf_version
+ local key
+ if conf.key == "consumer_name" then
+ if not ctx.consumer_id then
+ core.log.error("The username of consumer is nil.")
Review comment:
`The username of consumer is nil.` -> `consumer not found`
##########
File path: apisix/plugins/limit-req.lua
##########
@@ -67,7 +67,17 @@ function _M.access(conf, ctx)
return 500
end
- local key = (ctx.var[conf.key] or "") .. ctx.conf_type .. ctx.conf_version
+ local key
+ if conf.key == "consumer_name" then
+ if not ctx.consumer_id then
+ core.log.error("The username of consumer is nil.")
+ return 500, { message = "Missing consumer's username."}
Review comment:
keep the same error msg as error log
##########
File path: doc/plugins/limit-req.md
##########
@@ -76,7 +78,7 @@ Then add limit-req plugin:
-## Test Plugin
+**Test Plugin**
Review comment:
why change the doc style?
##########
File path: doc/plugins/limit-req.md
##########
@@ -104,6 +106,78 @@ Server: APISIX web server
This means that the limit req plugin is in effect.
+### How to enable on the `consumer`
+
+To enable the `limit-req` plugin on the consumer, it needs to be used together with the authorization plugin. Here, the key-auth authorization plugin is taken as an example.
+
+1. Bind the `limit-req` plugin to the consumer
+
+```shell
+curl http://127.0.0.1:9080/apisix/admin/consumers -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
+{
+ "username": "consumer_jack",
+ "plugins": {
+ "key-auth": {
+ "key": "auth-jack"
+ },
+ "limit-req": {
+ "rate": 1,
+ "burst": 1,
+ "rejected_code": 403,
+ "key": "consumer_name"
+ }
+ }
+}'
+```
+
+2. Create a `route` and enable the `key-auth` plugin
+
+```shell
+curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
+{
+ "methods": ["GET"],
+ "uri": "/index.html",
+ "plugins": {
+ "key-auth": {
+ "key": "auth-jack"
+ }
+ },
+ "upstream": {
+ "type": "roundrobin",
+ "nodes": {
+ "127.0.0.1:1980": 1
+ }
+ }
+}'
+```
+
+**Test Plugin**
Review comment:
ditto
##########
File path: doc/plugins/limit-req.md
##########
@@ -20,31 +20,33 @@
- [中文](../zh-cn/plugins/limit-req.md)
# Summary
+ - [Introduction](#introduction)
+ - [Attributes](#attributes)
+ - [Example](#example)
+ - [How to enable on the `route` or `serivce`](#how-to-enable-on-the-route-or-serivce)
+ - [How to enable on the `consumer`](#how-to-enable-on-the-consumer)
+ - [Disable Plugin](#disable-plugin)
-- [**Name**](#name)
-- [**Attributes**](#attributes)
-- [**How To Enable**](#how-to-enable)
-- [**Test Plugin**](#test-plugin)
-- [**Disable Plugin**](#disable-plugin)
-
-## Name
+## Introduction
limit request rate using the "leaky bucket" method.
## Attributes
| Name | Type | Requirement | Default | Valid | Description |
| ------------- | ------- | ----------- | ------- | ------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| rate | integer | required | | [0,...] | the specified request rate (number per second) threshold. Requests exceeding this rate (and below `burst`) will get delayed to conform to the rate. |
-| burst | integer | required | | [0,...] | the number of excessive requests per second allowed to be delayed. Requests exceeding this hard limit will get rejected immediately. |
-| key | string | required | | ["remote_addr", "server_addr", "http_x_real_ip", "http_x_forwarded_for"] | the user specified key to limit the rate, now accept those as key: "remote_addr"(client's IP), "server_addr"(server's IP), "X-Forwarded-For/X-Real-IP" in request header. |
-| rejected_code | string | optional | 503 | [200,...] | The HTTP status code returned when the request exceeds the threshold is rejected. The default is 503. |
+| rate | number | required | | [0,...] | the specified request rate (number per second) threshold. Requests exceeding this rate (and below `burst`) will get delayed to conform to the rate. |
+| burst | number | required | | [0,...] | the number of excessive requests per second allowed to be delayed. Requests exceeding this hard limit will get rejected immediately. |
Review comment:
why change the type?
##########
File path: doc/plugins/limit-req.md
##########
@@ -104,6 +106,78 @@ Server: APISIX web server
This means that the limit req plugin is in effect.
+### How to enable on the `consumer`
+
+To enable the `limit-req` plugin on the consumer, it needs to be used together with the authorization plugin. Here, the key-auth authorization plugin is taken as an example.
+
+1. Bind the `limit-req` plugin to the consumer
+
+```shell
+curl http://127.0.0.1:9080/apisix/admin/consumers -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
+{
+ "username": "consumer_jack",
+ "plugins": {
+ "key-auth": {
+ "key": "auth-jack"
+ },
+ "limit-req": {
+ "rate": 1,
+ "burst": 1,
+ "rejected_code": 403,
+ "key": "consumer_name"
Review comment:
When this plugin is binding to the consumer object, it can be handled automatically, the declaration here is redundant
##########
File path: doc/zh-cn/plugins/limit-req.md
##########
@@ -19,26 +19,34 @@
- [English](../../plugins/limit-req.md)
-# limit-req
+# 目录
+ - [简介](#简介)
+ - [属性](#属性)
+ - [示例](#示例)
+ - [如何在 `route` 或 `service` 上使用](#如何在`route`或`service`上使用)
+ - [如何在 `consumer` 上使用](#如何在`consumer`上使用)
+ - [移除插件](#移除插件)
+
+## 简介
限制请求速度的插件,使用的是漏桶算法。
-## 参数
+## 属性
| 名称 | 类型 | 必选项 | 默认值 | 有效值 | 描述 |
| ------------- | ------- | ------ | ------ | ------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------- |
-| rate | integer | 必须 | | [0,...] | 指定的请求速率(以秒为单位),请求速率超过 `rate` 但没有超过 (`rate` + `brust`)的请求会被加上延时。 |
-| burst | integer | 必须 | | [0,...] | t请求速率超过 (`rate` + `brust`)的请求会被直接拒绝。 |
-| key | string | 必须 | | ["remote_addr", "server_addr", "http_x_real_ip", "http_x_forwarded_for"] | 用来做请求计数的依据,当前接受的 key 有:"remote_addr"(客户端IP地址), "server_addr"(服务端 IP 地址), 请求头中的"X-Forwarded-For" 或 "X-Real-IP"。 |
-| rejected_code | string | 可选 | 503 | [200,...] | 当请求超过阈值被拒绝时,返回的 HTTP 状态码 |
+| rate | number | 必须 | | [0,...] | 指定的请求速率(以秒为单位),请求速率超过 `rate` 但没有超过 (`rate` + `brust`)的请求会被加上延时。 |
+| burst | number | 必须 | | [0,...] | t请求速率超过 (`rate` + `brust`)的请求会被直接拒绝。 |
+| key | string | 必须 | | ["remote_addr", "server_addr", "http_x_real_ip", "http_x_forwarded_for", "consumer_name"] | 用来做请求计数的依据,当前接受的 key 有:"remote_addr"(客户端IP地址), "server_addr"(服务端 IP 地址), 请求头中的"X-Forwarded-For" 或 "X-Real-IP","consumer_name"(consumer 的 username)。 |
+| rejected_code | integer | 可选 | 503 | [200,...] | 当请求超过阈值被拒绝时,返回的 HTTP 状态码。 |
**key 是可以被用户自定义的,只需要修改插件的一行代码即可完成。并没有在插件中放开是处于安全的考虑。**
## 示例
-### 开启插件
+### 如何在`route`或`service`上使用
-下面是一个示例,在指定的 route 上开启了 limit req 插件:
+这里以`route`为例(`service`的使用是同样的方法),在指定的路线上启用limit req插件。
Review comment:
what is `路线`?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org