1.限流
限流被用来控制网络请求的流量,能够被用来阻止DoS 攻击,限制网络抖动,和其他形式的过载,没有限流,会导致客户端无限制访问,导致服务不可用。
Kong Gateway imposes rate limits on clients through the use of the Rate Limiting plugin. When rate limiting is enabled, clients are restricted in the number of requests that can be made in a configurable period of time. The plugin supports identifying clients as consumers or by the client IP address of the requests.
2. 全局限流
启动限流插件
kong gateway默认安装了限流插件,通过如下指令启动插件
curl -i -X POST http://localhost:8001/plugins \ --data name=rate-limiting \ --data config.minute=5 \ --data config.policy=local启用成功返回如下:
... "id": "fc559a2d-ac80-4be8-8e43-cb705524be7f", "name": "rate-limiting", "enabled": true ...- 验证
执行以下命令,发送六次请求,超过6次 你会收到http 返回码429 “API rate limit exceeded” error:
for _ in {1..6}; do curl -s -i localhost:8000/mock/request; echo; sleep 1; done
服务级限流
curl -X POST http://localhost:8001/services/example-service/plugins \ --data "name=rate-limiting" \ --data config.minute=5 \ --data config.policy=local路由级限流
curl -X POST http://localhost:8001/routes/example-route/plugins \ --data "name=rate-limiting" \ --data config.minute=5 \ --data config.policy=local消费级限流
创造一个消费者
curl -X POST http://localhost:8001/consumers/ \ --data username=jsmith启用消费级限流
curl -X POST http://localhost:8001/plugins \ --data "name=rate-limiting" \ --data "consumer.username=jsmith" \ --data "config.second=5"
深度限流
The Rate Limiting Advanced 是企业级的限流插件,提供更优秀的限流算法。
