-
Notifications
You must be signed in to change notification settings - Fork 10
/
Copy pathratelimit.proto
103 lines (85 loc) · 3.94 KB
/
ratelimit.proto
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
syntax = "proto3";
package ratelimit.options.gloo.solo.io;
option go_package = "github.com/solo-io/solo-apis/pkg/api/gloo.solo.io/v1/enterprise/options/ratelimit";
import "github.com/solo-io/solo-apis/api/rate-limiter/v1alpha1/ratelimit.proto";
import "github.com/solo-io/solo-kit/api/v1/ref.proto";
import "google/protobuf/wrappers.proto";
import "google/protobuf/duration.proto";
import "extproto/ext.proto";
option (extproto.equal_all) = true;
option (extproto.hash_all) = true;
option (extproto.clone_all) = true;
// Basic rate-limiting API
message IngressRateLimit {
ratelimit.api.solo.io.RateLimit authorized_limits = 1;
ratelimit.api.solo.io.RateLimit anonymous_limits = 2;
}
message Settings {
core.solo.io.ResourceRef ratelimit_server_ref = 1;
google.protobuf.Duration request_timeout = 2 ;
bool deny_on_fail = 3;
// Set this to true to return Envoy's X-RateLimit headers to the downstream.
// reference docs here: https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/filters/http/ratelimit/v3/rate_limit.proto.html#envoy-v3-api-field-extensions-filters-http-ratelimit-v3-ratelimit-enable-x-ratelimit-headers
bool enable_x_ratelimit_headers = 4;
// Set this is set to true if you would like to rate limit traffic before applying external auth to it.
// *Note*: When this is true, you will lose some features like being able to rate limit a request based on its auth state
bool rate_limit_before_auth = 9;
oneof service_type {
// Optional gRPC settings used when calling the ratelimit server.
GrpcService grpc_service = 10;
}
}
message GrpcService {
// Set the authority header when calling the gRPC service.
string authority = 1;
}
// API based on Envoy's rate-limit service API. (reference here: https://github.com/lyft/ratelimit#configuration)
// Sample configuration below:
//
// descriptors:
//- key: account_id
// descriptors:
// - key: plan
// value: BASIC
// rateLimit:
// requestsPerUnit: 1
// unit: MINUTE
// - key: plan
// value: PLUS
// rateLimit:
// requestsPerUnit: 20
// unit: MINUTE
message ServiceSettings {
repeated ratelimit.api.solo.io.Descriptor descriptors = 1;
repeated ratelimit.api.solo.io.SetDescriptor set_descriptors = 2;
}
// A list of references to `RateLimitConfig` resources.
// Each resource represents a rate limit policy that will be independently enforced.
message RateLimitConfigRefs {
repeated RateLimitConfigRef refs = 1;
}
// A reference to a `RateLimitConfig` resource.
message RateLimitConfigRef {
string name = 1;
string namespace = 2;
}
// Use this field if you want to inline the Envoy rate limits for this VirtualHost.
// Note that this does not configure the rate limit server. If you are running Gloo Enterprise, you need to
// specify the server configuration via the appropriate field in the Gloo `Settings` resource. If you are
// running a custom rate limit server you need to configure it yourself.
message RateLimitVhostExtension {
// Define individual rate limits here. Each rate limit will be evaluated, if any rate limit
// would be throttled, the entire request returns a 429 (gets throttled)
repeated ratelimit.api.solo.io.RateLimitActions rate_limits = 1;
}
// Use this field if you want to inline the Envoy rate limits for this Route.
// Note that this does not configure the rate limit server. If you are running Gloo Enterprise, you need to
// specify the server configuration via the appropriate field in the Gloo `Settings` resource. If you are
// running a custom rate limit server you need to configure it yourself.
message RateLimitRouteExtension {
// Whether or not to include rate limits as defined on the VirtualHost in addition to rate limits on the Route.
bool include_vh_rate_limits = 1;
// Define individual rate limits here. Each rate limit will be evaluated, if any rate limit
// would be throttled, the entire request returns a 429 (gets throttled)
repeated ratelimit.api.solo.io.RateLimitActions rate_limits = 2;
}