Hi Team,
I have service and I need to limit the API based on users and organization.
Example : User A and User B belongs same OrgA. ANy user can access the API 5 times a day and Organization can access the API 8 times a day.
Service
apiVersion: v1
kind: Service
metadata:
name: kong-my-app
annotations:
kubernetes.io/ingress.class: kong
konghq.com/plugins: rate-limiting-myapp-1, rate-limiting-myapp
labels:
run: kong-my-app
spec:
type: NodePort
ports:
- nodePort: 31687
port: 8200
protocol: TCP
selector:
run: kong-my-app
apiVersion: configuration.konghq.com/v1
kind: KongPlugin
metadata:
name: rate-limiting-myapp-1
config:
hour: 8
limit_by: header
header_name: 'x-org-id'
policy: local
plugin: rate-limiting
apiVersion: configuration.konghq.com/v1
kind: KongPlugin
metadata:
name: rate-limiting-myapp
config:
hour: 5
limit_by: header
header_name: 'x-user-id'
policy: local
plugin: rate-limiting
**
Service is picking the last plugin provided in the annotation. is it possible to apply same plugin of two variant ?
Please help me if we have any other way to do.
Thanks,
Abdul Razak
Yes. You can create two ingress resources with the plugins and both send to the same service.
Hi @danilo.bondezan
I have created two ingress resources with the same service, but rate-limiter-plugin is different in ingress.
One ingress resources was having rate-limiter by user and another one was having rate-limiter by organization. I was expecting service to have both the rate limits, but unfortunately its having only one of the rate limiter.
ingress-1
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: my-ingress-1
annotations:
kubernetes.io/ingress.class: kong
konghq.com/plugins: rate-limiting-myapp-1
spec:
rules:
- http:
paths:
- pathType: ImplementationSpecific
path: /my-app
backend:
service:
name: kong-my-app
port:
number: 8200
ingress-2
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: my-ingress-2
annotations:
kubernetes.io/ingress.class: kong
konghq.com/plugins: rate-limiting-myapp-2
spec:
rules:
- http:
paths:
- pathType: ImplementationSpecific
path: /my-app
backend:
service:
name: kong-my-app
port:
number: 8200
rate-limiter-1
apiVersion: configuration.konghq.com/v1
kind: KongPlugin
metadata:
name: rate-limiting-myapp-1
config:
minute: 5
limit_by: header
header_name: 'x-user-id'
policy: local
plugin: rate-limiting
rate-limiter-2
apiVersion: configuration.konghq.com/v1
kind: KongPlugin
metadata:
name: rate-limiting-myapp-2
config:
minute: 10
limit_by: header
header_name: 'x-org-id'
policy: local
plugin: rate-limiting
In kong documentation, it was mentioned that, we can apply multiple limits in Rate-limiting-advanced plugin. is it so ?. is there any way to apply it in free tier ?
Tip: The Rate Limiting Advanced plugin provides the ability to apply multiple limits in sliding or fixed windows.
fomm
October 12, 2021, 10:31pm
4
The multiple limits mentioned on the doc is related to multiple windows.
For example, you can set 50 requests per hour and 5 per minute.
X-Ratelimit-Limit-Hour: 50
X-Ratelimit-Limit-Minute: 5
X-Ratelimit-Remaining-Hour: 49
X-Ratelimit-Remaining-Minute: 4
For your use case, I reckon you should apply rate limiting plugin on consumer.