Install Kong Ingress:
https://docs.konghq.com/kubernetes-ingress-controller/2.9.x/deployment/minikube/
Install redis statefulsets:
$ helm install kong-redis oci://registry-1.docker.io/bitnamicharts/redis \
--set master.persistence.size=4Gi,replica.persistence.size=4Gi
$ k get sts
NAME READY AGE
kong-redis-master 1/1 158m
kong-redis-replicas 3/3 158mFor batter performance, apply rate-limiting KongPlugin with policy = redis
apiVersion: configuration.konghq.com/v1
kind: KongPlugin
metadata:
name: rate-limiting-1tps
plugin: rate-limiting
config:
error_message: HTTP 429
hour: 10000
policy: redis
redis_host: kong-redis-master.default.svc.cluster.local.
redis_password: xxx
redis_port: 6379
redis_username: default
second: 1
---
apiVersion: configuration.konghq.com/v1
kind: KongPlugin
metadata:
name: rate-limiting-3tps
plugin: rate-limiting
config:
error_message: HTTP 429
policy: redis
redis_host: kong-redis-master.default.svc.cluster.local
redis_password: xxx
redis_port: 6379
redis_username: default
second: 3Add annotation to ingress
$ kubectl annotate ingress 1tps konghq.com/plugins=rate-limiting-1tps
$ kubectl annotate ingress 3tps konghq.com/plugins=rate-limiting-3tpsResult:
$ while true; do curl -sS -o /dev/null -v http://home.net/1tps 2>&1|grep HTTP; sleep 0.5; done
> GET /1tps HTTP/1.1
< HTTP/1.1 200 OK
> GET /1tps HTTP/1.1
< HTTP/1.1 200 OK
> GET /1tps HTTP/1.1
< HTTP/1.1 429 Too Many Requests
> GET /1tps HTTP/1.1
< HTTP/1.1 200 OK
> GET /1tps HTTP/1.1
< HTTP/1.1 200 OK
> GET /1tps HTTP/1.1
< HTTP/1.1 429 Too Many RequestsThat is all.
PS. Default aggregating the limits is by client_ip may not good for large scale NAT.
Edit1:
you may apply rate-limiting KongPlugin annotation into service too
$ kubectl annotate service echo konghq.com/plugins=rate-limiting-100tps
