With this mesh service
$ kubectl get svc -n kuma-demo echo
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
echo ClusterIP 10.96.201.208 <none> 80/TCP 106m
$ kubectl get deployments.apps -n kuma-demo echo
NAME READY UP-TO-DATE AVAILABLE AGE
echo 1/1 1 1 112mAnd this Rate Limit policy
apiVersion: kuma.io/v1alpha1
kind: RateLimit
mesh: default
metadata:
name: rl-echo-kuma-demo
spec:
sources:
- match:
kuma.io/service: '*'
destinations:
- match:
kuma.io/service: 'echo_kuma-demo_svc_80'
conf:
http:
requests: 5
interval: 10s
onRateLimit:
status: 429
headers:
- key: "do-not-bomb-me"
value: "true"
append: trueSending 2 tps load to echo_kuma-demo_svc_80.mesh.
Result:
$ kubectl exec -it -n kuma-demo2 deployments/nginx -- bash
root@nginx-65df8bc6c6-qrzgk:/# while true; do curl -sS -o /dev/null -v echo_kuma-demo_svc_80.mesh 2>&1|grep -E "^<"|head -1; sleep 0.5; done
< HTTP/1.1 200 OK
< HTTP/1.1 200 OK
< HTTP/1.1 200 OK
< HTTP/1.1 200 OK
< HTTP/1.1 200 OK
< HTTP/1.1 200 OK
< HTTP/1.1 200 OK
< HTTP/1.1 200 OK
< HTTP/1.1 200 OK
< HTTP/1.1 429 Too Many Requests
< HTTP/1.1 429 Too Many Requests
< HTTP/1.1 429 Too Many Requests
< HTTP/1.1 429 Too Many Requests
< HTTP/1.1 429 Too Many Requests
< HTTP/1.1 429 Too Many Requests
< HTTP/1.1 429 Too Many Requests
< HTTP/1.1 429 Too Many Requests
< HTTP/1.1 429 Too Many Requests
< HTTP/1.1 429 Too Many Requests
< HTTP/1.1 429 Too Many Requests
< HTTP/1.1 429 Too Many Requests
< HTTP/1.1 429 Too Many Requests
< HTTP/1.1 429 Too Many Requests
< HTTP/1.1 200 OK
< HTTP/1.1 200 OKThe Rate Limit policy is applied per pod/replica. This means that if a service backend has 3 replicas rate limited to 100 requests per second, the overall service is rate limited to 300 requests per second.
In this example, deploy/echo have only one pod.
refer: https://kuma.io/docs/2.2.x/policies/rate-limit/
That is all.
