homelab/traefik
1
0
Fork 0
Code Activity

Add Redis rate limiter

Browse source
This commit is contained in:
longquan0104 2025-03-10 17:02:05 +07:00 committed by GitHub
parent c166a41c99
commit 550d96ea67
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
26 changed files with 2268 additions and 69 deletions
Download patch file Download diff file Expand all files Collapse all files

84
integration/fixtures/k8s/01-traefik-crd.yml
View file

@ -1790,6 +1790,90 @@ spec:
Period, in combination with Average, defines the actual maximum rate, such as:
r = Average / Period. It defaults to a second.
x-kubernetes-int-or-string: true
redis:
description: Redis hold the configs of Redis as bucket in rate
limiter.
properties:
db:
description: DB defines the Redis database that will be selected
after connecting to the server.
type: integer
dialTimeout:
anyOf:
- type: integer
- type: string
description: |-
DialTimeout sets the timeout for establishing new connections.
Default value is 5 seconds.
pattern: ^([0-9]+(ns|us|µs|ms|s|m|h)?)+$
x-kubernetes-int-or-string: true
endpoints:
description: |-
Endpoints contains either a single address or a seed list of host:port addresses.
Default value is ["localhost:6379"].
items:
type: string
type: array
maxActiveConns:
description: |-
MaxActiveConns defines the maximum number of connections allocated by the pool at a given time.
Default value is 0, meaning there is no limit.
type: integer
minIdleConns:
description: |-
MinIdleConns defines the minimum number of idle connections.
Default value is 0, and idle connections are not closed by default.
type: integer
poolSize:
description: |-
PoolSize defines the initial number of socket connections.
If the pool runs out of available connections, additional ones will be created beyond PoolSize.
This can be limited using MaxActiveConns.
// Default value is 0, meaning 10 connections per every available CPU as reported by runtime.GOMAXPROCS.
type: integer
readTimeout:
anyOf:
- type: integer
- type: string
description: |-
ReadTimeout defines the timeout for socket read operations.
Default value is 3 seconds.
pattern: ^([0-9]+(ns|us|µs|ms|s|m|h)?)+$
x-kubernetes-int-or-string: true
secret:
description: Secret defines the name of the referenced Kubernetes
Secret containing Redis credentials.
type: string
tls:
description: |-
TLS defines TLS-specific configurations, including the CA, certificate, and key,
which can be provided as a file path or file content.
properties:
caSecret:
description: |-
CASecret is the name of the referenced Kubernetes Secret containing the CA to validate the server certificate.
The CA certificate is extracted from key `tls.ca` or `ca.crt`.
type: string
certSecret:
description: |-
CertSecret is the name of the referenced Kubernetes Secret containing the client certificate.
The client certificate is extracted from the keys `tls.crt` and `tls.key`.
type: string
insecureSkipVerify:
description: InsecureSkipVerify defines whether the server
certificates should be validated.
type: boolean
type: object
writeTimeout:
anyOf:
- type: integer
- type: string
description: |-
WriteTimeout defines the timeout for socket write operations.
Default value is 3 seconds.
pattern: ^([0-9]+(ns|us|µs|ms|s|m|h)?)+$
x-kubernetes-int-or-string: true
type: object
sourceCriterion:
description: |-
SourceCriterion defines what criterion is used to group requests as originating from a common source.

39
integration/fixtures/ratelimit/simple_redis.toml Normal file
View file

@ -0,0 +1,39 @@
[global]
checkNewVersion = false
sendAnonymousUsage = false
[api]
insecure = true
[log]
level = "DEBUG"
noColor = true
[entryPoints]
[entryPoints.web]
address = ":8081"
[providers.file]
filename = "{{ .SelfFilename }}"
## dynamic configuration ##
[http.routers]
[http.routers.router1]
service = "service1"
middlewares = [ "ratelimit" ]
rule = "Path(`/`)"
[http.middlewares]
[http.middlewares.ratelimit.rateLimit]
average = 100
burst = 1
[http.middlewares.ratelimit.rateLimit.redis]
endpoints = ["{{ .RedisEndpoint }}"]
[http.services]
[http.services.service1]
[http.services.service1.loadBalancer]
passHostHeader = true
[[http.services.service1.loadBalancer.servers]]
url = "http://{{.Server1}}:80"