Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: apply sliding window rate limiting #509

Open
wants to merge 11 commits into
base: main
Choose a base branch
from
Open

feat: apply sliding window rate limiting #509

wants to merge 11 commits into from
+19 −1

Conversation

JacobCoffee
Copy link
Member

Description

Closes

ewdurbin
ewdurbin reviewed Oct 3, 2024
View reviewed changes
salt/haproxy/config/haproxy.cfg.jinja Outdated Show resolved Hide resolved
salt/haproxy/config/haproxy.cfg.jinja Outdated Show resolved Hide resolved
ewdurbin
ewdurbin reviewed Oct 24, 2024
View reviewed changes
Copy link
Member

@ewdurbin ewdurbin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Overall this appears to work as expected, a couple notes on more thorough review.

pillar/base/haproxy.sls Outdated Show resolved Hide resolved
salt/haproxy/config/haproxy.cfg.jinja Outdated Show resolved Hide resolved
salt/haproxy/config/haproxy.cfg.jinja Outdated
@@ -117,6 +116,24 @@ frontend main
bind :::80
bind 127.0.0.1:19001 # This is our TLS socket.

# Define a stick table for all services
stick-table type ip size 100k expire 30s store http_req_rate(10s)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Docs say that type ip only stores ipv4 addresses, do we need a separate table to ensure we also rate limit ipv6?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

41db04a i think

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks like the commit there is un-related to haproxy?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this is what I get for splitting my work into two branches after I've done it in one 🙃

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

okay,587e709

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ewdurbin ewdurbin Awaiting requested review from ewdurbin ewdurbin is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

HTTP rate limiting
2 participants
@JacobCoffee @ewdurbin