-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
As a user I should be able to add a rate limit to an API so it is enforced globally #356
Comments
What is the reason behind overriding token rate limit? Initially I was thinking that global rate limit is sort of "default" one, and you can override it if needed. Or by "supersede" you mean that if token_rate_limit > global_rate_limit, I should use global, eg it is maximum value, otherwise token based? |
They are different counters, so for example if all users have a rate limit of 100/s and the global limit is 1000/s, then 10 users can go at full speed, however if another user started sending the same 100/s requests, then the aggregate throughput would be more than 1000/s, and all 10 users would be throttled. This is so that if I am an API owner, and I know my infrastructure will explode at 1100/s, but be ok at 1000/s that I can guarantee that no amount of users concurrently accessing my service can exceed that limit to damage the infra. In a real case this would be much higher. I see this rate limit affecting everyone equally. In terms of the code, it basically means that each API has it's own DRL bucket that gets incremented before the user r/l bucket. |
Clear 👍 |
I've moved this into 2.4 because it only requires a small UI change in the dashboard to make live. |
Relevant PR because it didn't link properly: #1138 |
As a user I should be able to add a rate limit to an API so it is enforced globally, this should rate-limit access to the API across all tokens, and should supersede a token rate limit.
Functional Requirements:
The text was updated successfully, but these errors were encountered: