New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[WIP] Add Ratelimiting test using Envoy's Ratelimit Service #23513
Conversation
add root get policy add header
Signed-off-by: gargnupur <gargnupur@google.com>
@mandarjog , @bianpengyuan , @douglas-reid , @howardjohn , @nmittler : Have a few questions for the integration test:
|
Signed-off-by: gargnupur <gargnupur@google.com>
Is there an issue with using echo for rate limiting? Not sure if it's easier with bookinfo for some reason and why. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
+1 on Nates comment, not sure why we cannot use echo? you can have multiple Services.
Overall I am a little uncertain if this is the appropriate level to test this out. As far as I can tell this is essentially testing an Envoy feature - we don't even have an API to expose the Envoy ratelimiting. I would think this would just be a unit test to ensure that EnvoyFitler works as expected.
I do see there is some value as adding it as a tested example, but there cost here is fairly large (maintaining some new ratelimit service, etc). If we are going to invest this much effort, should we define a proper API for this?
// See the License for the specific language governing permissions and | ||
// limitations under the License. | ||
|
||
package policy |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if you make a new package it won't run in CI without also adding a new job
@gargnupur these tests should be in some other place...
|
@mandarjog , @nmittler , @howardjohn : Thanks for the reply! Yes, this Draft PR was to get us to start talking and have a working example of how users can do rate limiting in Istio without Mixer... |
By "companion" do you mean that these are the tests for the documentation? If so, they belong here: https://github.com/istio/istio.io/tree/master/tests
If these are docs tests, then yes ... you have to do whatever is documented. |
@gargnupur is this still important to get in? It feels like it, but I'm not clear on the status here. |
@douglas-reid : yes it is.. it just keeps going to back of my queue! I need to move this to istio.io.. will try to do it soon... |
@gargnupur: The following test failed, say
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
🚧 This issue or pull request has been closed due to not having had activity from an Istio team member since 2020-06-13. If you feel this issue or pull request deserves attention, please reopen the issue. Please see this wiki page for more information. Thank you for your contributions. Created by the issue and PR lifecycle manager. |
This PR adds an integration test that starts envoy's open source ratelimit service : https://github.com/envoyproxy/ratelimit and use envoy's ratelimit filter(https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/rate_limit_filter) to actually ratelimit calls from Istio.
Ref: #22068