A production-oriented rate limiter built using Java 17 + Spring Boot.
This project implements the Token Bucket algorithm with a clean, extensible architecture designed for scalability and distributed environments.
This project is built as a backend systems engineering exercise focused on:
- Understanding rate limiting algorithms deeply
- Writing thread-safe concurrent code
- Applying clean interface-based design
- Preparing for distributed system scaling
- Practicing production-grade Spring Boot architecture
Current architecture (Single Node):
Client Request
↓
Spring REST Controller
↓
RateLimiter Interface
↓
TokenBucketRateLimiter (In-Memory)
↓
ConcurrentHashMap (Per-IP Buckets)
Key design principles:
- Interface-driven abstraction (
RateLimiter) - Dependency Injection (Spring-managed beans)
- Configuration externalization via
application.yml - Fine-grained synchronization (per bucket)
- Thread-safe concurrent storage
maxTokens→ Maximum burst capacityrefillRate→ Tokens added per second
- Each client (IP) has a dedicated bucket.
- On each request:
- Refill tokens based on elapsed time.
- If tokens ≥ 1 → allow request.
- Otherwise → return HTTP 429.
If:
maxTokens = 5
refillRate = 5 tokens/sec
Behavior:
- 5 immediate requests → allowed
- 6th request → rejected
- After 1 second → 5 tokens restored
Rate limiting parameters are externalized in:
src/main/resources/application.yml
Example:
rate-limiter:
max-tokens: 5
refill-rate: 5This allows environment-specific tuning without code changes.
- ✅ Token Bucket implementation
- ✅ Thread-safe in-memory storage (
ConcurrentHashMap) - ✅ Per-client IP-based rate limiting
- ✅ HTTP 429 handling
- ✅ Spring Boot dependency injection
- ✅ Configuration via YAML
- ✅ Clean modular architecture
Run application:
mvn spring-boot:run
Test endpoint:
curl http://localhost:8080/api/test
Stress test:
for i in {1..10}; do curl http://localhost:8080/api/test; done
- Uses
ConcurrentHashMapfor thread-safe storage. - Synchronizes per bucket to prevent race conditions.
- Avoids global locks for better scalability.
- Redis-backed storage
- Atomic Lua scripting for refill + consume
- Multi-instance support
- Horizontal scalability
- Sliding Window
- Fixed Window
- Hybrid burst-control strategies
- Metrics (Prometheus integration)
- Observability hooks
- Admin configuration endpoint
- Load testing benchmarks
This project is intentionally built beyond a simple demo.
It demonstrates:
- Backend system design thinking
- Concurrency control
- Scalability planning
- Clean architecture principles
- Preparation for distributed systems interviews
- Java 17
- Spring Boot 4
- Maven
- Redis (upcoming phase)
- Docker (planned for distributed setup)
Rishu Kumar
Backend & Systems Engineering Focused
Built as part of an advanced backend engineering practice journey.