Why can’t I use the regular Rate Limiting plugin to set multiple limits and window sizes?
You could use the regular Rate Limiting plugin to just set multiple limits, but the regular plugin doesn’t support configurable window sizes.
TL;DR
You can use the Rate Limiting Advanced plugin to apply any number of rate limits and window sizes per plugin instance. This lets you create multiple rate limiting windows, for example, rate limit per minute and per hour, and per any arbitrary window size.
Prerequisites
Kong Konnect
This is a Konnect tutorial. If you don’t have a Konnect account, you can get started quickly with our onboarding wizard.
The following Konnect items are required to complete this tutorial:
- Personal access token (PAT): Create a new personal access token by opening the Konnect PAT page and selecting Generate Token.
- Control plane: You can use an existing control plane or create a new one to use for this tutorial.
- Control plane ID: You can see your control plane ID by selecting a control plane from the Gateway Manager in Konnect.
Kong Gateway running
This tutorial requires Kong Gateway Enterprise. If you don’t have Kong Gateway set up yet, you can use the quickstart script with an enterprise license to get an instance of Kong Gateway running almost instantly.
-
Export your license to an environment variable:
export KONG_LICENSE_DATA='<license-contents-go-here>' -
Run the quickstart script:
curl -Ls https://get.konghq.com/quickstart | bash -s -- -e KONG_LICENSE_DATAOnce Kong Gateway is ready, you will see the following message:
Kong Gateway Ready
decK
decK is a CLI tool for managing Kong Gateway declaratively with state files. To complete this tutorial you will first need to:
- Install decK
-
Create a
deck_filesdirectory and akong.yamlfile in the directory:mkdir deck_files && touch deck_files/kong.yaml
Pre-configured entities
For this tutorial, you’ll need Kong Gateway entities, like services and routes, pre-configured. These entities are essential for Kong Gateway to function but installing them isn’t the focus of this guide. Follow these steps to pre-configure them:
-
Create a
prereqs.yamlfile within yourdeck_filesdirectory, and add the following content to it:_format_version: '3.0' services: - name: example-service url: http://httpbin.org/anything routes: - name: example-route paths: - "/anything" service: name: example-service -
Sync your changes.
deck gateway sync deck_filesMake sure to substitute your Konnect Personal Access Token for
konnect_tokenand the control plane name forKONNECT_CP_NAMEin the command:deck gateway sync deck_files \ --konnect-token $KONNECT_TOKEN \ --konnect-control-plane-name $KONNECT_CP_NAME
To learn more about entities, you can read our entities documentation.
1. Enable rate limiting
Enable the Rate Limiting Advanced plugin for the service.
_format_version: '3.0'
plugins:
- name: rate-limiting-advanced
service: example-service
config:
limit:
- 10
- 100
window_size:
- 60
- 3600
Each nth limit will apply to each nth window size.
This example applies rate limiting policies, one of which will trip when 10 hits have been counted in 60 seconds, or the other when 100 hits have been counted in 3600 seconds.
The number of configured window sizes and limits parameters must be equal (as shown above); otherwise, an error occurs:
You must provide the same number of windows and limits
2. Validate
After configuring the Rate Limiting Advanced plugin, you can verify that it was configured correctly and is working, by sending more requests then allowed in the configured time limit.
for _ in {1..11}
do
curl http://localhost:8000/example-route/anything/
done
After the 11th request in a minute, you should receive the following 429 error:
{ "message": "API rate limit exceeded" }
Cleanup
Clean up Konnect environment
If you created a new control plane and want to conserve your free trial credits or avoid unnecessary charges, delete the new control plane used in this tutorial.
Destroy the Kong Gateway container
curl -Ls https://get.konghq.com/quickstart | bash -s -- -d