MeshGlobalRateLimits: Rate limit the whole mesh - Policy

Rate limit the whole mesh

Simplify your per service configuration, by configuring the ratelimit service backend for the whole mesh.

Configuration

apiVersion: kuma.io/v1alpha1
kind: MeshGlobalRateLimit
metadata:
  name: ratelimit-backend
  namespace: kong-mesh-system
  labels:
    kuma.io/mesh: default
spec:
  targetRef:
    kind: Mesh
  from:
  - targetRef:
      kind: Mesh
    default:
      http:
        onRateLimit:
          status: 423
          headers:
            set:
            - name: x-kuma-rate-limited
              value: 'true'
      mode: Limit
      backend:
        rateLimitService:
          url: http://kong-mesh-ratelimit-service:10003
          timeout: 25ms

Copied!

type: MeshGlobalRateLimit
name: ratelimit-backend
mesh: default
spec:
  targetRef:
    kind: Mesh
  from:
  - targetRef:
      kind: Mesh
    default:
      http:
        onRateLimit:
          status: 423
          headers:
            set:
            - name: x-kuma-rate-limited
              value: 'true'
      mode: Limit
      backend:
        rateLimitService:
          url: http://kong-mesh-ratelimit-service:10003
          timeout: 25ms

Copied!

Please adjust konnect_mesh_control_plane.my_meshcontrolplane.id and konnect_mesh.my_mesh.name according to your current configuration.

resource "konnect_mesh_global_rate_limit" "ratelimit_backend" {
  provider = konnect-beta
  type = "MeshGlobalRateLimit"
  name = "ratelimit-backend"
  spec = {
    target_ref = {
      kind = "Mesh"
    }
    from = [
      {
        target_ref = {
          kind = "Mesh"
        }
        default = {
          http = {
            on_rate_limit = {
              status = "423"
              headers = {
                set = [
                  {
                    name = "x-kuma-rate-limited"
                    value = "true"
                  }
                ]
              }
            }
          }
          mode = "Limit"
          backend = {
            rate_limit_service = {
              url = "http://kong-mesh-ratelimit-service:10003"
              timeout = "25ms"
            }
          }
        }
      }
    ]
  }
  labels   = {
  "kuma.io/mesh" = konnect_mesh.my_mesh.name
  }
  cp_id    = konnect_mesh_control_plane.my_meshcontrolplane.id
  mesh     = konnect_mesh.my_mesh.name
}

Copied!

Mesh Global Rate Limit

Rate limit the whole mesh

Configuration

Help us make these docs great!

Still need help