Update the example of the Mechanics of generating RL descriptor actio…

…ns for one that does not involve HTTP attributes used in 'soft' conditions
Kuadrant · Mar 21, 2023 · 8438071 · 8438071
1 parent e09b7da
commit 8438071
Showing 1 changed file with 7 additions and 11 deletions.
diff --git a/rfcs/0000-rlp-v2.md b/rfcs/0000-rlp-v2.md
@@ -933,7 +933,7 @@ ratelimit: # Envoy's Rate Limit `RateLimitRequest` type
 From the perspective of a user who writes a RLP, the selectors used in then `when` and `counters` fields are paths to the well-known data structure (see [_Well-known selectors_](#well-known-selectors)). While desiging a policy, the user intuitively pictures the well-known data structure and states each limit definition having in mind the possible values assumed by each of those paths in the data plane. For example,
 
 The user story:
-> _Whenever the context is an HTTP request sent to `dolls.toystore.acme.com` hostname (`context.request.http.host`), I want a rate limit of 50 rps per distinct user (`auth.identity.username`)._
+> _Each distinct user (`auth.identity.username`) can send no more than 1rps to the same HTTP path (`context.request.http.path`)._
 
 ...materializes as the following RLP:
 
@@ -949,21 +949,17 @@ spec:
     name: toystore
   limits:
     dolls:
-      when:
-      - selector: context.request.http.host
-        operator: eq
-        value: dolls.toystore.com
       rates:
-      - limit: 50
-        duration: 1
+      - limit: 1
         unit: second
       counters:
       - auth.identity.username
+      - context.request.http.path
 ```
 
 The following selectors are to be interpreted by the RLP controller:
-- `context.request.http.host`
 - `auth.identity.username`
+- `context.request.http.path`
 
 The RLP controller uses a map to translate each selector into its corresponding descriptor action. (Roughly described:)
 
@@ -983,9 +979,6 @@ ratelimit.domain          → <hostname>
 ```yaml
 rate_limits:
 - actions:
-  - request_headers:
-      descriptor_key: "context.request.http.host"
-      header_name: ":authority"
   - metadata:
       descriptor_key: "auth.identity.username"
       metadata_key:
@@ -995,6 +988,9 @@ rate_limits:
             key: "identity"
         - segment:
             key: "username"
+  - request_headers:
+      descriptor_key: "context.request.http.path"
+      header_name: ":path"
 ```
 
 ### Artificial Limitador condition for `triggers`