Skip to content

Commit

Permalink
ratelimitpolicy virtualhosts ratelimits (Kuadrant#85)
Browse files Browse the repository at this point in the history 
* ratelimitpolicy virtualhosts ratelimits

* apim/ratelimitpolicy_controller: remove unnecessary route match for virtualhost

* fix lint issue
  • Loading branch information
@eguzki
eguzki authored Feb 15, 2022
1 parent c67bcd5 commit 2464ad5
Show file tree
Hide file tree
Showing 8 changed files with 351 additions and 155 deletions.
30 changes: 21 additions & 9 deletions apis/apim/v1alpha1/ratelimitpolicy_types.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,8 +29,14 @@ type RLGenericKey struct {
DescriptorValue string `json:"descriptor_value"`
}

//TODO(eguzki): oneOf each kind
//
// https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/route/v3/route_components.proto#envoy-v3-api-msg-config-route-v3-ratelimit-action

// Action_Specifier defines the envoy rate limit actions
type ActionSpecifier struct {
GenericKey RLGenericKey `json:"generic_key"`
// +optional
GenericKey *RLGenericKey `json:"generic_key,omitempty"`
}

// +kubebuilder:validation:Enum=PREAUTH;POSTAUTH;BOTH
Expand All @@ -57,19 +63,23 @@ var RateLimitStageName = map[int32]string{
var RateLimitStageValue = map[RateLimitStage]int32{
"PREAUTH": 0,
"POSTAUTH": 1,
"BOTH": 2,
}

type Route struct {
// name of the route present in the virutalservice
Name string `json:"name"`
type RateLimit struct {
// Definfing phase at which rate limits will be applied.
// Valid values are: PREAUTH, POSTAUTH, BOTH
Stage RateLimitStage `json:"stage"`
// rule specific actions
// +optional
Actions []*ActionSpecifier `json:"actions,omitempty"`
}

type Route struct {
// name of the route present in the virutalservice
Name string `json:"name"`
// +optional
RateLimits []*RateLimit `json:"rateLimits,omitempty"`
}

type NetworkingRef struct {
Type NetworkingRefType `json:"type"`
Name string `json:"name"`
Expand All @@ -85,9 +95,11 @@ type RateLimitPolicySpec struct {
//+listType=map
//+listMapKey=name
Routes []Route `json:"routes,omitempty"`
// these actions are used for all of the matching rules
Actions []*ActionSpecifier `json:"actions,omitempty"`
Limits []limitadorv1alpha1.RateLimitSpec `json:"limits,omitempty"`

// RateLimits are used for all of the matching rules
// +optional
RateLimits []*RateLimit `json:"rateLimits,omitempty"`
Limits []limitadorv1alpha1.RateLimitSpec `json:"limits,omitempty"`
}

//+kubebuilder:object:root=true
Expand Down
52 changes: 41 additions & 11 deletions apis/apim/v1alpha1/zz_generated.deepcopy.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

74 changes: 47 additions & 27 deletions config/crd/bases/apim.kuadrant.io_ratelimitpolicies.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,24 +36,6 @@ spec:
spec:
description: RateLimitPolicySpec defines the desired state of RateLimitPolicy
properties:
actions:
description: these actions are used for all of the matching rules
items:
properties:
generic_key:
properties:
descriptor_key:
type: string
descriptor_value:
type: string
required:
- descriptor_key
- descriptor_value
type: object
required:
- generic_key
type: object
type: array
limits:
items:
description: RateLimitSpec defines the desired state of RateLimit
Expand Down Expand Up @@ -99,13 +81,14 @@ spec:
- type
- name
x-kubernetes-list-type: map
routes:
description: route specific staging and actions
rateLimits:
description: RateLimits are used for all of the matching rules
items:
properties:
actions:
description: rule specific actions
items:
description: Action_Specifier defines the envoy rate limit
actions
properties:
generic_key:
properties:
Expand All @@ -117,13 +100,8 @@ spec:
- descriptor_key
- descriptor_value
type: object
required:
- generic_key
type: object
type: array
name:
description: name of the route present in the virutalservice
type: string
stage:
description: 'Definfing phase at which rate limits will be applied.
Valid values are: PREAUTH, POSTAUTH, BOTH'
Expand All @@ -133,10 +111,52 @@ spec:
- BOTH
type: string
required:
- name
- stage
type: object
type: array
routes:
description: route specific staging and actions
items:
properties:
name:
description: name of the route present in the virutalservice
type: string
rateLimits:
items:
properties:
actions:
items:
description: Action_Specifier defines the envoy rate
limit actions
properties:
generic_key:
properties:
descriptor_key:
type: string
descriptor_value:
type: string
required:
- descriptor_key
- descriptor_value
type: object
type: object
type: array
stage:
description: 'Definfing phase at which rate limits will
be applied. Valid values are: PREAUTH, POSTAUTH, BOTH'
enum:
- PREAUTH
- POSTAUTH
- BOTH
type: string
required:
- stage
type: object
type: array
required:
- name
type: object
type: array
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
Expand Down
71 changes: 44 additions & 27 deletions config/deploy/manifests.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -112,24 +112,6 @@ spec:
spec:
description: RateLimitPolicySpec defines the desired state of RateLimitPolicy
properties:
actions:
description: these actions are used for all of the matching rules
items:
properties:
generic_key:
properties:
descriptor_key:
type: string
descriptor_value:
type: string
required:
- descriptor_key
- descriptor_value
type: object
required:
- generic_key
type: object
type: array
limits:
items:
description: RateLimitSpec defines the desired state of RateLimit
Expand Down Expand Up @@ -175,13 +157,13 @@ spec:
- type
- name
x-kubernetes-list-type: map
routes:
description: route specific staging and actions
rateLimits:
description: RateLimits are used for all of the matching rules
items:
properties:
actions:
description: rule specific actions
items:
description: Action_Specifier defines the envoy rate limit actions
properties:
generic_key:
properties:
Expand All @@ -193,13 +175,8 @@ spec:
- descriptor_key
- descriptor_value
type: object
required:
- generic_key
type: object
type: array
name:
description: name of the route present in the virutalservice
type: string
stage:
description: 'Definfing phase at which rate limits will be applied. Valid values are: PREAUTH, POSTAUTH, BOTH'
enum:
Expand All @@ -208,10 +185,50 @@ spec:
- BOTH
type: string
required:
- name
- stage
type: object
type: array
routes:
description: route specific staging and actions
items:
properties:
name:
description: name of the route present in the virutalservice
type: string
rateLimits:
items:
properties:
actions:
items:
description: Action_Specifier defines the envoy rate limit actions
properties:
generic_key:
properties:
descriptor_key:
type: string
descriptor_value:
type: string
required:
- descriptor_key
- descriptor_value
type: object
type: object
type: array
stage:
description: 'Definfing phase at which rate limits will be applied. Valid values are: PREAUTH, POSTAUTH, BOTH'
enum:
- PREAUTH
- POSTAUTH
- BOTH
type: string
required:
- stage
type: object
type: array
required:
- name
type: object
type: array
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
Expand Down
Loading

0 comments on commit 2464ad5

Please sign in to comment.