Skip to content
This repository has been archived by the owner on Oct 9, 2023. It is now read-only.

Commit

Permalink
Add details docs for configs
Browse files Browse the repository at this point in the history
Signed-off-by: TungHoang <[email protected]>
  • Loading branch information
LaPetiteSouris committed May 10, 2023
1 parent 9302916 commit 8cbb5c0
Show file tree
Hide file tree
Showing 5 changed files with 73 additions and 10 deletions.
12 changes: 6 additions & 6 deletions pkg/config/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -81,20 +81,20 @@ type ServerSecurityOptions struct {
// By default, the server will allow Accept, Accept-Language, Content-Language, and Content-Type.
// DeprecatedUser this setting to add any additional headers which are needed
AllowedHeaders []string `json:"allowedHeaders"`
RateLimit RateLimitOptions `json:"rateLimitOptions"`
RateLimit RateLimitOptions `json:"rateLimit"`
}

type SslOptions struct {
CertificateFile string `json:"certificateFile"`
KeyFile string `json:"keyFile"`
}

// declare RateLimitConfig
// RateLimitOptions is a type to hold rate limit configuration options.
type RateLimitOptions struct {
Enabled bool `json:"enabled"`
RequestsPerSecond int `json:"requestsPerSecond"`
BurstSize int `json:"burstSize"`
CleanupInterval config.Duration `json:"cleanupInterval"`
Enabled bool `json:"enabled" pflag:",Controls whether rate limiting is enabled. If enabled, the rate limit is applied to all requests using the TokenBucket algorithm."`
RequestsPerSecond int `json:"requestsPerSecond" pflag:",The number of requests allowed per second."`
BurstSize int `json:"burstSize" pflag:",The number of requests allowed to burst. 0 implies the TokenBucket algorithm cannot hold any tokens."`
CleanupInterval config.Duration `json:"cleanupInterval" pflag:",The interval at which the rate limiter cleans up entries that have not been used for a certain period of time."`
}

var defaultServerConfig = &ServerConfig{
Expand Down
4 changes: 4 additions & 0 deletions pkg/config/serverconfig_flags.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

56 changes: 56 additions & 0 deletions pkg/config/serverconfig_flags_test.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

3 changes: 3 additions & 0 deletions pkg/server/service.go
Original file line number Diff line number Diff line change
Expand Up @@ -98,6 +98,9 @@ func newGRPCServer(ctx context.Context, pluginRegistry *plugins.Registry, cfg *c
} else {
logger.Infof(ctx, "Creating gRPC server without authentication")
chainedUnaryInterceptors = grpcmiddleware.ChainUnaryServer(grpcprometheus.UnaryServerInterceptor)
if cfg.Security.RateLimit.Enabled {
logger.Warningf(ctx, "Rate limit is enabled but auth is not")
}
}

serverOpts := []grpc.ServerOption{
Expand Down
8 changes: 4 additions & 4 deletions plugins/rate_limit.go
Original file line number Diff line number Diff line change
Expand Up @@ -16,23 +16,23 @@ import (

type RateLimitExceeded error

// define a struct that contains a map of rate limiters, and a time stamp of last access and a mutex to protect the map
// accessRecords stores the rate limiter and the last access time
type accessRecords struct {
limiter *rate.Limiter
lastAccess time.Time
}

// LimiterStore stores the access records for each user
type LimiterStore struct {
// accessPerUser is a synchronized map of userID to accessRecords
accessPerUser map[string]*accessRecords
mutex *sync.Mutex
requestPerSec int
burstSize int
cleanupInterval time.Duration
}

// define a function named Allow that takes userID and returns RateLimitError
// the function check if the user is in the map, if not, create a new accessRecords for the user
// then it check if the user can access the resource, if not, return RateLimitError
// Allow takes a userID and returns an error if the user has exceeded the rate limit
func (l *LimiterStore) Allow(userID string) error {
l.mutex.Lock()
defer l.mutex.Unlock()
Expand Down

0 comments on commit 8cbb5c0

Please sign in to comment.