Distributed Rate Limiting¶
TraefikEE supports distributed rate limiting. It's a middleware just like Traefik's rate limiting middleware, but it ensures that requests are limited over time throughout your cluster and not just on an individual proxy.
Configuration Example¶
To use distributed rate limiting, you'll need to deploy a service with the middleware enabled. Here are some examples depending on the provider you're using:
# Here, an average of 100 requests per second is allowed.
# In addition, a burst of 50 requests is allowed.
labels:
- "traefik.http.middlewares.test-ratelimit.plugin.ratelimit.average=100"
- "traefik.http.middlewares.test-ratelimit.plugin.ratelimit.burst=50"
# Here, an average of 100 requests per second is allowed.
# In addition, a burst of 50 requests is allowed.
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: test-ratelimit
spec:
plugin:
rateLimit:
average: 100
burst: 50
# Here, an average of 100 requests per second is allowed.
# In addition, a burst of 50 requests is allowed.
[http.middlewares]
[http.middlewares.test-ratelimit.plugin.rateLimit]
average = 100
burst = 50
# Here, an average of 100 requests per second is allowed.
# In addition, a burst of 50 requests is allowed.
http:
middlewares:
test-ratelimit:
plugin:
rateLimit:
average: 100
burst: 50
Configuration Options¶
For more information on the different configuration possibilities (average
, burst
, sourceCriterion
etc.), refer to the Traefik Reference.
Migrating from Traefik¶
If a Traefik configuration for the rate limit middleware exists, it can adapted for TraefikEE simply by using plugin.rateLimit
instead of rateLimit
. See the examples above for the different providers.
A Traefik middleware configuration can be kept, which will run the non-distributed version of the middleware on each proxy. This means the limiting is per-proxy and not throughout the entire cluster, so be careful.