-
Notifications
You must be signed in to change notification settings - Fork 1
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OpenStack API rate limit #21
Comments
I am experimenting with an approach based on https://blog.codecentric.de/en/2014/12/haproxy-http-header-rate-limiting/. Future work
|
Unfortunately we can't limit based on the authentication token (which in keystone is However this kind of approach based on source IP works:
|
@mkoderer The exact HTTP response in this example is defined by the contents of
|
internal discussions needed, and a pull request that can be used as a basis for testing |
Have you checked Repose in front of HAProxy as mentioned by @aspiers? I think this could work for this use case, it includes an OpenStack Identity v3 filter. https://repose.atlassian.net/wiki/display/REPOSE/Rate+Limiting+filter |
Last I heard from SAP, it was good enough to limit based on source IP, so the above technique should work OK. If they need to limit per project then yes Repose is the way to go, but that would probably take quite a bit more effort to implement. |
The text was updated successfully, but these errors were encountered: