Global RateLimit Xds translation

* Enhance `XdsIR` with `RateLimit` to hold rate limiting config. * Translate IR field into route level rate limit actions * Add `BuildRateLimitServiceConfig` which translates the XdsIR into configuration for the envoy rate limit service. Relates to envoyproxy#670 Signed-off-by: Arko Dasgupta <arko@tetrate.io>
arkodg · Jan 4, 2023 · a571ae7 · a571ae7
1 parent 4fdbb22
commit a571ae7
Show file tree

Hide file tree

Showing 6 changed files with 425 additions and 0 deletions.
diff --git a/internal/ir/xds.go b/internal/ir/xds.go
@@ -211,6 +211,9 @@ type HTTPRoute struct {
 	Destinations []*RouteDestination
 	// Rewrite to be changed for this route.
 	URLRewrite *URLRewrite
+	// RateLimit defines the more specific match conditions as well as limits for ratelimiting
+	// the requests on this route.
+	RateLimit *RateLimit
 }
 
 // Validate the fields within the HTTPRoute structure
@@ -591,3 +594,44 @@ func (h UDPListener) Validate() error {
 	}
 	return errs
 }
+
+// RateLimit holds the rate limiting configuration.
+// +k8s:deepcopy-gen=true
+type RateLimit struct {
+	// Global rate limit settings.
+	Global *GlobalRateLimit
+}
+
+// GlobalRateLimit holds the global rate limiting configuration.
+// +k8s:deepcopy-gen=true
+type GlobalRateLimit struct {
+	// Rules for rate limiting.
+	Rules []*RateLimitRule
+}
+
+// RateLimitRule holds the match and limit configuration for ratelimiting.
+// +k8s:deepcopy-gen=true
+type RateLimitRule struct {
+	// HeaderMatches define the match conditions on the request headers for this route.
+	HeaderMatches []*StringMatch
+	// Limit holds the rate limit values.
+	Limit *RateLimitValue
+}
+
+type RateLimitUnit string
+
+const (
+	Second RateLimitUnit = "second"
+	Minute RateLimitUnit = "minute"
+	Hour   RateLimitUnit = "hour"
+	Day    RateLimitUnit = "day"
+)
+
+// RateLimitValue holds the
+// +k8s:deepcopy-gen=true
+type RateLimitValue struct {
+	// Requests are the number of requests that need to be rate limited.
+	Requests uint32
+	// Unit of rate limiting.
+	Unit RateLimitUnit
+}
diff --git a/internal/ir/zz_generated.deepcopy.go b/internal/ir/zz_generated.deepcopy.go
diff --git a/internal/xds/translator/listener.go b/internal/xds/translator/listener.go
@@ -91,6 +91,11 @@ func addXdsHTTPFilterChain(xdsListener *listener.Listener, irListener *ir.HTTPLi
 		}},
 	}
 
+	// TODO: Make this a generic interface for all API Gateway features.
+	if err := patchHCMWithRateLimit(mgr, irListener); err != nil {
+		return err
+	}
+
 	mgrAny, err := anypb.New(mgr)
 	if err != nil {
 		return err