Support rate limit overrides #154
Description
A new feature was added in envoyproxy/envoy#11595. In a nutshell it allows providing an override limit in the request. This is useful if the source of truth for limits is in some authentication service, so the limits can be encoded and supplied to the proxy via an authentication service. Support for that feature needs to be added to rate limiter service.
The semantics would be the following:
- If there's no limit override provided in the descriptor, everything behaves as is used to.
- If there's a limit override provided in the descriptor, we treat it as if there was a match for this descriptor in the static config and the configured limit is what's in the override
- If we had previously received a request with a limit override (there's a RateLimit struct exist for the descriptor key), and now the override value for the descriptor has changed, we update the limit override value but keep the stats. This will allow for eventual consistency of the rates. The values for the overrides are not expected to change on every request, so eventual consistency should be good enough here.
Supporting this requires having a new release of the go-control-plane, so I will submit a WIP PR, but will have to wait for a new version of the control plane to be cut.