Support for path specific rate limiting #6011
Description
In nginx there is good support for limiting the number of requests to avoid overloading/hacking/...
- http://nginx.org/en/docs/http/ngx_http_limit_req_module.html
- https://www.nginx.com/blog/rate-limiting-nginx/
What I would like to to have some paths without rate limiting and some with rate limiting.
Also for my usecase the IP address is not the right value to limit the requests by. In my case either a request header (i..e. $http_foobar) or cookie (i.e. $cookie_foobar) would make more sense.
I would like to be able to configure rate limiting (per path, different rate, bursts, delay, etc.) in a more fine grained way then I found to be possible in the current version.
Looking around I found this article which found the same limitations as I ran into:
https://medium.com/titansoft-engineering/rate-limiting-for-your-kubernetes-applications-with-nginx-ingress-2e32721f7f57
The current rate limiting support is configured via annotations on the ingress.
This can possibly be implemented by extending the supported annotations for nginx specifically.
Alternatively I was thinking that support for this kind of rate limiting may be better suited to become an integral part of the Ingress definition itself ( https://kubernetes.io/docs/concepts/services-networking/ingress/ ) so that all ingress implementations can leverage the same configurations.
So then I can simply do something like this instead:
spec:
rules:
- host: foo.bar.com
http:
paths:
- path: /foo
backend:
serviceName: service1
servicePort: 4200
rateLimits:
- path: /bar # This is relative under the '/foo' so the path to which this applies is /foo/bar
byCookie: jsessionid
#byHeader: customerid
# if neither configured : by IP
maxPerSecond: 5
allowBurst: 10
delayBurst: false
or something like that.
/kind feature