Cross API Rate Limiting?

[scott.m...@salesloft.com]

Hi, I'm looking at using Kong as the API gateway to provide a single front end to all of our microservice's APIs. I believe the correct model here would be to register each service as an "api" in Kong with a path and an upstream URL. We would like to use the rate limiting feature. However, we really want 1 rate limit for any given user (credential) to be applied across all of our apis. As I understand it I have to add the rate limit plugin to each API separately, and I have confirmed that when I do that there is a separate counter for each registered API which is not desireable. 

So, is there an existing way to have "global" plugins such that I could have a single rate limit that would cover all registered APIs?

Here's an example that I setup to confirm the behavior for the rate-limiting plugin across registered APIs:

curl -i -X POST \
--url http://kong:8001/apis/ \
--data 'name=admin' \
--data 'uris=/admin' \
--data 'upstream_url=https://{admin service hostname}' 

curl -X POST http://localhost:8001/apis/admin/plugins \
--data "name=rate-limiting" \
--data "config.minute=10" \
--data "config.limit_by=credential" 

curl -i -X POST \
--url http://kong:8001/apis/ \
--data 'name=reporting' \
--data 'uris=/reports' \
--data 'upstream_url=https://{reports service hostname}' 

curl -X POST http://localhost:8001/apis/reporting/plugins \
--data "name=rate-limiting" \
--data "config.minute=10" \
--data "config.limit_by=credential" 

curl -i -X POST \
--url http://kong:8001/apis/ \
--data 'name=calls' \
--data 'uris=/calls' \
--data 'upstream_url=https://{calls service hostname}' 

curl -X POST http://localhost:8001/apis/calls/plugins \
--data "name=rate-limiting" \
--data "config.minute=10" \
--data "config.limit_by=credential"

[scott.m...@salesloft.com]

OK, one quick update. I did find the reference in the plugins APIs docs about registering a global plugin to make it apply to all APIs. So, I have done that:

curl -X POST http://localhost:8001/plugins \

    --data "name=rate-limiting" \

    --data "config.minute=10" \

    --data "config.limit_by=credential"

However, it still uses separate limits per API. So, I'm halfway home, but not all the way there yet.

[Cooper Marcus]

Hi Scott,

I'd love to hear some details on why you'd want to have a single per-consumer rate limit across all of your APIs? In my understanding, rate limiting is typically applied more granularly, because different APIs have differing computing resources allocated to them, and consume those computing resources in different ways.

For example, if you had one API that was very computationally intensive, while another was computationally trivial, wouldn't you want to have those two APIs have different rate limits? (so that you don't excessively limit access to the "easy to compute" API by setting the rate limit to that which could be reliably satisfied by the "hard to compute" API) 

Thanks, Cooper

--
You received this message because you are subscribed to the Google Groups "Kong" group.
To unsubscribe from this group and stop receiving emails from it, send an email to konglayer+unsubscribe@googlegroups.com.
To post to this group, send email to kong...@googlegroups.com.
Visit this group at https://groups.google.com/group/konglayer.

To view this discussion on the web visit https://groups.google.com/d/msgid/konglayer/5fb3e1b4-75cd-47d1-9a78-2496d8659d85%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

[scott.m...@salesloft.com]

Hi Cooper, I agree that that is a possible pattern, but I think the global approach is also valid. We aim to have pretty consistent cost for our APIs across the board, and the user has no need to know how we chose to break up our platform into various backend services. So, I just want the plugin to be configurable so that I can choose to implement a rate limit that applies across the board.

On Sunday, April 2, 2017 at 4:24:20 PM UTC-4, scott.m...@salesloft.com wrote:

[Cooper Marcus]

Thanks Scott, it'd be great if you could open an issue here https://github.com/Mashape/kong/issues

In addition, if you found the docs to be unclear (either on how to apply plugins globally, or on how rate limits are currently counted per-API, even when the plugin is configured globally) we welcome PRs on our docs site - likely on this file https://github.com/Mashape/getkong.org/blob/master/app/plugins/rate-limiting.md

I understand your use case, and it does make sense, thanks for the explanation. 

Cheers, Cooper

--
You received this message because you are subscribed to the Google Groups "Kong" group.
To unsubscribe from this group and stop receiving emails from it, send an email to konglayer+unsubscribe@googlegroups.com.
To post to this group, send email to kong...@googlegroups.com.
Visit this group at https://groups.google.com/group/konglayer.

To view this discussion on the web visit https://groups.google.com/d/msgid/konglayer/e43407f1-1e57-4793-84e0-6e9920724994%40googlegroups.com.

[scott.m...@salesloft.com]

Hi Cooper, I didn't mean to disparage the documentation at all. I've actually been quite pleased with it. I'll look at it again with fresh eyes to see if I could see a spot in the path I went through where the fact that plugins could be registered globally could be mentioned earlier. 

As requested, I have entered an issue: https://github.com/Mashape/kong/issues/2347

Thanks,

Scott

To unsubscribe from this group and stop receiving emails from it, send an email to konglayer+...@googlegroups.com.

To post to this group, send email to kong...@googlegroups.com.
Visit this group at https://groups.google.com/group/konglayer.