/limitador

Primary LanguageRustApache License 2.0Apache-2.0

Limitador

Github Workflow docs.rs Crates.io Docker Repository on Quay

Limitador is a generic rate-limiter written in Rust. It can be used as a library, or as a service. The service exposes HTTP endpoints to apply and manage limits. Limitador can be used with Envoy because it also exposes a grpc service, on a different port, that implements the Envoy Rate Limit protocol (v3).

Limitador is under active development, and its API has not been stabilized yet.

Getting started

Rust library

Add this to your Cargo.toml:

[dependencies]
limitador = { version = "0.2.0" }

To use Limitador in a project that compiles to WASM, there are some features that need to be disabled. Add this to your Cargo.toml instead:

[dependencies]
limitador = { version = "0.2.0", default-features = false }

Server

Run with Docker (replace latest with the version you want):

docker run --rm --net=host -it quay.io/3scale/limitador:latest

Run locally:

cargo run --release --bin limitador-server

To use Redis, specify the URL with REDIS_URL:

REDIS_URL=redis://127.0.0.1:6379 cargo run --release --bin limitador-server

By default, Limitador starts the HTTP server in localhost:8080 and the grpc service that implements the Envoy Rate Limit protocol in localhost:8081. That can be configured with these ENVs: ENVOY_RLS_HOST, ENVOY_RLS_PORT, HTTP_API_HOST, and HTTP_API_PORT.

The OpenAPI spec of the HTTP service is here.

Limitador can be started with a YAML file that has some limits predefined. Keep in mind that they can be modified using the HTTP API. There's an example file that allows 10 requests per minute and per user_id when the HTTP method is "GET" and 5 when it is a "POST". You can run it with Docker (replace latest with the version you want):

docker run -e LIMITS_FILE=/home/limitador/my_limits.yaml --rm --net=host -it -v $(pwd)/limitador-server/examples/limits.yaml:/home/limitador/my_limits.yaml:ro quay.io/3scale/limitador:latest

You can also use the YAML file when running locally:

LIMITS_FILE=./limitador-server/examples/limits.yaml cargo run --release --bin limitador-server

If you want to use Limitador with Envoy, there's a minimal Envoy config for testing purposes here. The config forwards the "userid" header and the request method to Limitador. It assumes that there's an upstream API deployed on port 1323. You can use echo, for example.

Limitador has several options that can be configured via ENV. This doc specifies them.

Limits storage

Limitador can store its limits and counters in-memory or in Redis. In-memory is faster, but the limits are applied per instance. When using Redis, multiple instances of Limitador can share the same limits, but it's slower.

Development

Build

cargo build

Run the tests

Some tests need a redis deployed in localhost:6379. You can run it in Docker with:

docker run --rm -p 6379:6379 -it redis

Then, run the tests:

cargo test

or you can run tests disabling the "redis storage" feature:

cd limitador; cargo test --no-default-features

Limitador also offers experimental support for Infinispan as a storage for the limits and counters. It's under a feature not enabled by default. To build with it and test it:

cargo build --features=infinispan_storage
cargo test --features=infinispan_storage

License

Apache 2.0 License