feat(helm): rate limits are configurable via helm chart (#1507)
* feat(helm): rate limits are configurable via helm chart * Document server.monitoring.mp * Update schema.json
This commit is contained in:
Iain Sproat
GitHub
Родитель
2a35fe6178
Коммит
59c0b7ada0
|
|
@ -287,6 +287,96 @@ spec:
|
|||
name: {{ default .Values.secretName .Values.server.monitoring.apollo.key.secretName }}
|
||||
key: {{ default "apollo_key" .Values.server.monitoring.apollo.key.secretKey }}
|
||||
{{- end }}
|
||||
|
||||
# Rate Limiting
|
||||
{{- if .Values.server.ratelimiting.all_requests }}
|
||||
- name: RATELIMIT_ALL_REQUESTS
|
||||
value: "{{ .Values.server.ratelimiting.all_requests }}"
|
||||
{{- end }}
|
||||
{{- if .Values.server.ratelimiting.burst_all_requests }}
|
||||
- name: RATELIMIT_BURST_ALL_REQUESTS
|
||||
value: "{{ .Values.server.ratelimiting.burst_all_requests }}"
|
||||
{{- end }}
|
||||
{{- if .Values.server.ratelimiting.user_create }}
|
||||
- name: RATELIMIT_USER_CREATE
|
||||
value: "{{ .Values.server.ratelimiting.user_create }}"
|
||||
{{- end }}
|
||||
{{- if .Values.server.ratelimiting.burst_user_create }}
|
||||
- name: RATELIMIT_BURST_USER_CREATE
|
||||
value: "{{ .Values.server.ratelimiting.burst_user_create }}"
|
||||
{{- end }}
|
||||
{{- if .Values.server.ratelimiting.stream_create }}
|
||||
- name: RATELIMIT_STREAM_CREATE
|
||||
value: "{{ .Values.server.ratelimiting.stream_create }}"
|
||||
{{- end }}
|
||||
{{- if .Values.server.ratelimiting.burst_stream_create }}
|
||||
- name: RATELIMIT_BURST_STREAM_CREATE
|
||||
value: "{{ .Values.server.ratelimiting.burst_stream_create }}"
|
||||
{{- end }}
|
||||
{{- if .Values.server.ratelimiting.commit_create }}
|
||||
- name: RATELIMIT_COMMIT_CREATE
|
||||
value: "{{ .Values.server.ratelimiting.commit_create }}"
|
||||
{{- end }}
|
||||
{{- if .Values.server.ratelimiting.burst_commit_create }}
|
||||
- name: RATELIMIT_BURST_COMMIT_CREATE
|
||||
value: "{{ .Values.server.ratelimiting.burst_commit_create }}"
|
||||
{{- end }}
|
||||
{{- if .Values.server.ratelimiting.post_getobjects_streamid }}
|
||||
- name: RATELIMIT_POST_GETOBJECTS_STREAMID
|
||||
value: "{{ .Values.server.ratelimiting.post_getobjects_streamid }}"
|
||||
{{- end }}
|
||||
{{- if .Values.server.ratelimiting.burst_post_getobjects_streamid }}
|
||||
- name: RATELIMIT_BURST_POST_GETOBJECTS_STREAMID
|
||||
value: "{{ .Values.server.ratelimiting.burst_post_getobjects_streamid }}"
|
||||
{{- end }}
|
||||
{{- if .Values.server.ratelimiting.post_diff_streamid }}
|
||||
- name: RATELIMIT_POST_DIFF_STREAMID
|
||||
value: "{{ .Values.server.ratelimiting.post_diff_streamid }}"
|
||||
{{- end }}
|
||||
{{- if .Values.server.ratelimiting.burst_post_diff_streamid }}
|
||||
- name: RATELIMIT_BURST_POST_DIFF_STREAMID
|
||||
value: "{{ .Values.server.ratelimiting.burst_post_diff_streamid }}"
|
||||
{{- end }}
|
||||
{{- if .Values.server.ratelimiting.post_objects_streamid }}
|
||||
- name: RATELIMIT_POST_OBJECTS_STREAMID
|
||||
value: "{{ .Values.server.ratelimiting.post_objects_streamid }}"
|
||||
{{- end }}
|
||||
{{- if .Values.server.ratelimiting.burst_post_objects_streamid }}
|
||||
- name: RATELIMIT_BURST_POST_OBJECTS_STREAMID
|
||||
value: "{{ .Values.server.ratelimiting.burst_post_objects_streamid }}"
|
||||
{{- end }}
|
||||
{{- if .Values.server.ratelimiting.get_objects_streamid_objectid }}
|
||||
- name: RATELIMIT_GET_OBJECTS_STREAMID_OBJECTID
|
||||
value: "{{ .Values.server.ratelimiting.get_objects_streamid_objectid }}"
|
||||
{{- end }}
|
||||
{{- if .Values.server.ratelimiting.burst_get_objects_streamid_objectid }}
|
||||
- name: RATELIMIT_BURST_GET_OBJECTS_STREAMID_OBJECTID
|
||||
value: "{{ .Values.server.ratelimiting.burst_get_objects_streamid_objectid }}"
|
||||
{{- end }}
|
||||
{{- if .Values.server.ratelimiting.get_objects_streamid_objectid_single }}
|
||||
- name: RATELIMIT_GET_OBJECTS_STREAMID_OBJECTID_SINGLE
|
||||
value: "{{ .Values.server.ratelimiting.get_objects_streamid_objectid_single }}"
|
||||
{{- end }}
|
||||
{{- if .Values.server.ratelimiting.burst_get_objects_streamid_objectid_single }}
|
||||
- name: RATELIMIT_BURST_GET_OBJECTS_STREAMID_OBJECTID_SINGLE
|
||||
value: "{{ .Values.server.ratelimiting.burst_get_objects_streamid_objectid_single }}"
|
||||
{{- end }}
|
||||
{{- if .Values.server.ratelimiting.post_graphql }}
|
||||
- name: RATELIMIT_POST_GRAPHQL
|
||||
value: "{{ .Values.server.ratelimiting.post_graphql }}"
|
||||
{{- end }}
|
||||
{{- if .Values.server.ratelimiting.burst_post_graphql }}
|
||||
- name: RATELIMIT_BURST_POST_GRAPHQL
|
||||
value: "{{ .Values.server.ratelimiting.burst_post_graphql }}"
|
||||
{{- end }}
|
||||
{{- if .Values.server.ratelimiting.get_auth }}
|
||||
- name: RATELIMIT_GET_AUTH
|
||||
value: "{{ .Values.server.ratelimiting.get_auth }}"
|
||||
{{- end }}
|
||||
{{- if .Values.server.ratelimiting.burst_get_auth }}
|
||||
- name: RATELIMIT_BURST_GET_AUTH
|
||||
value: "{{ .Values.server.ratelimiting.burst_get_auth }}"
|
||||
{{- end }}
|
||||
{{- if .Values.server.affinity }}
|
||||
affinity: {{- include "speckle.renderTpl" (dict "value" .Values.server.affinity "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
|
|
|
|||
|
|
@ -763,6 +763,121 @@
|
|||
}
|
||||
}
|
||||
},
|
||||
"ratelimiting": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"all_requests": {
|
||||
"type": "number",
|
||||
"description": "The maximum number of requests that can be made to the Speckle server in a moving one second window.",
|
||||
"default": 500
|
||||
},
|
||||
"burst_all_requests": {
|
||||
"type": "number",
|
||||
"description": "If the regular limit is exceeded, the limit is increased to the burst limit. This is the maximum number of requests that can be made to the Speckle server in a moving one minute window.",
|
||||
"default": 2000
|
||||
},
|
||||
"user_create": {
|
||||
"type": "number",
|
||||
"description": "The maximum number of requests that can be made to the Speckle server to create a new user in a moving one second window.",
|
||||
"default": 6
|
||||
},
|
||||
"burst_user_create": {
|
||||
"type": "number",
|
||||
"description": "If the regular limit is exceeded, the limit is increased to the burst limit. This is the maximum number of requests that can be made to the Speckle server to create a new user in a moving one minute window.",
|
||||
"default": 1000
|
||||
},
|
||||
"stream_create": {
|
||||
"type": "number",
|
||||
"description": "The maximum number of requests that can be made to the Speckle server to create a new stream in a moving one second window.",
|
||||
"default": 1
|
||||
},
|
||||
"burst_stream_create": {
|
||||
"type": "number",
|
||||
"description": "If the regular limit is exceeded, the limit is increased to the burst limit. This is the maximum number of requests that can be made to the Speckle server to create a new stream in a moving one minute window.",
|
||||
"default": 100
|
||||
},
|
||||
"commit_create": {
|
||||
"type": "number",
|
||||
"description": "The maximum number of requests that can be made to the Speckle server to create a new commit in a moving one second window.",
|
||||
"default": 1
|
||||
},
|
||||
"burst_commit_create": {
|
||||
"type": "number",
|
||||
"description": "If the regular limit is exceeded, the limit is increased to the burst limit. This is the maximum number of requests that can be made to the Speckle server to create a new commit in a moving one minute window.",
|
||||
"default": 100
|
||||
},
|
||||
"post_getobjects_streamid": {
|
||||
"type": "number",
|
||||
"description": "The maximum number of requests that can be made to the Speckle server to get a new object in a moving one second window.",
|
||||
"default": 3
|
||||
},
|
||||
"burst_post_getobjects_streamid": {
|
||||
"type": "number",
|
||||
"description": "If the regular limit is exceeded, the limit is increased to the burst limit. This is the maximum number of requests that can be made to the Speckle server to get a new object in a moving one minute window.",
|
||||
"default": 200
|
||||
},
|
||||
"post_diff_streamid": {
|
||||
"type": "number",
|
||||
"description": "The maximum number of requests that can be made to the Speckle server to undertake a diff in a moving one second window.",
|
||||
"default": 10
|
||||
},
|
||||
"burst_post_diff_streamid": {
|
||||
"type": "number",
|
||||
"description": "If the regular limit is exceeded, the limit is increased to the burst limit. This is the maximum number of requests that can be made to the Speckle server to undertake a diff in a moving one minute window.",
|
||||
"default": 1000
|
||||
},
|
||||
"post_objects_streamid": {
|
||||
"type": "number",
|
||||
"description": "The maximum number of requests that can be made to the Speckle server to post a new object in a moving one second window.",
|
||||
"default": 6
|
||||
},
|
||||
"burst_post_objects_streamid": {
|
||||
"type": "number",
|
||||
"description": "If the regular limit is exceeded, the limit is increased to the burst limit. This is the maximum number of requests that can be made to the Speckle server to post a new object in a moving one minute window.",
|
||||
"default": 400
|
||||
},
|
||||
"get_objects_streamid_objectid": {
|
||||
"type": "number",
|
||||
"description": "The maximum number of requests that can be made to the Speckle server to get an object in a moving one second window.",
|
||||
"default": 3
|
||||
},
|
||||
"burst_get_objects_streamid_objectid": {
|
||||
"type": "number",
|
||||
"description": "If the regular limit is exceeded, the limit is increased to the burst limit. This is the maximum number of requests that can be made to the Speckle server to get an object in a moving one minute window.",
|
||||
"default": 200
|
||||
},
|
||||
"get_objects_streamid_objectid_single": {
|
||||
"type": "number",
|
||||
"description": "The maximum number of requests that can be made to the Speckle server to get a single object in a moving one second window.",
|
||||
"default": 3
|
||||
},
|
||||
"burst_get_objects_streamid_objectid_single": {
|
||||
"type": "number",
|
||||
"description": "If the regular limit is exceeded, the limit is increased to the burst limit. This is the maximum number of requests that can be made to the Speckle server to get a single object in a moving one minute window.",
|
||||
"default": 200
|
||||
},
|
||||
"post_graphql": {
|
||||
"type": "number",
|
||||
"description": "The maximum number of requests that can be made to the GraphQL API in a moving one second window.",
|
||||
"default": 10
|
||||
},
|
||||
"burst_post_grapqhl": {
|
||||
"type": "number",
|
||||
"description": "If the regular limit is exceeded, the limit is increased to the burst limit. This is the maximum number of requests that can be made to the GraphQL API in a moving one minute window.",
|
||||
"default": 20
|
||||
},
|
||||
"get_auth": {
|
||||
"type": "number",
|
||||
"description": "The maximum number of requests that can be made to the Speckle server to authenticate in a moving one second window.",
|
||||
"default": 2
|
||||
},
|
||||
"burst_get_auth": {
|
||||
"type": "number",
|
||||
"description": "If the regular limit is exceeded, the limit is increased to the burst limit. This is the maximum number of requests that can be made to the Speckle server to authenticate in a moving one minute window.",
|
||||
"default": 20
|
||||
}
|
||||
}
|
||||
},
|
||||
"serviceAccount": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
|
|
@ -815,6 +930,11 @@
|
|||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"mp": {
|
||||
"type": "object",
|
||||
"description": "(Optional) If server.monitoring.mp.enabled is set to false, metrics will not be collected by the Speckle server.",
|
||||
"default": {}
|
||||
}
|
||||
}
|
||||
},
|
||||
|
|
|
|||
|
|
@ -549,6 +549,51 @@ server:
|
|||
## ref: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
|
||||
##
|
||||
memory: 3Gi
|
||||
ratelimiting:
|
||||
## @param server.ratelimiting.all_requests The maximum number of requests that can be made to the Speckle server in a moving one second window.
|
||||
all_requests: 500
|
||||
## @param server.ratelimiting.burst_all_requests If the regular limit is exceeded, the limit is increased to the burst limit. This is the maximum number of requests that can be made to the Speckle server in a moving one minute window.
|
||||
burst_all_requests: 2000
|
||||
## @param server.ratelimiting.user_create The maximum number of requests that can be made to the Speckle server to create a new user in a moving one second window.
|
||||
user_create: 6
|
||||
## @param server.ratelimiting.burst_user_create If the regular limit is exceeded, the limit is increased to the burst limit. This is the maximum number of requests that can be made to the Speckle server to create a new user in a moving one minute window.
|
||||
burst_user_create: 1000
|
||||
## @param server.ratelimiting.stream_create The maximum number of requests that can be made to the Speckle server to create a new stream in a moving one second window.
|
||||
stream_create: 1
|
||||
## @param server.ratelimiting.burst_stream_create If the regular limit is exceeded, the limit is increased to the burst limit. This is the maximum number of requests that can be made to the Speckle server to create a new stream in a moving one minute window.
|
||||
burst_stream_create: 100
|
||||
## @param server.ratelimiting.commit_create The maximum number of requests that can be made to the Speckle server to create a new commit in a moving one second window.
|
||||
commit_create: 1
|
||||
## @param server.ratelimiting.burst_commit_create If the regular limit is exceeded, the limit is increased to the burst limit. This is the maximum number of requests that can be made to the Speckle server to create a new commit in a moving one minute window.
|
||||
burst_commit_create: 100
|
||||
## @param server.ratelimiting.post_getobjects_streamid The maximum number of requests that can be made to the Speckle server to get a new object in a moving one second window.
|
||||
post_getobjects_streamid: 3
|
||||
## @param server.ratelimiting.burst_post_getobjects_streamid If the regular limit is exceeded, the limit is increased to the burst limit. This is the maximum number of requests that can be made to the Speckle server to get a new object in a moving one minute window.
|
||||
burst_post_getobjects_streamid: 200
|
||||
## @param server.ratelimiting.post_diff_streamid The maximum number of requests that can be made to the Speckle server to undertake a diff in a moving one second window.
|
||||
post_diff_streamid: 10
|
||||
## @param server.ratelimiting.burst_post_diff_streamid If the regular limit is exceeded, the limit is increased to the burst limit. This is the maximum number of requests that can be made to the Speckle server to undertake a diff in a moving one minute window.
|
||||
burst_post_diff_streamid: 1000
|
||||
## @param server.ratelimiting.post_objects_streamid The maximum number of requests that can be made to the Speckle server to post a new object in a moving one second window.
|
||||
post_objects_streamid: 6
|
||||
## @param server.ratelimiting.burst_post_objects_streamid If the regular limit is exceeded, the limit is increased to the burst limit. This is the maximum number of requests that can be made to the Speckle server to post a new object in a moving one minute window.
|
||||
burst_post_objects_streamid: 400
|
||||
## @param server.ratelimiting.get_objects_streamid_objectid The maximum number of requests that can be made to the Speckle server to get an object in a moving one second window.
|
||||
get_objects_streamid_objectid: 3
|
||||
## @param server.ratelimiting.burst_get_objects_streamid_objectid If the regular limit is exceeded, the limit is increased to the burst limit. This is the maximum number of requests that can be made to the Speckle server to get an object in a moving one minute window.
|
||||
burst_get_objects_streamid_objectid: 200
|
||||
## @param server.ratelimiting.get_objects_streamid_objectid_single The maximum number of requests that can be made to the Speckle server to get a single object in a moving one second window.
|
||||
get_objects_streamid_objectid_single: 3
|
||||
## @param server.ratelimiting.burst_get_objects_streamid_objectid_single If the regular limit is exceeded, the limit is increased to the burst limit. This is the maximum number of requests that can be made to the Speckle server to get a single object in a moving one minute window.
|
||||
burst_get_objects_streamid_objectid_single: 200
|
||||
## @param server.ratelimiting.post_graphql The maximum number of requests that can be made to the GraphQL API in a moving one second window.
|
||||
post_graphql: 10
|
||||
## @param server.ratelimiting.burst_post_grapqhl If the regular limit is exceeded, the limit is increased to the burst limit. This is the maximum number of requests that can be made to the GraphQL API in a moving one minute window.
|
||||
burst_post_grapqhl: 20
|
||||
## @param server.ratelimiting.get_auth The maximum number of requests that can be made to the Speckle server to authenticate in a moving one second window.
|
||||
get_auth: 2
|
||||
## @param server.ratelimiting.burst_get_auth If the regular limit is exceeded, the limit is increased to the burst limit. This is the maximum number of requests that can be made to the Speckle server to authenticate in a moving one minute window.
|
||||
burst_get_auth: 20
|
||||
serviceAccount:
|
||||
## @param server.serviceAccount.create If enabled, a Kubernetes Service Account will be created for this pod.
|
||||
## This provides additional security by limiting this pod's access to the Kubernetes API and to Secrets on the Kubernetes cluster.
|
||||
|
|
@ -578,6 +623,7 @@ server:
|
|||
## @param server.monitoring.apollo.key.secretKey The key within the Kubernetes Secret holding the Apollo monitoring key as its value.
|
||||
##
|
||||
secretKey: ''
|
||||
## @param server.monitoring.mp (Optional) If server.monitoring.mp.enabled is set to false, metrics will not be collected by the Speckle server.
|
||||
mp: {}
|
||||
## @param server.sentry_dns (Optional) The Data Source Name that was provided by Sentry.io
|
||||
## Sentry.io allows events within Speckle to be monitored
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче