动态配额限制
1.功能说明
通过动态limit功能,可以在不对配置文件编辑以及重载的情况下,通过API实现变更限流功能的设置,包括查询接口和修改接口。
2. 依赖模块
本功能依赖模块:
load_module modules/njt_http_dyn_limit_module.so;3. 配置示例
load_module modules/njt_http_dyn_limit_module.so;
http {
limit_conn_zone $binary_remote_addr zone=perip:10m;
limit_conn_zone $server_name zone=perserver:10m;
limit_req_zone $binary_remote_addr zone=req_perip:10m rate=1r/s;
limit_req_zone $server_name zone=req_perserver:10m rate=10r/s;
server {
listen 92;
location / {
limit_rate 1k;
limit_rate_after 5k;
set $aaa 50k;
limit_conn perip 10;
limit_conn perserver 100;
limit_req zone=req_perip burst=5 ;
root html;
index large.html;
}
}
}3.1 API说明
查询接口:
GET http://IP+port/api/v1/config/http_dyn_limit修改接口:
PUT http://IP+port/api/v1/config/http_dyn_limit3.2 返回值说明
put接口使用rpc调用,返回值新增返回值code,以及错误描述信息,详细信息如下:
| type | code | 描述 |
|---|---|---|
| NJT_RPC_RSP_SUCCESS | 0 | sucess |
| NJT_RPC_RSP_PARTIAL_SUCCESS | 1 | 部分成功,会给出比较详细得提示信息,包括servername、location等字段信息 |
| NJT_RPC_RSP_ERR_MEM_ALLOC | 2 | 关于内存分配失败,会给出相对更详细的具体变量分配失败信息 |
| NJT_RPC_RSP_ERR_JSON | 3 | json字符串错误,njet日志会给出较详细信息 |
| NJT_RPC_RSP_ERR | 4 | 错误,一般指业务逻辑更新错误,具体详细需要查看njet日志 |
| NJT_RPC_RSP_ERR_INPUT_PARAM | 10 | 输入参数不对,json输入空内容等 |
| 400 | {“code”:400,“msg”:“read body error”} |
示例如下:
{
"code": 1, #错误码
"msg": "partial success.", #错误码描述信息
"data": [ #详细错误列表
" update rps zone:req_perip rate invalid",
" update rps zone:req_perserver2 is not exist",
"listen[0.0.0.0:92] server_name[].locations[/] zone:perip conn number is invalid, should >0 and <= 65535",
"listen[0.0.0.0:92] server_name[].locations[/] zone \"perserver2\" is not exist",
"listen[0.0.0.0:92] server_name[].locations[/] dyn limit req not location level, so not update",
"listen[0.0.0.0:92] server_name[].locations[/] dyn limit rate complex set error",
"listen[0.0.0.0:92] server_name[].locations[/] dyn limit rate_after set complex errorc",
"listen[0.0.0.0:92] server_name[].locations[/] dyn limit conn_log_level level invalid",
"listen[0.0.0.0:92] server_name[].locations[/] dyn limit conn_status invalid, shoudld [400, 599]",
"listen[0.0.0.0:92] server_name[].locations[/] dyn limit req_status invalid, shoudld [400, 599]",
"listen[0.0.0.0:92] server_name[].locations[/a] location[/ab] not found",
" can`t find server by listen[0.0.0.0:444] server_name[]",
" can`t find server by listen[0.0.0.0:90] server_name[localhost1]"
]
}4. 调用样例
4.1 查询limit 当前配置
该接口可以查看HTTP 块下所有location的limit当前配置
请求
GET http://127.0.0.1:8081/api/v1/config/http_dyn_limit返回值
{
"servers": [
{
"listens": [
"0.0.0.0:92"
],
"serverNames": [
""
],
"locations": [
{
"location": "/",
"limit_rate": "1k",
"limit_rate_after": "5k",
"limit_conns": [
{
"zone": "perip",
"conn": 10
},
{
"zone": "perserver",
"conn": 100
}
],
"limit_conn_dry_run": "off",
"limit_conn_log_level": "error",
"limit_conn_status": 503,
"limit_reqs": [
{
"zone": "req_perip",
"burst": 5,
"delay": "0"
}
],
"limit_req_dry_run": "off",
"limit_req_log_level": "error",
"limit_req_status": 503
}
]
},
{
"listens": [
"0.0.0.0:90"
],
"serverNames": [
"localhost"
],
"locations": [
{
"location": "/",
"limit_rate": "",
"limit_rate_after": "",
"limit_conns": [],
"limit_conn_dry_run": "off",
"limit_conn_log_level": "error",
"limit_conn_status": 503,
"limit_reqs": [],
"limit_req_dry_run": "off",
"limit_req_log_level": "error",
"limit_req_status": 503,
"locations": [
{
"location": "/abc/",
"limit_rate": "",
"limit_rate_after": "",
"limit_conns": [],
"limit_conn_dry_run": "off",
"limit_conn_log_level": "error",
"limit_conn_status": 503,
"limit_reqs": [],
"limit_req_dry_run": "off",
"limit_req_log_level": "error",
"limit_req_status": 503
}
]
},
{
"location": "/test_bwlist",
"limit_rate": "",
"limit_rate_after": "",
"limit_conns": [],
"limit_conn_dry_run": "off",
"limit_conn_log_level": "error",
"limit_conn_status": 503,
"limit_reqs": [],
"limit_req_dry_run": "off",
"limit_req_log_level": "error",
"limit_req_status": 503
}
]
}
],
#limit_rps 专门修改limit_req_zone 指定zone name的rate值的动态修改,该指令可配置多个,故是数组形式
"limit_rps": [
{
"zone": "req_perip", #zone name
"rate": "1r/m" #rate值修改
},
{
"zone": "req_perserver",
"rate": "10r/s"
}
]
}4.2 修改limit 配置
请求
PUThttp://127.0.0.1:8081/api/v1/config/http_dyn_list
Content-Type: application/json
{
"servers": [
{
"listens": [
"0.0.0.0:92"
],
"serverNames": [
""
],
"locations": [
{
"location": "/",
"limit_rate": "1k",
"limit_rate_after": "5k",
"limit_conns": [
{
"zone": "perip",
"conn": 10
},
{
"zone": "perserver",
"conn": 100
}
],
"limit_conn_dry_run": "off",
"limit_conn_log_level": "error",
"limit_conn_status": 503,
"limit_reqs": [
{
"zone": "req_perip",
"burst": 5,
"delay": "nodelay"
},
{
"zone": "req_perserver",
"burst": 10,
"delay": "1000"
}
],
"limit_req_dry_run": "off",
"limit_req_log_level": "error",
"limit_req_status": 503
}
]
},
{
"listens": [
"0.0.0.0:90"
],
"serverNames": [
"localhost"
],
"locations": [
{
"location": "/",
"limit_rate": "",
"limit_rate_after": "",
"limit_conns": [],
"limit_conn_dry_run": "off",
"limit_conn_log_level": "error",
"limit_conn_status": 503,
"limit_reqs": [],
"limit_req_dry_run": "off",
"limit_req_log_level": "error",
"limit_req_status": 503,
"locations": [
{
"location": "/abc/",
"limit_rate": "",
"limit_rate_after": "",
"limit_conns": [],
"limit_conn_dry_run": "off",
"limit_conn_log_level": "error",
"limit_conn_status": 503,
"limit_reqs": [],
"limit_req_dry_run": "off",
"limit_req_log_level": "error",
"limit_req_status": 503
}
]
},
{
"location": "/test_bwlist",
"limit_rate": "",
"limit_rate_after": "",
"limit_conns": [],
"limit_conn_dry_run": "off",
"limit_conn_log_level": "error",
"limit_conn_status": 503,
"limit_reqs": [],
"limit_req_dry_run": "off",
"limit_req_log_level": "error",
"limit_req_status": 503
}
]
}
],
"limit_rps": [
{
"zone": "req_perip",
"rate": "100r/m"
},
{
"zone": "req_perserver",
"rate": "20r/s"
}
]
}