Updates rate limiter documentation.

Separates redis rate limiter to a sub-section. Includes a note that shortcut configuration does not work. fixes gh-167
7 years ago · 1029898dff
1 changed files with 21 additions and 7 deletions
--- a/docs/src/main/asciidoc/spring-cloud-gateway.adoc
+++ b/docs/src/main/asciidoc/spring-cloud-gateway.adoc
@ -448,13 +448,9 @@ This will prefix `/mypath` to the path of all matching requests. So a request to
				@@ -448,13 +448,9 @@ This will prefix `/mypath` to the path of all matching requests. So a request to

 === RequestRateLimiter GatewayFilter Factory

-The RequestRateLimiter GatewayFilter Factory takes three parameters: `replenishRate`, `burstCapacity` & `keyResolverName`.
+The RequestRateLimiter GatewayFilter Factory is uses a `RateLimiter` implementation to determine if the current request is allowed to proceed. If it is not, a status of `HTTP 429 - Too Many Requests` (by default) is returned.

-`replenishRate` is how many requests per second do you want a user to be allowed to do, without any dropped requests.
-
-`burstCapacity` is the maximum number of requests a user is allowed to do in a single second. 
-
-A steady rate is accomplished by setting the same value in `replenishRate` and `burstCapacity`. Temporary bursts can be allowed by setting `burstCapacity` higher than `replenishRate`. In this case, the rate limiter needs to be allowed some time between bursts (according to `replenishRate`), as 2 consecutive bursts will result in dropped requests (`HTTP 429 - Too Many Requests`).
+This filter takes an optional `keyResolver` parameter and parameters specific to the rate limiter (see below).

 `keyResolver` is a bean that implements the `KeyResolver` interface. In configuration, reference the bean by name using SpEL. `#{@myKeyResolver}` is a SpEL expression referencing a bean with the name `myKeyResolver`.

@ -468,8 +464,27 @@ public interface KeyResolver {
				@@ -468,8 +464,27 @@ public interface KeyResolver {

 The `KeyResolver` interface allows pluggable strategies to derive the key for limiting requests. In future milestones, there will be some `KeyResolver` implementations.

+The default implementation of `KeyResolver` is the `PrincipalNameKeyResolver` which retrieves the `Principal` from the `ServerWebExchange` and calls `Principal.getName()`.
+
+NOTE: The RequestRateLimiter is not configurable via the "shortcut" notation. The example below is __invalid__
+
+.application.properties
+----
+# INVALID SHORTCUT CONFIGURATION
+spring.cloud.gateway.routes[0].filters[0]=RequestRateLimiter=2, 2, #{@userkeyresolver}
+----
+
+==== Redis RateLimiter
+
 The redis implementation is based off of work done at https://stripe.com/blog/rate-limiters[Stripe]. It requires the use of the `spring-boot-starter-data-redis-reactive` Spring Boot starter.

+The algorithm used is the https://en.wikipedia.org/wiki/Token_bucket[Token Bucket Algorithm].
+
+The `redis-rate-limiter.replenishRate` is how many requests per second do you want a user to be allowed to do, without any dropped requests. This is the rate that the token bucket is filled.
+
+The `redis-rate-limiter.burstCapacity` is the maximum number of requests a user is allowed to do in a single second. This is the number of tokens the token bucket can hold. Setting this value to zero will block all requests.
+
+A steady rate is accomplished by setting the same value in `replenishRate` and `burstCapacity`. Temporary bursts can be allowed by setting `burstCapacity` higher than `replenishRate`. In this case, the rate limiter needs to be allowed some time between bursts (according to `replenishRate`), as 2 consecutive bursts will result in dropped requests (`HTTP 429 - Too Many Requests`).

 .application.yml
 [source,yaml]
@ -485,7 +500,6 @@ spring:
				@@ -485,7 +500,6 @@ spring:
          args:
            redis-rate-limiter.replenishRate: 10
            redis-rate-limiter.burstCapacity: 20
-            key-resolver: "#{@userKeyResolver}"

 ----