Follow these steps to define the rate limits:
- After we identify and assign a quota instance to a service or a set of services, a handler manages the quota limits:
# Script : 04-create-memquota-handler.yaml
apiVersion: config.istio.io/v1alpha2
kind: handler
metadata:
name: quotahandler
spec:
compiledAdapter: memquota
params:
quotas:
- name: requestcountquota.instance.istio-system
maxAmount: 500
validDuration: 1s
overrides:
- dimensions:
destination: reviews
maxAmount: 1
validDuration: 5s
- dimensions:
destination: productpage
maxAmount: 5
validDuration: 1s
The rate limits (quotas) are processed from top to bottom. The values defined before overrides are default values. The default rate limit is 500 requests in 1 second. The default rate limit comes into effect when there is no match in the requests for the overrides. The requests are matched based upon source and destination service names. The first override is for the destination reviews service, regardless of the source, for which a rate limit of one request every five seconds will be applied to the incoming requests. The second override is for the destination productpage service, regardless of the source, for which a rate limit of five requests every second is applied to the incoming requests.
- Create the memquota handler that defines the quota limits:
$ kubectl -n istio-system apply -f 04-create-memquota-handler.yaml
handler.config.istio.io/quotahandler created
Note that we are only discussing the memquota handler here for our test environment. In a production environment, an appropriate in-memory grid should be used to set the memquota limits. Istio documentation uses the redisquota handler.
After a quota has been defined, we have to define the quota rule to use a quota handler.