limiter

package
v1.2.3-fred.4 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 18, 2022 License: Apache-2.0 Imports: 15 Imported by: 212

Documentation

Overview

Package limiter implements connection and rate limiters for teleport

Index

Constants

View Source
const (
	DefaultMaxNumberOfUsers = 100000
	DefaultRate             = 100000000
)

Variables

This section is empty.

Functions

This section is empty.

Types

type Config

type Config struct {
	// Rates set ups rate limits
	Rates []Rate
	// MaxConnections configures maximum number of connections
	MaxConnections int64
	// MaxNumberOfUsers controls maximum number of simultaneously active users
	MaxNumberOfUsers int
	// Clock is an optional parameter, if not set, will use system time
	Clock timetools.TimeProvider
}

Config sets up rate limits and configuration limits parameters

func (*Config) SetEnv

func (l *Config) SetEnv(v string) error

SetEnv reads LimiterConfig from JSON string

type ConnectionsLimiter

type ConnectionsLimiter struct {
	*connlimit.ConnLimiter
	*sync.Mutex
	// contains filtered or unexported fields
}

ConnectionsLimiter is a network connection limiter and tracker

func NewConnectionsLimiter

func NewConnectionsLimiter(config Config) (*ConnectionsLimiter, error)

NewConnectionsLimiter returns new connection limiter, in case if connection limits are not set, they won't be tracked

func (*ConnectionsLimiter) AcquireConnection

func (l *ConnectionsLimiter) AcquireConnection(token string) error

AcquireConnection acquires connection and bumps counter

func (*ConnectionsLimiter) GetNumConnection

func (l *ConnectionsLimiter) GetNumConnection(token string) (int64, error)

GetNumConnections returns the current number of connections for a token

func (*ConnectionsLimiter) ReleaseConnection

func (l *ConnectionsLimiter) ReleaseConnection(token string)

ReleaseConnection decrements the counter

func (*ConnectionsLimiter) WrapHandle

func (l *ConnectionsLimiter) WrapHandle(h http.Handler)

WrapHandle adds connection limiter to the handle

type CustomRateFunc

type CustomRateFunc func(endpoint string) *ratelimit.RateSet

CustomRateFunc is a function type which returns a custom *ratelimit.RateSet for a given endpoint string.

type Limiter

type Limiter struct {
	// ConnectionsLimiter limits simultaneous connection
	*ConnectionsLimiter
	// contains filtered or unexported fields
}

Limiter helps limiting connections and request rates

func NewLimiter

func NewLimiter(config Config) (*Limiter, error)

NewLimiter returns new rate and connection limiter

func (*Limiter) RegisterRequest

func (l *Limiter) RegisterRequest(token string) error

func (*Limiter) RegisterRequestAndConnection

func (l *Limiter) RegisterRequestAndConnection(token string) (func(), error)

RegisterRequestAndConnection register a rate and connection limiter for a given token. Close function is returned, and it must be called to release the token. When a limit is hit an error is returned. Example usage:

release, err := limiter.RegisterRequestAndConnection(clientIP)
if err != nil {
	return trace.Wrap(err)
}
defer release()

func (*Limiter) RegisterRequestWithCustomRate

func (l *Limiter) RegisterRequestWithCustomRate(token string, customRate *ratelimit.RateSet) error

func (*Limiter) StreamServerInterceptor

func (l *Limiter) StreamServerInterceptor(srv interface{}, serverStream grpc.ServerStream, info *grpc.StreamServerInfo, handler grpc.StreamHandler) error

StreamServerInterceptor is a GPRC stream interceptor that rate limits incoming requests by client IP.

func (*Limiter) UnaryServerInterceptor

func (l *Limiter) UnaryServerInterceptor() grpc.UnaryServerInterceptor

UnaryServerInterceptor returns a gRPC unary interceptor which rate limits by client IP.

func (*Limiter) UnaryServerInterceptorWithCustomRate

func (l *Limiter) UnaryServerInterceptorWithCustomRate(customRate CustomRateFunc) grpc.UnaryServerInterceptor

UnaryServerInterceptorWithCustomRate returns a gRPC unary interceptor which rate limits by client IP. Accepts a CustomRateFunc to set custom rates for specific gRPC methods.

func (*Limiter) WrapHandle

func (l *Limiter) WrapHandle(h http.Handler)

WrapHandle adds limiter to the handle

type Rate

type Rate struct {
	Period  time.Duration
	Average int64
	Burst   int64
}

Rate defines connection rate

func (*Rate) UnmarshalJSON

func (r *Rate) UnmarshalJSON(value []byte) error

type RateLimiter

type RateLimiter struct {
	*ratelimit.TokenLimiter

	*sync.Mutex
	// contains filtered or unexported fields
}

RateLimiter controls connection rate, it uses token bucket algo https://en.wikipedia.org/wiki/Token_bucket

func NewRateLimiter

func NewRateLimiter(config Config) (*RateLimiter, error)

NewRateLimiter returns new request rate controller

func (*RateLimiter) RegisterRequest

func (l *RateLimiter) RegisterRequest(token string, customRate *ratelimit.RateSet) error

RegisterRequest increases number of requests for the provided token Returns error if there are too many requests with the provided token.

func (*RateLimiter) WrapHandle

func (l *RateLimiter) WrapHandle(h http.Handler)

Add rate limiter to the handle

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL