このページは、まだ日本語ではご利用いただけません。翻訳中です。
古いプラグインバージョンのドキュメントを閲覧しています。
構成
このプラグインはDB-lessモードと部分的に互換性があります。
The cluster strategy is not supported in DB-less and hybrid modes. For Kong
Gateway in DB-less or hybrid mode, use the redis
strategy.
パラメータ
このプラグインの設定で使用できるすべてのパラメータのリストは次のとおりです。
-
name or plugin
string requiredプラグイン名。この場合は
graphql-rate-limiting-advanced
。- Kong Admin API、Kong Konnect API、宣言型構成、または decK ファイルを使用する場合、フィールドは
name
です。 - Kubernetes で KongPlugin オブジェクトを使用する場合、フィールドは
plugin
です。
- Kong Admin API、Kong Konnect API、宣言型構成、または decK ファイルを使用する場合、フィールドは
-
service.name or service.id
stringプラグインが対象とするサービス名または ID。最上位の
/plugins
エンドポイント. からプラグインをサービスに追加する場合は、これらのパラメータのいずれかを設定してください/services/{serviceName|Id}/plugins
を使用する場合は必要ありません。 -
route.name or route.id
stringプラグインがターゲットとするルート名または ID。最上位の
/plugins
エンドポイント. を通るルートにプラグインを追加する場合は、これらのパラメータのいずれかを設定してください/routes/{routeName|Id}/plugins
を使用する場合は必要ありません。 -
consumer.name or consumer.id
stringプラグインがターゲットとするコンシューマーの名前または ID。 最上位の
/plugins
エンドポイント. からコンシューマーにプラグインを追加する場合は、これらのパラメーターのいずれかを設定してください/consumers/{consumerName|Id}/plugins
を使用する場合は必要ありません。 -
enabled
boolean default:true
このプラグインが適用されるかどうか。
-
config
record required-
identifier
string required default:consumer
Must be one of:ip
,credential
,consumer
How to define the rate limit key. Can be
ip
,credential
,consumer
.
-
window_size
array of typenumber
requiredOne or more window sizes to apply a limit to (defined in seconds).
-
window_type
string default:sliding
Must be one of:fixed
,sliding
Sets the time window to either
sliding
orfixed
.
-
limit
array of typenumber
requiredOne or more requests-per-window limits to apply.
-
sync_rate
number requiredHow often to sync counter data to the central data store. A value of 0 results in synchronous behavior; a value of -1 ignores sync behavior entirely and only stores counters in node memory. A value greater than 0 syncs the counters in that many number of seconds.
-
namespace
stringThe rate limiting library namespace to use for this plugin instance. Counter data and sync configuration is shared in a namespace.
Important: If managing Kong Gateway with declarative configuration or running Kong Gateway in DB-less mode, set the
namespace
explicitly in your declarative configuration.
If not set, you will run into the following issues:- In DB-less mode, this field will be regenerated automatically on every configuration change.
- If applying declarative configuration with decK, decK will automatically fail the update and require a
namespace
value.
-
strategy
string required default:cluster
Must be one of:cluster
,redis
The rate-limiting strategy to use for retrieving and incrementing the limits. Available values are:
-
cluster
: Counters are stored in the Kong datastore and shared across the nodes. -
redis
: Counters are stored on a Redis server and shared across the nodes.
In DB-less and hybrid modes, the
cluster
config strategy is not supported.There is no local storage strategy. However, you can achieve local rate limiting by using a placeholder
strategy
value (eithercluster
orredis
) and async_rate
of-1
. This setting stores counters in-memory on the node.
If usingredis
as the placeholder value, you must fill in all additionalredis
configuration parameters with placeholder values.For details on which strategy should be used, refer to the implementation considerations.
-
-
dictionary_name
string required default:kong_rate_limiting_counters
The shared dictionary where counters will be stored until the next sync cycle.
-
hide_client_headers
boolean default:false
Optionally hide informative response headers. Available options:
true
orfalse
.
-
cost_strategy
string default:default
Must be one of:default
,node_quantifier
Strategy to use to evaluate query costs. Either
default
ornode_quantifier
. See default and node_quantifier respectively.
-
score_factor
number default:1
A scoring factor to multiply (or divide) the cost. The
score_factor
must always be greater than 0.
-
max_cost
number default:0
A defined maximum cost per query. 0 means unlimited.
-
redis
record required-
host
stringHost to use for Redis connection when the
redis
strategy is defined.
-
port
integer between:0
65535
Port to use for Redis connection when the
redis
strategy is defined.
-
timeout
integer default:2000
between:0
2147483646
Connection timeout (in milliseconds) to use for Redis connection when the
redis
strategy is defined.
-
connect_timeout
integer between:0
2147483646
-
send_timeout
integer between:0
2147483646
-
read_timeout
integer between:0
2147483646
-
username
string referenceableUsername to use for Redis connection when the
redis
strategy is defined and ACL authentication is desired. If undefined, ACL authentication will not be performed.This requires Redis v6.0.0+. The username cannot be set to
default
.
-
password
string referenceable encryptedPassword to use for Redis connection when the
redis
strategy is defined. If undefined, no AUTH commands are sent to Redis.
-
sentinel_username
string referenceableSentinel username to authenticate with a Redis Sentinel instance. If undefined, ACL authentication will not be performed. This requires Redis v6.2.0+.
-
sentinel_password
string referenceable encrypted
-
database
integer default:0
Database to use for Redis connection when the
redis
strategy is defined.
-
keepalive_pool_size
integer default:30
between:1
2147483646
The size limit for every cosocket connection pool associated with every remote server, per worker process. If no
keepalive_pool_size
is specified and nokeepalive_backlog
is specified, no pool is created. If nokeepalive_pool_size
is specified andkeepalive_backlog
is specified, then the pool uses the default value30
.
-
keepalive_backlog
integer between:0
2147483646
If specified, limits the total number of opened connections for a pool. If the connection pool is full, all connection queues beyond the maximum limit go into the backlog queue. Once the backlog queue is full, subsequent connect operations will fail and return
nil
. Queued connect operations resume once the number of connections in the pool is less thankeepalive_pool_size
. Note that queued connect operations are subject to set timeouts.
-
sentinel_master
stringSentinel master to use for Redis connection when the
redis
strategy is defined. Defining this value implies using Redis Sentinel.
-
sentinel_role
string Must be one of:master
,slave
,any
Sentinel role to use for Redis connection when the
redis
strategy is defined. Defining this value implies using Redis Sentinel.
-
sentinel_addresses
array of typestring
len_min:1
Sentinel addresses to use for Redis connection when the
redis
strategy is defined. Defining this value implies using Redis Sentinel.
-
cluster_addresses
array of typestring
len_min:1
Cluster addresses to use for Redis connection when the
redis
strategy is defined. Defining this value implies using Redis cluster.
-
ssl
boolean default:false
If set to true, then uses SSL to connect to Redis.
-
ssl_verify
boolean default:false
If set to true, then verifies the validity of the server SSL certificate. Note that you need to configure the lua_ssl_trusted_certificate to specify the CA (or server) certificate used by your redis server. You may also need to configure lua_ssl_verify_depth accordingly.
-
server_name
stringSpecifies the server name for the new TLS extension Server Name Indication (SNI) when connecting over SSL.
-
-