GraphQL Rate Limiting Advanced Configuration

このページは、まだ日本語ではご利用いただけません。翻訳中です。

古いプラグインバージョンのドキュメントを閲覧しています。

構成

このプラグインはDB-lessモードと部分的に互換性があります。

The cluster strategy is not supported in DB-less and hybrid modes. For Kong Gateway in DB-less or hybrid mode, use the redis strategy.

パラメータ

このプラグインの設定で使用できるすべてのパラメータのリストは次のとおりです。

• name or plugin

  string required

  プラグイン名。この場合は graphql-rate-limiting-advanced 。

  • Kong Admin API、Kong Konnect API、宣言型構成、または decK ファイルを使用する場合、フィールドはnameです。
  • Kubernetes で KongPlugin オブジェクトを使用する場合、フィールドはpluginです。

• service.name or service.id

  string

  プラグインが対象とするサービス名または ID。最上位の /plugins エンドポイント. からプラグインをサービスに追加する場合は、これらのパラメータのいずれかを設定してください /services/{serviceName|Id}/plugins を使用する場合は必要ありません。

• route.name or route.id

  string

  プラグインがターゲットとするルート名または ID。最上位の /plugins エンドポイント. を通るルートにプラグインを追加する場合は、これらのパラメータのいずれかを設定してください /routes/{routeName|Id}/plugins を使用する場合は必要ありません。

• consumer.name or consumer.id

  string

  プラグインがターゲットとするコンシューマーの名前または ID。 最上位の /plugins エンドポイント. からコンシューマーにプラグインを追加する場合は、これらのパラメーターのいずれかを設定してください /consumers/{consumerName|Id}/pluginsを使用する場合は必要ありません。

• enabled

  boolean default: true

  このプラグインが適用されるかどうか。

• config

  record required
  • identifier

    string required default: consumer Must be one of: ip, credential, consumer

    How to define the rate limit key. Can be ip, credential, consumer.

  • window_size

    array of type number required

    One or more window sizes to apply a limit to (defined in seconds).

  • window_type

    string default: sliding Must be one of: fixed, sliding

    Sets the time window to either sliding or fixed.

  • limit

    array of type number required

    One or more requests-per-window limits to apply.

  • sync_rate

    number required

    How often to sync counter data to the central data store. A value of 0 results in synchronous behavior; a value of -1 ignores sync behavior entirely and only stores counters in node memory. A value greater than 0 syncs the counters in that many number of seconds.

  • namespace

    string

    The rate limiting library namespace to use for this plugin instance. Counter data and sync configuration is shared in a namespace.

    Important: If managing Kong Gateway with declarative configuration or running Kong Gateway in DB-less mode, set the namespace explicitly in your declarative configuration.
    
    If not set, you will run into the following issues:

    • In DB-less mode, this field will be regenerated automatically on every configuration change.
    • If applying declarative configuration with decK, decK will automatically fail the update and require a namespace value.

  • strategy

    string required default: cluster Must be one of: cluster, redis

    The rate-limiting strategy to use for retrieving and incrementing the limits. Available values are:

    • cluster: Counters are stored in the Kong datastore and shared across the nodes.
    • redis: Counters are stored on a Redis server and shared across the nodes.

    In DB-less and hybrid modes, the cluster config strategy is not supported.

    There is no local storage strategy. However, you can achieve local rate limiting by using a placeholder strategy value (either cluster or redis) and a sync_rate of -1. This setting stores counters in-memory on the node.
    
    If using redis as the placeholder value, you must fill in all additional redis configuration parameters with placeholder values.

    For details on which strategy should be used, refer to the implementation considerations.

  • dictionary_name

    string required default: kong_rate_limiting_counters

    The shared dictionary where counters will be stored until the next sync cycle.

  • hide_client_headers

    boolean default: false

    Optionally hide informative response headers. Available options: true or false.

  • cost_strategy

    string default: default Must be one of: default, node_quantifier

    Strategy to use to evaluate query costs. Either default or node_quantifier. See default and node_quantifier respectively.

  • score_factor

    number default: 1

    A scoring factor to multiply (or divide) the cost. The score_factor must always be greater than 0.

  • max_cost

    number default: 0

    A defined maximum cost per query. 0 means unlimited.

  • redis

    record required
    • host

      string

      Host to use for Redis connection when the redis strategy is defined.

    • port

      integer between: 0 65535

      Port to use for Redis connection when the redis strategy is defined.

    • timeout

      integer default: 2000 between: 0 2147483646

      Connection timeout (in milliseconds) to use for Redis connection when the redis strategy is defined.

    • connect_timeout

      integer between: 0 2147483646

    • send_timeout

      integer between: 0 2147483646

    • read_timeout

      integer between: 0 2147483646

    • username

      string referenceable

      Username to use for Redis connection when the redis strategy is defined and ACL authentication is desired. If undefined, ACL authentication will not be performed.

      This requires Redis v6.0.0+. The username cannot be set to default.

    • password

      string referenceable encrypted

      Password to use for Redis connection when the redis strategy is defined. If undefined, no AUTH commands are sent to Redis.

    • sentinel_username

      string referenceable

      Sentinel username to authenticate with a Redis Sentinel instance. If undefined, ACL authentication will not be performed. This requires Redis v6.2.0+.

    • sentinel_password

      string referenceable encrypted

    • database

      integer default: 0

      Database to use for Redis connection when the redis strategy is defined.

    • keepalive_pool_size

      integer default: 30 between: 1 2147483646

      The size limit for every cosocket connection pool associated with every remote server, per worker process. If no keepalive_pool_size is specified and no keepalive_backlog is specified, no pool is created. If no keepalive_pool_size is specified and keepalive_backlog is specified, then the pool uses the default value 30.

    • keepalive_backlog

      integer between: 0 2147483646

      If specified, limits the total number of opened connections for a pool. If the connection pool is full, all connection queues beyond the maximum limit go into the backlog queue. Once the backlog queue is full, subsequent connect operations will fail and return nil. Queued connect operations resume once the number of connections in the pool is less than keepalive_pool_size. Note that queued connect operations are subject to set timeouts.

    • sentinel_master

      string

      Sentinel master to use for Redis connection when the redis strategy is defined. Defining this value implies using Redis Sentinel.

    • sentinel_role

      string Must be one of: master, slave, any

      Sentinel role to use for Redis connection when the redis strategy is defined. Defining this value implies using Redis Sentinel.

    • sentinel_addresses

      array of type string len_min: 1

      Sentinel addresses to use for Redis connection when the redis strategy is defined. Defining this value implies using Redis Sentinel.

    • cluster_addresses

      array of type string len_min: 1

      Cluster addresses to use for Redis connection when the redis strategy is defined. Defining this value implies using Redis cluster.

    • ssl

      boolean default: false

      If set to true, then uses SSL to connect to Redis.

    • ssl_verify

      boolean default: false

      If set to true, then verifies the validity of the server SSL certificate. Note that you need to configure the lua_ssl_trusted_certificate to specify the CA (or server) certificate used by your redis server. You may also need to configure lua_ssl_verify_depth accordingly.

    • server_name

      string

      Specifies the server name for the new TLS extension Server Name Indication (SNI) when connecting over SSL.