DevFW-CICD/ingress-nginx-helm
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge pull request #1210 from sethpollack/whitelist

Browse source 
add rate limit whitelist
This commit is contained in:
Manuel Alejandro de Brito Fontes 2017-08-22 08:23:45 -04:00 committed by GitHub
commit def5155aa6
4 changed files with 98 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

14
controllers/nginx/rootfs/etc/nginx/template/nginx.tmpl
View file

@ -288,12 +288,24 @@ http {
}
{{ end }}
{{ end }}
{{ if ne $location.RateLimit.Name "" }}
geo ${{ buildWhitelistVariable $location.RateLimit.Name }}_whitelist {
default 0;
{{ range $ip := $location.RateLimit.Whitelist }}
{{ $ip }} 1;{{ end }}
}
map ${{ buildWhitelistVariable $location.RateLimit.Name }}_whitelist ${{ buildWhitelistVariable $location.RateLimit.Name }}_limit {
0 {{ $cfg.LimitConnZoneVariable }};
1 "";
}
{{ end }}
{{ end }}
{{ end }}
{{/* build all the required rate limit zones. Each annotation requires a dedicated zone */}}
{{/* 1MB -> 16 thousand 64-byte states or about 8 thousand 128-byte states */}}
{{ range $zone := (buildRateLimitZones $cfg.LimitConnZoneVariable $servers) }}
{{ range $zone := (buildRateLimitZones $servers) }}
{{ $zone }}
{{ end }}