DevFW-CICD/ingress-nginx-helm
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

refactor rate limit whitelist

Browse source
This commit is contained in:
Seth Pollack 2017-08-22 20:47:29 -04:00
parent 529342589f
commit f045fa6d88
4 changed files with 47 additions and 31 deletions
Download patch file Download diff file Expand all files Collapse all files

18
controllers/nginx/rootfs/etc/nginx/template/nginx.tmpl
View file

@ -290,25 +290,23 @@ http {
}
{{ end }}
{{ end }}
{{ end }}
{{ end }}
{{ if ne $location.RateLimit.Name "" }}
{{ if ne (whitelistExists $location.RateLimit.Name) true }}
# Ratelimit {{ $location.RateLimit.Name }}
geo $whitelist_{{ buildWhitelistVariable $location.RateLimit.Name }} {
{{ range $rl := (filterRateLimits $servers ) }}
# Ratelimit {{ $rl.Name }}
geo $whitelist_{{ $rl.ID }} {
default 0;
{{ range $ip := $location.RateLimit.Whitelist }}
{{ range $ip := $rl.Whitelist }}
{{ $ip }} 1;{{ end }}
}
# Ratelimit {{ $location.RateLimit.Name }}
map $whitelist_{{ buildWhitelistVariable $location.RateLimit.Name }} $limit_{{ buildWhitelistVariable $location.RateLimit.Name }} {
# Ratelimit {{ $rl.Name }}
map $whitelist_{{ $rl.ID }} $limit_{{ $rl.ID }} {
0 {{ $cfg.LimitConnZoneVariable }};
1 "";
}
{{ end }}
{{ end }}
{{ end }}
{{ end }}
{{/* build all the required rate limit zones. Each annotation requires a dedicated zone */}}
{{/* 1MB -> 16 thousand 64-byte states or about 8 thousand 128-byte states */}}