From 2265223b47279ab5e03404de10f83b5318103ef9 Mon Sep 17 00:00:00 2001 From: Olha Date: Fri, 15 Nov 2024 15:44:39 +0100 Subject: [PATCH 1/6] add instructions for rate limiter per service --- .../customizing-gateway-rate-limiter.md | 43 +++++++++++++++---- 1 file changed, 35 insertions(+), 8 deletions(-) diff --git a/docs/user-guide/api-mediation/customizing-gateway-rate-limiter.md b/docs/user-guide/api-mediation/customizing-gateway-rate-limiter.md index c056793758..8944cc35da 100644 --- a/docs/user-guide/api-mediation/customizing-gateway-rate-limiter.md +++ b/docs/user-guide/api-mediation/customizing-gateway-rate-limiter.md @@ -5,9 +5,9 @@ The API Gateway offers a way to customize the rate limit for each service via a configurable rate limiter, which prevents individual users from overloading the system with excessive requests. Configuring the rate limiter helps ensure that a user's activity does not negatively impact the experience of other users by mitigating the risk of Distributed Denial-of-Service (DDoS) attacks and other automated exploit attempts. -Use the following procedure to customize the Gateway rate limiter: +There are two methods for customizing the rate limiter: common configuration for the list of services or per particular service. -1. In the zowe.yaml, set the following rate limiting properties in api/gateway/routing: +There are properties common for both methods: * **rateLimiterCapacity** Defines the total number of requests that can be allowed at one time per user. @@ -18,19 +18,46 @@ Use the following procedure to customize the Gateway rate limiter: * **rateLimiterRefillDuration** Sets the time interval (in minutes) at which new requests (or tokens) are added. +### Ccustomize the Gateway rate limiter for the list of services: + +1. In the zowe.yaml, set the following rate limiting properties in api/gateway: + **rateLimiterCapacity**, **rateLimiterTokens**, **rateLimiterRefillDuration**. + + 2. Define the services to limit: Use `servicesToLimitRequestRate` to specify a list of services to limit. In the following example, this property applies to the API Catalog. + **Example configuration:** ``` apiml: gateway: - routing: - rateLimiterCapacity: 20 - rateLimiterTokens: 20 - rateLimiterRefillDuration: 1 - servicesToLimitRequestRate: apicatalog + rateLimiterCapacity: 20 + rateLimiterTokens: 20 + rateLimiterRefillDuration: 1 + servicesToLimitRequestRate: apicatalog ``` -You configured the properties of the rate limiter for the API Catalog, thereby improving user accessibility and overall system stability. +### Customize the Gateway rate limiter for a particular service: + + +1. In the application.yaml, define a property to allow the rate limiter in api/gateway: + + Set `applyRateLimiterFilter` to true to mark the filter to be applied. + +2. Set the following rate limiting properties: + **rateLimiterCapacity**, **rateLimiterTokens**, **rateLimiterRefillDuration**. + + +**Example configuration:** +``` + apiml: + gateway: + applyRateLimiterFilter: true + rateLimiterCapacity: 20 + rateLimiterTokens: 20 + rateLimiterRefillDuration: 1 +``` + +You configured the properties of the rate limiter for the API Catalog, thereby improving user accessibility and overall system stability. From 487e87312b0d54f016390fd77eb565785c74fb7f Mon Sep 17 00:00:00 2001 From: Olha Date: Mon, 18 Nov 2024 16:18:52 +0100 Subject: [PATCH 2/6] fix the description --- .../api-mediation/customizing-gateway-rate-limiter.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/user-guide/api-mediation/customizing-gateway-rate-limiter.md b/docs/user-guide/api-mediation/customizing-gateway-rate-limiter.md index 8944cc35da..42d87fa6ff 100644 --- a/docs/user-guide/api-mediation/customizing-gateway-rate-limiter.md +++ b/docs/user-guide/api-mediation/customizing-gateway-rate-limiter.md @@ -42,7 +42,7 @@ There are properties common for both methods: ### Customize the Gateway rate limiter for a particular service: -1. In the application.yaml, define a property to allow the rate limiter in api/gateway: +1. In the application.yaml of the service, define a property to allow the rate limiter in api/gateway: Set `applyRateLimiterFilter` to true to mark the filter to be applied. From 8c1102d1021c3927b712399d3d170bc5603070b3 Mon Sep 17 00:00:00 2001 From: Olha Date: Tue, 19 Nov 2024 11:38:11 +0100 Subject: [PATCH 3/6] add config description --- docs/extend/extend-apiml/custom-metadata.md | 8 ++++++++ .../api-mediation/customizing-gateway-rate-limiter.md | 11 +++++------ 2 files changed, 13 insertions(+), 6 deletions(-) diff --git a/docs/extend/extend-apiml/custom-metadata.md b/docs/extend/extend-apiml/custom-metadata.md index 9a74817a1a..36bd18183c 100644 --- a/docs/extend/extend-apiml/custom-metadata.md +++ b/docs/extend/extend-apiml/custom-metadata.md @@ -105,6 +105,14 @@ Optionally, service can specify which origins will be accepted by Gateway during * **customMetadata.apiml.lb.cacheRecordExpirationTimeInHours** When the property `customMetadata.apiml.lb.type` is set to `authentication`, the user can also define the expiration time for the selected instance information that is cached. This property aims to prevent any discrepancy which might occur if the required target server is no longer available. The default value is 8 hours. +* **customMetadata.apiml.gateway.applyRateLimiterFilter** + + This parameter indicates that the rate limiter filter should be applied to the service. To configure this filter, you also have to define the following properties: + + 1. `customMetadata.apiml.gateway.rateLimiterCapacity` - Defines the total number of requests that can be allowed at one time per user. + 2. `customMetadata.apiml.gateway.rateLimiterTokens` - Defines the number of requests that are added to the service’s allowance at regular intervals. + 3. `customMetadata.apiml.gateway.rateLimiterRefillDuration` - Sets the time interval (in minutes) at which new requests (or tokens) are added. + * **customMetadata.apiml.response.compress** When this parameter is set to `true`, API ML compresses content for all responses from this services using GZIP. API ML also adds the `Content-Encoding` header with value `gzip` to responses. diff --git a/docs/user-guide/api-mediation/customizing-gateway-rate-limiter.md b/docs/user-guide/api-mediation/customizing-gateway-rate-limiter.md index c056793758..3547ff0f43 100644 --- a/docs/user-guide/api-mediation/customizing-gateway-rate-limiter.md +++ b/docs/user-guide/api-mediation/customizing-gateway-rate-limiter.md @@ -7,7 +7,7 @@ The API Gateway offers a way to customize the rate limit for each service via a Use the following procedure to customize the Gateway rate limiter: -1. In the zowe.yaml, set the following rate limiting properties in api/gateway/routing: +1. In the zowe.yaml, set the following rate limiting properties in api/gateway: * **rateLimiterCapacity** Defines the total number of requests that can be allowed at one time per user. @@ -26,11 +26,10 @@ Use the following procedure to customize the Gateway rate limiter: ``` apiml: gateway: - routing: - rateLimiterCapacity: 20 - rateLimiterTokens: 20 - rateLimiterRefillDuration: 1 - servicesToLimitRequestRate: apicatalog + rateLimiterCapacity: 20 + rateLimiterTokens: 20 + rateLimiterRefillDuration: 1 + servicesToLimitRequestRate: apicatalog ``` You configured the properties of the rate limiter for the API Catalog, thereby improving user accessibility and overall system stability. From 24607bdf02747affff46b16bf27defcd5c4f1344 Mon Sep 17 00:00:00 2001 From: Olha Date: Tue, 19 Nov 2024 11:39:06 +0100 Subject: [PATCH 4/6] add a white space --- docs/extend/extend-apiml/custom-metadata.md | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/extend/extend-apiml/custom-metadata.md b/docs/extend/extend-apiml/custom-metadata.md index 36bd18183c..724a8563de 100644 --- a/docs/extend/extend-apiml/custom-metadata.md +++ b/docs/extend/extend-apiml/custom-metadata.md @@ -113,6 +113,7 @@ When the property `customMetadata.apiml.lb.type` is set to `authentication`, the 2. `customMetadata.apiml.gateway.rateLimiterTokens` - Defines the number of requests that are added to the service’s allowance at regular intervals. 3. `customMetadata.apiml.gateway.rateLimiterRefillDuration` - Sets the time interval (in minutes) at which new requests (or tokens) are added. + * **customMetadata.apiml.response.compress** When this parameter is set to `true`, API ML compresses content for all responses from this services using GZIP. API ML also adds the `Content-Encoding` header with value `gzip` to responses. From 6b3a698e5dd5fb5e877e4349915c5c543fc0010f Mon Sep 17 00:00:00 2001 From: Olha Date: Tue, 19 Nov 2024 13:02:30 +0100 Subject: [PATCH 5/6] aadd default values description --- docs/extend/extend-apiml/custom-metadata.md | 4 +++- .../customizing-gateway-rate-limiter.md | 12 ++++++------ 2 files changed, 9 insertions(+), 7 deletions(-) diff --git a/docs/extend/extend-apiml/custom-metadata.md b/docs/extend/extend-apiml/custom-metadata.md index 724a8563de..a2653ff8df 100644 --- a/docs/extend/extend-apiml/custom-metadata.md +++ b/docs/extend/extend-apiml/custom-metadata.md @@ -107,12 +107,14 @@ When the property `customMetadata.apiml.lb.type` is set to `authentication`, the * **customMetadata.apiml.gateway.applyRateLimiterFilter** - This parameter indicates that the rate limiter filter should be applied to the service. To configure this filter, you also have to define the following properties: + This parameter indicates that the rate limiter filter should be applied to the service. When enabling this filter, you can also define the following properties: 1. `customMetadata.apiml.gateway.rateLimiterCapacity` - Defines the total number of requests that can be allowed at one time per user. 2. `customMetadata.apiml.gateway.rateLimiterTokens` - Defines the number of requests that are added to the service’s allowance at regular intervals. 3. `customMetadata.apiml.gateway.rateLimiterRefillDuration` - Sets the time interval (in minutes) at which new requests (or tokens) are added. + When no values are provided, global values defined in the Gateway will be applied. More about the default configuration in [Customizing gateway rate limiter filer](../../user-guide/api-mediation/customizing-gateway-rate-limiter.md). + * **customMetadata.apiml.response.compress** When this parameter is set to `true`, API ML compresses content for all responses from this services using GZIP. API ML also adds the `Content-Encoding` header with value `gzip` to responses. diff --git a/docs/user-guide/api-mediation/customizing-gateway-rate-limiter.md b/docs/user-guide/api-mediation/customizing-gateway-rate-limiter.md index 3547ff0f43..2b919fabaa 100644 --- a/docs/user-guide/api-mediation/customizing-gateway-rate-limiter.md +++ b/docs/user-guide/api-mediation/customizing-gateway-rate-limiter.md @@ -10,13 +10,13 @@ Use the following procedure to customize the Gateway rate limiter: 1. In the zowe.yaml, set the following rate limiting properties in api/gateway: * **rateLimiterCapacity** - Defines the total number of requests that can be allowed at one time per user. + Defines the total number of requests that can be allowed at one time per user. The default value is set to 20. * **rateLimiterTokens** - Defines the number of requests that are added to the service’s allowance at regular intervals. This property controls how quickly requests are replenished after being consumed. + Defines the number of requests that are added to the service’s allowance at regular intervals. This property controls how quickly requests are replenished after being consumed. The default value is set to 20. * **rateLimiterRefillDuration** - Sets the time interval (in minutes) at which new requests (or tokens) are added. + Sets the time interval (in minutes) at which new requests (or tokens) are added. The default value is set to 1. 2. Define the services to limit: @@ -26,9 +26,9 @@ Use the following procedure to customize the Gateway rate limiter: ``` apiml: gateway: - rateLimiterCapacity: 20 - rateLimiterTokens: 20 - rateLimiterRefillDuration: 1 + rateLimiterCapacity: 35 + rateLimiterTokens: 35 + rateLimiterRefillDuration: 2 servicesToLimitRequestRate: apicatalog ``` You configured the properties of the rate limiter for the API Catalog, thereby improving user accessibility and overall system stability. From ee771fc3a67193004ecc50d66f7abacd9c396e30 Mon Sep 17 00:00:00 2001 From: Andrew Jandacek Date: Tue, 19 Nov 2024 14:06:34 +0100 Subject: [PATCH 6/6] formatting according to Zowe doc standards Signed-off-by: Andrew Jandacek --- docs/extend/extend-apiml/custom-metadata.md | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/docs/extend/extend-apiml/custom-metadata.md b/docs/extend/extend-apiml/custom-metadata.md index a2653ff8df..8fb7ab0c02 100644 --- a/docs/extend/extend-apiml/custom-metadata.md +++ b/docs/extend/extend-apiml/custom-metadata.md @@ -105,15 +105,16 @@ Optionally, service can specify which origins will be accepted by Gateway during * **customMetadata.apiml.lb.cacheRecordExpirationTimeInHours** When the property `customMetadata.apiml.lb.type` is set to `authentication`, the user can also define the expiration time for the selected instance information that is cached. This property aims to prevent any discrepancy which might occur if the required target server is no longer available. The default value is 8 hours. -* **customMetadata.apiml.gateway.applyRateLimiterFilter** - - This parameter indicates that the rate limiter filter should be applied to the service. When enabling this filter, you can also define the following properties: - - 1. `customMetadata.apiml.gateway.rateLimiterCapacity` - Defines the total number of requests that can be allowed at one time per user. - 2. `customMetadata.apiml.gateway.rateLimiterTokens` - Defines the number of requests that are added to the service’s allowance at regular intervals. - 3. `customMetadata.apiml.gateway.rateLimiterRefillDuration` - Sets the time interval (in minutes) at which new requests (or tokens) are added. - - When no values are provided, global values defined in the Gateway will be applied. More about the default configuration in [Customizing gateway rate limiter filer](../../user-guide/api-mediation/customizing-gateway-rate-limiter.md). +* **customMetadata.apiml.gateway.applyRateLimiterFilter** +This parameter specifies the services that the rater limiter is applied to. When enabling this filter, you can also define the following properties: + * `customMetadata.apiml.gateway.rateLimiterCapacity` + Defines the total number of requests that can be allowed at one time per user + * `customMetadata.apiml.gateway.rateLimiterTokens` + Defines the number of requests that are added to the service’s allowance at regular intervals + * `customMetadata.apiml.gateway.rateLimiterRefillDuration` + Sets the time interval (in minutes) at which new requests (or tokens) are added. + + When no values are provided, global values defined in the Gateway are applied. For more information about the default configuration, see [Customizing gateway rate limiter filer](../../user-guide/api-mediation/customizing-gateway-rate-limiter.md). * **customMetadata.apiml.response.compress**