Request with "x-ambassador-test-allow: probably" is 200 OK
See original GitHub issueDescribe the bug I followed the rate limiting tutorial using minikube, but I don’t see 429 status codes as expected:
$ curl -i -H "x-ambassador-test-allow: probably" $AMBASSADORURL/qotm/quote/1
HTTP/1.1 200 OK
content-type: application/json
content-length: 147
server: envoy
date: Thu, 24 Jan 2019 09:30:47 GMT
x-envoy-upstream-service-time: 65
{"hostname":"qotm-7c6cccd985-4s8kg","ok":true,"quote":"A late night does not make any sense.","time":"2019-01-24T09:30:47.705604","version":"1.3"}
To Reproduce
Create a new Kubernetes cluster and install Ambassador quay.io/datawire/ambassador:0.50.0-rc5
.
$ minikube delete
$ minikube start
Starting local Kubernetes v1.13.2 cluster...
$ kubectl apply -f https://www.getambassador.io/yaml/ambassador/ambassador-rbac.yaml
$ kubectl apply -f - <<<'
apiVersion: v1
kind: Service
metadata:
name: ambassador
spec:
selector:
service: ambassador
type: NodePort
ports:
- port: 80
# Propagate the original source IP of the client.
externalTrafficPolicy: Local
'
$ AMBASSADORURL=$(minikube service --url ambassador)
Then deploy a qotm service:
$ kubectl apply -f - <<<'
---
apiVersion: v1
kind: Service
metadata:
name: qotm
annotations:
getambassador.io/config: |
---
apiVersion: ambassador/v0
kind: Mapping
name: qotm_mapping
prefix: /qotm/
service: qotm
spec:
selector:
app: qotm
ports:
- port: 80
name: http-qotm
targetPort: http-api
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: qotm
spec:
replicas: 1
strategy:
type: RollingUpdate
template:
metadata:
labels:
app: qotm
spec:
containers:
- name: qotm
image: datawire/qotm:1.2
ports:
- name: http-api
containerPort: 5000
readinessProbe:
httpGet:
path: /health
port: 5000
initialDelaySeconds: 30
periodSeconds: 3
resources:
limits:
cpu: "0.1"
memory: 100Mi
'
and ratelimit service:
$ kubectl apply -f - <<<'
---
apiVersion: v1
kind: Service
metadata:
name: example-rate-limit
annotations:
getambassador.io/config: |
---
apiVersion: ambassador/v0
kind: RateLimitService
name: ratelimit
service: "example-rate-limit:5000"
spec:
type: ClusterIP
selector:
app: example-rate-limit
ports:
- port: 5000
name: http-example-rate-limit
targetPort: http-api
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: example-rate-limit
spec:
replicas: 1
strategy:
type: RollingUpdate
template:
metadata:
labels:
app: example-rate-limit
spec:
containers:
- name: example-rate-limit
image: agervais/ambassador-ratelimit-service:1.0.0
imagePullPolicy: Always
ports:
- name: http-api
containerPort: 5000
resources:
limits:
cpu: "0.1"
memory: 100Mi
'
Finally, add rate_limits
to qotm service:
$ kubectl apply -f - <<<'
---
apiVersion: v1
kind: Service
metadata:
name: qotm
annotations:
getambassador.io/config: |
---
apiVersion: ambassador/v0
kind: Mapping
name: qotm_mapping
prefix: /qotm/
service: qotm
rate_limits:
- descriptor: A test case
headers:
- "x-ambassador-test-allow"
spec:
type: ClusterIP
selector:
app: qotm
ports:
- port: 80
name: http-qotm
targetPort: http-api
'
Expected behavior I expect 429 status code as described in the tutorial.
Versions (please complete the following information):
- Ambassador: 0.50.0-rc5
- Kubernetes environment: Minikube v0.33.1
- Version: v1.13.2
Issue Analytics
- State:
- Created 5 years ago
- Comments:16 (2 by maintainers)
Top Results From Across the Web
Request with "x-ambassador-test-allow: probably" is 200 OK
Describe the bug I followed the rate limiting tutorial using minikube, but I don't see 429 status codes as expected: $ curl -i...
Read more >python requests: how to check for "200 OK" - Stack Overflow
What is the easiest way to check whether the response received from a requests post was "200 OK" or an error has occurred?...
Read more >rate limiting - marselester's blog
API gateway acts as a reverse proxy, routing API requests from clients to services. ... probably" -i -u bob:bob $AMBASSADORURL/v1/hotels HTTP/1.1 200 OK....
Read more >HTTP Status Code 200: What Is the 200 "OK" Response?
Here's a simple guide to HTTP status code 200 - the "OK" response. ... status code 200 means success. The client has requested...
Read more >HTTP Status Code 200: What Is an HTTP 200 Response Code?
If you're trying to figure out what the HTTP status code 200 error " OK " is, this is the video for you....
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Can you reopen this issue as the rate limiting is still not working with the latest 2.0 dev version.
Maybe another idea…
Per https://www.envoyproxy.io/docs/envoy/v1.9.0/api-v2/config/filter/http/rate_limit/v2/rate_limit.proto a “rate_limit_service” needs to be defined for the HTTP filter chain. If not specified, any calls to the rate limit service will immediately return success. On my Ambassador 0.52 from the envoy config in the container it is not there:
It looks like older versions of Envoy did not require this: https://www.envoyproxy.io/docs/envoy/v1.8.0/api-v2/config/filter/http/rate_limit/v2/rate_limit.proto