juwan/juwan-backend
1
0
Fork 0
Code Issues Pull Requests Actions 31 Packages Projects Releases Wiki Activity
Files
8cf1af8019b3a0258307992c5ba853257fd45e98
juwan-backend/deploy/k01/infra/ratelimit.yaml
T
zetaloop 1deb5dbdb2
build-and-push-harbor / docker-build-push (push) Waiting to run
Details
fix(k01): resource requests based on actual usage
2026-05-06 10:24:59 +08:00

158 lines
3.3 KiB
YAML
Raw Blame History

apiVersion: v1
kind: ConfigMap
metadata:
name: ratelimit-config
namespace: juwan
data:
ratelimit.yaml: |
domain: api
descriptors:
- key: generic_key
value: login
descriptors:
- key: remote_address
rate_limit:
unit: MINUTE
requests_per_unit: 10
- key: generic_key
value: register
descriptors:
- key: remote_address
rate_limit:
unit: MINUTE
requests_per_unit: 5
- key: generic_key
value: forgot_password_send
descriptors:
- key: remote_address
rate_limit:
unit: MINUTE
requests_per_unit: 3
- key: generic_key
value: verify_code_send
descriptors:
- key: remote_address
rate_limit:
unit: MINUTE
requests_per_unit: 3
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: rl-redis
namespace: juwan
labels:
app: rl-redis
spec:
replicas: 1
selector:
matchLabels:
app: rl-redis
template:
metadata:
labels:
app: rl-redis
spec:
containers:
- name: redis
image: redis:8.6.3-alpine
ports:
- containerPort: 6379
resources:
requests:
cpu: 10m
memory: 10Mi
limits:
memory: 60Mi
---
apiVersion: v1
kind: Service
metadata:
name: rl-redis-svc
namespace: juwan
spec:
ports:
- port: 6379
targetPort: 6379
selector:
app: rl-redis
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: ratelimit
namespace: juwan
labels:
app: ratelimit
spec:
replicas: 1
selector:
matchLabels:
app: ratelimit
template:
metadata:
labels:
app: ratelimit
spec:
initContainers:
- name: wait-rl-redis
image: busybox:1.37
command: ["sh", "-c", "until nc -z rl-redis-svc 6379; do sleep 1; done"]
containers:
- name: ratelimit
image: envoyproxy/ratelimit:fe26676d
command: ["/bin/ratelimit"]
env:
- name: REDIS_SOCKET_TYPE
value: tcp
- name: REDIS_URL
value: rl-redis-svc:6379
- name: USE_STATSD
value: "false"
- name: RUNTIME_ROOT
value: /data
- name: RUNTIME_SUBDIRECTORY
value: ratelimit
- name: RUNTIME_WATCH_ROOT
value: "true"
- name: LOG_LEVEL
value: info
ports:
- containerPort: 8081
name: grpc
- containerPort: 6070
name: debug
volumeMounts:
- name: config
mountPath: /data/ratelimit/config
resources:
requests:
cpu: 10m
memory: 10Mi
limits:
memory: 60Mi
volumes:
- name: config
configMap:
name: ratelimit-config
---
apiVersion: v1
kind: Service
metadata:
name: ratelimit-svc
namespace: juwan
spec:
ports:
- name: grpc
port: 8081
targetPort: 8081
- name: debug
port: 6070
targetPort: 6070
selector:
app: ratelimit
Reference in New Issue View Git Blame Copy Permalink