How to configure nginx ingress speed limit-Nginx-php.cn

Home

Operation and Maintenance

Nginx

How to configure nginx ingress speed limit

PHPz

May 12, 2023 pm 04:52 PM

nginxingress

Starting from the business scenario

During the business development process, we have a requirement: the download service provided through filebrowser needs to be speed limited. For example, when users download files through filebrowser, they need to limit the download rate of each user. Extending from this requirement, the download rate for specific users can also be limited.

In order to achieve this business requirement, combined with our current technology stack (k8s nginx ingress), it can be achieved by configuring the corresponding nginx parameters.

What is speed limit?

Speed limit, as the name suggests, is a speed limit.

The rate here can be:

The frequency of a single user accessing resources within a unit time,
can also be The frequency of a single IP accessing resources within a unit of time.
can also be the transmission rate of a specified connection within a unit of time.

Usually, the latter business scenario exists in download speed limit

Why speed limit?

The essence of speed limit is to ensure fairness.

In the case of limited bandwidth resources, try to ensure that each user can be reasonably allocated sufficient bandwidth value. It can also serve more users through speed limiting when bandwidth resources are limited.

In addition, speed limiting can also greatly alleviate the impact of distributed denial-of-service attacks (DDOS).

What are the configurations in the yaml file of nginx ingress?

The speed limit configuration of Nginx ingress can basically be found in the nginx.ingress.kubernetes.io annotation of ingress.

Below, we will interpret the annotations related to speed limit one by one:

##nginx.ingress.kubernetes.io/limit-connections: single The number of concurrent connections that an IP address can have at the same time. If the number of concurrent connections is exceeded, a 503 error is returned.
nginx.ingress.kubernetes.io/limit-rps: Limit the number of requests per second for a single IP (limit request per second). If the limit is exceeded, a 503 error is returned. It should be noted that a 503 error does not occur immediately when the value set by the configuration is exceeded. nginx allows the existence of the number of burst requests within a certain time range (number of burst requests = limit-rps * limit-burst-multiplier ). So when will 503 appear? This starts with the current limiting model of nginx. The current limiting model of nginx is a queue (refer to the queue model of the thread pool). The max number of connections for current limiting = the queue processing capability and the length of the queue, that is, max-connections-per-second = limit-rps limit-rps*limit- burst-multiplier.
nginx.ingress.kubernetes.io/limit-rpm: Same as limit-rps, but limit-rpm has a higher priority than limit-rps, that is When limit-rpm and limit-rps are set at the same time, limit-rpm shall prevail. However, when limit-connections are also set, then limit-connections have the highest priority.
nginx.ingress.kubernetes.io/limit-burst-multiplier: The coefficient of the burst request size, mainly used to define the queue length of the connection, the default is 5
nginx.ingress.kubernetes.io/limit-rate-after: The limit-rate is executed after the amount of traffic is exceeded, the unit is KB
nginx.ingress.kubernetes.io/limit-rate: The rate limit value of a single connection per second, in KB.
nginx.ingress.kubernetes.io/limit-whitelist: Set an IP whitelist. IPs in the whitelist will not be speed limited and support CIDR. , multiple IPs can be separated by commas.

Note

When limit-connections, limit-rps, and limit-rpm are set at the same time, the priority Yes limit-connections>limit-rpm>limit-rps
The prerequisite for limit-rate-after and limit-rate to take effect is
nginx.ingress.kubernetes.io/proxy- buffering: "on"
The IP mentioned above needs to be distinguished from the SLB or the real user IP to obtain the real user IP

4. Solutions for business needs

After clarifying these knowledge points, we can return to our business itself and simply add the following configuration to the business ingress configuration file:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  annotations:
    ...
    nginx.ingress.kubernetes.io/proxy-buffering: on
    nginx.ingress.kubernetes.io/limit-rate: 10 # 单位是KB
  name: xxx
  namespace: yyy
spec:
  ingressClassName: nginx
  rules:
    ...

The above is the detailed content of How to configure nginx ingress speed limit. For more information, please follow other related articles on the PHP Chinese website!

Statement

This article is reproduced at:亿速云. If there is any infringement, please contact admin@php.cn delete

The Advantages of NGINX: Speed, Efficiency, and ControlMay 12, 2025 am 12:13 AM

The reason why NGINX is popular is its advantages in speed, efficiency and control. 1) Speed: Adopt asynchronous and non-blocking processing, supports high concurrent connections, and has strong static file service capabilities. 2) Efficiency: Low memory usage and powerful load balancing function. 3) Control: Through flexible configuration file management behavior, modular design facilitates expansion.

NGINX vs. Apache: Community, Support, and ResourcesMay 11, 2025 am 12:19 AM

The differences between NGINX and Apache in terms of community, support and resources are as follows: 1. Although the NGINX community is small, it is active and professional, and official support provides advanced features and professional services through NGINXPlus. 2.Apache has a huge and active community, and official support is mainly provided through rich documentation and community resources.

NGINX Unit: An Introduction to the Application ServerMay 10, 2025 am 12:17 AM

NGINXUnit is an open source application server that supports a variety of programming languages and frameworks, such as Python, PHP, Java, Go, etc. 1. It supports dynamic configuration and can adjust application configuration without restarting the server. 2.NGINXUnit supports multi-language applications, simplifying the management of multi-language environments. 3. With configuration files, you can easily deploy and manage applications, such as running Python and PHP applications. 4. It also supports advanced configurations such as routing and load balancing to help manage and scale applications.

Using NGINX: Optimizing Website Performance and ReliabilityMay 09, 2025 am 12:19 AM

NGINX can improve website performance and reliability by: 1. Process static content as a web server; 2. forward requests as a reverse proxy server; 3. allocate requests as a load balancer; 4. Reduce backend pressure as a cache server. NGINX can significantly improve website performance through configuration optimizations such as enabling Gzip compression and adjusting connection pooling.

NGINX's Purpose: Serving Web Content and MoreMay 08, 2025 am 12:07 AM

NGINXserveswebcontentandactsasareverseproxy,loadbalancer,andmore.1)ItefficientlyservesstaticcontentlikeHTMLandimages.2)Itfunctionsasareverseproxyandloadbalancer,distributingtrafficacrossservers.3)NGINXenhancesperformancethroughcaching.4)Itofferssecur

NGINX Unit: Streamlining Application DeploymentMay 07, 2025 am 12:08 AM

NGINXUnit simplifies application deployment with dynamic configuration and multilingual support. 1) Dynamic configuration can be modified without restarting the server. 2) Supports multiple programming languages, such as Python, PHP, and Java. 3) Adopt asynchronous non-blocking I/O model to improve high concurrency processing performance.

NGINX's Impact: Web Servers and BeyondMay 06, 2025 am 12:05 AM

NGINX initially solved the C10K problem and has now developed into an all-rounder who handles load balancing, reverse proxying and API gateways. 1) It is well-known for event-driven and non-blocking architectures and is suitable for high concurrency. 2) NGINX can be used as an HTTP and reverse proxy server, supporting IMAP/POP3. 3) Its working principle is based on event-driven and asynchronous I/O models, improving performance. 4) Basic usage includes configuring virtual hosts and load balancing, and advanced usage involves complex load balancing and caching strategies. 5) Common errors include configuration syntax errors and permission issues, and debugging skills include using nginx-t command and stub_status module. 6) Performance optimization suggestions include adjusting worker parameters, using gzip compression and

Nginx Troubleshooting: Diagnosing and Resolving Common ErrorsMay 05, 2025 am 12:09 AM

Diagnosis and solutions for common errors of Nginx include: 1. View log files, 2. Adjust configuration files, 3. Optimize performance. By analyzing logs, adjusting timeout settings and optimizing cache and load balancing, errors such as 404, 502, 504 can be effectively resolved to improve website stability and performance.

See all articles