How to use nginx to implement distributed current limiting

1. Foreword

Generally, systems that are exposed to the outside world will receive a large number of requests during promotions or hacker attacks. In order to protect the system from being overwhelmed by the high concurrent traffic that arrives instantly, , you need to limit the current.

2. First deploy a program that exposes the interface to the outside world

What I deploy here is a spring boot project, which is exposed as follows The interface is very simple

Exposed a get request to return hello world restful interface.

Deploy this program to the linux server. The deployment steps are not I won't go into details again, you can deploy it by yourself using Baidu spring boot.

I would like to recommend an architecture learning and exchange group to everyone. Communication and learning group number: 575745314. It will share some videos recorded by senior architects: spring, mybatis, netty source code analysis, principles of high concurrency, high performance, distributed, microservice architecture, jvm performance optimization, distributed architecture, etc. These have become a necessary knowledge system for architects. You can also receive free learning resources and benefit a lot so far

3. Create an nginx configuration file named nginx.conf

Create a configuration file named nginx.conf, the complete content is as follows

Explanation of the current limiting part in the configuration file:

As above, The current limiting configuration of nginx has only two lines of code.

The first line:

limit_req_zone: is the current limiting statement.

$ binary_remote_addr: means to limit the current based on the client IP. For example, the current limiting configuration above limits the request frequency of each client IP to once per second. If you act rogue twice per second, the current will be limited and an http 503 error will be returned. Here you go.

zone=perip: Indicates that the name perip is used to identify this line of current limiting configuration. This line of current limiting configuration will be referenced by the name perip later (that is to say, the current limiting configuration can be defined For multiple)

10m: Indicates that the space to store client IP is 10mb, 1mb can store more than 10,000 ips, 10mb can store more than 100,000 ips, reference explanation: ... In this article Search binary_remote_addr to locate relevant explanations.

rate=1r/s: Indicates that the frequency is one request per second.

Second line:

Indicates that on the myserver cluster, use the current limiting configuration named perip

4. Use docker to deploy nginx

Replace the nginx.conf created in the previous step Configuration file, copy it to the linux directory, under /root/nginx/ (the directory can be arbitrary), and then use a docker command to deploy the nginx environment

The 8080 port is exposed here. The load balancing node in the nginx configuration can be accessed through the 8080 port, that is, the 192.168.10.253:8090 ip port. This ip port corresponds to the hello world program that is created and deployed in the first step.

Use code to access the third The helloworld interface defined in one step

I execute 10 get requests per second, which is already greater than the rate=1r/s configured in nginx, which requests once per second. So you will see a 503 error, as follows.

If you change the code and execute the get request once a second, the error will not be reported. You can try it

The above is the detailed content of How to use nginx to implement distributed current limiting. For more information, please follow other related articles on the PHP Chinese website!