Generating Kuadrant RateLimitPolicies
Generate Kuadrant RateLimitPolicy object from OpenAPI 3¶
The kuadrantctl generate kuadrant ratelimitpolicy command generates a Kuadrant RateLimitPolicy
from your OpenAPI Specification (OAS) 3.x document powered with Kuadrant extensions.
OpenAPI specification¶
An OpenAPI document resource can be provided to the Kuadrant CLI in one of the following ways:
- Filename in the available path.
- URL format (supported schemes are HTTP and HTTPS). The CLI will try to download from the given address.
- Read from
stdinstandard input stream.
Usage¶
Generate Kuadrant RateLimitPolicy from OpenAPI 3.0.x
Usage:
kuadrantctl generate kuadrant ratelimitpolicy [flags]
Flags:
-h, --help help for ratelimitpolicy
--oas string Path to OpenAPI spec file (in JSON or YAML format), URL, or '-' to read from standard input (required)
-o Output format: 'yaml' or 'json'. (default "yaml")
Global Flags:
-v, --verbose verbose output
Note: The
kuadrantctl/examplesdirectory in GitHub includes sample OAS 3 files that you can use to generate the resources.
Procedure¶
-
Clone the Git repository as follows:
git clone https://github.com/Kuadrant/kuadrantctl.git cd kuadrantctl ``` 2. Set up a cluster, Istio and Gateway API CRDs, and Kuadrant as follows: * Use the single-cluster quick start script to install Kuadrant in a local `kind` cluster: https://docs.kuadrant.io/latest/getting-started-single-cluster/. 3. Build and install the CLI in `bin/kuadrantctl` path as follows: ```bash make install -
Deploy the Petstore backend API as follows:
-
Create the Petstore OpenAPI definition as follows:
cat <<EOF >petstore-openapi.yaml
---
openapi: "3.0.3"
info:
title: "Pet Store API"
version: "1.0.0"
x-kuadrant: ## Root-level Kuadrant extension
route:
name: "petstore"
namespace: "petstore"
hostnames:
- example.com
parentRefs:
- name: istio-ingressgateway
namespace: istio-system
servers:
- url: https://example.io/v1
paths:
/cat:
x-kuadrant: ## Path-level Kuadrant extension
backendRefs:
- name: petstore
port: 80
namespace: petstore
rate_limit:
rates:
- limit: 1
duration: 10
unit: second
counters:
- request.headers.x-forwarded-for
get: # Added to the route and rate limited
operationId: "getCat"
responses:
405:
description: "invalid input"
post: # NOT added to the route
x-kuadrant:
disable: true
operationId: "postCat"
responses:
405:
description: "invalid input"
/dog:
get: # Added to the route and rate limited
x-kuadrant: ## Operation-level Kuadrant extension
backendRefs:
- name: petstore
port: 80
namespace: petstore
rate_limit:
rates:
- limit: 3
duration: 10
unit: second
counters:
- request.headers.x-forwarded-for
operationId: "getDog"
responses:
405:
description: "invalid input"
post: # Added to the route and NOT rate limited
x-kuadrant: ## Operation-level Kuadrant extension
backendRefs:
- name: petstore
port: 80
namespace: petstore
operationId: "postDog"
responses:
405:
description: "invalid input"
EOF
Note: The
serversbase path is not included. This is work-in-progress in follow-up PRs.
| Operation | Applied configuration |
|---|---|
GET /cat |
Should return 200 OK and be rate limited (1 req / 10 seconds). |
POST /cat |
Not added to the HTTPRoute. Should return 404 Not Found. |
GET /dog |
Should return 200 OK and be rate limited (3 req / 10 seconds). |
POST /dog |
Should return 200 OK and NOT rate limited. |
-
Create the HTTPRoute by using the CLI as follows:
-
Create the rate limit policy as follows:
-
Test the OpenAPI endpoints as follows:
-
GET /cat- Should return 200 OK and be rate limited (1 req / 10 seconds). POST /cat- Not added to the HTTPRoute. Should return 404 Not Found.GET /dog- Should return 200 OK and be rate limited (3 req / 10 seconds).
POST /dog- Should return 200 OK and NOT rate limited.