The Soul gateway provides a traffic limiting plug-in that allows users to control the number of requests that pass through the gateway during a specified period of time.

What is “curtailment”?

Hotpot restaurants generally have the maximum capacity, and the number of seats at large and small tables is fixed. During peak hours, a large number of diners will flock to the restaurant. Generally, the staff of a hot pot restaurant is allocated according to the number of seats. If the flow of people entering the restaurant is not limited, the staff will be overwhelmed and the experience of diners will be worse. Limiting the number of seats here is a means of limiting traffic. And the customer who gets the number plate and is called can be seated, which is very similar to the implementation of the token bucket.

In the back-end architecture, traffic limiting is generally divided into two types. Externally, it mainly aims at defending against DDOS attacks and crawlers, and internally, it mainly controls the uniform distribution of hot spot public service calls.

How does Soul limit flow?

First let’s look at the soul-plugin-ratelimiter file directory structure:

└ ─ ─ the SRC ├ ─ ─ the main │ ├ ─ ─ Java │ │ └ ─ ─ org │ │ └ ─ ─ dromara │ │ └ ─ ─ soul │ │ └ ─ ─ the plugin │ │ └ ─ ─ ratelimiter │ │ ├ ─ ─ Java AbstractSoulPlugin class ratelimiterplugin. Java AbstractSoulPlugin │ │ ├ ─ ─ the config │ │ │ └ ─ ─ RateLimiterConfig. Java ratelimiter related configuration items │ │ ├ ─ ─ executor │ │ │ └ ─ ─ RedisRateLimiter. Based on Java Redis token bucket algorithm implementation, Core function is isAllowed │ │ ├ ─ ─ handler │ │ │ └ ─ ─ RateLimiterPluginDataHandler. Java plug-in configuration from the read data handler │ │ └ ─ ─ the response │ │ └ ─ ─ ├─ ├─ Java ├─ Java ├─ Java ├─ Java ├─ Java ├─ Java ├─ Java ├─ Java ├─ Concurrent_request_rate_limiter. Concurrent ratelimiter lua lua script │ └ ─ ─ request_rate_limiter. Ratelimiter lua lua script └ ─ ─ the testCopy the code

First we need to start redis-server

Select selecter and rule for ratelimiter from admin. Select selecter and rule from admin.

After configuration, use Postman to simulate continuous 200 requests:On the 11th time after 10 executions, Ratelimiter blocked our request because the token bucket had run out of tokens (capacity is 10) and the fill rate was 5, meaning that the user would be limited to a maximum of five requests per second.

The following figure shows the allocation process of token bucket algorithm, which is similar to the principle of hot pot restaurant allocation of queue plates:

conclusion

Ratelimiter helps us filter out unwanted or abnormal requests at the gateway layer without consuming backend services. This is one of the most important functions of gateways in software architecture. Soul uses Redis for token buckets. The plan for tomorrow is to take a deeper look at how the token-bucket algorithm is implemented through Lua scripting.