Consul is a distributed, highly available, and data center aware solution to connect and configure applications across dynamic, distributed infrastructure. https://www.consul.io
Go to file
John Murret e027c94b52
adding config for request_limits (#15531)
* server: add placeholder glue for rate limit handler

This commit adds a no-op implementation of the rate-limit handler and
adds it to the `consul.Server` struct and setup code.

This allows us to start working on the net/rpc and gRPC interceptors and
config logic.

* Add handler errors

* Set the global read and write limits

* fixing multilimiter moving packages

* Fix typo

* Simplify globalLimit usage

* add multilimiter and tests

* exporting LimitedEntity

* Apply suggestions from code review

Co-authored-by: John Murret <john.murret@hashicorp.com>

* add config update and rename config params

* add doc string and split config

* Apply suggestions from code review

Co-authored-by: Dan Upton <daniel@floppy.co>

* use timer to avoid go routine leak and change the interface

* add comments to tests

* fix failing test

* add prefix with config edge, refactor tests

* Apply suggestions from code review

Co-authored-by: Dan Upton <daniel@floppy.co>

* refactor to apply configs for limiters under a prefix

* add fuzz tests and fix bugs found. Refactor reconcile loop to have a simpler logic

* make KeyType an exported type

* split the config and limiter trees to fix race conditions in config update

* rename variables

* fix race in test and remove dead code

* fix reconcile loop to not create a timer on each loop

* add extra benchmark tests and fix tests

* fix benchmark test to pass value to func

* server: add placeholder glue for rate limit handler

This commit adds a no-op implementation of the rate-limit handler and
adds it to the `consul.Server` struct and setup code.

This allows us to start working on the net/rpc and gRPC interceptors and
config logic.

* Set the global read and write limits

* fixing multilimiter moving packages

* add server configuration for global rate limiting.

* remove agent test

* remove added stuff from handler

* remove added stuff from multilimiter

* removing unnecessary TODOs

* Removing TODO comment from handler

* adding in defaulting to infinite

* add disabled status in there

* adding in documentation for disabled mode.

* make disabled the default.

* Add mock and agent test

* addig documentation and missing mock file.

* Fixing test TestLoad_IntegrationWithFlags

* updating docs based on PR feedback.

* Updating Request Limits mode to use int based on PR feedback.

* Adding RequestLimits struct so we have a nested struct in ReloadableConfig.

* fixing linting references

* Update agent/consul/rate/handler.go

Co-authored-by: Dan Upton <daniel@floppy.co>

* Update agent/consul/config.go

Co-authored-by: Dan Upton <daniel@floppy.co>

* removing the ignore of the request limits in JSON.  addingbuilder logic to convert any read rate or write rate less than 0 to rate.Inf

* added conversion function to convert request limits object to handler config.

* Updating docs to reflect gRPC and RPC are rate limit and as a result, HTTP requests are as well.

* Updating values for TestLoad_FullConfig() so that they were different and discernable.

* Updating TestRuntimeConfig_Sanitize

* Fixing TestLoad_IntegrationWithFlags test

* putting nil check in place

* fixing rebase

* removing change for missing error checks.  will put in another PR

* Rebasing after default multilimiter config change

* resolving rebase issues

* updating reference for incomingRPCLimiter to use interface

* updating interface

* Updating interfaces

* Fixing mock reference

Co-authored-by: Daniel Upton <daniel@floppy.co>
Co-authored-by: Dhia Ayachi <dhia@hashicorp.com>
2022-12-13 13:09:55 -07:00
.changelog feat(ingress-gateway): support outlier detection of upstream service for ingress gateway (#15614) 2022-12-13 11:51:37 -05:00
.circleci ignore `mktg-.*` branches for CI tests (#15651) 2022-12-08 12:06:30 -05:00
.github Update changelog checker to handle ent-only entry (#15774) 2022-12-12 20:36:42 +00:00
.release Enable ironbank integration (#14931) 2022-10-11 10:27:06 -04:00
acl Leadership transfer cmd (#14132) 2022-11-14 15:35:12 -05:00
agent adding config for request_limits (#15531) 2022-12-13 13:09:55 -07:00
api feat: add access logging API to proxy defaults (#15780) 2022-12-13 14:52:18 -05:00
bench
build-support Update go version to 1.19 2022-10-24 16:12:08 -04:00
command Add support for configuring Envoys route idle_timeout (#14340) 2022-11-29 17:43:15 -05:00
connect removes ioutil usage everywhere which was deprecated in go1.16 (#15297) 2022-11-10 10:26:01 -06:00
contributing Move contributing to docs 2021-08-30 16:17:09 -04:00
docs adding config for request_limits (#15531) 2022-12-13 13:09:55 -07:00
grafana
internal [OSS] Add boilerplate for proto files implementing BlockableQuery (#15554) 2022-11-25 15:46:56 -05:00
ipaddr
lib removes ioutil usage everywhere which was deprecated in go1.16 (#15297) 2022-11-10 10:26:01 -06:00
logging removes ioutil usage everywhere which was deprecated in go1.16 (#15297) 2022-11-10 10:26:01 -06:00
proto feat(ingress-gateway): support outlier detection of upstream service for ingress gateway (#15614) 2022-12-13 11:51:37 -05:00
proto-public Update hcp-scada-provider to fix diamond dependency problem with go-msgpack (#15185) 2022-11-07 11:34:30 -05:00
sdk Fix SDK to support older versions of Consul. (#15423) 2022-11-18 10:32:01 -06:00
sentinel
service_os
snapshot removes ioutil usage everywhere which was deprecated in go1.16 (#15297) 2022-11-10 10:26:01 -06:00
test feat(ingress-gateway): support outlier detection of upstream service for ingress gateway (#15614) 2022-12-13 11:51:37 -05:00
testrpc feat(cli): add initial peering cli commands 2022-09-01 17:20:13 -04:00
tlsutil removes ioutil usage everywhere which was deprecated in go1.16 (#15297) 2022-11-10 10:26:01 -06:00
tools/internal-grpc-proxy grpc: rename public/private directories to external/internal (#13721) 2022-07-13 16:33:48 +01:00
types agent: convert listener config to TLS types (#12522) 2022-03-24 15:32:25 -04:00
ui ui: Add ServerExternalAddresses to peer token create form (#15555) 2022-11-30 11:42:36 -07:00
version chore: update main for release/1.14.x branch 2022-10-21 15:50:51 -04:00
website adding config for request_limits (#15531) 2022-12-13 13:09:55 -07:00
.dockerignore
.gitignore chore: ignore vscode files 2022-07-25 12:31:58 -04:00
.golangci.yml removes ioutil usage everywhere which was deprecated in go1.16 (#15297) 2022-11-10 10:26:01 -06:00
CHANGELOG.md Clarify Vault CA changelog entry (#15662) 2022-12-02 20:16:49 -05:00
Dockerfile Add version label to Docker image (#14204) 2022-08-18 14:41:34 -04:00
GNUmakefile build: ensure 'make dev-docker' also produces a matching CLI binary at the same time (#15188) 2022-10-28 15:21:05 -05:00
LICENSE [COMPLIANCE] Update MPL-2.0 LICENSE (#14964) 2022-11-09 12:24:14 -06:00
NOTICE.md
README.md Fixed broken links referring to tutorials running as local agent (#14954) 2022-10-11 13:01:29 -07:00
Vagrantfile
fixup_acl_move.sh Fixup script 2 2022-04-05 14:52:43 -07:00
go.mod [OSS] security: update x/net module (#15737) 2022-12-08 16:45:44 -05:00
go.sum [OSS] security: update x/net module (#15737) 2022-12-08 16:45:44 -05:00
main.go removes ioutil usage everywhere which was deprecated in go1.16 (#15297) 2022-11-10 10:26:01 -06:00

README.md

Consul logo Consul

Docker Pulls Go Report Card

Consul is a distributed, highly available, and data center aware solution to connect and configure applications across dynamic, distributed infrastructure.

Consul provides several key features:

  • Multi-Datacenter - Consul is built to be datacenter aware, and can support any number of regions without complex configuration.

  • Service Mesh - Consul Service Mesh enables secure service-to-service communication with automatic TLS encryption and identity-based authorization. Applications can use sidecar proxies in a service mesh configuration to establish TLS connections for inbound and outbound connections with Transparent Proxy.

  • Service Discovery - Consul makes it simple for services to register themselves and to discover other services via a DNS or HTTP interface. External services such as SaaS providers can be registered as well.

  • Health Checking - Health Checking enables Consul to quickly alert operators about any issues in a cluster. The integration with service discovery prevents routing traffic to unhealthy hosts and enables service level circuit breakers.

  • Key/Value Storage - A flexible key/value store enables storing dynamic configuration, feature flagging, coordination, leader election and more. The simple HTTP API makes it easy to use anywhere.

Consul runs on Linux, macOS, FreeBSD, Solaris, and Windows and includes an optional browser based UI. A commercial version called Consul Enterprise is also available.

Please note: We take Consul's security and our users' trust very seriously. If you believe you have found a security issue in Consul, please responsibly disclose by contacting us at security@hashicorp.com.

Quick Start

A few quick start guides are available on the Consul website:

Documentation

Full, comprehensive documentation is available on the Consul website: https://consul.io/docs

Contributing

Thank you for your interest in contributing! Please refer to CONTRIBUTING.md for guidance. For contributions specifically to the browser based UI, please refer to the UI's README.md for guidance.