mateothegreat
5/21/2018 - 10:25 AM

Rate Limiting with HAproxy

Rate Limiting with HAproxy

[root@ip-172-31-20-63 centos]# cat /etc/haproxy/haproxy.cfg
defaults

        option http-server-close
        mode http
        timeout http-request 5s
        timeout connect 5s
        timeout server 10s
        timeout client 30s

#
# http(s)://api.example.com/***
#
frontend  main *:80


        #
        # Start counting and track in intervals of 1 seconds
        #

                stick-table type ip size 5000k expire 30s store conn_cur,conn_rate(1s)

        #
        # Limit the number of connections per user:
        #

                tcp-request connection reject if { src_conn_cur ge 5 }

        #
        # Limit the number of requests per second:
        #

                tcp-request connection reject if { src_conn_rate ge 10 }


        #
        # Setup "tracking" and use "src_" as the variable:
        #


                tcp-request connection track-sc1 src


        #
        # https://api.example.com/https://api.gdax.com
        #

                acl             gdax-in-path    url_beg         /https://api.gdax.com
                use_backend     proxy-nodes     if              gdax-in-path


        #
        # https://api.example.com/https://api.kraken.com/
        #
                acl          kraken-in-path     url_beg         /https://api.kraken.com
                use_backend  proxy-nodes        if              kraken-in-path



##################################################################################################
#
# Declare servers to send load balanced requests to:
#
#################################################################################################

backend proxy-nodes

    balance     roundrobin

    server      server1         54.244.4.3:8080         check
    server      server2         34.219.141.218:8080     check