Rate Limiting with HAproxy
[root@ip-172-31-20-63 centos]# cat /etc/haproxy/haproxy.cfg
defaults
option http-server-close
mode http
timeout http-request 5s
timeout connect 5s
timeout server 10s
timeout client 30s
#
# http(s)://api.example.com/***
#
frontend main *:80
#
# Start counting and track in intervals of 1 seconds
#
stick-table type ip size 5000k expire 30s store conn_cur,conn_rate(1s)
#
# Limit the number of connections per user:
#
tcp-request connection reject if { src_conn_cur ge 5 }
#
# Limit the number of requests per second:
#
tcp-request connection reject if { src_conn_rate ge 10 }
#
# Setup "tracking" and use "src_" as the variable:
#
tcp-request connection track-sc1 src
#
# https://api.example.com/https://api.gdax.com
#
acl gdax-in-path url_beg /https://api.gdax.com
use_backend proxy-nodes if gdax-in-path
#
# https://api.example.com/https://api.kraken.com/
#
acl kraken-in-path url_beg /https://api.kraken.com
use_backend proxy-nodes if kraken-in-path
##################################################################################################
#
# Declare servers to send load balanced requests to:
#
#################################################################################################
backend proxy-nodes
balance roundrobin
server server1 54.244.4.3:8080 check
server server2 34.219.141.218:8080 check