Hey Istvan,
On 10.01.24 03:27, Szabo, Istvan (Agoda) wrote:
I'm using in the frontend https config on haproxy like this, it works
so far good:
stick-table type ip size 1m expire 10s store http_req_rate(10s)
tcp-request inspect-delay 10s
tcp-request content track-sc0 src
http-request deny deny_status 429 if { sc_http_req_rate(0) gt 10000 }
But this serves as a basic rate limit for all request coming from a
single IP address, right?
My question was rather about limiting clients in regards to
authentication requests / unauthorized requests,
which end up hammering the auth system (Keystone in my case) at full rate.
Regards
Christian
_______________________________________________
ceph-users mailing list -- ceph-users@xxxxxxx
To unsubscribe send an email to ceph-users-leave@xxxxxxx
