Question

我只想为一个Envoy代理启用local rate limiter，而无需使用其他限速服务。我使用的版本是1.13.1。

我尝试将配置直接添加到过滤器链中：

static_resources:
  listeners:
  - address:
      socket_address:
        address: 0.0.0.0
        port_value: 10000
    filter_chains:
    - filters:
      - name: envoy.filters.network.local_ratelimit
        stat_prefix: local_rate_limiter
        token_bucket: 
          max_tokens: 1000
          tokens_per_fill: 100
          fill_interval: 
            seconds: 1
      - name: envoy.http_connection_manager
        typed_config:
          "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager
          codec_type: auto
          stat_prefix: ingress_http
          route_config:
            name: local_route
            virtual_hosts:
            - name: backend
              domains:
              - "*"
              routes:
              - match:
                  prefix: "/application"
                route:
                  cluster: application
          http_filters:
          - name: envoy.router
            typed_config: {}
  clusters:
  - name: application
    connect_timeout: 0.25s
    type: strict_dns
    lb_policy: round_robin
    http2_protocol_options: {}
    health_checks:
      timeout: 2s
      interval: 5s
      unhealthy_threshold: 2
      healthy_threshold: 1
      http_health_check:
        # path: "/application/health/live"
        path: "/application/health/ready"
    outlier_detection:
      consecutive_5xx: 3
      interval: 5s
      base_ejection_time: 30s
      max_ejection_percent: 50
    load_assignment:
      cluster_name: application
      endpoints:
      - lb_endpoints:
        - endpoint:
            address:
              socket_address:
                address: application-1
                port_value: 8080
        - endpoint:
            address:
              socket_address:
                address: application-2
                port_value: 8080
                
admin:
  access_log_path: "/dev/null"
  address:
    socket_address:
      address: 0.0.0.0
      port_value: 9901

启动Docker容器时收到以下错误：

[2020-07-21 08:03:03.717][1][critical][main] [source/server/server.cc:94] error initializing configuration '/etc/envoy/envoy.yaml': Protobuf message (type envoy.config.bootstrap.v3.Bootstrap reason INVALID_ARGUMENT:(static_resources.listeners[0].filter_chains[0].filters[0]) token_bucket: Cannot find field.) has unknown fields
[2020-07-21 08:03:03.717][1][info][main] [source/server/server.cc:595] exiting
Protobuf message (type envoy.config.bootstrap.v3.Bootstrap reason INVALID_ARGUMENT:(static_resources.listeners[0].filter_chains[0].filters[0]) token_bucket: Cannot find field.) has unknown fields

Answer 1

好的，我刚刚发现过滤器链中的每个filter都需要一个typed_config元素，该元素应与我打算使用的类型匹配。首先，我尝试在GitHub存储库中引用wrong definition，但收到另一个错误。但是后来我在correct path中找到了另一个。因此，每个typed_config值都应该是api/envoy/config子路径下的定义之一。

下面是用于本地速率限制的正确配置。

static_resources:
  listeners:
  - address:
      socket_address:
        address: 0.0.0.0
        port_value: 10000
    filter_chains:
    - filters:
      - name: envoy.filters.network.local_ratelimit
        typed_config:
          "@type": type.googleapis.com/envoy.config.filter.network.local_rate_limit.v2alpha.LocalRateLimit
          stat_prefix: local_rate_limiter
          token_bucket:
            max_tokens: 1000
            tokens_per_fill: 100
            fill_interval: 
              seconds: 1
      - name: envoy.http_connection_manager
        typed_config:
          "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager
...

如何在Envoy中配置本地限速器？

1 个答案: