Hi Maxim,
Thanks for your reply!
In our case, layer-4 firewall is difficult to introduce in the request
path. Would you consider rate limiting in Nginx a valid feature request?
On 19/11/23 08:11, Maxim Dounin wrote:
Hello!
On Sat, Nov 18, 2023 at 02:44:20PM +0800, Zero King wrote:
I want Nginx to limit the rate of new TLS connections and the total (or
per-worker) number of all client-facing connections, so that under a
sudden surge of requests, existing connections can get enough share of
CPU to be served properly, while excessive connections are rejected and
retried against other servers in the cluster.
I am running Nginx on a managed Kubernetes cluster, so tuning kernel
parameters or configuring layer 4 firewall is not an option.
To serve existing connections well, worker_connections can not be used,
because it also affects connections with proxied servers.
Is there a way to implement these measures in Nginx configuration?
No, nginx does not provide a way to limit rate of new connections
and/or total number of established connections. Instead, firewall is
expected to be used for such tasks.
_______________________________________________
nginx mailing list
nginx@nginx.org
https://mailman.nginx.org/mailman/listinfo/nginx
