feat(nms): add rate limiting on a subset of endpoints#15404
Merged
lucasgonze merged 19 commits intomasterfrom Apr 16, 2024
Merged
feat(nms): add rate limiting on a subset of endpoints#15404lucasgonze merged 19 commits intomasterfrom
lucasgonze merged 19 commits intomasterfrom
Conversation
Signed-off-by: Pierre Roussel <[email protected]>
Signed-off-by: Pierre Roussel <[email protected]>
Signed-off-by: Pierre Roussel <[email protected]>
Signed-off-by: Pierre Roussel <[email protected]>
Signed-off-by: Pierre Roussel <[email protected]>
Signed-off-by: Pierre Roussel <[email protected]>
Signed-off-by: Pierre Roussel <[email protected]>
Signed-off-by: Pierre Roussel <[email protected]>
Signed-off-by: Pierre Roussel <[email protected]>
* fix(amf): Added statistics support for AMF Signed-off-by: shashidhar-patil <[email protected]> * fix(amf): Added wrapper functions Signed-off-by: shashidhar-patil <[email protected]> * fix(amf): Added nb_ue_connected and nb_pdu_session stats Signed-off-by: shashidhar-patil <[email protected]> * fix(amf): Added nb_idle stats Signed-off-by: shashidhar-patil <[email protected]> * fix(amf): Addressed internal review comments Signed-off-by: shashidhar-patil <[email protected]> * fix(amf): Added pb.go file Signed-off-by: shashidhar-patil <[email protected]> --------- Signed-off-by: shashidhar-patil <[email protected]> Signed-off-by: shashidhar-patil <[email protected]> Signed-off-by: Pierre Roussel <[email protected]>
Signed-off-by: moinuddin khan <[email protected]> Signed-off-by: Pierre Roussel <[email protected]>
Signed-off-by: Pierre Roussel <[email protected]>
Signed-off-by: Pierre Roussel <[email protected]>
Signed-off-by: Pierre Roussel <[email protected]>
Signed-off-by: Pierre Roussel <[email protected]>
Signed-off-by: Pierre Roussel <[email protected]>
Signed-off-by: tmdzk <[email protected]>
pull-request-size
bot
added
the
size/L
Contributor
|
Thanks for opening a PR! 💯
Howto
More infoPlease take a moment to read through the Magma project's
If this is your first Magma PR, also consider reading
|
github-actions
bot
added
component: ci
Contributor
|
✔️ The Semantic PR check ended with status success. See instructions on formatting your commit and pull request titles. |
tmdzk
changed the title
lucasgonze
approved these changes
Apr 16, 2024
brunohcfaria
pushed a commit
to brunohcfaria/magma
that referenced
this pull request
Apr 22, 2024
* feat: add the rate limit library Signed-off-by: Pierre Roussel <[email protected]> * feat: add all the tested changes Signed-off-by: Pierre Roussel <[email protected]> * refactor: move the rate limit config to the config file Signed-off-by: Pierre Roussel <[email protected]> * refactor: move the middleware in the correct folder Signed-off-by: Pierre Roussel <[email protected]> * test: rate limit middleware Signed-off-by: Pierre Roussel <[email protected]> * fix: eslint warnings Signed-off-by: Pierre Roussel <[email protected]> * feat: add support for env rate limiting env variables Signed-off-by: Pierre Roussel <[email protected]> * fix: attempt to use a default config Signed-off-by: Pierre Roussel <[email protected]> * fix: linting Signed-off-by: Pierre Roussel <[email protected]> * fix(amf): Added statistics support for AMF (magma#14976) * fix(amf): Added statistics support for AMF Signed-off-by: shashidhar-patil <[email protected]> * fix(amf): Added wrapper functions Signed-off-by: shashidhar-patil <[email protected]> * fix(amf): Added nb_ue_connected and nb_pdu_session stats Signed-off-by: shashidhar-patil <[email protected]> * fix(amf): Added nb_idle stats Signed-off-by: shashidhar-patil <[email protected]> * fix(amf): Addressed internal review comments Signed-off-by: shashidhar-patil <[email protected]> * fix(amf): Added pb.go file Signed-off-by: shashidhar-patil <[email protected]> --------- Signed-off-by: shashidhar-patil <[email protected]> Signed-off-by: shashidhar-patil <[email protected]> Signed-off-by: Pierre Roussel <[email protected]> * fix(cwg): Add conntrack configuration (magma#15391) Signed-off-by: moinuddin khan <[email protected]> Signed-off-by: Pierre Roussel <[email protected]> * nit: explicit rate limit response message Signed-off-by: Pierre Roussel <[email protected]> * fix: eslint Signed-off-by: Pierre Roussel <[email protected]> * fix: attempt to fix unit tests in CI Signed-off-by: Pierre Roussel <[email protected]> * fix: attempt fix from GH Signed-off-by: Pierre Roussel <[email protected]> * fix: eslint Signed-off-by: Pierre Roussel <[email protected]> * Readme change to trigger CI Signed-off-by: tmdzk <[email protected]> --------- Signed-off-by: Pierre Roussel <[email protected]> Signed-off-by: shashidhar-patil <[email protected]> Signed-off-by: shashidhar-patil <[email protected]> Signed-off-by: moinuddin khan <[email protected]> Signed-off-by: tmdzk <[email protected]> Co-authored-by: Pierre Roussel <[email protected]> Co-authored-by: Shashidhar B Patil <[email protected]> Co-authored-by: moinuddin1980 <[email protected]> Co-authored-by: tmdzk <[email protected]>
brunohcfaria
pushed a commit
to brunohcfaria/magma
that referenced
this pull request
Aug 2, 2024
* feat: add the rate limit library Signed-off-by: Pierre Roussel <[email protected]> * feat: add all the tested changes Signed-off-by: Pierre Roussel <[email protected]> * refactor: move the rate limit config to the config file Signed-off-by: Pierre Roussel <[email protected]> * refactor: move the middleware in the correct folder Signed-off-by: Pierre Roussel <[email protected]> * test: rate limit middleware Signed-off-by: Pierre Roussel <[email protected]> * fix: eslint warnings Signed-off-by: Pierre Roussel <[email protected]> * feat: add support for env rate limiting env variables Signed-off-by: Pierre Roussel <[email protected]> * fix: attempt to use a default config Signed-off-by: Pierre Roussel <[email protected]> * fix: linting Signed-off-by: Pierre Roussel <[email protected]> * fix(amf): Added statistics support for AMF (magma#14976) * fix(amf): Added statistics support for AMF Signed-off-by: shashidhar-patil <[email protected]> * fix(amf): Added wrapper functions Signed-off-by: shashidhar-patil <[email protected]> * fix(amf): Added nb_ue_connected and nb_pdu_session stats Signed-off-by: shashidhar-patil <[email protected]> * fix(amf): Added nb_idle stats Signed-off-by: shashidhar-patil <[email protected]> * fix(amf): Addressed internal review comments Signed-off-by: shashidhar-patil <[email protected]> * fix(amf): Added pb.go file Signed-off-by: shashidhar-patil <[email protected]> --------- Signed-off-by: shashidhar-patil <[email protected]> Signed-off-by: shashidhar-patil <[email protected]> Signed-off-by: Pierre Roussel <[email protected]> * fix(cwg): Add conntrack configuration (magma#15391) Signed-off-by: moinuddin khan <[email protected]> Signed-off-by: Pierre Roussel <[email protected]> * nit: explicit rate limit response message Signed-off-by: Pierre Roussel <[email protected]> * fix: eslint Signed-off-by: Pierre Roussel <[email protected]> * fix: attempt to fix unit tests in CI Signed-off-by: Pierre Roussel <[email protected]> * fix: attempt fix from GH Signed-off-by: Pierre Roussel <[email protected]> * fix: eslint Signed-off-by: Pierre Roussel <[email protected]> * Readme change to trigger CI Signed-off-by: tmdzk <[email protected]> --------- Signed-off-by: Pierre Roussel <[email protected]> Signed-off-by: shashidhar-patil <[email protected]> Signed-off-by: shashidhar-patil <[email protected]> Signed-off-by: moinuddin khan <[email protected]> Signed-off-by: tmdzk <[email protected]> Co-authored-by: Pierre Roussel <[email protected]> Co-authored-by: Shashidhar B Patil <[email protected]> Co-authored-by: moinuddin1980 <[email protected]> Co-authored-by: tmdzk <[email protected]>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds rate limiting to a small subset of computationally expensive endpoints in NMS, outlined in #15348:
/user/login/user/logout/login/oidc/callback/user/login/oidc/callbackTest Plan
Middleware is unit tested to ensure proper behavior, local testing was used to confirm the desired behavior.
On rate limited endpoints:
After 100 request within 15 minutes for a given IP, a 429: too many request error code is returned by the endpoint for the offending IP, other endpoints still work as expected.
Other rate limited endpoints to test:
curl localhost:8081/user/logoutcurl localhost:8081/login/oidc/callbackcurl localhost:8081/user/login/oidc/callbackAdditional Information
The configuration for the rate limit is located under:
magma/nms/config/config.tsinRATE_LIMIT_CONFIG.To be determined:
constis used at the moment, switching to an environment variable would allow for per deploy configuration