Rate Limit not applied when mapping $upstream_http_ headers
Markus Grobelin
grobi at koppzu.de
Fri Oct 1 08:47:01 UTC 2021
Hy everybody,
I have a reverse-proxy setup with an upstream application that sets a header (x_tenant_id).
Based on that headers value, I want to apply a rate limit to clients.
I verified the rate limit applies* properly, when a usual request header (e.g. $http_x_tenant_id) is mapped. However the config below does not map $upstream_http_x_tenant_id** at all.
Any advice how to achieve rate limiting using such $upstream_http_ headers?
Thanks in advance,
Markus
* siege -c 10 -t5S -H 'x-tenant-id: 503' <someurl>
**
upstream myupstream {
server 10.10.100.0:8000;
}
# does not work
map $upstream_http_x_tenant_id $limit_key {
123 $binary_remote_addr;
503 $binary_remote_addr;
default "";
}
server {
[...]
location / {
# Rate limiting for some tenants
limit_req zone=limit_key;
limit_req_status 444;
uwsgi_read_timeout 300s;
uwsgi_send_timeout 300s;
uwsgi_pass myupstream;
include /etc/nginx/uwsgi_params;
}
[...]
}
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20211001/7306ea74/attachment.htm>
More information about the nginx
mailing list