Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Implementing Quota as a Service

Implementing Quota as a Service

* Describe Quota/RateLimit Algorithms
* Describe OSS Quota/RateLimit Packages / Services
* Describe How we developed Quota as a Service

nasa9084

May 18, 2019
Tweet

More Decks by nasa9084

Other Decks in Programming

Transcript

  1. $ whoami • @nasa9084 • LINE corp. • Go /

    Kubernetes / emacs • https://blog.web-apps.tech
  2. Why implement “Quota as a Service”? • We are developing

    / managing Monitoring system • Very many requests • Easy to abuse → We need Quota/Rate Limit for our services
  3. Don’t use Quota / RateLimit lib simply? • LINE has

    many services (also our team) • Need Quota / RateLimit per services • Need manage configurations for each services • Need database for each services • Not want to manage extra DBs…
  4. Token Bucket • Limit the average rate of traffic •

    Allow some burstiness • Bucket is an abstracted container • We can implement as buffer or queue
  5. Token Bucket Algorithm 1. Add Tokens into Bucket per 1/r

    seconds • Bucket can hold b Tokens 2. When n bytes packet is coming, remove n Tokens and send the packet 3. If Bucket does not have n Tokens, the packet becomes non-conformant • Drop the packet • Queue the packet until Bucket charges enough Tokens • Send with non-conformant flag
  6. Leaky Bucket • Limit the peak rate of traffic •

    Not allow burstiness • Same as Generic Cell Rate Algorithm • Used for ATM Network
  7. Leaky Bucket Algorithm • A fixed capacity bucket • If

    the bucket is empty, stops leaking • Packet is water • It is possible to add a specific amount of packet to the bucket • If the amount of packet would cause the bucket to exceed its capacity, then the packet is non-conformant
  8. Fixed Window Counter • Limit requests per REAL time duration

    • Window is fixed • e.g. 100 requests / 10:00 - 10:59 10:00 11:00 Requests
  9. Fixed Window Counter • Over quota in configured duration •

    e.g. 5 requests/hour 09:00 10:00 11:00 6 requests/hour
  10. Sliding Window Counter • Limit requests since ${window_size} ago •

    Window limitation window moves as time passes
  11. square/quotaservice • Written in Go • gRPC service • Based

    on Token Bucket algorithm • Still WIP…
  12. Implement Quota as a Service • (Of course) Write with

    Go • Clean Architecture (-like) • Standard Project Layout * ᵓᴷᴷ cmd/ # main.go ᵓᴷᴷ init/ # systemd ᵋᴷᴷ internal/ ᵓᴷᴷ cmd/ ᴹ ᵓᴷᴷ httpgen/ # generate http router ᴹ ᵋᴷᴷ mockgen/ # generate mock ᵋᴷᴷ pkg/ ᵓᴷᴷ apiserver/ ᵓᴷᴷ domain ᵓᴷᴷ errors/ ᵓᴷᴷ infra/ # implementation ᵓᴷᴷ interceptor/ # gRPC middleware ᵓᴷᴷ interfaces/ # interfaces ᵓᴷᴷ middleware/ #http middleware ᵋᴷᴷ rpc/ *golang-standards/project-layout
  13. Reduce Management Cost • Generate Codes as possible as we

    can • Reduce middle-wares/services managed by ourselves
  14. Generate Codes as possible as we can • gRPC +

    REST • gRPC: rate limiting • REST: registration • gRPC server/client code generated from Protocol Buffers • REST server/client code generated from OpenAPI spec • Mock from interfaces
  15. Central Dogma • Service Configuration Repository by LINE • Highly

    available • Version Controlled based on Git • Can watch by client • Apply config change by event base • Can mirror GitHub to Central Dogma
  16. Reduce Services We Should Manage • Configuration Management • GitHub

    Pull Request for WUI + Central Dogma as Database • User Authentication / User metadata DB • LDAP + session store (Redis)
  17. Q?